urlscan.io logo urlscan.io
SecurityTrails logo

olhardireto.com.br Open in urlscan Pro
186.233.88.177  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://olhardireto.com.br/
Effective URL: https://olhardireto.com.br/
Submission: On March 02 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 73 IPs in 11 countries across 50 domains to perform 368 HTTP transactions. The main IP is 186.233.88.177, located in Brazil and belongs to IPHOTEL Hospedagem de Sites Ltda, BR. The main domain is olhardireto.com.br. The Cisco Umbrella rank of the primary domain is 954071.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 13th 2022. Valid for: a year.
This is the only time olhardireto.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84 186.233.88.177 262787 (IPHOTEL H...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 151.139.128.10 20446 (STACKPATH...)
35 2a00:1450:400... 15169 (GOOGLE)
11 2a03:2880:f01... 32934 (FACEBOOK)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.224.189.58 16509 (AMAZON-02)
5 2604:a880:400... 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
1 186.233.90.67 262787 (IPHOTEL H...)
5 2a00:1450:400... 15169 (GOOGLE)
1 3.12.214.117 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:402... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 217.182.178.224 16276 (OVH)
1 18.196.123.254 16509 (AMAZON-02)
4 14 37.252.172.123 29990 (ASN-APPNEX)
3 35.157.189.20 16509 (AMAZON-02)
1 2602:803:c003... 26667 (RUBICONPR...)
2 11 51.89.9.251 16276 (OVH)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 4 18.202.180.84 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
11 34 142.251.39.2 15169 (GOOGLE)
8 12 185.80.39.216 27381 (CASALE-MEDIA)
5 2a00:1450:402... 15169 (GOOGLE)
3 142.250.27.154 15169 (GOOGLE)
2 2600:9000:21f... 16509 (AMAZON-02)
2 2 185.29.132.245 30419 (MEDIAMATH...)
3 3 213.155.156.184 1299 (TWELVE99 ...)
8 10 69.173.144.139 26667 (RUBICONPR...)
2 2 216.52.2.86 30282 (AS-INAPCD...)
1 1 37.252.171.85 29990 (ASN-APPNEX)
2 2 52.28.194.209 16509 (AMAZON-02)
15 2600:1f13:800... 16509 (AMAZON-02)
1 34.255.50.76 16509 (AMAZON-02)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
10 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 142.250.180.194 15169 (GOOGLE)
2 2 35.157.53.153 16509 (AMAZON-02)
1 1 151.101.2.49 54113 (FASTLY)
1 1 34.91.62.186 396982 (GOOGLE-CL...)
2 2 2a05:d018:d29... 16509 (AMAZON-02)
1 35.186.253.211 15169 (GOOGLE)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 15.197.193.217 16509 (AMAZON-02)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
9 2600:9000:20d... 16509 (AMAZON-02)
7 2606:4700::68... 13335 (CLOUDFLAR...)
1 92.123.36.4 16625 (AKAMAI-AS)
1 2600:9000:20e... 16509 (AMAZON-02)
6 52.11.3.6 16509 (AMAZON-02)
1 23.35.209.30 16625 (AKAMAI-AS)
6 2600:9000:20e... 16509 (AMAZON-02)
1 1 92.123.37.164 16625 (AKAMAI-AS)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 3.71.149.231 16509 (AMAZON-02)
2 4 2a02:2638:3::c 44788 (ASN-CRITE...)
3 178.250.1.11 44788 (ASN-CRITE...)
2 23.64.52.128 16625 (AKAMAI-AS)
1 13.248.245.213 16509 (AMAZON-02)
1 2.18.36.181 16625 (AKAMAI-AS)
2 3 54.239.33.158 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 3 52.46.151.131 16509 (AMAZON-02)
2 185.64.190.77 62713 (AS-PUBMATIC)
4 18.195.210.122 16509 (AMAZON-02)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 2a03:2880:f08... 32934 (FACEBOOK)
1 2a03:2880:f08... 32934 (FACEBOOK)
1 35.241.34.106 15169 (GOOGLE)
2 3 198.47.127.18 3257 (GTT-BACKB...)
1 1 185.64.189.110 62713 (AS-PUBMATIC)
368 73
84    186.233.88.177 (Brazil)

ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR)
olhardireto.com.br
www.olhardireto.com.br
3    2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
3    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
cdn.00px.net
35    2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
partner.googleadservices.com
11    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
3    2606:4700:20::681a:f79 (United States)

ASN13335 (CLOUDFLARENET, US)
tags.premiumads.com.br
2    2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    13.224.189.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-58.fra2.r.cloudfront.net
d31qbv1cthcecs.cloudfront.net
5    2604:a880:400:d0::163a:2001 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
00px.net
1    2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    186.233.90.67 (Brazil)

ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR)
PTR: server9067.cloud.srv.br
ads.olhardireto.com.br
5    2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    3.12.214.117 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-12-214-117.us-east-2.compute.amazonaws.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
6    2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2606:4700:10::6814:e280 (United States)

ASN13335 (CLOUDFLARENET, US)
id.navegg.com
1    2a00:1450:4025:401::9d (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2a00:1450:400d:808::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
7    217.182.178.224 (France)

ASN16276 (OVH, FR)
PTR: ip224.ip-217-182-178.eu
prg.smartadserver.com
1    18.196.123.254 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-123-254.eu-central-1.compute.amazonaws.com
tlx.3lift.com
14    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
3    35.157.189.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-189-20.eu-central-1.compute.amazonaws.com
ad.360yield.com
1    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
11    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
2    2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:400d:80e::2001 (Ireland)

ASN15169 (GOOGLE, US)
0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
16    2a00:1450:400d:80a::2001 (Ireland)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:400d:808::200a (Ireland)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
4    18.202.180.84 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-180-84.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
2    2a00:1450:400d:805::2002 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
34    142.251.39.2 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s37-in-f2.1e100.net
cm.g.doubleclick.net
12    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
5    2a00:1450:402a:80e::2003 (Ireland)

ASN15169 (GOOGLE, US)
csi.gstatic.com
3    142.250.27.154 (United States)

ASN15169 (GOOGLE, US)
PTR: ra-in-f154.1e100.net
bid.g.doubleclick.net
2    2600:9000:21f3:3200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
2    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    213.155.156.184 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-184.teliacarrier-cust.com
d5p.de17a.com
10    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    216.52.2.86 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    37.252.171.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
2    52.28.194.209 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-194-209.eu-central-1.compute.amazonaws.com
x.bidswitch.net
15    2600:1f13:800:7782:b818:916:ed27:48c4 (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
1    34.255.50.76 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-50-76.eu-west-1.compute.amazonaws.com
unified.adsafeprotected.com
2    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
10    2a00:1450:400d:80a::2006 (Ireland)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2a00:1450:400d:80e::200e (Ireland)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
2    2a00:1450:4001:14::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r4---sn-4g5lznek.c.2mdn.net
4    142.250.180.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f2.1e100.net
googleads4.g.doubleclick.net
2    35.157.53.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-53-153.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
2    2a05:d018:d29:3602:64d1:cba1:647b:b2f6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
2    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
9    2600:9000:20dc:3400:1c:38a0:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.avantisvideo.com
cdn1.avantisvideo.com
7    2606:4700::6810:df3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
usr.navdmp.com
cdn.navdmp.com
sync2.navdmp.com
sync.navdmp.com
1    92.123.36.4 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-36-4.deploy.static.akamaitechnologies.com
a.teads.tv
1    2600:9000:20eb:5000:8:9ed9:9c40:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.avantisvideo.com
6    52.11.3.6 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-11-3-6.us-west-2.compute.amazonaws.com
events1.avantisvideo.com
events.avantisvideo.com
1    23.35.209.30 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-209-30.deploy.static.akamaitechnologies.com
at.teads.tv
6    2600:9000:20eb:ee00:3:748e:7940:93a1 (United States)

ASN16509 (AMAZON-02, US)
avm.avantisvideo.com
1    92.123.37.164 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-37-164.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    23.64.52.128 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-64-52-128.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    2.18.36.181 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-36-181.deploy.static.akamaitechnologies.com
acdn.adnxs.com
3    54.239.33.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    185.64.190.77 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    18.195.210.122 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-210-122.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
scontent-fra3-1.xx.fbcdn.net
1    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
scontent-fra5-2.xx.fbcdn.net
1    35.241.34.106 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 106.34.241.35.bc.googleusercontent.com
c.4dex.io
3    198.47.127.18 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image8.pubmatic.com
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
Apex Domain
Subdomains		 Transfer
85 olhardireto.com.br
olhardireto.com.br — Cisco Umbrella Rank: 954071
www.olhardireto.com.br
ads.olhardireto.com.br
16 MB
54 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 140
456 KB
53 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
cm.g.doubleclick.net — Cisco Umbrella Rank: 202
bid.g.doubleclick.net — Cisco Umbrella Rank: 703
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 319
352 KB
22 avantisvideo.com
cdn.avantisvideo.com — Cisco Umbrella Rank: 25925
static.avantisvideo.com — Cisco Umbrella Rank: 33450
events1.avantisvideo.com — Cisco Umbrella Rank: 29328
cdn1.avantisvideo.com — Cisco Umbrella Rank: 35058
avm.avantisvideo.com — Cisco Umbrella Rank: 28000
events.avantisvideo.com — Cisco Umbrella Rank: 31256
335 KB
22 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 748
static.adsafeprotected.com — Cisco Umbrella Rank: 573
dt.adsafeprotected.com — Cisco Umbrella Rank: 539
unified.adsafeprotected.com — Cisco Umbrella Rank: 1691
214 KB
17 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 450
pixel.rubiconproject.com — Cisco Umbrella Rank: 313
eus.rubiconproject.com — Cisco Umbrella Rank: 533
token.rubiconproject.com — Cisco Umbrella Rank: 541
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 917
18 KB
16 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 203
secure.adnxs.com — Cisco Umbrella Rank: 377
acdn.adnxs.com — Cisco Umbrella Rank: 542
33 KB
13 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 271
gcdn.2mdn.net — Cisco Umbrella Rank: 1090
r4---sn-4g5lznek.c.2mdn.net — Cisco Umbrella Rank: 452202
498 KB
12 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431
9 KB
11 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 803
scontent-fra3-1.xx.fbcdn.net — Cisco Umbrella Rank: 14664
scontent-fra5-2.xx.fbcdn.net — Cisco Umbrella Rank: 22662
211 KB
11 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 712
3 KB
8 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 714
gum.criteo.com — Cisco Umbrella Rank: 378
mug.criteo.com — Cisco Umbrella Rank: 2719
9 KB
8 00px.net
cdn.00px.net
00px.net
10 KB
7 navdmp.com
tag.navdmp.com — Cisco Umbrella Rank: 26865
usr.navdmp.com — Cisco Umbrella Rank: 31564
cdn.navdmp.com — Cisco Umbrella Rank: 6059
sync2.navdmp.com — Cisco Umbrella Rank: 51685
sync.navdmp.com — Cisco Umbrella Rank: 10232
6 KB
7 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1643
23 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 73
2 KB
6 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 447
image8.pubmatic.com — Cisco Umbrella Rank: 623
image2.pubmatic.com — Cisco Umbrella Rank: 846
1 KB
6 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 940
s.amazon-adsystem.com — Cisco Umbrella Rank: 267
4 KB
6 gstatic.com
fonts.gstatic.com
csi.gstatic.com
34 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
imasdk.googleapis.com — Cisco Umbrella Rank: 442
256 KB
4 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439
cms.analytics.yahoo.com — Cisco Umbrella Rank: 848
ups.analytics.yahoo.com — Cisco Umbrella Rank: 265
3 KB
4 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1886
mp.4dex.io — Cisco Umbrella Rank: 2011
c.4dex.io — Cisco Umbrella Rank: 6498
25 KB
3 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4426
917 B
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 459
pixel.mathtag.com — Cisco Umbrella Rank: 991
2 KB
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 663
511 B
3 google.de
www.google.de — Cisco Umbrella Rank: 6149
adservice.google.de — Cisco Umbrella Rank: 8947
1 KB
3 premiumads.com.br
tags.premiumads.com.br — Cisco Umbrella Rank: 300208
150 KB
2 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1329
at.teads.tv — Cisco Umbrella Rank: 4546
4 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 296
529 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 726
2 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 625
58 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 277
1 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 589
1 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 183
97 KB
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 498
eb2.3lift.com — Cisco Umbrella Rank: 338
761 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
20 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
88 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 105
15 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 361
651 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1398
583 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2856
104 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1367
350 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 730
712 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 591
542 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 855
607 B
1 navegg.com
id.navegg.com — Cisco Umbrella Rank: 578420
303 B
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 cloudfront.net
d31qbv1cthcecs.cloudfront.net
2 KB
1 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 391
8 KB
0 alexametrics.com Failed
certify.alexametrics.com Failed
368 50
Domain Requested by
55 www.olhardireto.com.br olhardireto.com.br
34 cm.g.doubleclick.net 11 redirects googleads.g.doubleclick.net
olhardireto.com.br
0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
34 pagead2.googlesyndication.com olhardireto.com.br
pagead2.googlesyndication.com
0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
tpc.googlesyndication.com
fw.adsafeprotected.com
www.googletagservices.com
29 olhardireto.com.br 1 redirects olhardireto.com.br
16 tpc.googlesyndication.com olhardireto.com.br
0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
imasdk.googleapis.com
pagead2.googlesyndication.com
15 dt.adsafeprotected.com 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
olhardireto.com.br
14 ib.adnxs.com 4 redirects tags.premiumads.com.br
googleads.g.doubleclick.net
acdn.adnxs.com
cdn.avantisvideo.com
11 onetag-sys.com 2 redirects tags.premiumads.com.br
0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
cdn.avantisvideo.com
10 s0.2mdn.net olhardireto.com.br
s0.2mdn.net
0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
10 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
9 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
8 cdn.avantisvideo.com tags.premiumads.com.br
cdn.avantisvideo.com
7 prg.smartadserver.com tags.premiumads.com.br
6 avm.avantisvideo.com cdn1.avantisvideo.com
cdn.avantisvideo.com
6 pixel.rubiconproject.com 4 redirects olhardireto.com.br
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
5 csi.gstatic.com imasdk.googleapis.com
5 www.google.com olhardireto.com.br
0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
tpc.googlesyndication.com
5 securepubads.g.doubleclick.net tags.premiumads.com.br
securepubads.g.doubleclick.net
5 00px.net cdn.00px.net
olhardireto.com.br
4 prebid-server.rubiconproject.com cdn.avantisvideo.com
4 token.rubiconproject.com 4 redirects
4 events.avantisvideo.com olhardireto.com.br
4 gum.criteo.com 2 redirects static.criteo.net
4 googleads4.g.doubleclick.net olhardireto.com.br
4 fw.adsafeprotected.com 2 redirects 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
4 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 image8.pubmatic.com 2 redirects
3 s.amazon-adsystem.com 2 redirects olhardireto.com.br
3 aax-eu.amazon-adsystem.com 2 redirects olhardireto.com.br
3 mug.criteo.com olhardireto.com.br
3 d5p.de17a.com 3 redirects
3 bid.g.doubleclick.net imasdk.googleapis.com
0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
3 imasdk.googleapis.com olhardireto.com.br
cdn.avantisvideo.com
3 ad.360yield.com tags.premiumads.com.br
cdn.avantisvideo.com
3 tags.premiumads.com.br olhardireto.com.br
tags.premiumads.com.br
3 cdn.00px.net olhardireto.com.br
cdn.00px.net
3 fonts.googleapis.com olhardireto.com.br
0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
2 hbopenbid.pubmatic.com cdn.avantisvideo.com
2 eus.rubiconproject.com tags.premiumads.com.br
eus.rubiconproject.com
2 sync.navdmp.com olhardireto.com.br
2 events1.avantisvideo.com olhardireto.com.br
2 tag.navdmp.com tags.premiumads.com.br
tag.navdmp.com
2 match.adsrvr.org 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
olhardireto.com.br
2 pr-bh.ybp.yahoo.com 2 redirects
2 pm.w55c.net 2 redirects
2 r4---sn-4g5lznek.c.2mdn.net olhardireto.com.br
2 static.criteo.net tags.premiumads.com.br
static.criteo.net
2 x.bidswitch.net 2 redirects
2 ap.lijit.com 2 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 sync.mathtag.com 2 redirects
2 static.adsafeprotected.com 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
2 www.googletagservices.com 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
2 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 script.4dex.io tags.premiumads.com.br
script.4dex.io
2 www.google-analytics.com olhardireto.com.br
www.google-analytics.com
2 connect.facebook.net olhardireto.com.br
connect.facebook.net
1 image2.pubmatic.com 1 redirects
1 c.4dex.io olhardireto.com.br
1 scontent-fra5-2.xx.fbcdn.net www.facebook.com
1 scontent-fra3-1.xx.fbcdn.net www.facebook.com
1 www.facebook.com connect.facebook.net
1 px.ads.linkedin.com olhardireto.com.br
1 acdn.adnxs.com tags.premiumads.com.br
1 eb2.3lift.com tags.premiumads.com.br
1 ups.analytics.yahoo.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 pixel.mathtag.com 1 redirects
1 sync2.navdmp.com olhardireto.com.br
1 cdn.navdmp.com tag.navdmp.com
1 cdn1.avantisvideo.com cdn.avantisvideo.com
1 usr.navdmp.com tag.navdmp.com
1 at.teads.tv a.teads.tv
1 static.avantisvideo.com cdn.avantisvideo.com
1 a.teads.tv tags.premiumads.com.br
1 dsp.adfarm1.adition.com 1 redirects
1 dclk-match.dotomi.com 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
1 rtb.openx.net 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
1 um.simpli.fi 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 gcdn.2mdn.net 1 redirects
1 unified.adsafeprotected.com imasdk.googleapis.com
1 secure.adnxs.com 1 redirects
1 partner.googleadservices.com pagead2.googlesyndication.com
1 bidder.criteo.com tags.premiumads.com.br
1 fastlane.rubiconproject.com tags.premiumads.com.br
1 tlx.3lift.com tags.premiumads.com.br
1 mp.4dex.io tags.premiumads.com.br
1 www.google.de olhardireto.com.br
1 stats.g.doubleclick.net www.google-analytics.com
1 id.navegg.com tags.premiumads.com.br
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com olhardireto.com.br
1 ads.olhardireto.com.br olhardireto.com.br
1 fonts.gstatic.com fonts.googleapis.com
1 d31qbv1cthcecs.cloudfront.net olhardireto.com.br
1 cdn.ampproject.org olhardireto.com.br
0 certify.alexametrics.com Failed olhardireto.com.br
368 99
Subject Issuer Validity Valid
www.olhardireto.com.br
Sectigo RSA Domain Validation Secure Server CA		 2022-05-13 -
2023-06-12		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
cdn.00px.net
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-10 -
2023-03-09		 2 months crt.sh
premiumads.com.br
Cloudflare Inc ECC CA-3		 2022-05-07 -
2023-05-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
ads.mediadobrasil.com
R3		 2023-02-13 -
2023-05-14		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
ads.olhardireto.com.br
R3		 2023-01-24 -
2023-04-24		 3 months crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon RSA 2048 M01		 2023-02-08 -
2023-10-11		 8 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-31 -
2023-05-31		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M01		 2023-02-10 -
2023-06-11		 4 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-02-14 -
2023-07-28		 5 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-04 -
2023-03-31		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-05-27		 4 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-09-04		 6 months crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-02-09 -
2023-12-03		 10 months crt.sh
wrapper-vast.adsafeprotected.com
Amazon RSA 2048 M01		 2023-02-13 -
2023-11-15		 9 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-13 -
2023-04-15		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-02-21 -
2023-05-02		 2 months crt.sh
*.avantisvideo.com
Amazon		 2022-10-24 -
2023-11-21		 a year crt.sh
teads.tv
R3		 2023-02-21 -
2023-05-22		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
c.4dex.io
GTS CA 1D4		 2023-01-06 -
2023-04-06		 3 months crt.sh

This page contains 30 frames:

Primary Page: https://olhardireto.com.br/
Frame ID: 22A22C39D64B8F6C9923217883BCE87B
Requests: 191 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230227/r20190131/zrt_lookup.html
Frame ID: 58DF732C2ABEA6703A43610FD5AAF1A9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6337956849655550&output=html&adk=347499538&adf=1862406280&lmt=1677742792&plat=1%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Folhardireto.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677742792075&bpp=4&bdt=1062&idt=233&shv=r20230227&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=326034376769&frm=20&pv=2&ga_vid=315635011.1677742792&ga_sid=1677742792&ga_hid=957880549&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44777876%2C44759876%2C44759842&oid=2&pvsid=2759212288538101&tmod=492473787&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=270
Frame ID: F7E0701F614A3B117A24B715EA71DABD
Requests: 1 HTTP requests in this frame

Frame: https://cdn.00px.net/rocket/71659/index.png
Frame ID: 88DA37D425DF411C0C57E7088362F1AD
Requests: 1 HTTP requests in this frame

Frame: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D29BC7D3AA5565B0B9DA49CD40BA8C81
Requests: 1 HTTP requests in this frame

Frame: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 582D2CA6376FE07CB72E1E32AF1B1CE5
Requests: 3 HTTP requests in this frame

Frame: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0B2E96EA3DA4E3E987123EB7FF743919
Requests: 32 HTTP requests in this frame

Frame: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6FC120097C19D5CC55935FFB0028282C
Requests: 26 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite_fy2021.js
Frame ID: 389B040AEC8F241CA7987251B5D1BC3D
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjX7tzgATAB&v=APEucNWOn6yfYs-iZ8cqlztOCBiITxL8ITp41ZmTTM21adZPwUOmR5ZJMXiOe3Fm55jSEpKx7c2Ie86HQLrxq0ztfFP4ybQSf7MMRAwsA6qCPs-5QQ1ay3j3vGSPYGYRCk5IPDYmS4ueCuJMMSW3oF0p-RcQ0JUr_wktpzf9MNon9bOVgXMmEj0
Frame ID: E03F99910668E5E7718964B1B0DF9066
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARiIs6DRATAB&v=APEucNVKLk1Yjv7jFyvpNePtuDbqysYm6rnXkIPpr-8VeCxY9tWbElfrwftLObYEnKexxJj8EctrBMoSAdI2o54s440mHh2ACbzMFkapghM9auE3P9d8pQihYS3_MFqf91G2Et8Oa1pq8tl_KrIfP65R8MlPvsMfk1PJH_QlU4O6BC7f1l4m4KY
Frame ID: 4F3AEA0D9AB30683322366AA189A5F5A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3C610A3190624A7BC204D48889DF0F4B
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 16886321ACB19EB38C12EFFFF20B5AFE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 373729B976CEE3FEB59708AE064A40BB
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: CF42E0F1A7652FF0AD5E7A0A38699DDB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9A13EA71032FD34FDF402CF81CE89DBA
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8EF7719B160F5C05038702FC4BE3AD1A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A3E2C691D574B1247439FDAC2449A055
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13882321803870263048/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-ZTHubPageBanners-Security-ALL_0_105/index.html
Frame ID: E488A407524CC7D8F0FAEB66433ABBCA
Requests: 6 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9085316032647509763/DE-DEU_XA-10_0_728x90_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/index.html
Frame ID: 230DC31A9C11B838690190129D54B86F
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 2680ACFDC9FB6DF54261760AAA799EB4
Requests: 3 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: 1C0E3BE0386C257227698B8C168CA375
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: D2492AE1A12CBD78E69E7588EFDBD5D8
Requests: 10 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: BB4C02DB6798BCF2DF48E4B6B4496B7A
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1677742792353
Frame ID: 748587FC39304821CF0A13558E232084
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C5A09D48B2BE032C4478B80CD86E60C8
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/v10.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15ad8aacd109e4%26domain%3Dolhardireto.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Folhardireto.com.br%252Ff2939143f829ad4%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Folhardiretomt&locale=pt_BR&sdk=joey&show_facepile=false&small_header=false&tabs=&width=
Frame ID: 7A2D32E715AE827D47389FFEF6AD8058
Requests: 12 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=olhardireto.com.br
Frame ID: FB9DBCAF4341182C866C1CFC385B3E70
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 48B5F355E49DD38B9B597BA3E62F85D5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 29F5504D61EB78BEB6F3C9D7F40885B6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Notícias de MT | Olhar Direto

Page URL History Show full URLs

  1. http://olhardireto.com.br/ HTTP 301
    https://olhardireto.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • tag\.navdmp\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

368
Requests

88 %
HTTPS

48 %
IPv6

50
Domains

99
Subdomains

73
IPs

11
Countries

19636 kB
Transfer

25839 kB
Size

48
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://olhardireto.com.br/ HTTP 301
    https://olhardireto.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 171
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPaeR9djSu4TvRkDMMOmqA8&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPaeR9djSu4TvRkDMMOmqA8&google_cver=1&C=1
Request Chain 172
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZABSyuAxinEnV12jJu-jPAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPaeR9djSu4TvRkDMMOmqA8&google_cver=1
Request Chain 173
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKQlbY-W5WjVEfDC7D6teAo&google_cver=1
Request Chain 174
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY3MjIwNDQyMTkyMDI2MjU1Ng%3D%3D
Request Chain 175
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPaeR9djSu4TvRkDMMOmqA8&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPaeR9djSu4TvRkDMMOmqA8&google_cver=1&C=1
Request Chain 176
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZABSyuAxinEnV12jJu-jPAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPaeR9djSu4TvRkDMMOmqA8&google_cver=1
Request Chain 177
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKQlbY-W5WjVEfDC7D6teAo&google_cver=1
Request Chain 178
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjczNDE0MTgwNTQ3NzE5NzM5NQ%3D%3D
Request Chain 191
  • https://fw.adsafeprotected.com/rfw/bgd/1135760/69474538/xbbe/creative/adj?p=APEucNXYmfPfoTjVmlF1Jd08IEchMLhOXyCx7g9zBnXZB--j0HxovnQ&d=CokBAKAmf-C00twB4LvsVFHWZmnMkbiD422gRFFnC8alz5EuIhaRAigHN-7aZRsiAEhgVrw3kELi1Cl5clvfrNdSyH-YXQQp0cvBUzzaSzK5MWI16Kmk0kA6THZ2WbtYdwZiaEJswsa7GzrQs4aKAfClnlvzukZZ4DnCYTuSa38p9iQf3KLUCr6U6vIS-RUAoCZ_4Do3CgJYLWIrM-BzMulzcrakirfb3-uVeTKioWIXnk-QuQur1zdO5Ia8iAa7qeyRX5vxjDJhN7cAKq51B7BAWDO8L34onel2tsCCvdZcn75x7DgM7rvl78hZTUeT7gRT9fcjsA302rO40SC__cWrRAKCHXa6scLWSMrML67w5hyRuyZrKiZ7ey5leB-P1dft-adeyvrE_lEvWUe_j5kRxw6KU7H85K2I72K40woVc_TKX4_IpJAZftJk1KcASdfl5qy6L8x2olqOb6nFrc1FqjhOF1yqYV67tOrn8n3GcsXLsPgvS7wlYayXu-EgfeQzo2OK6vAo6Rs0TlbnxB8HUCf_H4lgg4WaijX9TCcgBEFOYy4YZA_j7nUt-2iJ7EzP0WKm62B-Og3SQgM3_jqh9Gk3e4HYvjsuHjmw37X2M1npBRuN6-pKcJh4GfA-1W7JdkRS9xoJb7otS3A8NpCMJktAGvnkPrJXO9zCsetpYmb5TblKc5i7vrS6qjFZBvFwm4i1QuP9YBmvspSTZP3eYCH_KVYobdwL4PuAUqAOfmTSacDZLwjTgpIJOObxaIQpo6ZUovgI0iyASkJwOy0m846ROps8GVzJTfjIPomXuffAo3lI8pPAxLeAwcx2cqa8OJLlMSXXQyUDjD2mLcikajE_wjrPlF16WmO9SFpCS8KFBBlPSBu-ljMq2BvTAxw0fi0oON-8FtEFYasHiouIr4nyoHgVEQtfSFGCzz4kzFgMaYQTeqtAKHL_gwCttmZItS431e2eb25JyCjeQvsW4OWN3l3_ou8gyc_nlIDAcKi12RsVtex39ohAw-gKE4BtVJ7t2NOe-14SwK0EdyqUIb8mw-2S9f4OrNyqlqR4bc0M9TA5BRCjSnrdvAYjqmy8YXXmbOZqW8xb2uqpaLr5VTsYH-OPkwsycZA2g-9bWwUMxysMTefnkHP_9Q_EhiPtJjnVmE2KHgqObcqCg_hIbDDKh3m-gWgGqXxzynRLKnIoAdcfeN1V5LvNHuc_wUWBryBVT4QI1Zrp3GFF7QPWvH6LVfVayIJZYXWKyWhlZVbbAqA2Tyty7zeZ6i7k4MA-G-O2-HwKYStJToAtHYLd5Z7sX85tTNvyXYi4glyqQNN6t6kO76ILP9NL9MPGTYJZ3io8UApPeP0cXNdRflzoK7j8Ftz6WddIBWFUw-dlZoh7HIx8jvdPdgSr2dsKA3PQob8xvfbA1P-lBnTTCnmKRjg18xlqrj8mmmLYUw0_ygmLzoeGt-ybX0Ho4qjTtN7QmR1OOImAYV2m3CX7UkNeZnAwd7WdBved6r-C3LboFUiDI-r0O9gZYnwaBW1mGLV_T1xM7tnYPU4BJoFnXWH3PzHaTq4qK8GcZ3kBZm3eKGNpHhscnFpVBSqo92gP7FnXHwmw0Im9vmlAZlKlgWCZkIRAgQ62_qu4oLxV62l2Q0xEw7sigzolOuqhF6VDC3m5ucQoeqmBtUlXC4oQdQfAmsFZBrHc55znoKOQ44AJESgk7alsuy3dFnyfLL0Sf1skwA-C-q4jz9CfC7gvGBUHtyzO0-X-6abgif2UL8xRc4_GLJqEynRdMC6Q6YhIondZr8-JSIC2WMBpxNv6MG126qU1EgmS5uVEGXNXs69dpujezLX7RAXQ7jh9ngBX_FX_vl369_wl4IC7HgFZPyqTGwy-BY00tyqa5ODo2C09OJLMTiNHJP4_wBKhQYdk8yxPYFH2urAAbONn4Bk4Y5MaRDjD8ELrDzHkrK3PP4dtmYkxJQQd5kcq4PN1LqmO0zDBOTqKP_ywxhXF3LzAdFLk97oM2veYdNTi4TKvl8FKCElJNLdF3k43OPedXfHaWS1nfbvl1haJ0woQvtVe5Z4FnLZVgNHw03Z4fC0VdEKAVQ13PPWb_iWcSbCpBBRqHXa3Y6pFrsCWWbKi90VeRbMlnO12GvX_2ShDtNCYaPeED10a8AcWBl94_CussFzuKH5j9YNfKS69jvqkqRjeqW7A1Jb92E80qkZ7XWmpP2bxLGtkX5JzQUqicYbMLyBWBp07s9QmdgqOQZz-pv11uTZ8m3axOK8kp3uj4YI85-Ez4e9KudRSx-e394SZDJDFR_eDrjThTRpL3BX-z3K2Hm1IeplOAKZUGYwdV3QMTjAzFOTt6EaF6tOWYoY0JFlig7txwAf_OjFip4DcZd1Uq4mOAkevHFk3DT15vO9mGM9W9WJa30H7r_nWqsxAM0yVg8GQiAsAU8jGIZGA4L29e9fBwI7oudZIvgXIVUZG0n4-X4NBzAyv6w6VVnzV_vRt6noq_Uv9x-pwTg7Z-cM1Oc5aDY2X3mvnJvSneiE9cRz3HmbrwFXtZMKdMDr9B3vJJ84cqtCegIrp57GWHzqlMvTyRqTF5RpHhBiSqWL12TxBNxn5MK6-FNEnuEGbQ_nsyYVXcGo6jLzt2QX_oOaI-tmrnbhEkcU0MclO90t-Au8yxFDi3KSxozjvmN8HDFZdg8yyWqB9FJ-D6-z9E8_W_xhUnNPrIURldj2WdK3B9cWo4bDFSOyM5RO0fa_nu1hk71yJCHabfhA8NclVLDSUnPaVcibciERgw4lXtSE03qbMVqajTfWsXqEmn7BUIdJpOEZyBveVDZytUO4EGRXXs3jr4nNbi1ErK2XNqB3y0Gn3ogtNVr_Nbh-y24ciRgE8l0VhqbhiNHiA-Qdg1DoICc7fsOBRQK6C_JAcPa15BzwAblfrBnSmiZKXJFLU_A-Y6PO04HmaC2H2mR9BWjFW2IYfrGAxuheNKRrqNPQFqW1WjhzejCo5r4uVyfLlSrLmzHk4MG3Az2Nnh9y0004APAhdYGNcuLNvzkvHkknsVPjynINgad5JbXVrDpMeFMJBwJPtbMgqBf1vPYMbT1lJ47_p7CW_H1mbP0rR8ydEu8yNnlFqcrn24gDg4RyiOafWVmsSAhiDfQXuudmvEC_Xw8wSkT25GY5A-dz8LouHOzZcCAgbSRiEpYmHHUlRR4GcaqDtEogOQSgTiQGsScz2rU6Nq1m1uPH38Ya5Em2KB2cKP2Q6OuMPSjWxFMdIRfK61F0eurrrGSBHdbakaRqDc80wjzNHdZdIO0Gco35e8_1hq4ke_1r2C0wnVvaHXoIiGhJ7YQm28RG-5OU5fKQ5ajfXUergc5tlcWLef04BitdIFFQXCFk0qnn9b9j3wPaVvdSJ-ysjDkSRO8hiPNTAkB87MPExvLl4Hwn33Y_f75x6_JUj01mPjyy9YIrAhws9cyJ0WyEa3VIjC2Yw2kj3hITQurBDzsu3eMSXiexo3XBQIixINYBAQrFOHPUJc2qEhzPOg8V-lPsIuxn-XKj8ddHT-Rj7UwP927t1PRnJxu8SkIvRKDi5SSiGGnS9woG7VgDOq-OpvrPJsHpCvJ7netJehaSDEP4AH5WxKdrGdjSua6ibuOs1zhTLsSFEkwghjzDPsYV2Qz1SlmNHx78ASAuISPUqBfXUZzWRCE-LVA7Cl3vAGcHS8e6GLkXiWY6l2UYJHHI8GvxsziUpPcXhHiQ0gdiBvhi4dTc7jLXpmGfdO71heXdcqrkystkY0EkGRr_yZK_O71EkWtSo-0FqK6-kXAJES4M-gJlfgXBNBjG7-EM3OL0vR0mn_Clbz-TK1QoAQjrV48vIFOCXmGq9bb68mR0EAHg4euIQVbz05NfbY_-3doJvuCpdxa3-sFpqWaVewxaCrBCWS51nCJghLZvzP4QoTEbeGkIIBBI8ANQTnKYE7aiNhb_objkESEkEBIoMYt1uK58t8qktVXwK0n_hI2fOeVKbgKrdaXAySZozeZX2q6V6e_iBGAFgAQ&bundleId=&ias_dspID=3&ias_campId=1008772806&ias_pubId=pub-3619045887187031&ias_chanId=1&ias_placementId=18132952210&bidurl=https://olhardireto.com.br/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0glamt4Zr2TaflPYtZHVBHy&adsafe_url=https%3A%2F%2Folhardireto.com.br&adsafe_type=y&adsafe_url=https%3A%2F%2Folhardireto.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:b4a7d2af-6386-f4ed-b76e-16d38000cb76,c:5GHjRT,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-65fb65bbbb-gc46q,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:txkxMQV+11%7C12%7C13%7C14%7C1511%7C16*.1135760-69474538%7C161%7C171,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:25,oid:6c7ab1bb-b8cd-11ed-bf1a-26554d542d0c,v:19.8.397,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXYmfPfoTjVmlF1Jd08IEchMLhOXyCx7g9zBnXZB--j0HxovnQ&d=CokBAKAmf-C00twB4LvsVFHWZmnMkbiD422gRFFnC8alz5EuIhaRAigHN-7aZRsiAEhgVrw3kELi1Cl5clvfrNdSyH-YXQQp0cvBUzzaSzK5MWI16Kmk0kA6THZ2WbtYdwZiaEJswsa7GzrQs4aKAfClnlvzukZZ4DnCYTuSa38p9iQf3KLUCr6U6vIS-RUAoCZ_4Do3CgJYLWIrM-BzMulzcrakirfb3-uVeTKioWIXnk-QuQur1zdO5Ia8iAa7qeyRX5vxjDJhN7cAKq51B7BAWDO8L34onel2tsCCvdZcn75x7DgM7rvl78hZTUeT7gRT9fcjsA302rO40SC__cWrRAKCHXa6scLWSMrML67w5hyRuyZrKiZ7ey5leB-P1dft-adeyvrE_lEvWUe_j5kRxw6KU7H85K2I72K40woVc_TKX4_IpJAZftJk1KcASdfl5qy6L8x2olqOb6nFrc1FqjhOF1yqYV67tOrn8n3GcsXLsPgvS7wlYayXu-EgfeQzo2OK6vAo6Rs0TlbnxB8HUCf_H4lgg4WaijX9TCcgBEFOYy4YZA_j7nUt-2iJ7EzP0WKm62B-Og3SQgM3_jqh9Gk3e4HYvjsuHjmw37X2M1npBRuN6-pKcJh4GfA-1W7JdkRS9xoJb7otS3A8NpCMJktAGvnkPrJXO9zCsetpYmb5TblKc5i7vrS6qjFZBvFwm4i1QuP9YBmvspSTZP3eYCH_KVYobdwL4PuAUqAOfmTSacDZLwjTgpIJOObxaIQpo6ZUovgI0iyASkJwOy0m846ROps8GVzJTfjIPomXuffAo3lI8pPAxLeAwcx2cqa8OJLlMSXXQyUDjD2mLcikajE_wjrPlF16WmO9SFpCS8KFBBlPSBu-ljMq2BvTAxw0fi0oON-8FtEFYasHiouIr4nyoHgVEQtfSFGCzz4kzFgMaYQTeqtAKHL_gwCttmZItS431e2eb25JyCjeQvsW4OWN3l3_ou8gyc_nlIDAcKi12RsVtex39ohAw-gKE4BtVJ7t2NOe-14SwK0EdyqUIb8mw-2S9f4OrNyqlqR4bc0M9TA5BRCjSnrdvAYjqmy8YXXmbOZqW8xb2uqpaLr5VTsYH-OPkwsycZA2g-9bWwUMxysMTefnkHP_9Q_EhiPtJjnVmE2KHgqObcqCg_hIbDDKh3m-gWgGqXxzynRLKnIoAdcfeN1V5LvNHuc_wUWBryBVT4QI1Zrp3GFF7QPWvH6LVfVayIJZYXWKyWhlZVbbAqA2Tyty7zeZ6i7k4MA-G-O2-HwKYStJToAtHYLd5Z7sX85tTNvyXYi4glyqQNN6t6kO76ILP9NL9MPGTYJZ3io8UApPeP0cXNdRflzoK7j8Ftz6WddIBWFUw-dlZoh7HIx8jvdPdgSr2dsKA3PQob8xvfbA1P-lBnTTCnmKRjg18xlqrj8mmmLYUw0_ygmLzoeGt-ybX0Ho4qjTtN7QmR1OOImAYV2m3CX7UkNeZnAwd7WdBved6r-C3LboFUiDI-r0O9gZYnwaBW1mGLV_T1xM7tnYPU4BJoFnXWH3PzHaTq4qK8GcZ3kBZm3eKGNpHhscnFpVBSqo92gP7FnXHwmw0Im9vmlAZlKlgWCZkIRAgQ62_qu4oLxV62l2Q0xEw7sigzolOuqhF6VDC3m5ucQoeqmBtUlXC4oQdQfAmsFZBrHc55znoKOQ44AJESgk7alsuy3dFnyfLL0Sf1skwA-C-q4jz9CfC7gvGBUHtyzO0-X-6abgif2UL8xRc4_GLJqEynRdMC6Q6YhIondZr8-JSIC2WMBpxNv6MG126qU1EgmS5uVEGXNXs69dpujezLX7RAXQ7jh9ngBX_FX_vl369_wl4IC7HgFZPyqTGwy-BY00tyqa5ODo2C09OJLMTiNHJP4_wBKhQYdk8yxPYFH2urAAbONn4Bk4Y5MaRDjD8ELrDzHkrK3PP4dtmYkxJQQd5kcq4PN1LqmO0zDBOTqKP_ywxhXF3LzAdFLk97oM2veYdNTi4TKvl8FKCElJNLdF3k43OPedXfHaWS1nfbvl1haJ0woQvtVe5Z4FnLZVgNHw03Z4fC0VdEKAVQ13PPWb_iWcSbCpBBRqHXa3Y6pFrsCWWbKi90VeRbMlnO12GvX_2ShDtNCYaPeED10a8AcWBl94_CussFzuKH5j9YNfKS69jvqkqRjeqW7A1Jb92E80qkZ7XWmpP2bxLGtkX5JzQUqicYbMLyBWBp07s9QmdgqOQZz-pv11uTZ8m3axOK8kp3uj4YI85-Ez4e9KudRSx-e394SZDJDFR_eDrjThTRpL3BX-z3K2Hm1IeplOAKZUGYwdV3QMTjAzFOTt6EaF6tOWYoY0JFlig7txwAf_OjFip4DcZd1Uq4mOAkevHFk3DT15vO9mGM9W9WJa30H7r_nWqsxAM0yVg8GQiAsAU8jGIZGA4L29e9fBwI7oudZIvgXIVUZG0n4-X4NBzAyv6w6VVnzV_vRt6noq_Uv9x-pwTg7Z-cM1Oc5aDY2X3mvnJvSneiE9cRz3HmbrwFXtZMKdMDr9B3vJJ84cqtCegIrp57GWHzqlMvTyRqTF5RpHhBiSqWL12TxBNxn5MK6-FNEnuEGbQ_nsyYVXcGo6jLzt2QX_oOaI-tmrnbhEkcU0MclO90t-Au8yxFDi3KSxozjvmN8HDFZdg8yyWqB9FJ-D6-z9E8_W_xhUnNPrIURldj2WdK3B9cWo4bDFSOyM5RO0fa_nu1hk71yJCHabfhA8NclVLDSUnPaVcibciERgw4lXtSE03qbMVqajTfWsXqEmn7BUIdJpOEZyBveVDZytUO4EGRXXs3jr4nNbi1ErK2XNqB3y0Gn3ogtNVr_Nbh-y24ciRgE8l0VhqbhiNHiA-Qdg1DoICc7fsOBRQK6C_JAcPa15BzwAblfrBnSmiZKXJFLU_A-Y6PO04HmaC2H2mR9BWjFW2IYfrGAxuheNKRrqNPQFqW1WjhzejCo5r4uVyfLlSrLmzHk4MG3Az2Nnh9y0004APAhdYGNcuLNvzkvHkknsVPjynINgad5JbXVrDpMeFMJBwJPtbMgqBf1vPYMbT1lJ47_p7CW_H1mbP0rR8ydEu8yNnlFqcrn24gDg4RyiOafWVmsSAhiDfQXuudmvEC_Xw8wSkT25GY5A-dz8LouHOzZcCAgbSRiEpYmHHUlRR4GcaqDtEogOQSgTiQGsScz2rU6Nq1m1uPH38Ya5Em2KB2cKP2Q6OuMPSjWxFMdIRfK61F0eurrrGSBHdbakaRqDc80wjzNHdZdIO0Gco35e8_1hq4ke_1r2C0wnVvaHXoIiGhJ7YQm28RG-5OU5fKQ5ajfXUergc5tlcWLef04BitdIFFQXCFk0qnn9b9j3wPaVvdSJ-ysjDkSRO8hiPNTAkB87MPExvLl4Hwn33Y_f75x6_JUj01mPjyy9YIrAhws9cyJ0WyEa3VIjC2Yw2kj3hITQurBDzsu3eMSXiexo3XBQIixINYBAQrFOHPUJc2qEhzPOg8V-lPsIuxn-XKj8ddHT-Rj7UwP927t1PRnJxu8SkIvRKDi5SSiGGnS9woG7VgDOq-OpvrPJsHpCvJ7netJehaSDEP4AH5WxKdrGdjSua6ibuOs1zhTLsSFEkwghjzDPsYV2Qz1SlmNHx78ASAuISPUqBfXUZzWRCE-LVA7Cl3vAGcHS8e6GLkXiWY6l2UYJHHI8GvxsziUpPcXhHiQ0gdiBvhi4dTc7jLXpmGfdO71heXdcqrkystkY0EkGRr_yZK_O71EkWtSo-0FqK6-kXAJES4M-gJlfgXBNBjG7-EM3OL0vR0mn_Clbz-TK1QoAQjrV48vIFOCXmGq9bb68mR0EAHg4euIQVbz05NfbY_-3doJvuCpdxa3-sFpqWaVewxaCrBCWS51nCJghLZvzP4QoTEbeGkIIBBI8ANQTnKYE7aiNhb_objkESEkEBIoMYt1uK58t8qktVXwK0n_hI2fOeVKbgKrdaXAySZozeZX2q6V6e_iBGAFgAQ&bundleId=
Request Chain 194
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDK2pjkT9gJfdBZgSCpzhnc&google_cver=1&google_push=Aa02lx9lasp_3k9kx2jkSYoZxSRUWTLNsiyVKL778ZRlej6eIllOXaqU5Vjw59c8By8Rl02Rt0gcN5O7E-BTxj4Ra47Uw1ViJRK0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx9lasp_3k9kx2jkSYoZxSRUWTLNsiyVKL778ZRlej6eIllOXaqU5Vjw59c8By8Rl02Rt0gcN5O7E-BTxj4Ra47Uw1ViJRK0
Request Chain 195
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEP9GVZm2HC9tLjq_ZcZHSgo&google_cver=1&google_push=Aa02lx9ht700BXVLce3oER3X4JhCovt4bgIrKBW22spYg3dIuLmyNmK4zW_-tyyE4ApmeFz_dw4k789lurRqrktgSkMb7L2D4Hlp HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEP9GVZm2HC9tLjq_ZcZHSgo&google_cver=1&google_push=Aa02lx9ht700BXVLce3oER3X4JhCovt4bgIrKBW22spYg3dIuLmyNmK4zW_-tyyE4ApmeFz_dw4k789lurRqrktgSkMb7L2D4Hlp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx9ht700BXVLce3oER3X4JhCovt4bgIrKBW22spYg3dIuLmyNmK4zW_-tyyE4ApmeFz_dw4k789lurRqrktgSkMb7L2D4Hlp
Request Chain 196
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJWEr5ZHuWXum1ZgxqEieVA&google_cver=1&google_push=Aa02lx_1L2O-eucKbrCRQlSBvNsW9SR-enEjG04ls-LajPcHoPcu0jxsvlmyK62jPUS62trZKmlGuOlTVve7DUx8asMpqIvkUx0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVRU1FOUVEtMUItQ1hJUg==&google_push=Aa02lx_1L2O-eucKbrCRQlSBvNsW9SR-enEjG04ls-LajPcHoPcu0jxsvlmyK62jPUS62trZKmlGuOlTVve7DUx8asMpqIvkUx0
Request Chain 197
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIFUe0GbuTWMmpHqMcY3NK8&google_cver=1&google_push=Aa02lx-18hsUS3b_JSbRC6d2qtGG8UGjGfQu46vR_HMaS8DZnxYPnIvs2eFwzUofycEjXxym0Ucaxah6syA9Oo6DYotmjkxa_qY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIFUe0GbuTWMmpHqMcY3NK8&google_hm=ZABSyuAxinEnV12jJu_jPAAABH0AAAAB&google_nid=index&google_push=Aa02lx-18hsUS3b_JSbRC6d2qtGG8UGjGfQu46vR_HMaS8DZnxYPnIvs2eFwzUofycEjXxym0Ucaxah6syA9Oo6DYotmjkxa_qY
Request Chain 198
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEB-fHqvAgEaLyFF7nR3pscc&google_cver=1&google_push=Aa02lx9VwUSN03-H8FU1tIIMAf4Kk39xeM4rRIZqEV8y_DPVwwRLcSgVyy-11sAcCC2dixPOsIpme1g1DldIJTfjwFsL9RGMgLz3 HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEB-fHqvAgEaLyFF7nR3pscc&google_cver=1&google_push=Aa02lx9VwUSN03-H8FU1tIIMAf4Kk39xeM4rRIZqEV8y_DPVwwRLcSgVyy-11sAcCC2dixPOsIpme1g1DldIJTfjwFsL9RGMgLz3&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9VwUSN03-H8FU1tIIMAf4Kk39xeM4rRIZqEV8y_DPVwwRLcSgVyy-11sAcCC2dixPOsIpme1g1DldIJTfjwFsL9RGMgLz3&google_hm=GPfLsGZHF7ZQxg8qSTSGvAsM
Request Chain 199
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEFVUbu5qhMIyNyOv5ZGODmg&google_cver=1&google_push=Aa02lx8aqRWT_kNrRjOMk2H9qhkRGXViHwLSc5P65xt2ICdc1CJ0b9gr_34KEgZzsPpGvGWX8Funn4F1U54lOQqXkXV2h5VrpES0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjczNDE0MTgwNTQ3NzE5NzM5NQ%3D%3D&google_gid=CAESEFVUbu5qhMIyNyOv5ZGODmg&google_cver=1&google_push=Aa02lx8aqRWT_kNrRjOMk2H9qhkRGXViHwLSc5P65xt2ICdc1CJ0b9gr_34KEgZzsPpGvGWX8Funn4F1U54lOQqXkXV2h5VrpES0
Request Chain 200
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEAKtKANGq1oso4kgYUiIc1w&google_cver=1&google_push=Aa02lx_Ki0PxxTo1gARy9FIs66wQwVxjcIdYX-pUbFg9P4eFdbSrmsAMW-Mt6BUpmLRVFEQsNsniYx0moZ0JZwNy8_O9Vbr_cLlfKA HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEAKtKANGq1oso4kgYUiIc1w&google_cver=1&google_push=Aa02lx_Ki0PxxTo1gARy9FIs66wQwVxjcIdYX-pUbFg9P4eFdbSrmsAMW-Mt6BUpmLRVFEQsNsniYx0moZ0JZwNy8_O9Vbr_cLlfKA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=a989f02b-4f71-424d-8bdd-1856c83b109f&%%GOOGLE_PUSH_PAIR%%
Request Chain 208
  • https://fw.adsafeprotected.com/rfw/bgd/1135760/65089100/xbbe/creative/adj?p=APEucNXyq3IQCB_rQDbnVa--a205ZaEUI7aDdWSLdWsq7fHzkvZ8d_k&d=CokBAKAmf-BtmCJm1G-tfCvVC-g-LstrWKdI23bZbjyAbb7T_jQ_J8zSQQXIFDLm87xbWaPFED_t7sx8mRLAGb8v2cKLjHAMUkTvRrphPct3WgEoVS8rhvS_DfYcq80q_8sAv2F0j_nFycohA1EtPvn7cGtYnJgbuKQ0OhZSfwct4XGYSPv2Xe8wi0QS-RUAoCZ_4Doh3chFBJY8mvcN-7mQ23R9LBa0HYVNdzxXzaiz5-5ZzYcCgQJ9m2frJtlVeR8S707GmZkea8bnsybjKjhVOuUMZyCkvyc7RXJszEtcX_H7xBy3VvbejRxI46lggQeGW_RXZAYUXO2SPcFukJo79Dm9qTIGbyyXxgTZVePwg3fgZ38YYtNTzEY5lYQe0Cba4_DmBLREjq5WiRrFSwdcdGlLMwDF_bpScnVAnyUuzf8etbAaTrNL3IUkiafTLMZY5QWZEW47PPsNxbvZ3mMTunRa2qcmO6raGc0BsnpIopca3e07_ouxzjoXJESEqMCOfu3w5RVHCsUa81mCreTGqeP9kk_04F7pDXI_APpMBwJA3_zYW0qFMSy_FTHD92bsdX-BJFE58WgW_ZrluEHUr78ProcpEL68Rq30rPuIuF0sMZK_gR2-eia4TYdkJpvfkBpkZHxQEZ2ikkvciIgseiL4uK4J9KsnXiR9BRBtBoFIxjxC4x234NUylgMdwCX2szaLOXMRA4iQW7Zp_GtztLT4FO8OAfULsWfHWHGyGQr_gRctco2xkjIHhk315p0NXXk0rUDbm2AahcKFfb9pv9Ib-M7IGEosaW0TqzX_FcCgEWNTsxeQ04-qXXIst9YvOn-l_HYaakUXF9bRKTynjazE4ieWFqI_JRxamy0UMzn1BU0uwbZgrdLCfYlqPufpQzh13dtBwokaghaiYKg1FrR4MUDyI1PW97Z5cergY4pdzfksLnG1YET_mFdB6gWtJluYK7aJXJuxyd2ZvTS8qqJwU_r5KtlgyP5YnHGsHsVot_XfgcnZMhE1CAdmBezZ6Knnm1p765a7_ZL43DdCPN2Srw6RR6_qh3VO6ooSi2Y74a4f-nRrASPAQXVlpKhnYJi3zwdyR5XtyAzHDwJ0sbPvniNgORiUzRtkmUphIdbc1z9p3b6KiozOxgo_aTqHkb-KdvEUDVCkjJSa9kNdxBrcXL8NGuvdbYlztgiwOa2d-mYrDwVlkhhaG7z31VePg1VnLhgHwQkTu3s7dm_k0XUwkYM71VQbgPZXmSeo_iY0vj6IeaPgyxMKozbuMj_3Jp8vxfVT-N_xb9Dudj0bFlNhCWpHI3jsJdbWj35OFCJ-0QMmhl0CM8EQAja1QikrkZayJxFZArLC4G3asKd9f3zRZsVXQROPfib50LLWAga4TmspTXEHaseeOW7RLHIxJiTQTp5rabvebQ_ZzAXMlUoE1z-7SdYb0cKsA7bmGemDG951JeHAPPNxMnaESHdiF77aAELCZ9D4gqhpxUBvvmPrmvEcBGgKNoQJ8qmBSqgaTD-6DOjKbIMieMWpSjM1Atnj4iHf5Ok6Iv5zYL1HOYlPX0_lGQQSHd6-4o4k8vs5SgrLD_Q1tyMmf2In8fra-f55o3WjtXjmYqifU02Dstle1yB1kGhP9y3Pp-0hBY8q90zbmUvxVCyMWs-GtAGpzB7HanzIXpcyWYXgPBEuAcXjfqMENOuWegTsqzaTHkjd6XRU8fR1V1ybsyK4cQPyB1l2BVaVrO69HxW8MkDNvzu8wZIVwfcIxWLso6hlG69tfOjS2UZDwqWPhKm6Nhl9b16ct9uoTXVnKW2ZcIj9aV_ZcbZsYtYadAof18IwvmfVkGWPjz9qNXGAcv3JbtZ0O3-hLGfiCZMEBdcMHIb9QuvUpudwpNFxigFSQkQ5jezzWj8aCjrM14G4IQLF51gEpdAVDwmrdYFWz-Phz_4L5WGDzipEzPOv-FOhoiayuFA6lZW8U4nmpArwb1tREJ9u4T4zFPPoTBvTQFQEeOUypFGvGS_0YVcWar-z-4kBkM2P0KF9w2T7lXDSHTbT-YUEeEiJzfl_Uz2nR5gc-cZ4ActyOZgyS7FcIPCiIa_cDVQnwwMGoksyxziHqySnBYM7FKRooZVsW6Y4y76-dFcHPvKQprcKKrZ7klDbcPsSzcrbW5v9WxGqC-NqNvCyVNh-dElaOIAXZpJi0s_hi06VE_CxjCM3jAgLdcLDiFjAHZu6-cqoV_jGQRYTb47zqTkS2XE9bZqfr0kowK0JwBxggmwH2qLx5-vag5INbAyNsmjC2A8EesJeb0ztmuvKd2akfXdQdjy041V11iveT7JLKc31R9c6-FLLccuDLvPuRHEQyuO_lpL1y9PzSk-W5PIUG8sSE1HQuRJbVBw8b5oxpKGR5uG-SqMQbqMAXPPtV7KhJhWEQ4wAoT9zTKr8vGNSJ5ic0HX1jpqzNcyO2bdzWnHLZ9axLJA7chDxvjEfODNvn_y_GzNraWWSGHZD188MDmgD0hU7UsJHEnnrsaMRx6Cq3lV_QFfw23KqSu2WaYt6SCB3RVxtPzpV0chem56O9rGtdoiysDEw2wsnW9LYGsvoNxMdxepNiXFnEO9c2s-wuo7nJNrdr-_k8o2YYp_OBl1vOqKuHIqyLm9-vvNIvNzyyGYm6Ka7iQNhbUbNM0Tq6Gn0Q4elOi7ygdkr1uxnBuYQhK0Bni43j25mVKEO2JqiQrnHfNkwI8rAH-Wme2_i_WntQxQNPco0h6NxfKlxaQxkbaArfRIz0H7ux9xlRPP3xS7nQZU2juAdA6EhxwbPq3vbKWMp4L9m_ryEKncuahsDtwsBiqvblD8KmBp0OGST0OeFSGCIKKEjhSrmujnwoexXr4VNNmxeUPHwzNqs6oxaJ9kVbW0MrBxfz8d2bBdguH95LKToVN6CEQY4HsfQ_0OG78cB_CwrOKwksXfHPkg_oCAiwgGorEgWKkF472srYLARWqbmkNThEECfyCl9USGaB98nl7ptl4skMugg0WCLxk6rfkiJAUtgZNZvwskmsphEUTX4V5bLT2hsY8t6g3wbZ9-svuaIw5Sny3_MTE0nDa9iBBmmeYg3PnLSnfd_vTFcCt2J16qHYs5GKsWo6J7ZZ5Q1jOUb9pYcGRUI9Vo99AcShfKQBCOhAznw2u8xBPZ3wJ8Om-PU8j4Wqa-RiGkMllRh70qHSJDp6AOUQSthpHJur7Ykm5YZJh52kNIPTbx6e_NnF7xLIH_0x5dWIDbrGym2ZYbjlw-T2fExQ818B47cZHcq9O21xCvxtilk4QJq1mHvs4wUUTzdeMSeGI-Mq3fRurM2dN4D5Wq8vy8tBdg6edc3LpVDkSpxlWvONEfe3G7BBJTeiNsRzmOVZIKrgf07q_Nsa-95eQkfoKqYijMs1LWd8C7zgTMjSBu6PIONzv-JMWYQaR3jtWYbB8tqggek8pWC0mz0Hk6zcM1oCypB8PLJ67ReoqkRHIGpHOv1fHLV1B8VqDz1_wsV2gBsrUUIn5ojjOFGQmT1qkovLL34FUh8GUVs7VlQ38Y5gskHpUM6fqZJsHTsRxyNcRoSDkEwWu4JU8jEX7rbfZ6aYmZ8SiEhrJm5EBV032uGuz-ikICk33z3_BGUU5bpCOvLVa9ZFLcnysA1cPj1VszFZJtC7D0FMKEFjWIvjVCDszFm8Vet5C530ZOGkPs6VhqnYPBR3XSlhee6JPJ5eFxjaG3vysu2TRERcZyPulmEIsDmHCWunVsu2wMa77HvcoQHHhU4v5Lgx1gfkKpoPjSxAmZggA2vM7A_q7NQDwTWLOmJBeWiwsVyrCib3p8uo_Ee0Z5GuhOhWq26pxhvSevj7aqHAieDLvzlucegjTMS_rr2wd3AYmKuxi3xJ3xSkJT1h8MMgBU50IUaY0qT_EX9AbxXNfpaEsrPa1Usj5fI1Hy5GkIIBBI8ANQTnKYE7aiNhb_objkESEkEBIoMYt1uK58t8qktVXwK0n_hI2fOeVKbgKrdaXAySZozeZX2q6V6e_iBGAFgAQ&ias_dspID=3&ias_campId=1008772806&ias_pubId=pub-3619045887187031&ias_chanId=1&ias_placementId=18132952210&bidurl=https://olhardireto.com.br/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0g9vS67yk6d-xjLJr1jidcQ&adsafe_url=https%3A%2F%2Folhardireto.com.br&adsafe_type=y&adsafe_url=https%3A%2F%2Folhardireto.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:542b93e6-25c5-e4a8-eae4-c8d353bcca5d,c:5GHjTm,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-65fb65bbbb-5zw8j,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:txkxMSn+11%7C12%7C13%7C14%7C1511%7C161%7C162%7C163%7C17*.1135760-65089100%7C171,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:26,oid:6c7a8ac5-b8cd-11ed-8d6f-e2905ad07eeb,v:19.8.397,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXyq3IQCB_rQDbnVa--a205ZaEUI7aDdWSLdWsq7fHzkvZ8d_k&d=CokBAKAmf-BtmCJm1G-tfCvVC-g-LstrWKdI23bZbjyAbb7T_jQ_J8zSQQXIFDLm87xbWaPFED_t7sx8mRLAGb8v2cKLjHAMUkTvRrphPct3WgEoVS8rhvS_DfYcq80q_8sAv2F0j_nFycohA1EtPvn7cGtYnJgbuKQ0OhZSfwct4XGYSPv2Xe8wi0QS-RUAoCZ_4Doh3chFBJY8mvcN-7mQ23R9LBa0HYVNdzxXzaiz5-5ZzYcCgQJ9m2frJtlVeR8S707GmZkea8bnsybjKjhVOuUMZyCkvyc7RXJszEtcX_H7xBy3VvbejRxI46lggQeGW_RXZAYUXO2SPcFukJo79Dm9qTIGbyyXxgTZVePwg3fgZ38YYtNTzEY5lYQe0Cba4_DmBLREjq5WiRrFSwdcdGlLMwDF_bpScnVAnyUuzf8etbAaTrNL3IUkiafTLMZY5QWZEW47PPsNxbvZ3mMTunRa2qcmO6raGc0BsnpIopca3e07_ouxzjoXJESEqMCOfu3w5RVHCsUa81mCreTGqeP9kk_04F7pDXI_APpMBwJA3_zYW0qFMSy_FTHD92bsdX-BJFE58WgW_ZrluEHUr78ProcpEL68Rq30rPuIuF0sMZK_gR2-eia4TYdkJpvfkBpkZHxQEZ2ikkvciIgseiL4uK4J9KsnXiR9BRBtBoFIxjxC4x234NUylgMdwCX2szaLOXMRA4iQW7Zp_GtztLT4FO8OAfULsWfHWHGyGQr_gRctco2xkjIHhk315p0NXXk0rUDbm2AahcKFfb9pv9Ib-M7IGEosaW0TqzX_FcCgEWNTsxeQ04-qXXIst9YvOn-l_HYaakUXF9bRKTynjazE4ieWFqI_JRxamy0UMzn1BU0uwbZgrdLCfYlqPufpQzh13dtBwokaghaiYKg1FrR4MUDyI1PW97Z5cergY4pdzfksLnG1YET_mFdB6gWtJluYK7aJXJuxyd2ZvTS8qqJwU_r5KtlgyP5YnHGsHsVot_XfgcnZMhE1CAdmBezZ6Knnm1p765a7_ZL43DdCPN2Srw6RR6_qh3VO6ooSi2Y74a4f-nRrASPAQXVlpKhnYJi3zwdyR5XtyAzHDwJ0sbPvniNgORiUzRtkmUphIdbc1z9p3b6KiozOxgo_aTqHkb-KdvEUDVCkjJSa9kNdxBrcXL8NGuvdbYlztgiwOa2d-mYrDwVlkhhaG7z31VePg1VnLhgHwQkTu3s7dm_k0XUwkYM71VQbgPZXmSeo_iY0vj6IeaPgyxMKozbuMj_3Jp8vxfVT-N_xb9Dudj0bFlNhCWpHI3jsJdbWj35OFCJ-0QMmhl0CM8EQAja1QikrkZayJxFZArLC4G3asKd9f3zRZsVXQROPfib50LLWAga4TmspTXEHaseeOW7RLHIxJiTQTp5rabvebQ_ZzAXMlUoE1z-7SdYb0cKsA7bmGemDG951JeHAPPNxMnaESHdiF77aAELCZ9D4gqhpxUBvvmPrmvEcBGgKNoQJ8qmBSqgaTD-6DOjKbIMieMWpSjM1Atnj4iHf5Ok6Iv5zYL1HOYlPX0_lGQQSHd6-4o4k8vs5SgrLD_Q1tyMmf2In8fra-f55o3WjtXjmYqifU02Dstle1yB1kGhP9y3Pp-0hBY8q90zbmUvxVCyMWs-GtAGpzB7HanzIXpcyWYXgPBEuAcXjfqMENOuWegTsqzaTHkjd6XRU8fR1V1ybsyK4cQPyB1l2BVaVrO69HxW8MkDNvzu8wZIVwfcIxWLso6hlG69tfOjS2UZDwqWPhKm6Nhl9b16ct9uoTXVnKW2ZcIj9aV_ZcbZsYtYadAof18IwvmfVkGWPjz9qNXGAcv3JbtZ0O3-hLGfiCZMEBdcMHIb9QuvUpudwpNFxigFSQkQ5jezzWj8aCjrM14G4IQLF51gEpdAVDwmrdYFWz-Phz_4L5WGDzipEzPOv-FOhoiayuFA6lZW8U4nmpArwb1tREJ9u4T4zFPPoTBvTQFQEeOUypFGvGS_0YVcWar-z-4kBkM2P0KF9w2T7lXDSHTbT-YUEeEiJzfl_Uz2nR5gc-cZ4ActyOZgyS7FcIPCiIa_cDVQnwwMGoksyxziHqySnBYM7FKRooZVsW6Y4y76-dFcHPvKQprcKKrZ7klDbcPsSzcrbW5v9WxGqC-NqNvCyVNh-dElaOIAXZpJi0s_hi06VE_CxjCM3jAgLdcLDiFjAHZu6-cqoV_jGQRYTb47zqTkS2XE9bZqfr0kowK0JwBxggmwH2qLx5-vag5INbAyNsmjC2A8EesJeb0ztmuvKd2akfXdQdjy041V11iveT7JLKc31R9c6-FLLccuDLvPuRHEQyuO_lpL1y9PzSk-W5PIUG8sSE1HQuRJbVBw8b5oxpKGR5uG-SqMQbqMAXPPtV7KhJhWEQ4wAoT9zTKr8vGNSJ5ic0HX1jpqzNcyO2bdzWnHLZ9axLJA7chDxvjEfODNvn_y_GzNraWWSGHZD188MDmgD0hU7UsJHEnnrsaMRx6Cq3lV_QFfw23KqSu2WaYt6SCB3RVxtPzpV0chem56O9rGtdoiysDEw2wsnW9LYGsvoNxMdxepNiXFnEO9c2s-wuo7nJNrdr-_k8o2YYp_OBl1vOqKuHIqyLm9-vvNIvNzyyGYm6Ka7iQNhbUbNM0Tq6Gn0Q4elOi7ygdkr1uxnBuYQhK0Bni43j25mVKEO2JqiQrnHfNkwI8rAH-Wme2_i_WntQxQNPco0h6NxfKlxaQxkbaArfRIz0H7ux9xlRPP3xS7nQZU2juAdA6EhxwbPq3vbKWMp4L9m_ryEKncuahsDtwsBiqvblD8KmBp0OGST0OeFSGCIKKEjhSrmujnwoexXr4VNNmxeUPHwzNqs6oxaJ9kVbW0MrBxfz8d2bBdguH95LKToVN6CEQY4HsfQ_0OG78cB_CwrOKwksXfHPkg_oCAiwgGorEgWKkF472srYLARWqbmkNThEECfyCl9USGaB98nl7ptl4skMugg0WCLxk6rfkiJAUtgZNZvwskmsphEUTX4V5bLT2hsY8t6g3wbZ9-svuaIw5Sny3_MTE0nDa9iBBmmeYg3PnLSnfd_vTFcCt2J16qHYs5GKsWo6J7ZZ5Q1jOUb9pYcGRUI9Vo99AcShfKQBCOhAznw2u8xBPZ3wJ8Om-PU8j4Wqa-RiGkMllRh70qHSJDp6AOUQSthpHJur7Ykm5YZJh52kNIPTbx6e_NnF7xLIH_0x5dWIDbrGym2ZYbjlw-T2fExQ818B47cZHcq9O21xCvxtilk4QJq1mHvs4wUUTzdeMSeGI-Mq3fRurM2dN4D5Wq8vy8tBdg6edc3LpVDkSpxlWvONEfe3G7BBJTeiNsRzmOVZIKrgf07q_Nsa-95eQkfoKqYijMs1LWd8C7zgTMjSBu6PIONzv-JMWYQaR3jtWYbB8tqggek8pWC0mz0Hk6zcM1oCypB8PLJ67ReoqkRHIGpHOv1fHLV1B8VqDz1_wsV2gBsrUUIn5ojjOFGQmT1qkovLL34FUh8GUVs7VlQ38Y5gskHpUM6fqZJsHTsRxyNcRoSDkEwWu4JU8jEX7rbfZ6aYmZ8SiEhrJm5EBV032uGuz-ikICk33z3_BGUU5bpCOvLVa9ZFLcnysA1cPj1VszFZJtC7D0FMKEFjWIvjVCDszFm8Vet5C530ZOGkPs6VhqnYPBR3XSlhee6JPJ5eFxjaG3vysu2TRERcZyPulmEIsDmHCWunVsu2wMa77HvcoQHHhU4v5Lgx1gfkKpoPjSxAmZggA2vM7A_q7NQDwTWLOmJBeWiwsVyrCib3p8uo_Ee0Z5GuhOhWq26pxhvSevj7aqHAieDLvzlucegjTMS_rr2wd3AYmKuxi3xJ3xSkJT1h8MMgBU50IUaY0qT_EX9AbxXNfpaEsrPa1Usj5fI1Hy5GkIIBBI8ANQTnKYE7aiNhb_objkESEkEBIoMYt1uK58t8qktVXwK0n_hI2fOeVKbgKrdaXAySZozeZX2q6V6e_iBGAFgAQ
Request Chain 228
  • https://gcdn.2mdn.net/videoplayback/id/2e292c906935baf1/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3820062023/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/934812D21DB069BD7F9E60A9E47D6077CC395398.A1FAE5D8CBF8C4B5FAE7910390A126BE1016D2F2/key/ck2/file/file.mp4 HTTP 302
  • https://r4---sn-4g5lznek.c.2mdn.net/videoplayback/id/2e292c906935baf1/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3820062023/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7CFF8C169DAC90CF26B2512429AA90FF33FD82B3.36F72FB394078B072BE8375DE5C6323D74E2655B/key/cms1/cms_redirect/yes/mh/yV/mip/2001:ac8:20:3c00:1011:57f7:532:bbfe/mm/42/mn/sn-4g5lznek/ms/onc/mt/1677742367/mv/m/mvi/4/pl/50/file/file.mp4
Request Chain 235
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFWMRcVcwfKaGF_5lLmeYWs&google_cver=1&google_push=Aa02lx_mNGg6hfpDOxBtDFWUQ0WnSGGebaJgvQi4xl_sYqnHDsjmGkj7rdve4zHFDnNCVWfjEz7Xnxftk2LUckxq4K_kbCO4jrei HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFWMRcVcwfKaGF_5lLmeYWs&google_cver=1&google_push=Aa02lx_mNGg6hfpDOxBtDFWUQ0WnSGGebaJgvQi4xl_sYqnHDsjmGkj7rdve4zHFDnNCVWfjEz7Xnxftk2LUckxq4K_kbCO4jrei HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eWlkTGRnaTkxUHhEeEY1&google_gid=CAESEFWMRcVcwfKaGF_5lLmeYWs&google_cver=1&google_push=Aa02lx_mNGg6hfpDOxBtDFWUQ0WnSGGebaJgvQi4xl_sYqnHDsjmGkj7rdve4zHFDnNCVWfjEz7Xnxftk2LUckxq4K_kbCO4jrei
Request Chain 236
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEH1lArAVWBCvAMgEH8WCXqQ&google_cver=1&google_push=Aa02lx8ezBikedIkqka6dnDq6Fw919Oi4cmbHq8VCzkxVhowry9RME0cwlEej35d99nkgI6QywCBickEemxXVpLED54wHBaoVXtk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEH1lArAVWBCvAMgEH8WCXqQ&google_push=Aa02lx8ezBikedIkqka6dnDq6Fw919Oi4cmbHq8VCzkxVhowry9RME0cwlEej35d99nkgI6QywCBickEemxXVpLED54wHBaoVXtk
Request Chain 237
  • https://um.simpli.fi/gp_match?google_gid=CAESEFkWAuRW6ubn6oF-LJ8wplI&google_cver=1&google_push=Aa02lx9_j_sjXsndxgi7nyMTgXKlbfIoiHXVqF2Jxb4GOGRmcjJRy5kd6fmdVIj_X-pCesdMQ7nlza_gBTNL2YLWSJehqaXHZcL5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FF209E9D45984F409524D67338A42B43&google_push=Aa02lx9_j_sjXsndxgi7nyMTgXKlbfIoiHXVqF2Jxb4GOGRmcjJRy5kd6fmdVIj_X-pCesdMQ7nlza_gBTNL2YLWSJehqaXHZcL5
Request Chain 238
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEO86B9FGjUv5573HE0n_HDk&google_cver=1&google_push=Aa02lx_hJ9Q4C96XSS7jbhJMjwoE_7S1Ru8GhWl1QtZP-OvU-jZJkMJ3-IXIW8kB184c7PAa4kcfWln5KFL_sj9VIVFJS05PKpQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_hJ9Q4C96XSS7jbhJMjwoE_7S1Ru8GhWl1QtZP-OvU-jZJkMJ3-IXIW8kB184c7PAa4kcfWln5KFL_sj9VIVFJS05PKpQ&google_hm=eS1GWHhkZ1l0RTJwRXZxaWJuUkh0NDRGLnRJemloN2JBcH5B
Request Chain 240
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJWEr5ZHuWXum1ZgxqEieVA&google_cver=1&google_push=Aa02lx9IdPPW74aqSrpx44o73qkOCqfVEhTS-zhmmeq864dRaVBhiFiHc2HjiF4UvqVd_oQGCiD06OTEHtduXBw3I59W1mYWAoNe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVRU1FOUVEtMUItQ1hJUg==&google_push=Aa02lx9IdPPW74aqSrpx44o73qkOCqfVEhTS-zhmmeq864dRaVBhiFiHc2HjiF4UvqVd_oQGCiD06OTEHtduXBw3I59W1mYWAoNe
Request Chain 241
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEILAiIsw4znGZjq1NGYXisU&google_cver=1&google_push=Aa02lx9BgniZXueGTcHr5E1fn46EplKReIuZVLvmwGLIhSy8n64O4WNZ-5ZeXs2JANWi2AVn_j9rfu_HpVQ-NDe4LP5Ldwa59tl1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9BgniZXueGTcHr5E1fn46EplKReIuZVLvmwGLIhSy8n64O4WNZ-5ZeXs2JANWi2AVn_j9rfu_HpVQ-NDe4LP5Ldwa59tl1 HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 245
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDK2pjkT9gJfdBZgSCpzhnc&google_cver=1&google_push=Aa02lx_FDFZniCWCYPSxzcBAqdiV-T6OV6mEb4qkdyv6EVabSTByfPkh2vvpkmbuPAsbkkmpL42RRokxDtg17sy7M1vZjFQWTKAm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_FDFZniCWCYPSxzcBAqdiV-T6OV6mEb4qkdyv6EVabSTByfPkh2vvpkmbuPAsbkkmpL42RRokxDtg17sy7M1vZjFQWTKAm
Request Chain 247
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKYnUk9HHfUkB9vTjNjuvH8&google_cver=1&google_push=Aa02lx-7jjc3kb_WDotRLQAGBbzsVY8Xee_Eigex1qafN1iW-EvDr844H9jygZlYQm5DFRvXGcXkt5-zxVtK5D6YMdPhZ8LLh28 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwNTg1MDQzNTYzMTU3NzIzMw%3D%3D&google_push=Aa02lx-7jjc3kb_WDotRLQAGBbzsVY8Xee_Eigex1qafN1iW-EvDr844H9jygZlYQm5DFRvXGcXkt5-zxVtK5D6YMdPhZ8LLh28
Request Chain 248
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEP9GVZm2HC9tLjq_ZcZHSgo&google_cver=1&google_push=Aa02lx_ZaQ2IslNVnO0nsnKd5vHdvkT0886oMREIgLj6pbwVfS-7eLaGKGmjXL1IaY0fk42I8wd3EGroe8M9v_ESZeFUcBBLINK1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_ZaQ2IslNVnO0nsnKd5vHdvkT0886oMREIgLj6pbwVfS-7eLaGKGmjXL1IaY0fk42I8wd3EGroe8M9v_ESZeFUcBBLINK1
Request Chain 249
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIFUe0GbuTWMmpHqMcY3NK8&google_cver=1&google_push=Aa02lx-A1TDG88Pqs3qNAIJXUh5zZkEHGWQI6voX4tD2slRqrvMmBG1vyeqOKnV8DO_LUefm1MWGS4kcUrG_PxjZfMliperLgBjz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIFUe0GbuTWMmpHqMcY3NK8&google_hm=ZABSyuAxinEnV12jJu_jPAAABH0AAAAB&google_nid=index&google_push=Aa02lx-A1TDG88Pqs3qNAIJXUh5zZkEHGWQI6voX4tD2slRqrvMmBG1vyeqOKnV8DO_LUefm1MWGS4kcUrG_PxjZfMliperLgBjz
Request Chain 250
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEILAiIsw4znGZjq1NGYXisU&google_cver=1&google_push=Aa02lx_C0VSyUNWG8GCf9KDomtJHgT2EiLb2WpeJRu73eO8yjcmSNl8G6xKNHfmzRtp9_cqHU7UVfXKwuUuu1EbNuqgooPjwPHl_AQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_C0VSyUNWG8GCf9KDomtJHgT2EiLb2WpeJRu73eO8yjcmSNl8G6xKNHfmzRtp9_cqHU7UVfXKwuUuu1EbNuqgooPjwPHl_AQ HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 291
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=78683674046 HTTP 302
  • https://sync2.navdmp.com/sync?prtid=2&id=78683674046&google_gid=CAESEAYq69Pp4_zfyXWUAvRaHbk&google_cver=1
Request Chain 292
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
  • https://sync.navdmp.com/sync?img=1&mdia=f9506400-52cc-4100-a9b5-8737be7d095b
Request Chain 293
  • https://cms.analytics.yahoo.com/cms?partner_id=NAVEG HTTP 302
  • https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG HTTP 302
  • https://sync.navdmp.com/sync?prtid=12&yahid=y-BRJ3n7ZE2p7DST7AIxmowsotmYB1HoFzv4Q-~A
Request Chain 294
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Folhardireto.com.br%2F&domain=olhardireto.com.br&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=aHMTT3wrRXJaVmZyY3N0bUlzVjlxSWZXRWk1bDloWS81dlN1a0s1YVdnUEJzeVB6aDF1bDBZWnh4OGxsaFFwRFZ5YnB4M2VOWmpaVStlZlV1YUQwbXpkTHU3TDJLbGJCSlZXUHJEay9nTkFsY1I2M1ZaTDNKNHBDaVVTbmo2TXorcmxjOGVyVExxSURwQ1laY1lGOHk0TDhpNGN6TEpqWnI5RUFnZXJ5UHlDNGhvOTJjR2F1UWJCb3dRWlAwQzRnWlZoWnQvdjBQUnQ1dEVKZ0VnY3I4a0hlUTZNTlNYV2g1dkprTUY5d24zYzFOZVhVRW5BbW5OUTd0cVF2dlIwZkhPeG5vfA&cppv=2
Request Chain 310
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKdHll_Y1QSm-hQ5EMTRZ_s&google_cver=1
Request Chain 311
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/BvQzwHec8ayfAmU1daqM_Mn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-bkTIomFE2oIaAxSON2oauXUUggABHpuhpiJ87w--~A
Request Chain 312
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVRU1FOUVEtMUItQ1hJUg==
Request Chain 313
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=YQuFfyECSZygOMgLOlY5XA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=YQuFfyECSZygOMgLOlY5XA
Request Chain 314
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEQSQNQQ-1B-CXIR
Request Chain 316
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTA0ZjQwYjRmN2FjYzc5YzFkMTRmMjJmYWMwMjRmNjJmZWU1YzYyYQ
Request Chain 317
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=rO83saskQviLlUEokL5Mmw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=rO83saskQviLlUEokL5Mmw
Request Chain 351
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=olhardireto.com.br&sn=ChromeSyncframe&so=3&topUrl=olhardireto.com.br&bundle=I-yajF9FRlhWTjA3aCUyRm1VNUtHTTN3QWhtMm0lMkJGJTJCTSUyQjNFMWp6VGdlRTdwRUtMTkd6cjJaZWVLQUtNMGklMkJkZURMNHhaTGptMFdkU3QweHBLdklyeU1GUFcybGJEamRLUGpsOHRUbExXYkxMc2ZibTkyUXpqYllEcE96R1J5c253a3ZLbmw&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=N_o3hXxycENvaE83ZFRjcFljZmdJRFlIYVRyRnMwSXlid20zOFNsNUZQZTViS0tnUGlUb2cvT1R5THVJOFUrL3RiL1pVZXJ4Sm5SRU1uWEJIR09zaERCWGQ4azRVUmNtYWtVYXV2MWYwT0N2eUpQS09XTXV0VE9GaEJMS1RxUG84cldxTzhUd2V4dy9xTFUyR0RSakgzREwrR1piVDcybkJTUWpPTUdRMUFPSHFWYndNYkNJSkl6TTRDUS9zNURUbXNodGhVYUdCZHlZQ1lwTWMrLzBJWFpJbVJGZHorY0V1cGhNVHJkSGF2ZGlGSkY5Znh2WkhkS1J4cjdqZmNCa3Bid1RBajJna0VTUVRTTElNQllFMGNmNzVsenVTMFl0RUlHYUpDa1JzU2tRd2owZz18&cppv=2
Request Chain 371
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159970 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159970&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODVDMjdFOUItRTY1Qy00REY3LTk3QkEtMkQxNjU0MDlFNkI3&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

368 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
olhardireto.com.br/
Redirect Chain
  • http://olhardireto.com.br/
  • https://olhardireto.com.br/
81 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9107e145d66feeebc3acbc394cecf92a52aa4e66487226525991e7df51d36d4d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=300
content-encoding
gzip
content-type
text/html
date
Thu, 02 Mar 2023 07:39:50 GMT
expires
Thu, 02 Mar 2023 07:44:50 GMT
server
nginx/1.18.0 (Ubuntu)

Redirect headers

Connection
keep-alive
Content-Length
178
Content-Type
text/html
Date
Thu, 02 Mar 2023 07:39:50 GMT
Location
https://olhardireto.com.br/
Server
nginx/1.18.0 (Ubuntu)
css2
fonts.googleapis.com/ 		5 KB
972 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Rubik:wght@400;500;700&display=swap
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
186613c3b36b2a3076532792e261a44f0fb256e7b46d8bbd38ff74734adc3567
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 02 Mar 2023 07:39:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 02 Mar 2023 07:23:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 02 Mar 2023 07:39:51 GMT
estilo.css
olhardireto.com.br/css/ 		35 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://olhardireto.com.br/css/estilo.css?v=20230225
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
78294011df7596d166e252f807f4b73a23a1c8d0717f01e101450d173ea8c0a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:51 GMT
last-modified
Wed, 09 Nov 2022 19:53:55 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"48732d075f4d81:0"
content-type
text/css
cache-control
max-age=86400
accept-ranges
bytes
content-length
35511
expires
Fri, 03 Mar 2023 07:39:51 GMT
estilo-capa.css
olhardireto.com.br/css/ 		26 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://olhardireto.com.br/css/estilo-capa.css?v=20230225
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
093159adc80699ff5f9f319a9ffbcb7060943282435e37cb9dd6f5f09b7b54ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:51 GMT
last-modified
Tue, 01 Nov 2022 19:32:01 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"c5fb649d28eed81:0"
content-type
text/css
cache-control
max-age=86400
accept-ranges
bytes
content-length
27099
expires
Fri, 03 Mar 2023 07:39:51 GMT
estilo-responsivo.css
olhardireto.com.br/css/ 		33 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://olhardireto.com.br/css/estilo-responsivo.css?v=20230225
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e6f2cbbe505d713a71dcfd382d1556fd42650e0c7fd685c8f09652dedf406af9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:51 GMT
last-modified
Tue, 01 Nov 2022 20:11:28 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"5db03a202eeed81:0"
content-type
text/css
cache-control
max-age=86400
accept-ranges
bytes
content-length
33425
expires
Fri, 03 Mar 2023 07:39:51 GMT
jquery.js
olhardireto.com.br/sysjs/ 		91 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://olhardireto.com.br/sysjs/jquery.js?v=20230225
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8b1f030692803f149f888d6c6fe2f2da71feb30f7bfb92fc283c1059396411da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:51 GMT
last-modified
Fri, 05 Mar 2021 12:31:10 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"fc1e146cbb11d71:0"
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
93072
expires
Fri, 03 Mar 2023 07:39:51 GMT
jquery.dropdown.js
olhardireto.com.br/sysjs/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://olhardireto.com.br/sysjs/jquery.dropdown.js?v=20230225
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2fe0ce7d503f223d0214a02dd1377b827c853f658707ac7db6f2338641e8bce3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:51 GMT
last-modified
Fri, 05 Mar 2021 12:31:09 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"dc53e96bbb11d71:0"
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
2623
expires
Fri, 03 Mar 2023 07:39:51 GMT
funcoes.js
olhardireto.com.br/sysjs/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://olhardireto.com.br/sysjs/funcoes.js?v=20230225
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
209533cb00f87d83ed023fe4ec367b090ece77e1e5632d148084cdf6dd9f0a10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:51 GMT
last-modified
Thu, 15 Sep 2022 17:57:40 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"597bbfa52cc9d81:0"
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
10817
expires
Fri, 03 Mar 2023 07:39:51 GMT
js_capa.js
olhardireto.com.br/sysjs/ 		158 B
366 B 		Script
General
Check archive.org
Download Go to
Full URL
https://olhardireto.com.br/sysjs/js_capa.js?v=20230225
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b29e8399e3209722045880fd9f05a1b17c4366f8ddf3706d71799a3acfc81642

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:51 GMT
last-modified
Fri, 05 Mar 2021 12:31:10 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"ef8e296cbb11d71:0"
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
158
expires
Fri, 03 Mar 2023 07:39:51 GMT
jquery.cookie.js
olhardireto.com.br/sysjs/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://olhardireto.com.br/sysjs/jquery.cookie.js?v=20230225
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
31ff2c9db8a4a1f42db338ef643956dad8444d0072eb48786030064501eb82ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:51 GMT
last-modified
Fri, 05 Mar 2021 12:31:09 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"c0dde66bbb11d71:0"
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
2165
expires
Fri, 03 Mar 2023 07:39:51 GMT
js_responsivo.js
olhardireto.com.br/sysjs/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://olhardireto.com.br/sysjs/js_responsivo.js?v=20230225
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d4a0cc93e39f2a34c901a4a883a968e4e7f27b0b42b52bb84766fea2de00a67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:51 GMT
last-modified
Wed, 28 Apr 2021 15:00:09 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"e57f8e2e3f3cd71:0"
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
5113
expires
Fri, 03 Mar 2023 07:39:51 GMT
jquery.cycle2.js
olhardireto.com.br/sysjs/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://olhardireto.com.br/sysjs/jquery.cycle2.js?v=20230225
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b95c45a39784c0641c59c92a8a185747cef3790ef6c9556b58eda8db05af1bcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:51 GMT
last-modified
Tue, 23 Mar 2021 15:13:35 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"d3f53718f71fd71:0"
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
23468
expires
Fri, 03 Mar 2023 07:39:51 GMT
jquery.owlcarousel.js
olhardireto.com.br/sysjs/ 		24 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://olhardireto.com.br/sysjs/jquery.owlcarousel.js?v=20230225
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3b76a4eaf21dd0d0c7e882131af095e5a099b56b63ee2ffd2218f12da1734256

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:51 GMT
last-modified
Fri, 05 Mar 2021 12:31:10 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"b957606cbb11d71:0"
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
24653
expires
Fri, 03 Mar 2023 07:39:51 GMT
amp-auto-ads-latest.js
cdn.ampproject.org/v0/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-latest.js
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f1358b07e7a3340d30d284799e5c64ab3b2cb4970f877209e4b7ca1fef63963
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 02 Mar 2023 07:39:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7574
x-xss-protection
0
server
sffe
etag
"0d2092c285ba38c4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 02 Mar 2023 07:39:51 GMT
space.min.js
cdn.00px.net/static/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.00px.net/static/space.min.js
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
WasabiS3/7.9.1306-2022-11-09-489242991d (head5) /
Resource Hash
dcec56cab084cdec93d336cdc7e77128a744fd7084d25c65d2d48e8a512e3abd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:51 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:21:32 GMT
server
WasabiS3/7.9.1306-2022-11-09-489242991d (head5)
x-amz-request-id
52D14B2600FF3697
etag
"fd2394a874eb2385b059109e61ccf119"
x-amz-meta-sha256
dcec56cab084cdec93d336cdc7e77128a744fd7084d25c65d2d48e8a512e3abd
content-type
application/javascript
access-control-allow-origin
*
x-hw
1677742791.cds101.lo4.hn,1677742791.cds204.lo4.pr
cache-control
max-age=3600
accept-ranges
bytes
content-length
6061
x-amz-id-2
ZKNB8snSSAfrLqnAcZDrckC9P/JAwTqQrPC9Eb33nYyhjOGN+nx5Ky6n1Lal28bENZKu8PHS86DA
x-amz-meta-s3b-last-modified
20210429T191758Z
logo.png
www.olhardireto.com.br/imagens/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imagens/logo.png
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
022ee4f5a211f5359f8813dc216fe4537325394a05a8b0d7c5508ae17c51f046

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
last-modified
Fri, 05 Mar 2021 12:30:57 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"78a3d464bb11d71:0"
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
16911
expires
Fri, 03 Mar 2023 07:39:52 GMT
52720131979_21b3ba323b_k-(1).jpg
www.olhardireto.com.br/imgsite/capa/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/capa/52720131979_21b3ba323b_k-(1).jpg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bb0918567eecc81e8249578ca812b86c064802c2bcd99b659dec4257ba500f5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
last-modified
Wed, 01 Mar 2023 22:02:23 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"43dbc280894cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
39233
expires
Fri, 03 Mar 2023 07:39:52 GMT
Rodovia_BR_163_PA_Divulgacao_Via_Brasil-(1)(2).jpg
www.olhardireto.com.br/imgsite/capa/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/capa/Rodovia_BR_163_PA_Divulgacao_Via_Brasil-(1)(2).jpg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ec369b009f74be6fe322f5c510855d8977a123c162e7e55f771667a6ceecb4b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
last-modified
Wed, 01 Mar 2023 20:52:54 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"475aebcb7f4cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
68659
expires
Fri, 03 Mar 2023 07:39:52 GMT
cameras_uniformes_de_policiais_militares_sao_paulo_rvrsa_abr_2804223636_0-(2)(2).jpg
www.olhardireto.com.br/imgsite/capa/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/capa/cameras_uniformes_de_policiais_militares_sao_paulo_rvrsa_abr_2804223636_0-(2)(2).jpg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
eea0d01a08a40d793d064d203dab4d2271b7b2e876f1ccc0b1620d77359d345f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
last-modified
Wed, 01 Mar 2023 22:03:04 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"d36c3b99894cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
44067
expires
Fri, 03 Mar 2023 07:39:52 GMT
555-(1).jpg
www.olhardireto.com.br/imgsite/capa/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/capa/555-(1).jpg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
613c69f78f56ceb58efb162e65a7e7cc71356b8dc4bf59609840be0f36d192d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
last-modified
Wed, 01 Mar 2023 22:20:27 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"c8e6d68c4cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
66346
expires
Fri, 03 Mar 2023 07:39:52 GMT
ns2q2n1155150796-9A1A0648.jpg
www.olhardireto.com.br/imgsite/capa/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/capa/ns2q2n1155150796-9A1A0648.jpg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8c70d0dd71dda82fffe026e777ce45ff31973987e37f2d574e10c03a0365c3a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
last-modified
Wed, 01 Mar 2023 21:30:30 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"e4d485c854cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
18979
expires
Fri, 03 Mar 2023 07:39:52 GMT
WhatsApp-Image-2023-03-01-at-5.08.54-PM.jpeg
www.olhardireto.com.br/imgsite/capa/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/capa/WhatsApp-Image-2023-03-01-at-5.08.54-PM.jpeg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3692b69c3830a91b543f80f0d36a83a2329cb0c4c837f747bb7e525f3a2d7405

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
last-modified
Wed, 01 Mar 2023 21:18:49 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"be79b06a834cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
27380
expires
Fri, 03 Mar 2023 07:39:52 GMT
ns2q2n3155150787-14b5b7751df93dd079a737f6477e4081.jpg
www.olhardireto.com.br/imgsite/capa/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/capa/ns2q2n3155150787-14b5b7751df93dd079a737f6477e4081.jpg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1c046faecb7dcbed66deaef978ed23b185954b85d0ee4a412d5ae8c1cb6e3c26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
last-modified
Wed, 01 Mar 2023 21:55:45 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"8e2d2c93884cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
22461
expires
Fri, 03 Mar 2023 07:39:52 GMT
ns2q2n4155150757-mariana(8).jpg
www.olhardireto.com.br/imgsite/capa/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/capa/ns2q2n4155150757-mariana(8).jpg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
05b84dbe2e2e1a738a56076bf8033b557b82c145fb059c6e21d4706b144fdc88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
last-modified
Wed, 01 Mar 2023 22:21:11 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"3838fa208c4cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
23910
expires
Fri, 03 Mar 2023 07:39:52 GMT
ns2q4n1155150687-IBGE-29.jpg
www.olhardireto.com.br/imgsite/capa/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/capa/ns2q4n1155150687-IBGE-29.jpg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bcd4798f4928fc80c1d402bf33ed90d7f2633b2b44df0c7032c1eb1d7f59c852

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
last-modified
Wed, 01 Mar 2023 21:31:05 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"d64cf320854cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
21884
expires
Fri, 03 Mar 2023 07:39:52 GMT
ns2q4n2155150767-WhatsApp-Image-2023-03-01-at-07.08.25.jpeg
www.olhardireto.com.br/imgsite/capa/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/capa/ns2q4n2155150767-WhatsApp-Image-2023-03-01-at-07.08.25.jpeg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9f90b71beb99a068d0214731d0c42a7879045b50079e198715a4c26bce95c3ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
last-modified
Wed, 01 Mar 2023 21:24:33 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"8887237844cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
30152
expires
Fri, 03 Mar 2023 07:39:52 GMT
ns2q4n3155150717-44(1).jpg
www.olhardireto.com.br/imgsite/capa/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/capa/ns2q4n3155150717-44(1).jpg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ca46f68663e388ac2c3f3b11fbea213cf89a08add9543751539fd85465d1f974

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
last-modified
Wed, 01 Mar 2023 21:56:00 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"c233a9c884cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
26986
expires
Fri, 03 Mar 2023 07:39:52 GMT
ROWELS(1).jpg
www.olhardireto.com.br/imgsite/capa/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/capa/ROWELS(1).jpg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3b5eeacde75aa5f55552756cc2224e5ed590e9b3a112ebb492ff4ebe4f7e20a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
last-modified
Wed, 01 Mar 2023 21:21:38 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"7bc2acf834cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
28917
expires
Fri, 03 Mar 2023 07:39:52 GMT
ns2q5n2155150694-Defron-2.png
www.olhardireto.com.br/imgsite/capa/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/capa/ns2q5n2155150694-Defron-2.png
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
36fe7a8419cc533dc4f77fe55675a640a11bb36e64df41a8d6931d5e4f7c9ffb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
last-modified
Wed, 01 Mar 2023 21:21:03 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"6c763dba834cd91:0"
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
23162
expires
Fri, 03 Mar 2023 07:39:52 GMT
WhatsApp-Image-2023-03-01-at-12.26.11-(1)(3).jpeg
www.olhardireto.com.br/imgsite/capa/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/capa/WhatsApp-Image-2023-03-01-at-12.26.11-(1)(3).jpeg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5eacda5c1cdbc143a3f5178fa4d91ae938aeffee65b06ba3b48e0132bcbb60ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
last-modified
Wed, 01 Mar 2023 20:31:56 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"467e15de7c4cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
76314
expires
Fri, 03 Mar 2023 07:39:52 GMT
52663579080_c7616410fc_k-(1)(1).jpg
www.olhardireto.com.br/imgsite/capa/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/capa/52663579080_c7616410fc_k-(1)(1).jpg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
76e984f37d35c98b23bdbcea062c2128c310f3e7b972995b515bd91f3eabab2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
last-modified
Wed, 01 Mar 2023 20:54:51 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"f1c77311804cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
54072
expires
Fri, 03 Mar 2023 07:39:52 GMT
ns2q1n3155150661-DROGA-AVIAO(1)(2).png
www.olhardireto.com.br/imgsite/capa/ 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/capa/ns2q1n3155150661-DROGA-AVIAO(1)(2).png
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bb2fa9ac27a47a72b5c8ef4847a9f8244a92e07749517d30084f1aef28d38a9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
last-modified
Wed, 01 Mar 2023 22:03:54 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"883bc5b6894cd91:0"
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
106296
expires
Fri, 03 Mar 2023 07:39:52 GMT
advogado-antonio(1)-(1)(2).png
www.olhardireto.com.br/imgsite/capa/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/capa/advogado-antonio(1)-(1)(2).png
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
94dcd14e68865e7f965516b33a409b6cc75f737f446a2ab315ad8536efc2070f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
last-modified
Wed, 01 Mar 2023 19:15:11 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"cc891825724cd91:0"
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
73371
expires
Fri, 03 Mar 2023 07:39:52 GMT
semimagem-capaauto.png
olhardireto.com.br/imagens/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://olhardireto.com.br/imagens/semimagem-capaauto.png
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4b1a79239a3955fa450845ab94d9ab994c644d329103ad40e309bcbf4670d486

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:51 GMT
last-modified
Fri, 16 Apr 2021 15:23:01 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"da728763d432d71:0"
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
3421
expires
Fri, 03 Mar 2023 07:39:51 GMT
ns4q1n1155150567-_RFP1055(1)(4)(1)(2).jpg
www.olhardireto.com.br/imgsite/capa/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/capa/ns4q1n1155150567-_RFP1055(1)(4)(1)(2).jpg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b8bcd8ba50ae97a9b5e3e2dfbee1bb48d06249dc9d8ef51bbf9724f0297c7f4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
last-modified
Wed, 01 Mar 2023 21:32:29 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"f3aa4d53854cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
19774
expires
Fri, 03 Mar 2023 07:39:52 GMT
_DSC6815(1)(2).jpg
www.olhardireto.com.br/imgsite/capa/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/capa/_DSC6815(1)(2).jpg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
554b8e59594cfcda7170d4e1b121fd9d79972a7ae87dfd8feac5ce495945a5f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
last-modified
Wed, 01 Mar 2023 21:27:22 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"a794d9c844cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
21502
expires
Fri, 03 Mar 2023 07:39:52 GMT
ns4q1n3155150527-27-06-22-ENTREGA-ONIBUS-PALACIO-MAURO-MENDES_FLORENTINO-51(4).jpg
www.olhardireto.com.br/imgsite/capa/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/capa/ns4q1n3155150527-27-06-22-ENTREGA-ONIBUS-PALACIO-MAURO-MENDES_FLORENTINO-51(4).jpg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
96d2e34adcf58666637a6acad9a3545c083ffb8db955f657c994f6f62a3fae14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
last-modified
Wed, 01 Mar 2023 20:56:49 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"e9affe57804cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
22300
expires
Fri, 03 Mar 2023 07:39:52 GMT
ns4q2n1155150494-FGBFB(1)(1).jpeg
www.olhardireto.com.br/imgsite/capa/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/capa/ns4q2n1155150494-FGBFB(1)(1).jpeg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b92781a06d1bed953d2a51b40c9aa6a3bdd0197ef85a4729c2a03ddd32f420a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
last-modified
Wed, 01 Mar 2023 18:51:38 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"36a7dada6e4cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
29076
expires
Fri, 03 Mar 2023 07:39:52 GMT
ns4q2n2155150544-WhatsApp-Image-2023-01-03-at-17.07.07(2).jpeg
www.olhardireto.com.br/imgsite/capa/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/capa/ns4q2n2155150544-WhatsApp-Image-2023-01-03-at-17.07.07(2).jpeg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c37390310fcca8953c0831eb086a44d8cafe3486767f8102bcff1d1ec2f8ef66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
last-modified
Wed, 01 Mar 2023 20:32:19 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"2348eeb7c4cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
23806
expires
Fri, 03 Mar 2023 07:39:52 GMT
logo-jur.png
olhardireto.com.br/imagens/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://olhardireto.com.br/imagens/logo-jur.png
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1f8f72a2bff1f15bcbee56047a9eaab8ad1605934a73df5ae461945216bfb4b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:51 GMT
last-modified
Thu, 25 Mar 2021 14:19:43 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"f43acee68121d71:0"
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
25943
expires
Fri, 03 Mar 2023 07:39:51 GMT
tubnel-(1)-(1)(1)(3).jpg
www.olhardireto.com.br/imgsite/capa/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/capa/tubnel-(1)-(1)(1)(3).jpg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
244b1fd48bc16db9ef44aef5ebe42f40de543b4dc49921b565a331cb6531a771

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:54 GMT
last-modified
Wed, 01 Mar 2023 20:33:35 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"488cdb187d4cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
43667
expires
Fri, 03 Mar 2023 07:39:54 GMT
pop(1)(3).jpg
www.olhardireto.com.br/imgsite/capa/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/capa/pop(1)(3).jpg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8e78ab48b1ecf24833b9121f7d2bd6cb22aba437b288ad52159af15aa9d279ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:54 GMT
last-modified
Wed, 01 Mar 2023 20:57:47 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"f26c2b7a804cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
13014
expires
Fri, 03 Mar 2023 07:39:54 GMT
_RFP5611(27).jpg
www.olhardireto.com.br/imgsite/capa/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/capa/_RFP5611(27).jpg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
55c50c852891f16726863b3108adf8f5374e21d6e5160a49ed3fcd3e9a642d09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:54 GMT
last-modified
Wed, 01 Mar 2023 21:23:17 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"f89825a844cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
10058
expires
Fri, 03 Mar 2023 07:39:54 GMT
logo-con.png
olhardireto.com.br/imagens/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://olhardireto.com.br/imagens/logo-con.png
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5ca7cde40d1290ba3c87ac6383bb01c7a32fd61eeed704fe788f9289d205b625

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:51 GMT
last-modified
Thu, 25 Mar 2021 14:19:43 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"8551e1e68121d71:0"
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
21486
expires
Fri, 03 Mar 2023 07:39:51 GMT
Equipe-ONBro(1).jpeg
www.olhardireto.com.br/imgsite/capa/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/capa/Equipe-ONBro(1).jpeg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c056e5dc6bf365320eccbadec37682b0d6abf752cbd77dbbcd5e5b63ac3bf3c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:54 GMT
last-modified
Wed, 01 Mar 2023 19:27:13 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"50cc1bd3734cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
30384
expires
Fri, 03 Mar 2023 07:39:54 GMT
IMG_9957-copiar-(1)(1).jpg
www.olhardireto.com.br/imgsite/capa/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/capa/IMG_9957-copiar-(1)(1).jpg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6f933f7783153abd1d3605c2b082c20cdda9dbf065278150cad89a62b1f193da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:54 GMT
last-modified
Wed, 01 Mar 2023 21:25:18 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"559a1852844cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
28901
expires
Fri, 03 Mar 2023 07:39:54 GMT
bg-experiencia02(2).jpg
www.olhardireto.com.br/imgsite/capa/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/capa/bg-experiencia02(2).jpg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d63492bd3f32413c9bfc0821d4fc125a0d8e144846fadbb87b3df98fa75abe9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:54 GMT
last-modified
Wed, 01 Mar 2023 21:27:40 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"e9a9b9a6844cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
20305
expires
Fri, 03 Mar 2023 07:39:54 GMT
logo-agr.png
olhardireto.com.br/imagens/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://olhardireto.com.br/imagens/logo-agr.png
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f011a6d6b747bfe420a1298c46e01061703d5b14b1fd0cb66f22ab780427df29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:51 GMT
last-modified
Thu, 25 Mar 2021 14:19:43 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"46e2ace68121d71:0"
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
14375
expires
Fri, 03 Mar 2023 07:39:51 GMT
aquisicao-de-empresas.png
www.olhardireto.com.br/imgsite/capa/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/capa/aquisicao-de-empresas.png
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9c7e0822a56ffe42110cdb7e3df67c8705a8d382713af38aa40b90eb7f0e2397

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:55 GMT
last-modified
Wed, 01 Mar 2023 19:35:44 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"ba83d73754cd91:0"
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
23898
expires
Fri, 03 Mar 2023 07:39:55 GMT
carteira_de_trabalho_07122000711(2).jpg
www.olhardireto.com.br/imgsite/capa/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/capa/carteira_de_trabalho_07122000711(2).jpg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bc657719e2d6e0a6dc2e0a0b24ddcc0b46636b2ad369b5901c1625b1bb256e43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:55 GMT
last-modified
Wed, 01 Mar 2023 21:31:58 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"47fc840854cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
13219
expires
Fri, 03 Mar 2023 07:39:55 GMT
INPASA-NOVA-MUTUM-01-1024x576(2).jpeg
www.olhardireto.com.br/imgsite/capa/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/capa/INPASA-NOVA-MUTUM-01-1024x576(2).jpeg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
58309bc74d7d4f15314f58c3c87a255ebf82e44e0adc26ab6841993ecc570e59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:55 GMT
last-modified
Wed, 01 Mar 2023 21:33:24 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"ba492874854cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
19694
expires
Fri, 03 Mar 2023 07:39:55 GMT
semimagem-video-capa-maior.png
olhardireto.com.br/imagens/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://olhardireto.com.br/imagens/semimagem-video-capa-maior.png
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
796fa10ef812f4320e2f2b7eec0ef4a5245f616451bb246fd2d39fad60e748f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:51 GMT
last-modified
Mon, 29 Mar 2021 14:17:49 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"ab67334ca624d71:0"
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
2430
expires
Fri, 03 Mar 2023 07:39:51 GMT
semimagem-artigo-capa.png
olhardireto.com.br/imagens/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://olhardireto.com.br/imagens/semimagem-artigo-capa.png
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3f21501286d8e3da3623851051ed221a3a509b8dd3260381a56094bb8f20f768

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:51 GMT
last-modified
Tue, 30 Mar 2021 15:40:04 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"7ccf18f47a25d71:0"
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
3034
expires
Fri, 03 Mar 2023 07:39:51 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		140 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6337956849655550
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144c296c42dfbf7ccf53e0602fcc89642265c0d5415aff8e9cf6a1da43b6df82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://olhardireto.com.br/
Origin
https://olhardireto.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48126
x-xss-protection
0
server
cafe
etag
15591072439270849742
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 02 Mar 2023 07:39:51 GMT
sdk.js
connect.facebook.net/pt_BR/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_BR/sdk.js
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fc67234af4870ab472dd11a686a847af2589cf2bd044333376844bcc669c7d52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://olhardireto.com.br/
Origin
https://olhardireto.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 02 Mar 2023 07:39:51 GMT
content-md5
mgSDkVsVsq/uCRuVukH9rA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
sM+xTr/aqsRDv5dAP8W1LEYqBgH0BodT17EQq2hrO7pLv6Xft59DDkaFjRnpao9TKkTrCq0tQXjnXH1L0DdKYg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
x-fb-content-md5
3a70402af141facdd09ed07b62eb1e2b
cross-origin-opener-policy
same-origin-allow-popups
etag
"2a02b54413b437fbff14575e760180b6"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
expires
Thu, 02 Mar 2023 07:56:37 GMT
bot-instagram.png
olhardireto.com.br/imagens/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://olhardireto.com.br/imagens/bot-instagram.png
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c8194bbd7d6d13decb46c7d09e3f054c154ff1b0aec99f579a10380a30f88b52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:51 GMT
last-modified
Fri, 12 Mar 2021 15:05:36 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"2e679285117d71:0"
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
22788
expires
Fri, 03 Mar 2023 07:39:51 GMT
logo.png
www.olhardireto.com.br/imagens/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imagens/logo.png?v=2021
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
022ee4f5a211f5359f8813dc216fe4537325394a05a8b0d7c5508ae17c51f046

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:55 GMT
last-modified
Fri, 05 Mar 2021 12:30:57 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"78a3d464bb11d71:0"
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
16911
expires
Fri, 03 Mar 2023 07:39:55 GMT
assinatura-sitevip.png
olhardireto.com.br/imagens/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://olhardireto.com.br/imagens/assinatura-sitevip.png
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d56188930cbbc0e4860e9b1164b6fa0319be8e491ba79bb75674177366e8548d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:51 GMT
last-modified
Mon, 08 Mar 2021 14:06:00 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"b2851b2b2414d71:0"
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
1556
expires
Fri, 03 Mar 2023 07:39:51 GMT
b32c8ddb-e07d-4acd-85a5-5e4a5a1f208b
tags.premiumads.com.br/dfp/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.premiumads.com.br/dfp/b32c8ddb-e07d-4acd-85a5-5e4a5a1f208b
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
fc4e6531288ae8ed7e37923f1f2d52d79dc47238cfee5e03014701ff4f01a2eb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:51 GMT
strict-transport-security
max-age=2592000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sat, 25 Feb 2023 16:21:06 GMT
server
cloudflare
age
400725
x-powered-by
ASP.NET
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=REcFmQlybMfRbBOTkaf4vhCH0MW9cBMabC58AY1qYvzjr8%2Bxo2a6XqhZ5dQuTynCVFfPUJdTcLdGNGVaPnl6M3C%2FS%2FQ8CCHCt1FKzZBM5gFLn4ValqZXExw8ruCSDAr7%2FYXmnC%2FrLAIcHFVNICWatz1D8zI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=3600
cf-ray
7a17fd0178c8371c-FRA
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 02 Mar 2023 07:17:30 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
1341
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Thu, 02 Mar 2023 09:17:30 GMT
atrk.js
d31qbv1cthcecs.cloudfront.net/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-58.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 04:50:57 GMT
Content-Encoding
gzip
Via
1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C1
Age
4589335
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=26920000
Connection
keep-alive
X-Amz-Cf-Id
3VGypySU3KvczlASqEaOu3cWGfiTu9DCBxmNa-r45YHQn9g0z8YR6A==
259911574328350880
00px.net/measurable/eyJjciI6NzE2NTksImNhIjo0MjE4LCJwbCI6NTQ5MDB9/ 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://00px.net/measurable/eyJjciI6NzE2NTksImNhIjo0MjE4LCJwbCI6NTQ5MDB9/259911574328350880?mraid=0&io=1&o=null
Requested by
Host: cdn.00px.net
URL: https://cdn.00px.net/static/space.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2604:a880:400:d0::163a:2001 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 02 Mar 2023 07:39:52 GMT
Referrer-Policy
unsafe-url
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
https://olhardireto.com.br
Cache-Control
private, no-cache, proxy-revalidate, no-store, max-age=0, no-cache
Content-Disposition
inline
Connection
close
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
planet.js
00px.net/target/eyJjciI6NzE2NTksImNhIjo0MjE4LCJwbCI6NTQ5MDB9/ 		433 B
985 B 		Script
General
Check archive.org
Download Go to
Full URL
https://00px.net/target/eyJjciI6NzE2NTksImNhIjo0MjE4LCJwbCI6NTQ5MDB9/planet.js?v=1.04142021&t=259911574328350880&d=UTZKTDEMPLGIPLJBJHX&issf=false&mraid=0&io=1&h=https%3A%2F%2Folhardireto.com.br%2F&v1=rf4fzqh4xJ2plBnDr4GKh5eAY9ngfEjR
Requested by
Host: cdn.00px.net
URL: https://cdn.00px.net/static/space.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2604:a880:400:d0::163a:2001 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
fd76de75e66dc2399a2d5803a63479e71e3516e81f9a7a2777328d044be92249
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 02 Mar 2023 07:39:52 GMT
Referrer-Policy
unsafe-url
X-Content-Type-Options
nosniff
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, proxy-revalidate, no-store, max-age=0, no-cache
Connection
close
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, *
Content-Length
433
259911574328350880
00px.net/measurable/eyJjciI6NzE2NTksImNhIjo0MjE4LCJwbCI6NTQ5MDB9/ 		35 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://00px.net/measurable/eyJjciI6NzE2NTksImNhIjo0MjE4LCJwbCI6NTQ5MDB9/259911574328350880?mraid=0&io=1&o=null
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2604:a880:400:d0::163a:2001 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 02 Mar 2023 07:39:52 GMT
Referrer-Policy
unsafe-url
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, proxy-revalidate, no-store, max-age=0, no-cache
Content-Disposition
inline
Connection
close
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
ico-calendario.png
olhardireto.com.br/imagens/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://olhardireto.com.br/imagens/ico-calendario.png?v=2021
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/css/estilo.css?v=20230225
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6078decc729b426bf84f9695f23d8cd99e24d9097e2090f43242d44b096290ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/css/estilo.css?v=20230225
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:51 GMT
last-modified
Fri, 05 Mar 2021 14:45:48 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"bbec103bce11d71:0"
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
1356
expires
Fri, 03 Mar 2023 07:39:51 GMT
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v23/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v23/iJWKBXyIfDnIV7nBrXw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rubik:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a0d96c353719068401ebbedf7f58e3be1232756327243922b6ab9690a3591bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://olhardireto.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 09:41:24 GMT
x-content-type-options
nosniff
age
79107
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34112
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 18:11:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Feb 2024 09:41:24 GMT
ico-direita.png
olhardireto.com.br/imagens/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://olhardireto.com.br/imagens/ico-direita.png
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/css/estilo.css?v=20230225
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ff0637a554aa1eb1cc028ed70664c6de944c0ee30a9f0697781353626f5a7ecd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/css/estilo.css?v=20230225
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
last-modified
Wed, 14 Apr 2021 15:01:59 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"2558341e3f31d71:0"
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
3315
expires
Fri, 03 Mar 2023 07:39:52 GMT
derf-vg-frente.jpg
www.olhardireto.com.br/imgsite/noticias/ 		479 KB
480 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/noticias/derf-vg-frente.jpg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1e2229a22c0232548f226e9b33dbb84ad00e77f5f615dd018dcc0c2a0acc574e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
last-modified
Wed, 01 Mar 2023 23:36:51 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"b6a1bb3964cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
490776
expires
Fri, 03 Mar 2023 07:39:52 GMT
d29a0d59-b2db-4011-be9e-ef00ec1a4d16(2).jpeg
www.olhardireto.com.br/imgsite/noticias/ 		507 KB
508 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/noticias/d29a0d59-b2db-4011-be9e-ef00ec1a4d16(2).jpeg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9160158b56ea123f8f81456677b3d2c6051d6db60b21e513291a30680824d1f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
last-modified
Wed, 01 Mar 2023 22:49:43 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"2fc411d904cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
519066
expires
Fri, 03 Mar 2023 07:39:52 GMT
9A1A5851.jpg
www.olhardireto.com.br/imgsite/noticias/ 		370 KB
371 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/noticias/9A1A5851.jpg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3b92591a48df1652af2bfe831454829dbf7c832411985beee3374596d3262b48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
last-modified
Wed, 01 Mar 2023 18:27:01 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"a6135b6a6b4cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
379007
expires
Fri, 03 Mar 2023 07:39:52 GMT
agressao-salve.jpg
www.olhardireto.com.br/imgsite/noticias/ 		243 KB
244 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/noticias/agressao-salve.jpg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b348ffa9b4620d2960a389cbb0c4df364686fa32ead3b7331c2822c1870c917a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
last-modified
Wed, 01 Mar 2023 18:28:52 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"807861ac6b4cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
249191
expires
Fri, 03 Mar 2023 07:39:52 GMT
amp-24-02-23-capa-vt-bar.jpg
olhardireto.com.br/imgsite/videos/ 		521 KB
522 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://olhardireto.com.br/imgsite/videos/amp-24-02-23-capa-vt-bar.jpg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8619d8ca4dbc955f16dd61f66aa500b0f1f5ab214f8e445ec4af913a268e429e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
last-modified
Sat, 25 Feb 2023 00:41:44 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"abaa23efb148d91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
533604
expires
Fri, 03 Mar 2023 07:39:52 GMT
ico-video.png
olhardireto.com.br/imagens/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://olhardireto.com.br/imagens/ico-video.png?v=2021
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/css/estilo-capa.css?v=20230225
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
badd35caf39ea8283f2fe251e849f48e5eeba86bce4b1a71b91ec5d2f826e49c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/css/estilo-capa.css?v=20230225
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
last-modified
Mon, 29 Mar 2021 15:17:18 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"1334959bae24d71:0"
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
5028
expires
Fri, 03 Mar 2023 07:39:52 GMT
amp-24-02-23-capa-vt-supermercado.jpg
olhardireto.com.br/imgsite/videos/ 		441 KB
442 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://olhardireto.com.br/imgsite/videos/amp-24-02-23-capa-vt-supermercado.jpg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
de3bd2034eaf03fa98618d120e0c75b46b15c421f46b8d872a0538b555374f9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
last-modified
Sat, 25 Feb 2023 00:25:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"45c688abaf48d91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
452034
expires
Fri, 03 Mar 2023 07:39:52 GMT
amp-WhatsApp-Image-2023-02-17-at-16.21.37-(1).jpeg
olhardireto.com.br/imgsite/videos/ 		787 KB
788 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://olhardireto.com.br/imgsite/videos/amp-WhatsApp-Image-2023-02-17-at-16.21.37-(1).jpeg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2664ee79c41868fc1186e2b42fef581f6d7cb7da8e7a3b5167eede459a8a7f80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
last-modified
Fri, 17 Feb 2023 20:30:39 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"45f4d9b2e43d91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
805783
expires
Fri, 03 Mar 2023 07:39:52 GMT
amp-WhatsApp-Image-2023-02-14-at-11.48.13.jpeg
olhardireto.com.br/imgsite/videos/ 		699 KB
700 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://olhardireto.com.br/imgsite/videos/amp-WhatsApp-Image-2023-02-14-at-11.48.13.jpeg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
628cac9bdfdd9f2427906c0df8e5be29dad7bf412104abd5ba7a1c4956274370

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
last-modified
Tue, 14 Feb 2023 18:36:48 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"7dbd684ca340d91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
716161
expires
Fri, 03 Mar 2023 07:39:52 GMT
8205f3af89b3cec3120693c292cb094a(2).jpg
www.olhardireto.com.br/imgsite/noticias/ 		291 KB
291 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/noticias/8205f3af89b3cec3120693c292cb094a(2).jpg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0353e8257b0a86f6429a1ae5591e1bf0b11599cedc0e2a06b8de285a250b671c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:55 GMT
last-modified
Wed, 01 Mar 2023 18:32:46 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"cadf17386c4cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
297580
expires
Fri, 03 Mar 2023 07:39:55 GMT
_RFP5435(44).jpg
www.olhardireto.com.br/imgsite/noticias/ 		355 KB
356 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/noticias/_RFP5435(44).jpg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
cbe8c19815005386d05665a6be0642025baca9371040b3e975aa2d9fb62e813b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:55 GMT
last-modified
Wed, 01 Mar 2023 16:19:58 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"b7c885aa594cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
363489
expires
Fri, 03 Mar 2023 07:39:55 GMT
trbr8890(1).jpg
www.olhardireto.com.br/imgsite/noticias/ 		251 KB
251 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/noticias/trbr8890(1).jpg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e4ad52bc93f36b9b521b1d5d7869512a112fb3dd5c9a6eb1c58f49a3c652f842

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:55 GMT
last-modified
Wed, 01 Mar 2023 16:01:55 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"42d7425574cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
256545
expires
Fri, 03 Mar 2023 07:39:55 GMT
camara-vg(3).jpg
www.olhardireto.com.br/imgsite/noticias/ 		336 KB
337 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/noticias/camara-vg(3).jpg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5710f43a66366693f4763c6c617f7dd2a9edda5c4b158f4d7a32535465cdf8f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:55 GMT
last-modified
Wed, 01 Mar 2023 14:38:36 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"e9196f814b4cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
344211
expires
Fri, 03 Mar 2023 07:39:55 GMT
0000(22)(1).jpg
www.olhardireto.com.br/imgsite/noticias/ 		441 KB
442 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/noticias/0000(22)(1).jpg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
085f7ba25e718670df2257d26c9f8e8d29c518be3bd26a383ab04e3387dd13da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:55 GMT
last-modified
Wed, 01 Mar 2023 13:38:25 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"5b2d1319434cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
451418
expires
Fri, 03 Mar 2023 07:39:55 GMT
aaa(1).png
www.olhardireto.com.br/imgsite/noticias/ 		190 KB
191 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/noticias/aaa(1).png
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2982bf750415f174d872f7667ad336f6d92b6fbec6736269a78d7d9af700f256

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:55 GMT
last-modified
Wed, 01 Mar 2023 13:15:23 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"b74564e13f4cd91:0"
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
194888
expires
Fri, 03 Mar 2023 07:39:55 GMT
FELIPE.png
www.olhardireto.com.br/imgsite/noticias/ 		331 KB
332 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/noticias/FELIPE.png
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
382c89b018e8ddedd5ae8388b82db7fe2e8d947bfb9653a86e3645a9c461affa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:55 GMT
last-modified
Wed, 01 Mar 2023 12:56:35 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"707d8413d4cd91:0"
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
339374
expires
Fri, 03 Mar 2023 07:39:55 GMT
Luiz-Fernando-Rogerio(1).jpg
www.olhardireto.com.br/imgsite/artigos/ 		152 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/artigos/Luiz-Fernando-Rogerio(1).jpg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
fb1a0aa8489c4f6653a38221ab2c756327f91d4508f671467b134f27a9120fdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:55 GMT
last-modified
Tue, 28 Feb 2023 13:31:32 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"85d7af8784bd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
155982
expires
Fri, 03 Mar 2023 07:39:55 GMT
_JPC7551.jpg
www.olhardireto.com.br/imgsite/artigos/ 		120 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/artigos/_JPC7551.jpg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f5c2c01d64c7bb889eb7e43467159058e2179a01521b0455024287b6805372df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:55 GMT
last-modified
Wed, 01 Mar 2023 14:16:36 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"ac26a86e484cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
123173
expires
Fri, 03 Mar 2023 07:39:55 GMT
a-a-550.jpg
www.olhardireto.com.br/imgsite/artigos/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/artigos/a-a-550.jpg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3e7ebc58821590bee00fc1599f846c398b899c3e32df8525d98b2f6c3ac19602

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:55 GMT
last-modified
Wed, 01 Mar 2023 11:32:38 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"ae59ab86314cd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
25873
expires
Fri, 03 Mar 2023 07:39:55 GMT
ico-rodape.png
olhardireto.com.br/imagens/ 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://olhardireto.com.br/imagens/ico-rodape.png
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/css/estilo.css?v=20230225
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
479acd68c71db1db8bd576c692d181f0eaef09dae74ecbdc7e4c85d514515441

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/css/estilo.css?v=20230225
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
last-modified
Tue, 09 Mar 2021 14:45:30 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"8d5739daf214d71:0"
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
124760
expires
Fri, 03 Mar 2023 07:39:52 GMT
index.asp
ads.olhardireto.com.br/ 		2 KB
1004 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.olhardireto.com.br/index.asp?a=1,0,0&b=1,40-5,43-9,25-10,46-11,44-16,68-25,26-26,38&c=&_=1677742791682
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/sysjs/jquery.js?v=20230225
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
186.233.90.67 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
server9067.cloud.srv.br
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
28426eb42be856ce204465ea487fa637e23a7059dc6c88d998659c257403c362

Request headers

Accept
text/html, */*; q=0.01
Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Thu, 02 Mar 2023 07:39:51 GMT
content-encoding
br
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
private
content-length
799
sdk.js
connect.facebook.net/pt_BR/ 		301 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_BR/sdk.js?hash=755ba6ba50e438130e4912ea09705ba8
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f3fcdf1a42c4e820911cab6b03955dfd5e6776dd64471d44110abf39abe2e35e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://olhardireto.com.br/
Origin
https://olhardireto.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 02 Mar 2023 07:39:51 GMT
content-md5
mFrkx3686KZAnasmGToaAg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87102
x-fb-rlafr
0
x-fb-debug
c2/ViHxU3YtgEpOGDSI1cKAGy7sNckb4omlOi1VxcOt6pW1bQCb50TWs0O1mI0zAGHX3y58e2FtPCfGhiwhvKw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
x-fb-content-md5
692adca481dfbf72426481c31f2dcbd1
cross-origin-opener-policy
same-origin-allow-popups
etag
"4db51e212c0d161fdc2e5058b25a7196"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
expires
Fri, 01 Mar 2024 06:50:26 GMT
pbjs-min.js
tags.premiumads.com.br/scripts/ 		369 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/b32c8ddb-e07d-4acd-85a5-5e4a5a1f208b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
fe081a84ca6ae1db3a9694b552c5c07cb94958d6468e9a61b58c85366c3ff5bd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
strict-transport-security
max-age=2592000
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 13 Feb 2023 05:25:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
352883
etag
W/"1d93f6b97852c68"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZTAi%2FsHAGbDrFx4IH5dxG67ziuh6CP48GR4VpTGjoKyiOrW0PGBv9gYP4j586KifvMFeftkr0IeWfS3CZSgPS5%2FHTNqm%2B4%2BCYEqfeISs8SIwDqGeG0Gs%2F54Gv%2BOMrETl6qgbeuEaGnT%2FbO0VNo3dZHchw4I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7a17fd01e94f371c-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/b32c8ddb-e07d-4acd-85a5-5e4a5a1f208b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b0963f14226beb0e141c1d4def4cc1bc70e8ef8792a527f80a11c8591ba63f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26901
x-xss-protection
0
server
sffe
etag
"1498 / 973 of 1000 / last-modified: 1677711908"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 02 Mar 2023 07:39:52 GMT
p_icons_3.png
tags.premiumads.com.br/Content/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.premiumads.com.br/Content/p_icons_3.png
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bcd71666ea63d4a00969b970c9cdba3cd15b06b53bc84e96df351324c6cd6c5e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:51 GMT
strict-transport-security
max-age=2592000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
351254
x-powered-by
ASP.NET
content-length
12013
last-modified
Mon, 13 Feb 2023 05:25:32 GMT
server
cloudflare
etag
"1d93f6b9780c0ed"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b9kOHVo8kCBg0Fv0CZ1Io%2BmtHwVSGfrMnL3p9pId%2FNedS5e1YkR4zSw1U2fX34vt1GQJf30g9fS9IRZZlCDWj5OwuppbJlCy9XQDMt2LdUaesOMQ5jUI48OXQm9ySkg9GLQLioASpbweqnfmi15jWaw7mtI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7a17fd01f967371c-FRA
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25a5de68d390f7c0ee9384f03a6f087c66bc3b6eb37c37f7351735770183017f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
atrk.gif
certify.alexametrics.com/ 		0
0
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.12.214.117 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-12-214-117.us-east-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
server
Server
collect
www.google-analytics.com/j/ 		4 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=957880549&t=pageview&_s=1&dl=https%3A%2F%2Folhardireto.com.br%2F&ul=en-us&de=windows-1252&dt=Not%C3%ADcias%20de%20MT%20%7C%20Olhar%20Direto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1967497274&gjid=1758284616&cid=315635011.1677742792&tid=UA-17138560-1&_gid=1499800651.1677742792&_r=1&_slc=1&z=563927414
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://olhardireto.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/ 		360 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6337956849655550&plah=olhardireto.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6337956849655550
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21e279c58cdffdcb99b3112899181786674d0d93d632d4b2bb3e92e545ffb5df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121306
x-xss-protection
0
server
cafe
etag
17705620082600102546
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 02 Mar 2023 07:39:52 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230227/r20190131/ Frame 58DF 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230227/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6337956849655550
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://olhardireto.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
67152
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 01 Mar 2023 13:00:40 GMT
etag
2378337311435320485
expires
Wed, 15 Mar 2023 13:00:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
id.navegg.com/uid/ 		16 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.navegg.com/uid/
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
558ffc306fcfed53467bbf376f405a03f22c4b47a02c4a446d05a769852585dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
cf-cache-status
DYNAMIC
server
cloudflare
cross-origin-opener-policy
same-origin
vary
Accept
allow
OPTIONS, GET
content-type
application/json
access-control-allow-origin
*
x-frame-options
DENY
cf-ray
7a17fd031a492c6b-FRA
access-control-allow-headers
*
content-length
16
access-control-allow-method
GET
collect
stats.g.doubleclick.net/j/ 		4 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-17138560-1&cid=315635011.1677742792&jid=1967497274&gjid=1758284616&_gid=1499800651.1677742792&_u=IEBAAEAAAAAAACAAI~&z=1515742351
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 02 Mar 2023 07:39:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://olhardireto.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2023022701.js
securepubads.g.doubleclick.net/gpt/ 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6265a847e8ef645ae49eefb6efdd0659672dd17c55167c74bb067750daa399f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 05:39:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7208
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132634
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 09:35:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 01 Mar 2024 05:39:44 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		1 KB
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=olhardireto.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a565a2cae39b5baf4a0b2ba73189d1b01999e7c2c39e9f0e3138058ba92e512
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
439
x-xss-protection
0
expires
Thu, 02 Mar 2023 07:39:52 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-17138560-1&cid=315635011.1677742792&jid=1967497274&_u=IEBAAEAAAAAAACAAI~&z=621021231
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-17138560-1&cid=315635011.1677742792&jid=1967497274&_u=IEBAAEAAAAAAACAAI~&z=621021231
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
cdn.00px.net/rocket/71659/ 		239 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.00px.net/rocket/71659/index.html?t=259911574328350880&redirect=https%3A%2F%2F00px.net%2Fclick%2FeyJjYSI6NDIxOCwicGwiOjU0OTAwLCJjciI6NzE2NTl9%3Ft%3D259911574328350880%26m%3D%26seed%3DzaYArngUf5JP84fhTF5zOyU1%26fr%3Dfalse
Requested by
Host: cdn.00px.net
URL: https://cdn.00px.net/static/space.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
WasabiS3/7.9.1306-2022-11-09-489242991d (head5) /
Resource Hash
8898b414bdaa419a787de60142a63f99fc09edcc75181915cd0f21bf8c3d653a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
content-encoding
gzip
last-modified
Thu, 29 Oct 2020 12:06:09 GMT
server
WasabiS3/7.9.1306-2022-11-09-489242991d (head5)
x-amz-request-id
3AE5E3B87402C002
etag
"9515a1fba3eb364c6f76385d17612400"
x-hw
1677742792.cds267.lo4.hn,1677742792.cds259.lo4.pr
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
200
x-amz-id-2
3+610OGLJlzirS8pzLcdELy6r5dIcdfx61Sa/ZBNW2Uvo09IuQfe4ffflPN58UtqJcVP3fd2f9n8
e.gif
00px.net/consoles/ 		35 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://00px.net/consoles/e.gif?t=3962538296559154700&data=%5BOffsets%201.04142021%20Chrome(110)%5D%20issafeframe%20is%20not%20defined%20line%3A%20undefined
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2604:a880:400:d0::163a:2001 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 02 Mar 2023 07:39:52 GMT
Referrer-Policy
unsafe-url
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
private, no-cache, proxy-revalidate, no-store, max-age=0, no-cache
Content-Disposition
inline
Connection
close
localstore.js
script.4dex.io/ 		483 B
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 02 Mar 2023 07:39:52 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
2275818
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o73Fw0KOgsf85A3fSFXfyJslQciHzMAw7rNkJ3Z6Kjep8EIo4cbmTRNRxyiQyI0nhHiqu0fX2U%2BRz%2B8I%2BzWNm%2FnQFJZ4fONgOl6WDxBka3EebtYkofUR2bhxjyglQNUUK94JTn9JT1M2M1gP"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7a17fd03b940373a-FRA
prebid
mp.4dex.io/ 		0
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:52 GMT
x-err
Parsing the Prebid Request. org/site not found
x-version
3.0.0-ref-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://olhardireto.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7a17fd03cb589244-FRA
expires
0
v1
prg.smartadserver.com/prebid/ 		171 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS
ip224.ip-217-182-178.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:52 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://olhardireto.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		25 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS
ip224.ip-217-182-178.eu
Software
/
Resource Hash
843f59b3bb91cd523978365abc551cf9bd5a83ef61564f834db43b29c76a2310

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:51 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://olhardireto.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		23 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS
ip224.ip-217-182-178.eu
Software
/
Resource Hash
43f31b2da74a842080bee5b1f91ada8dd02f6db801c97be1aaa9582b283ae32d

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:52 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://olhardireto.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		25 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS
ip224.ip-217-182-178.eu
Software
/
Resource Hash
93532679402036784313b797c09633c900199fdde82d8a17fdaa7edc04923cd9

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:51 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://olhardireto.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS
ip224.ip-217-182-178.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:52 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://olhardireto.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		23 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS
ip224.ip-217-182-178.eu
Software
/
Resource Hash
13b63bbf00b3c8900e372bb093837b8acf8d28729412446e9abfce4864a6835f

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:52 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://olhardireto.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS
ip224.ip-217-182-178.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:51 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://olhardireto.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ 		19 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.26.0&referrer=https%3A%2F%2Folhardireto.com.br%2F&tmax=2500
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.123.254 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-123-254.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:52 GMT
accept-ch
sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version
x-auction-status
29, 29, 29, 29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://olhardireto.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		803 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
30a9dbde85d59ca64b5394da465aaf2e9e23d47df1ec4a536ce87eed4d46aa55
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 02 Mar 2023 07:39:52 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.138.194.163; 217.138.194.163; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
b8afebb8-aaea-4bcc-8e16-387031d6f1e3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://olhardireto.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pb
ad.360yield.com/1879/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/1879/pb
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.189.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-189-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://olhardireto.com.br
date
Thu, 02 Mar 2023 07:39:52 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
fastlane.json
fastlane.rubiconproject.com/a/api/ 		1 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15410&site_id=100674&zone_id=861484&size_id=2&alt_size_ids=55%2C58%3B%3B%3B55%3B55%3B55%3B55&rp_schain=1.0,1!premiumads.com.br,ba87be28-7fe4-49a8-ba13-93d4b8b92e98,1,,,&rf=https%3A%2F%2Folhardireto.com.br%2F&tg_i.pbadslot=%2F75894840%2C22447461851%2FOLHAR_DIRETO_HEADERSTICKY%23P_OLHAR_DIRETO_HEADERSTICKY_0%3B%2F75894840%2C22447461851%2FOLHAR_DIRETO_INFEED_01%23P_OLHAR_DIRETO_INFEED_01_0%3B%2F75894840%2C22447461851%2FOLHAR_DIRETO_INFEED_02%23P_OLHAR_DIRETO_INFEED_02_0%3B%2F75894840%2C22447461851%2FOLHAR_DIRETO_INFEED_01%23P_OLHAR_DIRETO_INFEED_01_1%3B%2F75894840%2C22447461851%2FOLHAR_DIRETO_INFEED_01%23P_OLHAR_DIRETO_INFEED_01_2%3B%2F75894840%2C22447461851%2FOLHAR_DIRETO_INFEED_01%23P_OLHAR_DIRETO_INFEED_01_3%3B%2F75894840%2C22447461851%2FOLHAR_DIRETO_INFEED_01%23P_OLHAR_DIRETO_INFEED_01_4&tk_flint=pbjs_lite_v7.26.0&x_source.tid=1086617e-b63a-4c54-b901-134319910a5a%3Bb9443dc8-f949-4d93-8814-4890dc38800c%3Be4fb03cb-1a90-46f9-8136-cc532e5a4d0f%3B33177346-5ba7-4fac-ba9c-595d1e3dfb1d%3Be7006157-3cc8-4462-b27b-bd3f06a2e912%3B149e3c2a-f5fd-41ec-9002-406329faef6f%3B8dac7bc6-91b4-4d0d-ae36-9937a48ba74a&l_pb_bid_id=423175679387ab5%3B431ad1409d0d177%3B44013372552e811%3B4515a0941c85564%3B462401146125f0c%3B4708e1407281b1a%3B4875cc52b25821a&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.0581%3B0.0097%3B0.0097%3B0.0097%3B0.0097%3B0.0097%3B0.0097&rp_maxbids=1&p_gpid=%2F75894840%2C22447461851%2FOLHAR_DIRETO_HEADERSTICKY%23P_OLHAR_DIRETO_HEADERSTICKY_0%3B%2F75894840%2C22447461851%2FOLHAR_DIRETO_INFEED_01%23P_OLHAR_DIRETO_INFEED_01_0%3B%2F75894840%2C22447461851%2FOLHAR_DIRETO_INFEED_02%23P_OLHAR_DIRETO_INFEED_02_0%3B%2F75894840%2C22447461851%2FOLHAR_DIRETO_INFEED_01%23P_OLHAR_DIRETO_INFEED_01_1%3B%2F75894840%2C22447461851%2FOLHAR_DIRETO_INFEED_01%23P_OLHAR_DIRETO_INFEED_01_2%3B%2F75894840%2C22447461851%2FOLHAR_DIRETO_INFEED_01%23P_OLHAR_DIRETO_INFEED_01_3%3B%2F75894840%2C22447461851%2FOLHAR_DIRETO_INFEED_01%23P_OLHAR_DIRETO_INFEED_01_4&slots=7&rand=0.2618683278712466
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
bb09d0c55cf40f2d5304508d87c5bf76287e5b66bc741d1d558a28040f9a5393

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:52 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://olhardireto.com.br
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid-request
onetag-sys.com/ 		15 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://olhardireto.com.br
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
cdb
bidder.criteo.com/ 		18 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.26.0&cb=66999001785&lsavail=1
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://olhardireto.com.br
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
prebid
ib.adnxs.com/ut/v3/ 		805 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3bbaef8039f86455c5867a2cdedef895ae54b77684f144e8aa12e77373454f5a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 02 Mar 2023 07:39:52 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.138.194.163; 217.138.194.163; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
49dcfef3-44fe-4b39-9d4b-0cf0fe77ab09
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://olhardireto.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adagio.js
script.4dex.io/ 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 02 Mar 2023 07:39:52 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
126054
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQf1rjcjscq3r54SLBEn2aNv5Fr2B5Ec7bbIcd7EREgvwWNel8JSt2DNz5KLaGc0TbV%2F22VSpiIHKiO09EDhCVUujqb2zxFkWDBocjJUZbOjVHa%2F9mmQFg3bjV0%2B5%2F3KQzZoC8%2B9NsEAmfcB"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7a17fd03fab239da-FRA
cookie.js
partner.googleadservices.com/gampad/ 		403 B
607 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=olhardireto.com.br&callback=_gfp_s_&client=ca-pub-6337956849655550
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6337956849655550&plah=olhardireto.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
692d544aefadef93c92a6e7cd0d43f0304aa871a7c7b8cb91529b2b1a1d27b3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=olhardireto.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6337956849655550&plah=olhardireto.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=olhardireto.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6337956849655550&plah=olhardireto.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=lgpd&ign=false&pw=1600&ph=1200&x=800&y=1130.4
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame F7E0 		0
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6337956849655550&output=html&adk=347499538&adf=1862406280&lmt=1677742792&plat=1%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Folhardireto.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677742792075&bpp=4&bdt=1062&idt=233&shv=r20230227&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=326034376769&frm=20&pv=2&ga_vid=315635011.1677742792&ga_sid=1677742792&ga_hid=957880549&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44777876%2C44759876%2C44759842&oid=2&pvsid=2759212288538101&tmod=492473787&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=270
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6337956849655550&plah=olhardireto.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://olhardireto.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Mar 2023 07:39:52 GMT
expires
Thu, 02 Mar 2023 07:39:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
index.png
cdn.00px.net/rocket/71659/ Frame 88DA 		68 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.00px.net/rocket/71659/index.png
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
WasabiS3/7.9.1306-2022-11-09-489242991d (head8) /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
last-modified
Thu, 29 Oct 2020 12:06:09 GMT
server
WasabiS3/7.9.1306-2022-11-09-489242991d (head8)
x-amz-request-id
3E6D2CB426A9593F
etag
"91e42db1c66c0b276abf6234dc50b2eb"
x-hw
1677742792.cds101.lo4.hn,1677742792.cds201.lo4.pr
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
68
x-amz-id-2
Sc3e4lUsmmg0E1wIKICj0B4CbgnUz8D6scz8ANpg9cGJqgR3V7DCNk9o7pYCO21sb8sWI2a+0cxQ
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=olhardireto.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=olhardireto.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		323 KB
85 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2759212288538101&correlator=3060764084600946&eid=31072028%2C44761477%2C44777629&output=ldjh&gdfp_req=1&vrg=2023022701&ptt=17&impl=fifs&iu_parts=75894840%3A22447461851%2COLHAR_DIRETO_VIGNETTE%2COLHAR_DIRETO_HEADERSTICKY%2COLHAR_DIRETO_INFEED_01%2COLHAR_DIRETO_INFEED_02&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F3%2C%2F0%2F3%2C%2F0%2F3%2C%2F0%2F3&prev_iu_szs=1x1%2C970x90%7C728x90%7C1000x90%2C728x90%7C960x90%2C728x90%7C960x90%2C970x90%7C728x90%7C1290x90%2C970x90%7C728x90%7C1290x90%2C970x90%7C728x90%7C1290x90%2C970x90%7C728x90%7C1290x90&ifi=3&adks=2181290305%2C1667006778%2C2642405540%2C3898646250%2C4229832126%2C4229832127%2C4229832120%2C4229832121&sfv=1-0-40&fsbs=1%2C1%2C1%2C1%2C1%2C1%2C1%2C1&ists=128&fas=8%2C0%2C0%2C0%2C0%2C0%2C0%2C0&prev_scp=data_type%3Dvignette%26pp_pb%3D1.00%7Cdata_type%3Danchor%26pp_sticky%3Dbottom%26pp_loop%3D00%26pp_pb%3D0.30%7Cdata_type%3Dinfeed%26pp_loop%3D00%26pp_pb%3D0.05%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.02%26hb_adid%3D767ed9940724086%26hb_bidder%3Dsmartadserver%7Cdata_type%3Dinfeed%26pp_loop%3D00%26pp_pb%3D0.05%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.02%26hb_adid%3D77351cf605029a1%26hb_bidder%3Dsmartadserver%7Cpp_loop%3D00%26pp_pb%3D0.05%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.02%26hb_adid%3D74340f9a5876eef%26hb_bidder%3Dsmartadserver%7Cpp_loop%3D00%26pp_pb%3D0.05%7Cpp_loop%3D00%26pp_pb%3D0.05%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.02%26hb_adid%3D75494434d804f05%26hb_bidder%3Dsmartadserver%7Cpp_loop%3D00%26pp_pb%3D0.05&cust_params=url%3Dolhardireto.com.br%26categoria%3Dhome&sc=1&cookie=ID%3D90f7e10d59e89a10-22125a459fde008c%3AT%3D1677742792%3ART%3D1677742792%3AS%3DALNI_MbyxOd1KbKmHd-Sow7XNUic1ezBoA&gpic=UID%3D00000bbd8e32ac02%3AT%3D1677742792%3ART%3D1677742792%3AS%3DALNI_Mb_o54jNjGatLPLfYtoHwcnt06Z7Q&arp=1&abxe=1&dt=1677742792794&lmt=1677742792&dlt=1677742791012&idt=1209&adxs=-9%2C315%2C271%2C271%2C315%2C315%2C315%2C315&adys=-9%2C1265%2C1123%2C2365%2C3029%2C3571%2C4113%2C5418&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C1%7C0%7C2%7C3%7C4%7C5%7C6&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Folhardireto.com.br%2F&frm=20&vis=1&psz=0x-1%7C1000x-1%7C960x90%7C960x90%7C1290x90%7C1290x90%7C1290x90%7C1290x90&msz=0x-1%7C1000x-1%7C960x90%7C960x90%7C1290x90%7C1290x90%7C1290x90%7C1290x90&fws=2%2C512%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=315635011.1677742792&ga_sid=1677742792&ga_hid=957880549&ga_fc=true&cbidsp=~Cs8BCAESDAoGYWRhZ2lvEGggAhIUCg1zbWFydGFkc2VydmVyEPQDIAISEAoKdHJpcGxlbGlmdBBkIAISDgoIb2Z0bWVkaWEQXSACEhUKDmltcHJvdmVkaWdpdGFsEIYBIAISDgoHcnViaWNvbhCWAiACEgwKBm9uZXRhZxBVIAISDQoGY3JpdGVvEJwCIAISDgoIYXBwbmV4dXMQTyACGAIiJDEwODY2MTdlLWI2M2EtNGM1NC1iOTAxLTEzNDMxOTkxMGE1YSoECAMgAEoAQMQT~Cq4CCAESDAoGYWRhZ2lvEGggAhJzCg1zbWFydGFkc2VydmVyEO0CGl0KDzc2N2VkOTk0MDcyNDA4NhCxwgEaA1VTRCIJaGJfYmlkZGVyIgdoYl9hZGlkIgVoYl9wYiIHaGJfc2l6ZSIJaGJfc291cmNlIgloYl9mb3JtYXQoAToFCNgFEFogARIQCgp0cmlwbGVsaWZ0EGQgAhIOCghvZnRtZWRpYRBdIAISFQoOaW1wcm92ZWRpZ2l0YWwQhgEgAhIOCgdydWJpY29uEJcCIAISDAoGb25ldGFnEFUgAhINCgZjcml0ZW8QnAIgAhIOCghhcHBuZXh1cxBPIAIYAiIkYjk0NDNkYzgtZjk0OS00ZDkzLTg4MTQtNDg5MGRjMzg4MDBjKgQIAyAASgBAxBM.~Cq4CCAESDAoGYWRhZ2lvEGggAhJzCg1zbWFydGFkc2VydmVyEPICGl0KDzc3MzUxY2Y2MDUwMjlhMRD8vAEaA1VTRCIJaGJfYmlkZGVyIgdoYl9hZGlkIgVoYl9wYiIHaGJfc2l6ZSIJaGJfc291cmNlIgloYl9mb3JtYXQoAToFCNgFEFogARIQCgp0cmlwbGVsaWZ0EGQgAhIOCghvZnRtZWRpYRBdIAISFQoOaW1wcm92ZWRpZ2l0YWwQhgEgAhIOCgdydWJpY29uEJcCIAISDAoGb25ldGFnEFUgAhINCgZjcml0ZW8QnAIgAhIOCghhcHBuZXh1cxBPIAIYAiIkZTRmYjAzY2ItMWE5MC00NmY5LTgxMzYtY2M1MzJlNWE0ZDBmKgQIAyAASgBAxBM.~Cq4CCAESDAoGYWRhZ2lvEGggAhJzCg1zbWFydGFkc2VydmVyENkCGl0KDzc0MzQwZjlhNTg3NmVlZhCxwgEaA1VTRCIJaGJfYmlkZGVyIgdoYl9hZGlkIgVoYl9wYiIHaGJfc2l6ZSIJaGJfc291cmNlIgloYl9mb3JtYXQoAToFCNgFEFogARIQCgp0cmlwbGVsaWZ0EGQgAhIOCghvZnRtZWRpYRBdIAISFQoOaW1wcm92ZWRpZ2l0YWwQhgEgAhIOCgdydWJpY29uEJcCIAISDAoGb25ldGFnEFUgAhINCgZjcml0ZW8QnAIgAhIOCghhcHBuZXh1cxBPIAIYAiIkMzMxNzczNDYtNWJhNy00ZmFjLWJhOWMtNTk1ZDFlM2RmYjFkKgQIAyAASgBAxBM.~Cs8BCAESDAoGYWRhZ2lvEGggAhIUCg1zbWFydGFkc2VydmVyEPQDIAISEAoKdHJpcGxlbGlmdBBkIAISDgoIb2Z0bWVkaWEQXSACEhUKDmltcHJvdmVkaWdpdGFsEIYBIAISDgoHcnViaWNvbhCXAiACEgwKBm9uZXRhZxBVIAISDQoGY3JpdGVvEJwCIAISDgoIYXBwbmV4dXMQTyACGAIiJGU3MDA2MTU3LTNjYzgtNDQ2Mi1iMjdiLWJkM2YwNmEyZTkxMioECAMgAEoAQMQT~Cq4CCAESDAoGYWRhZ2lvEGggAhJzCg1zbWFydGFkc2VydmVyEN4CGl0KDzc1NDk0NDM0ZDgwNGYwNRCxwgEaA1VTRCIJaGJfYmlkZGVyIgdoYl9hZGlkIgVoYl9wYiIHaGJfc2l6ZSIJaGJfc291cmNlIgloYl9mb3JtYXQoAToFCNgFEFogARIQCgp0cmlwbGVsaWZ0EGQgAhIOCghvZnRtZWRpYRBdIAISFQoOaW1wcm92ZWRpZ2l0YWwQhgEgAhIOCgdydWJpY29uEJcCIAISDAoGb25ldGFnEFUgAhINCgZjcml0ZW8QnQIgAhIOCghhcHBuZXh1cxBPIAIYAiIkMTQ5ZTNjMmEtZjVmZC00MWVjLTkwMDItNDA2MzI5ZmFlZjZmKgQIAyAASgBAxBM.~Cs8BCAESDAoGYWRhZ2lvEGggAhIUCg1zbWFydGFkc2VydmVyEPQDIAISEAoKdHJpcGxlbGlmdBBkIAISDgoIb2Z0bWVkaWEQXSACEhUKDmltcHJvdmVkaWdpdGFsEIYBIAISDgoHcnViaWNvbhCXAiACEgwKBm9uZXRhZxBVIAISDQoGY3JpdGVvEJ0CIAISDgoIYXBwbmV4dXMQTyACGAIiJDhkYWM3YmM2LTkxYjQtNGQwZC1hZTM2LTk5MzdhNDhiYTc0YSoECAMgAEoAQMQT
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b0e33e1e5afb7c3802e391e73c139629748b69d8437e9548001789740faf33b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87282
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1,-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://olhardireto.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D29B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://olhardireto.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Mar 2023 07:39:52 GMT
expires
Fri, 01 Mar 2024 07:39:52 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2023022701.js
securepubads.g.doubleclick.net/gpt/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2023022701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4ef66d6d4ebd26473020ed33ed436a9899d8fcb519e1fb7591d6d338e0e2be5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 15:32:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
230833
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13772
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 09:35:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 27 Feb 2024 15:32:39 GMT
940x100-banner-Roo-mar-23.gif
www.olhardireto.com.br/imgsite/banners/ 		204 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/banners/940x100-banner-Roo-mar-23.gif
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
91bfe499e04842613221aae2667d0bdfd5d0b89d111b0f67d95e8f5422c7a6ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:53 GMT
last-modified
Wed, 01 Mar 2023 21:13:27 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"e7c64caa824cd91:0"
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
209114
expires
Fri, 03 Mar 2023 07:39:53 GMT
Banner-Energisa-(300x100)-fev-23.png
www.olhardireto.com.br/imgsite/banners/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/banners/Banner-Energisa-(300x100)-fev-23.png
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c52a5ba0aa2cd201dde1b419963bc7d6917827dd0c2d2cbb1fd7112ed7cabc84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:53 GMT
last-modified
Mon, 13 Feb 2023 13:09:23 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"e4216d64ac3fd91:0"
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
57135
expires
Fri, 03 Mar 2023 07:39:53 GMT
HBENTO-DIVULGACAO-PA-BANNER-SITE.PNG
www.olhardireto.com.br/imgsite/banners/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/banners/HBENTO-DIVULGACAO-PA-BANNER-SITE.PNG
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bf803591141040597e81e0827de1c31b4e96ae691922af0663a2a61a97970147

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:54 GMT
last-modified
Wed, 12 May 2021 15:16:23 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"9724dcc44147d71:0"
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
17037
expires
Fri, 03 Mar 2023 07:39:54 GMT
Vestibular-UNIVAG-2023-1-3-300x600-Olhar-Direto(1).gif
www.olhardireto.com.br/imgsite/banners/ 		205 KB
206 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/banners/Vestibular-UNIVAG-2023-1-3-300x600-Olhar-Direto(1).gif
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f3871adaf434ee8c5e40d3344d9ea2a72279406d2b5bc371bdc4fb55d859cc83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:54 GMT
last-modified
Fri, 30 Dec 2022 16:15:53 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"e4d754fd691cd91:0"
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
209947
expires
Fri, 03 Mar 2023 07:39:54 GMT
Banner-CVC-Liquida-Verao-outdoor-(1260x120).jpg
www.olhardireto.com.br/imgsite/banners/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/banners/Banner-CVC-Liquida-Verao-outdoor-(1260x120).jpg
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
aa3b56bee27e5670548d47f3051373d299275e07b83d65d36f89267eae36754e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:55 GMT
last-modified
Wed, 18 Jan 2023 18:43:30 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"425586c26c2bd91:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
44443
expires
Fri, 03 Mar 2023 07:39:55 GMT
biglar_institucional_2023-(300x600).gif
www.olhardireto.com.br/imgsite/banners/ 		7 MB
7 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/banners/biglar_institucional_2023-(300x600).gif
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3c51ab9b74a2f79f522552c483e93341857f88f4cc471df77315339f6284711b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:56 GMT
last-modified
Mon, 30 Jan 2023 18:13:25 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"447c888bd634d91:0"
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
7708165
expires
Fri, 03 Mar 2023 07:39:56 GMT
GarantaSeuIngresso-300x250-Cuiaba(1).png
www.olhardireto.com.br/imgsite/banners/ 		160 KB
160 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/banners/GarantaSeuIngresso-300x250-Cuiaba(1).png
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
efe33d0a453649cd5071c82b8a3d6009e09de4075e670d7b6c9ddb40a5b71f68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:56 GMT
last-modified
Tue, 14 Feb 2023 20:07:34 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"fae157faaf40d91:0"
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
163482
expires
Fri, 03 Mar 2023 07:39:56 GMT
Titania-Banner-novembro-(300x250).gif
www.olhardireto.com.br/imgsite/banners/ 		261 KB
262 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.olhardireto.com.br/imgsite/banners/Titania-Banner-novembro-(300x250).gif
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.233.88.177 , Brazil, ASN262787 (IPHOTEL Hospedagem de Sites Ltda, BR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7082362b612d04f5232979bc3cd93fa49d3b401fe707f7e7f20b18b778eb8606

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:56 GMT
last-modified
Thu, 18 Nov 2021 14:23:26 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"bfeb20da87dcd71:0"
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
267732
expires
Fri, 03 Mar 2023 07:39:56 GMT
viewables
00px.net/tracking/eyJjYSI6NDIxOCwicGwiOjU0OTAwLCJjciI6NzE2NTl9/ 		35 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://00px.net/tracking/eyJjYSI6NDIxOCwicGwiOjU0OTAwLCJjciI6NzE2NTl9/viewables?t=259911574328350880&s=zaYArngUf5JP84fhTF5zOyU1&o=null
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2604:a880:400:d0::163a:2001 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 02 Mar 2023 07:39:53 GMT
Referrer-Policy
unsafe-url
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, proxy-revalidate, no-store, max-age=0, no-cache
Content-Disposition
inline
Connection
close
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
container.html
0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 582D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://olhardireto.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Mar 2023 07:39:52 GMT
expires
Fri, 01 Mar 2024 07:39:52 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0B2E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://olhardireto.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Mar 2023 07:39:52 GMT
expires
Fri, 01 Mar 2024 07:39:52 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6FC1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://olhardireto.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Mar 2023 07:39:52 GMT
expires
Fri, 01 Mar 2024 07:39:52 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 582D 		4 KB
732 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 02 Mar 2023 07:39:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 02 Mar 2023 07:27:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 02 Mar 2023 07:39:54 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame 389B 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite_fy2021.js
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 04:59:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
9605
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9122
x-xss-protection
0
server
cafe
etag
6330344511044705610
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Mar 2023 04:59:49 GMT
css
fonts.googleapis.com/ Frame 389B 		8 KB
789 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 02 Mar 2023 07:39:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 02 Mar 2023 07:22:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 02 Mar 2023 07:39:54 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/ Frame 389B 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.css
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 12:53:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67583
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2798
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 11:39:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Feb 2024 12:53:31 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/ Frame 389B 		376 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d07304cca832f4d70ceafd73f39bf68de4cb3b8185f24614641e6f860118389b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:00:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31140
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131380
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 11:39:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Feb 2024 23:00:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 389B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 18:40:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
46784
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5959907985313552934
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Mar 2023 18:40:10 GMT
l
www.google.com/ads/measurement/ Frame 389B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSulkOZjtWwOTYCwXan7EaiVOvdJoMo-RhiU5bSzcA-CgYPL6eQVR01XXr9L8N9kbl6TBH_Qm73gweWE8PHsyTp__0dZQ
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/ Frame 582D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19aed7d310d8bf5f137d0273df387b2d5b023e7c8eda1d30c1f7a8459d5a3bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 21:21:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
37076
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8556
x-xss-protection
0
server
cafe
etag
12004167960083760723
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Mar 2023 21:21:58 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame E03F 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjX7tzgATAB&v=APEucNWOn6yfYs-iZ8cqlztOCBiITxL8ITp41ZmTTM21adZPwUOmR5ZJMXiOe3Fm55jSEpKx7c2Ie86HQLrxq0ztfFP4ybQSf7MMRAwsA6qCPs-5QQ1ay3j3vGSPYGYRCk5IPDYmS4ueCuJMMSW3oF0p-RcQ0JUr_wktpzf9MNon9bOVgXMmEj0
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Mar 2023 07:39:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 0B2E 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27790
x-xss-protection
0
server
cafe
etag
3677590245327912432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 02 Mar 2023 07:39:54 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B2E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D_-Qx_xyOYxi_644Caue46HGEo0PfTkEhs4FDjfANCPSQTwHQS9OnNZ9sU_0NLXAnacDFgFiRanmJsR9dnL1vq33WrooxQjkjlWZXv3tQvuNoRIhQ
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B2E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17429265595382050396&x=1&ct=76
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adj
fw.adsafeprotected.com/rjss/bgd/1135760/69474538/xbbe/creative/ Frame 0B2E 		251 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/bgd/1135760/69474538/xbbe/creative/adj?p=APEucNXYmfPfoTjVmlF1Jd08IEchMLhOXyCx7g9zBnXZB--j0HxovnQ&d=CokBAKAmf-C00twB4LvsVFHWZmnMkbiD422gRFFnC8alz5EuIhaRAigHN-7aZRsiAEhgVrw3kELi1Cl5clvfrNdSyH-YXQQp0cvBUzzaSzK5MWI16Kmk0kA6THZ2WbtYdwZiaEJswsa7GzrQs4aKAfClnlvzukZZ4DnCYTuSa38p9iQf3KLUCr6U6vIS-RUAoCZ_4Do3CgJYLWIrM-BzMulzcrakirfb3-uVeTKioWIXnk-QuQur1zdO5Ia8iAa7qeyRX5vxjDJhN7cAKq51B7BAWDO8L34onel2tsCCvdZcn75x7DgM7rvl78hZTUeT7gRT9fcjsA302rO40SC__cWrRAKCHXa6scLWSMrML67w5hyRuyZrKiZ7ey5leB-P1dft-adeyvrE_lEvWUe_j5kRxw6KU7H85K2I72K40woVc_TKX4_IpJAZftJk1KcASdfl5qy6L8x2olqOb6nFrc1FqjhOF1yqYV67tOrn8n3GcsXLsPgvS7wlYayXu-EgfeQzo2OK6vAo6Rs0TlbnxB8HUCf_H4lgg4WaijX9TCcgBEFOYy4YZA_j7nUt-2iJ7EzP0WKm62B-Og3SQgM3_jqh9Gk3e4HYvjsuHjmw37X2M1npBRuN6-pKcJh4GfA-1W7JdkRS9xoJb7otS3A8NpCMJktAGvnkPrJXO9zCsetpYmb5TblKc5i7vrS6qjFZBvFwm4i1QuP9YBmvspSTZP3eYCH_KVYobdwL4PuAUqAOfmTSacDZLwjTgpIJOObxaIQpo6ZUovgI0iyASkJwOy0m846ROps8GVzJTfjIPomXuffAo3lI8pPAxLeAwcx2cqa8OJLlMSXXQyUDjD2mLcikajE_wjrPlF16WmO9SFpCS8KFBBlPSBu-ljMq2BvTAxw0fi0oON-8FtEFYasHiouIr4nyoHgVEQtfSFGCzz4kzFgMaYQTeqtAKHL_gwCttmZItS431e2eb25JyCjeQvsW4OWN3l3_ou8gyc_nlIDAcKi12RsVtex39ohAw-gKE4BtVJ7t2NOe-14SwK0EdyqUIb8mw-2S9f4OrNyqlqR4bc0M9TA5BRCjSnrdvAYjqmy8YXXmbOZqW8xb2uqpaLr5VTsYH-OPkwsycZA2g-9bWwUMxysMTefnkHP_9Q_EhiPtJjnVmE2KHgqObcqCg_hIbDDKh3m-gWgGqXxzynRLKnIoAdcfeN1V5LvNHuc_wUWBryBVT4QI1Zrp3GFF7QPWvH6LVfVayIJZYXWKyWhlZVbbAqA2Tyty7zeZ6i7k4MA-G-O2-HwKYStJToAtHYLd5Z7sX85tTNvyXYi4glyqQNN6t6kO76ILP9NL9MPGTYJZ3io8UApPeP0cXNdRflzoK7j8Ftz6WddIBWFUw-dlZoh7HIx8jvdPdgSr2dsKA3PQob8xvfbA1P-lBnTTCnmKRjg18xlqrj8mmmLYUw0_ygmLzoeGt-ybX0Ho4qjTtN7QmR1OOImAYV2m3CX7UkNeZnAwd7WdBved6r-C3LboFUiDI-r0O9gZYnwaBW1mGLV_T1xM7tnYPU4BJoFnXWH3PzHaTq4qK8GcZ3kBZm3eKGNpHhscnFpVBSqo92gP7FnXHwmw0Im9vmlAZlKlgWCZkIRAgQ62_qu4oLxV62l2Q0xEw7sigzolOuqhF6VDC3m5ucQoeqmBtUlXC4oQdQfAmsFZBrHc55znoKOQ44AJESgk7alsuy3dFnyfLL0Sf1skwA-C-q4jz9CfC7gvGBUHtyzO0-X-6abgif2UL8xRc4_GLJqEynRdMC6Q6YhIondZr8-JSIC2WMBpxNv6MG126qU1EgmS5uVEGXNXs69dpujezLX7RAXQ7jh9ngBX_FX_vl369_wl4IC7HgFZPyqTGwy-BY00tyqa5ODo2C09OJLMTiNHJP4_wBKhQYdk8yxPYFH2urAAbONn4Bk4Y5MaRDjD8ELrDzHkrK3PP4dtmYkxJQQd5kcq4PN1LqmO0zDBOTqKP_ywxhXF3LzAdFLk97oM2veYdNTi4TKvl8FKCElJNLdF3k43OPedXfHaWS1nfbvl1haJ0woQvtVe5Z4FnLZVgNHw03Z4fC0VdEKAVQ13PPWb_iWcSbCpBBRqHXa3Y6pFrsCWWbKi90VeRbMlnO12GvX_2ShDtNCYaPeED10a8AcWBl94_CussFzuKH5j9YNfKS69jvqkqRjeqW7A1Jb92E80qkZ7XWmpP2bxLGtkX5JzQUqicYbMLyBWBp07s9QmdgqOQZz-pv11uTZ8m3axOK8kp3uj4YI85-Ez4e9KudRSx-e394SZDJDFR_eDrjThTRpL3BX-z3K2Hm1IeplOAKZUGYwdV3QMTjAzFOTt6EaF6tOWYoY0JFlig7txwAf_OjFip4DcZd1Uq4mOAkevHFk3DT15vO9mGM9W9WJa30H7r_nWqsxAM0yVg8GQiAsAU8jGIZGA4L29e9fBwI7oudZIvgXIVUZG0n4-X4NBzAyv6w6VVnzV_vRt6noq_Uv9x-pwTg7Z-cM1Oc5aDY2X3mvnJvSneiE9cRz3HmbrwFXtZMKdMDr9B3vJJ84cqtCegIrp57GWHzqlMvTyRqTF5RpHhBiSqWL12TxBNxn5MK6-FNEnuEGbQ_nsyYVXcGo6jLzt2QX_oOaI-tmrnbhEkcU0MclO90t-Au8yxFDi3KSxozjvmN8HDFZdg8yyWqB9FJ-D6-z9E8_W_xhUnNPrIURldj2WdK3B9cWo4bDFSOyM5RO0fa_nu1hk71yJCHabfhA8NclVLDSUnPaVcibciERgw4lXtSE03qbMVqajTfWsXqEmn7BUIdJpOEZyBveVDZytUO4EGRXXs3jr4nNbi1ErK2XNqB3y0Gn3ogtNVr_Nbh-y24ciRgE8l0VhqbhiNHiA-Qdg1DoICc7fsOBRQK6C_JAcPa15BzwAblfrBnSmiZKXJFLU_A-Y6PO04HmaC2H2mR9BWjFW2IYfrGAxuheNKRrqNPQFqW1WjhzejCo5r4uVyfLlSrLmzHk4MG3Az2Nnh9y0004APAhdYGNcuLNvzkvHkknsVPjynINgad5JbXVrDpMeFMJBwJPtbMgqBf1vPYMbT1lJ47_p7CW_H1mbP0rR8ydEu8yNnlFqcrn24gDg4RyiOafWVmsSAhiDfQXuudmvEC_Xw8wSkT25GY5A-dz8LouHOzZcCAgbSRiEpYmHHUlRR4GcaqDtEogOQSgTiQGsScz2rU6Nq1m1uPH38Ya5Em2KB2cKP2Q6OuMPSjWxFMdIRfK61F0eurrrGSBHdbakaRqDc80wjzNHdZdIO0Gco35e8_1hq4ke_1r2C0wnVvaHXoIiGhJ7YQm28RG-5OU5fKQ5ajfXUergc5tlcWLef04BitdIFFQXCFk0qnn9b9j3wPaVvdSJ-ysjDkSRO8hiPNTAkB87MPExvLl4Hwn33Y_f75x6_JUj01mPjyy9YIrAhws9cyJ0WyEa3VIjC2Yw2kj3hITQurBDzsu3eMSXiexo3XBQIixINYBAQrFOHPUJc2qEhzPOg8V-lPsIuxn-XKj8ddHT-Rj7UwP927t1PRnJxu8SkIvRKDi5SSiGGnS9woG7VgDOq-OpvrPJsHpCvJ7netJehaSDEP4AH5WxKdrGdjSua6ibuOs1zhTLsSFEkwghjzDPsYV2Qz1SlmNHx78ASAuISPUqBfXUZzWRCE-LVA7Cl3vAGcHS8e6GLkXiWY6l2UYJHHI8GvxsziUpPcXhHiQ0gdiBvhi4dTc7jLXpmGfdO71heXdcqrkystkY0EkGRr_yZK_O71EkWtSo-0FqK6-kXAJES4M-gJlfgXBNBjG7-EM3OL0vR0mn_Clbz-TK1QoAQjrV48vIFOCXmGq9bb68mR0EAHg4euIQVbz05NfbY_-3doJvuCpdxa3-sFpqWaVewxaCrBCWS51nCJghLZvzP4QoTEbeGkIIBBI8ANQTnKYE7aiNhb_objkESEkEBIoMYt1uK58t8qktVXwK0n_hI2fOeVKbgKrdaXAySZozeZX2q6V6e_iBGAFgAQ&bundleId=&ias_dspID=3&ias_campId=1008772806&ias_pubId=pub-3619045887187031&ias_chanId=1&ias_placementId=18132952210&bidurl=https://olhardireto.com.br/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0glamt4Zr2TaflPYtZHVBHy
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.180.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-180-84.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d40123320f2928abcd7decab5a6a0211f29a57a44fa83387a3c7f16d0a80adae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:54 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 0B2E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 04:59:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
9605
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Mar 2023 04:59:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 0B2E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 18:40:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
46784
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5959907985313552934
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Mar 2023 18:40:10 GMT
l
www.google.com/ads/measurement/ Frame 0B2E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT9KrsfV2woWwpk-VKMU5ijJrAXdEY42qho-xzkYKB59eyeJCxbB9QOisSCkAytq6FWlRpV1soXO3iYyrCraX1D_JhSZg
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0B2E 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677673803517815"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 02 Mar 2023 07:39:54 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4F3A 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARiIs6DRATAB&v=APEucNVKLk1Yjv7jFyvpNePtuDbqysYm6rnXkIPpr-8VeCxY9tWbElfrwftLObYEnKexxJj8EctrBMoSAdI2o54s440mHh2ACbzMFkapghM9auE3P9d8pQihYS3_MFqf91G2Et8Oa1pq8tl_KrIfP65R8MlPvsMfk1PJH_QlU4O6BC7f1l4m4KY
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Mar 2023 07:39:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 6FC1 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27790
x-xss-protection
0
server
cafe
etag
3677590245327912432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 02 Mar 2023 07:39:54 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6FC1 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ci5GN3TT6HXFUGbYvGCXgK-kzv7oBuDKpfyWkK-WNr0BMhwg5zpXRBH8fbwT_kVskydHIekMZHD795atQsUWC2B_SALeGducuLNn3cZhijUg8hFy8
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6FC1 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8897509608532049321&x=1&ct=76
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adj
fw.adsafeprotected.com/rjss/bgd/1135760/65089100/xbbe/creative/ Frame 6FC1 		251 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/bgd/1135760/65089100/xbbe/creative/adj?p=APEucNXyq3IQCB_rQDbnVa--a205ZaEUI7aDdWSLdWsq7fHzkvZ8d_k&d=CokBAKAmf-BtmCJm1G-tfCvVC-g-LstrWKdI23bZbjyAbb7T_jQ_J8zSQQXIFDLm87xbWaPFED_t7sx8mRLAGb8v2cKLjHAMUkTvRrphPct3WgEoVS8rhvS_DfYcq80q_8sAv2F0j_nFycohA1EtPvn7cGtYnJgbuKQ0OhZSfwct4XGYSPv2Xe8wi0QS-RUAoCZ_4Doh3chFBJY8mvcN-7mQ23R9LBa0HYVNdzxXzaiz5-5ZzYcCgQJ9m2frJtlVeR8S707GmZkea8bnsybjKjhVOuUMZyCkvyc7RXJszEtcX_H7xBy3VvbejRxI46lggQeGW_RXZAYUXO2SPcFukJo79Dm9qTIGbyyXxgTZVePwg3fgZ38YYtNTzEY5lYQe0Cba4_DmBLREjq5WiRrFSwdcdGlLMwDF_bpScnVAnyUuzf8etbAaTrNL3IUkiafTLMZY5QWZEW47PPsNxbvZ3mMTunRa2qcmO6raGc0BsnpIopca3e07_ouxzjoXJESEqMCOfu3w5RVHCsUa81mCreTGqeP9kk_04F7pDXI_APpMBwJA3_zYW0qFMSy_FTHD92bsdX-BJFE58WgW_ZrluEHUr78ProcpEL68Rq30rPuIuF0sMZK_gR2-eia4TYdkJpvfkBpkZHxQEZ2ikkvciIgseiL4uK4J9KsnXiR9BRBtBoFIxjxC4x234NUylgMdwCX2szaLOXMRA4iQW7Zp_GtztLT4FO8OAfULsWfHWHGyGQr_gRctco2xkjIHhk315p0NXXk0rUDbm2AahcKFfb9pv9Ib-M7IGEosaW0TqzX_FcCgEWNTsxeQ04-qXXIst9YvOn-l_HYaakUXF9bRKTynjazE4ieWFqI_JRxamy0UMzn1BU0uwbZgrdLCfYlqPufpQzh13dtBwokaghaiYKg1FrR4MUDyI1PW97Z5cergY4pdzfksLnG1YET_mFdB6gWtJluYK7aJXJuxyd2ZvTS8qqJwU_r5KtlgyP5YnHGsHsVot_XfgcnZMhE1CAdmBezZ6Knnm1p765a7_ZL43DdCPN2Srw6RR6_qh3VO6ooSi2Y74a4f-nRrASPAQXVlpKhnYJi3zwdyR5XtyAzHDwJ0sbPvniNgORiUzRtkmUphIdbc1z9p3b6KiozOxgo_aTqHkb-KdvEUDVCkjJSa9kNdxBrcXL8NGuvdbYlztgiwOa2d-mYrDwVlkhhaG7z31VePg1VnLhgHwQkTu3s7dm_k0XUwkYM71VQbgPZXmSeo_iY0vj6IeaPgyxMKozbuMj_3Jp8vxfVT-N_xb9Dudj0bFlNhCWpHI3jsJdbWj35OFCJ-0QMmhl0CM8EQAja1QikrkZayJxFZArLC4G3asKd9f3zRZsVXQROPfib50LLWAga4TmspTXEHaseeOW7RLHIxJiTQTp5rabvebQ_ZzAXMlUoE1z-7SdYb0cKsA7bmGemDG951JeHAPPNxMnaESHdiF77aAELCZ9D4gqhpxUBvvmPrmvEcBGgKNoQJ8qmBSqgaTD-6DOjKbIMieMWpSjM1Atnj4iHf5Ok6Iv5zYL1HOYlPX0_lGQQSHd6-4o4k8vs5SgrLD_Q1tyMmf2In8fra-f55o3WjtXjmYqifU02Dstle1yB1kGhP9y3Pp-0hBY8q90zbmUvxVCyMWs-GtAGpzB7HanzIXpcyWYXgPBEuAcXjfqMENOuWegTsqzaTHkjd6XRU8fR1V1ybsyK4cQPyB1l2BVaVrO69HxW8MkDNvzu8wZIVwfcIxWLso6hlG69tfOjS2UZDwqWPhKm6Nhl9b16ct9uoTXVnKW2ZcIj9aV_ZcbZsYtYadAof18IwvmfVkGWPjz9qNXGAcv3JbtZ0O3-hLGfiCZMEBdcMHIb9QuvUpudwpNFxigFSQkQ5jezzWj8aCjrM14G4IQLF51gEpdAVDwmrdYFWz-Phz_4L5WGDzipEzPOv-FOhoiayuFA6lZW8U4nmpArwb1tREJ9u4T4zFPPoTBvTQFQEeOUypFGvGS_0YVcWar-z-4kBkM2P0KF9w2T7lXDSHTbT-YUEeEiJzfl_Uz2nR5gc-cZ4ActyOZgyS7FcIPCiIa_cDVQnwwMGoksyxziHqySnBYM7FKRooZVsW6Y4y76-dFcHPvKQprcKKrZ7klDbcPsSzcrbW5v9WxGqC-NqNvCyVNh-dElaOIAXZpJi0s_hi06VE_CxjCM3jAgLdcLDiFjAHZu6-cqoV_jGQRYTb47zqTkS2XE9bZqfr0kowK0JwBxggmwH2qLx5-vag5INbAyNsmjC2A8EesJeb0ztmuvKd2akfXdQdjy041V11iveT7JLKc31R9c6-FLLccuDLvPuRHEQyuO_lpL1y9PzSk-W5PIUG8sSE1HQuRJbVBw8b5oxpKGR5uG-SqMQbqMAXPPtV7KhJhWEQ4wAoT9zTKr8vGNSJ5ic0HX1jpqzNcyO2bdzWnHLZ9axLJA7chDxvjEfODNvn_y_GzNraWWSGHZD188MDmgD0hU7UsJHEnnrsaMRx6Cq3lV_QFfw23KqSu2WaYt6SCB3RVxtPzpV0chem56O9rGtdoiysDEw2wsnW9LYGsvoNxMdxepNiXFnEO9c2s-wuo7nJNrdr-_k8o2YYp_OBl1vOqKuHIqyLm9-vvNIvNzyyGYm6Ka7iQNhbUbNM0Tq6Gn0Q4elOi7ygdkr1uxnBuYQhK0Bni43j25mVKEO2JqiQrnHfNkwI8rAH-Wme2_i_WntQxQNPco0h6NxfKlxaQxkbaArfRIz0H7ux9xlRPP3xS7nQZU2juAdA6EhxwbPq3vbKWMp4L9m_ryEKncuahsDtwsBiqvblD8KmBp0OGST0OeFSGCIKKEjhSrmujnwoexXr4VNNmxeUPHwzNqs6oxaJ9kVbW0MrBxfz8d2bBdguH95LKToVN6CEQY4HsfQ_0OG78cB_CwrOKwksXfHPkg_oCAiwgGorEgWKkF472srYLARWqbmkNThEECfyCl9USGaB98nl7ptl4skMugg0WCLxk6rfkiJAUtgZNZvwskmsphEUTX4V5bLT2hsY8t6g3wbZ9-svuaIw5Sny3_MTE0nDa9iBBmmeYg3PnLSnfd_vTFcCt2J16qHYs5GKsWo6J7ZZ5Q1jOUb9pYcGRUI9Vo99AcShfKQBCOhAznw2u8xBPZ3wJ8Om-PU8j4Wqa-RiGkMllRh70qHSJDp6AOUQSthpHJur7Ykm5YZJh52kNIPTbx6e_NnF7xLIH_0x5dWIDbrGym2ZYbjlw-T2fExQ818B47cZHcq9O21xCvxtilk4QJq1mHvs4wUUTzdeMSeGI-Mq3fRurM2dN4D5Wq8vy8tBdg6edc3LpVDkSpxlWvONEfe3G7BBJTeiNsRzmOVZIKrgf07q_Nsa-95eQkfoKqYijMs1LWd8C7zgTMjSBu6PIONzv-JMWYQaR3jtWYbB8tqggek8pWC0mz0Hk6zcM1oCypB8PLJ67ReoqkRHIGpHOv1fHLV1B8VqDz1_wsV2gBsrUUIn5ojjOFGQmT1qkovLL34FUh8GUVs7VlQ38Y5gskHpUM6fqZJsHTsRxyNcRoSDkEwWu4JU8jEX7rbfZ6aYmZ8SiEhrJm5EBV032uGuz-ikICk33z3_BGUU5bpCOvLVa9ZFLcnysA1cPj1VszFZJtC7D0FMKEFjWIvjVCDszFm8Vet5C530ZOGkPs6VhqnYPBR3XSlhee6JPJ5eFxjaG3vysu2TRERcZyPulmEIsDmHCWunVsu2wMa77HvcoQHHhU4v5Lgx1gfkKpoPjSxAmZggA2vM7A_q7NQDwTWLOmJBeWiwsVyrCib3p8uo_Ee0Z5GuhOhWq26pxhvSevj7aqHAieDLvzlucegjTMS_rr2wd3AYmKuxi3xJ3xSkJT1h8MMgBU50IUaY0qT_EX9AbxXNfpaEsrPa1Usj5fI1Hy5GkIIBBI8ANQTnKYE7aiNhb_objkESEkEBIoMYt1uK58t8qktVXwK0n_hI2fOeVKbgKrdaXAySZozeZX2q6V6e_iBGAFgAQ&ias_dspID=3&ias_campId=1008772806&ias_pubId=pub-3619045887187031&ias_chanId=1&ias_placementId=18132952210&bidurl=https://olhardireto.com.br/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0g9vS67yk6d-xjLJr1jidcQ
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.180.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-180-84.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2d107b6556d53b481330fac841800abd0fdc21e5e254a9b0a26e8ad81cc5bed1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:54 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 6FC1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 04:59:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
9605
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Mar 2023 04:59:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 6FC1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 18:40:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
46784
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5959907985313552934
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Mar 2023 18:40:10 GMT
l
www.google.com/ads/measurement/ Frame 6FC1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQOcr5bo60U-eDxybMAxzA_R1sO8bgDAcmk8h_zkhp6QgbEm593UxFSecQsMYF0cCMXKsaE0EKiiLhMHoVbWhyBWEbYBw
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6FC1 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677673803517815"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 02 Mar 2023 07:39:54 GMT
rum
dsum-sec.casalemedia.com/ Frame E03F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPaeR9djSu4TvRkDMMOmqA8&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPaeR9djSu4TvRkDMMOmqA8&google_cver=1&C=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPaeR9djSu4TvRkDMMOmqA8&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjX7tzgATAB&v=APEucNWOn6yfYs-iZ8cqlztOCBiITxL8ITp41ZmTTM21adZPwUOmR5ZJMXiOe3Fm55jSEpKx7c2Ie86HQLrxq0ztfFP4ybQSf7MMRAwsA6qCPs-5QQ1ay3j3vGSPYGYRCk5IPDYmS4ueCuJMMSW3oF0p-RcQ0JUr_wktpzf9MNon9bOVgXMmEj0
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Mar 2023 07:39:54 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 02 Mar 2023 07:39:54 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEPaeR9djSu4TvRkDMMOmqA8&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame E03F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZABSyuAxinEnV12jJu-jPAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPaeR9djSu4TvRkDMMOmqA8&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPaeR9djSu4TvRkDMMOmqA8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjX7tzgATAB&v=APEucNWOn6yfYs-iZ8cqlztOCBiITxL8ITp41ZmTTM21adZPwUOmR5ZJMXiOe3Fm55jSEpKx7c2Ie86HQLrxq0ztfFP4ybQSf7MMRAwsA6qCPs-5QQ1ay3j3vGSPYGYRCk5IPDYmS4ueCuJMMSW3oF0p-RcQ0JUr_wktpzf9MNon9bOVgXMmEj0
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Mar 2023 07:39:54 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPaeR9djSu4TvRkDMMOmqA8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame E03F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKQlbY-W5WjVEfDC7D6teAo&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKQlbY-W5WjVEfDC7D6teAo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjX7tzgATAB&v=APEucNWOn6yfYs-iZ8cqlztOCBiITxL8ITp41ZmTTM21adZPwUOmR5ZJMXiOe3Fm55jSEpKx7c2Ie86HQLrxq0ztfFP4ybQSf7MMRAwsA6qCPs-5QQ1ay3j3vGSPYGYRCk5IPDYmS4ueCuJMMSW3oF0p-RcQ0JUr_wktpzf9MNon9bOVgXMmEj0
Protocol
HTTP/1.1
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Mar 2023 07:39:54 GMT
AN-X-Request-Uuid
fdb57b5e-ae78-4c93-b616-71dd9f985911
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.194.163; 217.138.194.163; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKQlbY-W5WjVEfDC7D6teAo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E03F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY3MjIwNDQyMTkyMDI2MjU1Ng%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY3MjIwNDQyMTkyMDI2MjU1Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjX7tzgATAB&v=APEucNWOn6yfYs-iZ8cqlztOCBiITxL8ITp41ZmTTM21adZPwUOmR5ZJMXiOe3Fm55jSEpKx7c2Ie86HQLrxq0ztfFP4ybQSf7MMRAwsA6qCPs-5QQ1ay3j3vGSPYGYRCk5IPDYmS4ueCuJMMSW3oF0p-RcQ0JUr_wktpzf9MNon9bOVgXMmEj0
Protocol
H2
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 02 Mar 2023 07:39:54 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.138.194.163; 217.138.194.163; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
815169ac-9947-4a6e-8852-afedbd83258c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY3MjIwNDQyMTkyMDI2MjU1Ng%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4F3A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPaeR9djSu4TvRkDMMOmqA8&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPaeR9djSu4TvRkDMMOmqA8&google_cver=1&C=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPaeR9djSu4TvRkDMMOmqA8&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARiIs6DRATAB&v=APEucNVKLk1Yjv7jFyvpNePtuDbqysYm6rnXkIPpr-8VeCxY9tWbElfrwftLObYEnKexxJj8EctrBMoSAdI2o54s440mHh2ACbzMFkapghM9auE3P9d8pQihYS3_MFqf91G2Et8Oa1pq8tl_KrIfP65R8MlPvsMfk1PJH_QlU4O6BC7f1l4m4KY
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Mar 2023 07:39:54 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 02 Mar 2023 07:39:54 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEPaeR9djSu4TvRkDMMOmqA8&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 4F3A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZABSyuAxinEnV12jJu-jPAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPaeR9djSu4TvRkDMMOmqA8&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPaeR9djSu4TvRkDMMOmqA8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARiIs6DRATAB&v=APEucNVKLk1Yjv7jFyvpNePtuDbqysYm6rnXkIPpr-8VeCxY9tWbElfrwftLObYEnKexxJj8EctrBMoSAdI2o54s440mHh2ACbzMFkapghM9auE3P9d8pQihYS3_MFqf91G2Et8Oa1pq8tl_KrIfP65R8MlPvsMfk1PJH_QlU4O6BC7f1l4m4KY
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Mar 2023 07:39:54 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPaeR9djSu4TvRkDMMOmqA8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 4F3A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKQlbY-W5WjVEfDC7D6teAo&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKQlbY-W5WjVEfDC7D6teAo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARiIs6DRATAB&v=APEucNVKLk1Yjv7jFyvpNePtuDbqysYm6rnXkIPpr-8VeCxY9tWbElfrwftLObYEnKexxJj8EctrBMoSAdI2o54s440mHh2ACbzMFkapghM9auE3P9d8pQihYS3_MFqf91G2Et8Oa1pq8tl_KrIfP65R8MlPvsMfk1PJH_QlU4O6BC7f1l4m4KY
Protocol
HTTP/1.1
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Mar 2023 07:39:54 GMT
AN-X-Request-Uuid
b7aa66d2-86b4-4e2c-a279-628e749cc050
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.194.163; 217.138.194.163; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKQlbY-W5WjVEfDC7D6teAo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4F3A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjczNDE0MTgwNTQ3NzE5NzM5NQ%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjczNDE0MTgwNTQ3NzE5NzM5NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARiIs6DRATAB&v=APEucNVKLk1Yjv7jFyvpNePtuDbqysYm6rnXkIPpr-8VeCxY9tWbElfrwftLObYEnKexxJj8EctrBMoSAdI2o54s440mHh2ACbzMFkapghM9auE3P9d8pQihYS3_MFqf91G2Et8Oa1pq8tl_KrIfP65R8MlPvsMfk1PJH_QlU4O6BC7f1l4m4KY
Protocol
H2
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 02 Mar 2023 07:39:54 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.138.194.163; 217.138.194.163; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
02a2782c-9c0f-4fb4-8a12-99d0ab9e7502
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjczNDE0MTgwNTQ3NzE5NzM5NQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B2E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2264306706639&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B2E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2264306706639&version=m202301230201&ct=76&x=1&cor=17429265595382050000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 0B2E 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ATzuT7xECHIafiyyLgPr1lNVTlte7d6B_o7mBpi0fnDaMld7VL7LW9ssqq2PAYUju9NbZPi1iQjVbIiWghXmyZIqYnYW3T4m6-Jndt0NCfjWpX6_73OOZCIjj3SUC0e0ylTb0tASZtgdi6djeuRlzTl4YNy2auenv976Xmy7ECxbXDWG8&cry=1&dbm_d=AKAmf-CKgBpwHdWWA6gcErMg3XAwrqb8CTJq8lHqTtQpaGMa2Nm5ZCdgT01p2vIIFEGujAPLWb9QUCE84axavEejhNZe3LvRNucGnRga8GFHhLaUazxe1BlR6K5UWS5d2GAERpfCSxzp-IEHOLLdeyUaM4ayEi9XNVJ5HTznI2-CrOTDLmCukxBOrlBK6L22qR9Ao8F3htxYTiwToI6h9083WEEy-Gn0QNsPZSJOULbZmPtp8trTOyCKaOwP4-vK-7Nm2hkvJkkqWYp0bQeMPdpbqS1S2S1TNuzSOqsl-x9zmLaJfmsHrI38mdkP_4ivxd7VctLzwKQ8MesroqmIsf91SwhCCHOQ1y-1H3fgZ8P8rMjPs7s8-B2RkuTcZB509FYLkarFolN23YfoLSgGL-Jziap6muR1AAc0Z3EX_KJ32l1GyW0oNCDOYCI20a3cxL3hKb17aGW73gBJpOwiudUvPiAKhNksk9jT7UFDuefRPB75hJH9gSoQswdfWXzRKsiHvG2YDtFXLjZdkMiSMZG3MWk54Y2-GNSfRwifmHWAeqItj0PrD868_yxqf0apOrFyGu_iowckNpsZFt4i-poQT8JWWeQhsUsqJh2VEEyhfFJPaZ4_zKLhvmcbtCR-Ps4hmdoZjoVYS4Fi8Pct9FUB0h59a7wretltiMvHg9NvbZyxZwvD235RtGht--D5zBhmqzuTyxL-YxYxSDHS142wkKL7BVs5Wtxih3AnzDESjt49dtR4KP9mjie3Qw4yRdJfhnHctIm4K0fyIJIVA6PhtFDzchURKsBj6pm33KRKBAwFnC0r6LucnSYETjkENZ72qaQYOBZ5RpjteQSUXVNQlkwW-B5G-hzBi3S_BE8E_5SXFTAayNDn5V9536_Eu2btQlplwnme-q3U_v6NfT1Ac-_DZDjPkHdpcUlsC0hPus5MTiXIpsajXZpQEWedFNk5EyYBDjuMe3Bpgu9Td1gqoMn4-av17RG7jOsRh0cX7jlnGBG9oBm9BVGmNHrWRPQL4RDQnCzHS2vc8ETfWVfxAsUWk1ClZEmMyERpGoP7mx2GvhHJ_55JZWtYQ_gbgb7US2YnXHncw9jZj7yvGmDMpzXeNYHoV8Wras3IgAHL5pKsv8Tib4P95x1dF6T9fetW0LLnDdnA2WDhoxHZga2R4o7if5InENMl4wiRuuj_pQTALIFLeVoP9jbqAaTyI49UCkFoD0A0AJ_86sZnnx6c45SnYdhQA5PiLWn4SMD99SURxz1MRhjZPf9RFZvTYxTxgEnbAvKK4CGqJ0iWHpq2WiJlw4QNolnrnp8-9hidNN9jfEkVULvawBkJBAxVcq5sROTuliTtLJDOuvGdj74NH6XXndil_DwCu9rwBIzkwFfFfrh3mnb7vB0L9p_mzVBwQEQI4DPFuJeSvbAL6Lo87_5zdEyZ9UJYUHBiijOIVM24OD2VjTzdajCg4J97_1PCiYhjJD2UxOaRXTZQDgI3UfFaIQCETAaRNdqVFXMZ7S_gC1myFWzEtfP_n_imMamUOgIpRXcZxhn0Vyo4TYvA_T_eelmmhedLRpVcFG-N3nA9Kp2lrwI4pAzbuSTR_yLF4KVUALERHyjTmyYG8jUf3umBljbi4ob2TyvvbqJIzo1RBiRZ-XS-TQCMCtSlWnaI4KOjfXdEpcIh1eTNwjAHnPGbFXdDJ1F7nY4PiK_Kw4YRUoVmA8wCEaD4HPrl1V5O5dLEUlS4FOjRyroh3lW-9DMSxCZ57moiQLbMxl0JCULd3tI6IMw0IaJTHBV2De5gYQpuqMqe9k_EjLkYqnDwVtFlLtrZTlPd6-Dtw0T2Zuwq1QreCcW5uN82rBBITZEGu76O2jLqm9Q6S_67JyOvFE1e51yTw3WKDgT98FnGbBeO7osJtXBD1GKb4ezUCR5pVwPn9yjUlTv37bhGM32l_EhOgEbluS3q06wt9dS5aFRGI2WuZRUKZFa5xU6hm-8dcTVnYq9gbRQYe1JAAUdX6kMHWtDD76b10gHjciFBKkRxlM0JB5EVmKeVfjf5FloaHziqtn2MlDWeYFsULp0vwAg22QSCVFpwOBcTzI6YtecAHmVF2bGAhG919CybxB68IuWCT99hPRMchP6ws8tMr1dqkR2PTEhoRXS-Whbl728UlGyD1QvDY8YpTyv-S7zUey9GK6cmxv8aHHO7mi4CJDG9BtkqPr8qorL7QBp_nAvBDSpr0MLdmguNyPd8KVKyHa_FOhCJB7GB0Zs7W5d8buu-_uKMWkzgjjYIBpHow5JXyp_-I6YCGb_KKGLA9DQSdN8Nft0UsN5H8fsHkUE1Du6Ef4hEofofxzbA6KNrs8PM76VqgpihjZIPzk5L1b_IChzbIkPKIEVtd7GVxl3JSmD7kIBlqlNpHwkjR1IDo1SL-bhQgQxk8PoeLDxu70Md22EaK_6YmopYeV1WUHoc7CAfFdLW1aR4gdcHC72dzOUaV4VRbTBzHn-PwgHrwYefJz4fRZ2Pu7oyFB6UyXpvSmBq0g_yEOJsGGcWXu2nEpE1ZsGzr4SGv6KUFRjb_R1LAERkesXSdawp13ghPsSIvvEtGr0v12el3ttX6HB8DqZJSEEK8f7farKb2EVvq0ZW-0wYp50LT7aT_vtVG78wt86sFdamb6cAbmBl0KMmSvHp14NBRLTV48sZKWH4TIJVItq_L88_oc1VoQfOfVta3jIVUhlMmGbKHsy1CpdY81P3KWCNBOlf5vGfmuDj0aa05KMxQiMq157YjmupAsOIOqTuxPcpfe3w8x83dGFMrxI28YwCkF1tZh-bib63BDFuRwyYIacKUMK0jUz7OokCOmHZgK3iamU7E99bjIHccA2neVsubH13H-_4Z8AKxSAhqwpfXX1qX2BDxrABiu7acmfL0aJwG24Q0dBQgRqD2OCmqgXjBh8xlHuutnZUkPlUNKBWg4muWYRuGhVI64-S_jbc1qstHWkuV51k-sEyYgz8OU8d7ngvO-_mJnPu8g5pbghiEDmO22ZfXepoxR24Q2s0pdiSx4Much6Kf_MZAKNEDhQVO1psgBovmJJsixh-_OckL1Ht3fjlV6jtDKclDSE6I5UU2ga28Mz77EzxLgDePlKsXKj6JytvATn9K-vgMknWllxsoYdzpvypxFwGvE7gb9hENCsSgcO-lPNfMTsN69oEHGI&cid=CAQSPADUE5ymBO2ojYW_6G45BEhJBASKDGLdbiufLfKpLVV8CtJ_4SNnznlSm4Cq3WlwMkmaM3mV9qulenv4gRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Folhardireto.com.br%2F&ds=l&xdt=1&iif=1&cor=17429265595382050000&adk=2228999115&idt=77&cac=0&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
facebb43aabd063578a32a56a90251df917d9a26f94b33d03b41f308c454096a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6FC1 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3802961930662&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6FC1 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3802961930662&version=m202301230201&ct=76&x=1&cor=8897509608532049000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 6FC1 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D4JbLl-dEXSImEPF1mEbThvmf9EEChibUcLCumEc0UyOTnBfOF8EGTcgH4bjs_eadEyjY20OSIRksHj0Uh3xnzx4uJrg5Ob90BWq0aa9x7-RDqs7ja6F4JcB81Y-jm6vfa3rI6XxeqDoENvpOrif-n_IPsNZgd_kaiA_nljMxLqQvzR8U&cry=1&dbm_d=AKAmf-B7j-cgFrojAR9s70RUOU0I8e6_kSKMiuDdIjY_dfk9g0F6dy1YHNx1Byig1jNy5VfuDmok1cUREMoN5d9XsBji7fYRBfz8ZBI0_swfwRKFMA0Ri50GbBXwJrRdnMo_Wo_-k7ya4fSbJ-AK6IZzl2-b06jpCAEHDhr6l3-ekDrQvmSCgbJ-ROpEjwdhG0LsqTHZ08IDYimKhNWltbsqLYcrQagJMnQ_pklB0iC_AoiE2WJON0cmP19dgjbRaw5KGxWNKZR1Ahq4PE4j3BFA5y5dwFdCd4zwN-B2i3rENSucy9gVgf2wCbBMvTPWM4TwaGeQXiIGzoF77UH9L86L06OZDKPPINV6JvU49G4d2Wu_SJgpi8Xmc3UWbGlZn6YC89OWlAZorixoUOuE4wVpXD_7KPB3x-YaH_-t394gpQL5SoISlfJXO_1HF2cRpT80yZbbXvpIMxuQoN9anjFVkyuIKvGg5f664KNLNXP5JJPCN7VVZfgKaDAREg2JBGLyfFFgVm8fLqt9c4GRamJydlCaQE8X_UlyX7fOyRUyRmUa0kDOK_3mLySQHgQlUBuhw69fSwIW_7G_iOGJdLe1CGSma1utcmkyHj-H2l-WV8dxsV-e1RiotGdz_xLMmSQrhY0WbSsb3V1wk___dv2RjkSNLAaE75fLWiDMivncw-akBXvMsyAd1fsCZIyX-x5P8d-Z7yHgdkuH5C-RNptpq2Zi4XRXFHYBw_i-6zo0lb_D6jNYrNg0GgoJeII84HUEogfffXMc1veb4d0Cr1uL-XUmUVyTByoLCBN_dSdPx_vFvpUW-0WWBAmnapZnY90UOtH4O7_oX7W_zA4qrTrSDWUcIULFdD3Cz-yUPorY8c2L7iRgaX1tl98gx4mUuy2q9RDHrkB2IwB_0JHMVsw6wbxoFzy_y772od84vR2eMgHA1-QvtEltTVV8yzcpUd2TZtIstzLG5tJoXmhHhAU1NUzrazAFeN2XkLlGO8nW2Fj9q04iqbNLRtVPj9M5EsWKK39JEswbsPnwPY_qu_aGyFw_hcANIoyce-7uiLpIp1r8PA3fIiWp6i6LHmur8ykzyUvNi-UI6kNjsdaL7Z8SNxf6uB7lJLHf8KbzkbViY-J2L6b8zmx8U-0d-jnSM-H0bIiXGCi31S-LvEtC20cv3nppcDFkhTzCvx6SJuIenGCXK722TEb-OYV-XU9KrbE8TNNJdJSIplms9QS2VmayMKK1UD5hbDqAuuweDTm0df_gz2SkbydwPmbXCZUtckiypo-f5RwQzr3AfhuhJSB-hsmvo9j8AFcp6waxA6jhff4aMhTphRAl2Ak9YZItA3qU9Dhkv_Qu3bpoH6GzFgBUxIZSsi9l-sCCdt3HaUwH-KNk8eMW6tegV3ZQbIyeiAOmj3mipXaojsDuc_JMHOBzAzfMmzx4mJ9EWuy__a4djWjkZg14kbxlZwMCJhIwadF6w29Kfx026n96TBYaqQwKxfXfNvBmUKdXMiiugMjj-8t1dbdiIsCWcoc9ICj5AwrN-rk8UxlvmI5LuWJTm7UDn1mTJqvQ6y97KvDb3UEu2tCI3zRfyAQ042O3fJBuPR7GNlKKeDHHKNU9tgxyD9gItwg-44EKIOSpONdIIGSCnrplwAocWdr887-Wm3KgbuR776v7GSxy6E-HnMSmMXNDC5rV2VI7VZIuWX2HvCstqboWM8pb29Qsc5GSfhxwZX4cYVDhe5zkL-Vv8k4iMlJyAzFI1qgJ0RbPf5XHaPmzn4do1Dg_GXOxabBosU-Web1aVPeohE12W5jyg1ClXL1HBgwF-kIe2jer75NNIR-6QEwfGkdvBYEcJNwkP5OybJd2_ZPRObc0dGAtD7K88iRrknc-Az31PicqZ0loBSifCrUYr7W-mHdk90Qxg1wLq3YGAM8J7OVO8yOi7kcvagu7MxqGJj_xtQjx9OZtI3xjnVaBqTFnjjAYkKkUufbeTZwDQSlwpkkThbblMoC9lVuRqGKkUKA4u2-2CEL6ONu4RYdUi1Iz_-bK7RNvAhd7MEXiveEJ12C4Wv0nLYiUBWERI_f7GGKchNxi82WeiOgRPRVWKDBHa2eu2wKQdYJgwsQRVogQq59Mw6tuCBOJ2j9cVGR-xOqCM7jE0wkOYD6oztbSMhSfG11p36WI_1F5a9dL6vtrj7CjGSGAYZyF1rdcWoKASaN20iBez2Tu_epDSl5dXyWjeeQmDQETZg7xmN60OVFAXapBN4hacdl9rZQN3N3VcFXR5rty6fjKxxJeNL06_hnRNjCGnLwaeb0Oo-SERmqgY3eXbgvGCAor8-o7l89gcm-Wv6wsSH1DpJJ9QOYNTXCOyZcntieQNQ3kYJ2x3NtfQTJrY9r3MISpj6aK0Q5e398Q5hm3n_bBq9UtrACOkIruCJ0RocuY95dNVHfLLz8niOftdKCvp2bMSy-Q831ykdb2xznbXr3n-O-JqFLbqsi73J2Eid9wxQjpjz2sHQqMdxpQYLC20YO_O-eI2QZ6K_VyM7CGfOGP5mpvuiKop_uWSii-1ZUzRvfXbWVKwdudBiZG_Hrg7IT17HpfBsHHx-PHiKTwJTWZsaBIaw0qPlM1v1xviPMwBNnbUQWelwnvvLdKYQ0IyZ9Zwac0iLcWPmJguDafXcWfHq8gXnVKSu-WGIALim9zwCxS97k8ddhh9aMWI_JW4bGI5W1ldMiQFdA_4mifzEOxZyAk0A8-6OvvTGPGHwU6MCTuvAyCzhN4ecFSZSpI2vhYAMuP1c27YImrSXrtHu_0okmB7envlUSAJn8uXb3Y_617iPSJQby7ybK6dPr-FjTgMlRn-WQOJnYnw4Ft9ZMtLgt58tswUpymIRleZNoWC0xMZcV13fAznavX7KYjP4Zibw6fRaLOCP6ykzXQ8nG0SmT3js1QXmPzTIQGkWT52QAgi6ix6nkO2E_b1gSMt0Dt4UIRZJngIHEfFDLO2cqU2R0OZngC_XsnhZUKq-G_3BO_MvXKjuK3mPVQUWVsetgDaWxog7pyJF0sNRBumhee4t95HatYJTSvsy-2oO4hfrKt1RU404VJMM9iv49EOnHugIbHgF0FHU2tDESeBltxHhPdvR2rc9IVgUA6W9_9uqx5nNRTN8EKHy6h_aHa7nGsP4KOJmGKHSYwaOJXMO9E6RXf_001DRWf_lc&cid=CAQSPADUE5ymBO2ojYW_6G45BEhJBASKDGLdbiufLfKpLVV8CtJ_4SNnznlSm4Cq3WlwMkmaM3mV9qulenv4gRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Folhardireto.com.br%2F&ds=l&xdt=1&iif=1&cor=8897509608532049000&adk=3047537735&idt=120&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7430c47f6c46fe11407a2caa34e9c1c155e802a7eef0a05e1f2fda6ca7d61822
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11446
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 389B 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~leqsqphj&c=8316298645346&slotId=4158149322673&qqid=CMXj2_nevP0CFVuLgwcdQUUD7w&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:402a:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:54 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 389B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C_CzMyVIAZIXbDduWjuwPwYqN-A7hhKyJbO6jvs_4EIib77XUDxABIPeUrDBgleKQgqAHoAHe_KCDA8gBBakCG7FG-7XesT6oAwHIA5sEqgSxAk_QobclIRlWYw10PufXIN6Mj5VHX5rtmDAQPGBFoSjKR1SJZP8kmfGyxXyuKr0BMCO9i7nG_CzyDdaMdClnnnJRoOSP26FTPZQVAfsAXx68TUWrVI6tz_b73lvm6Z6tzxUGF0ICNaLK0j9prXcyLuPjr1lrjp91RV2-iBzOy_kc4CwgWBvYpu3oIK8pIT86Rv8NT1Fh4WibAERPVUUeDIKtUFOXryI0d8bxDF0ZV-ygqc0CkNQA-8ojfvw8Xja5uc5v0SnvYYFMT1inMctK8HrPenvAqnHTIv9m8IFvBWTqnvSnPwxz3iEUg2a7qUE7purXTWdcxp-RweXwf7NMJ_m-lS8lqMX3U7iJjWr6dqJ_-KD5BDruIVim_L2Yiq4gZcDpXYhX6rA3exF7xtenDd0OwASjna-YlgTgBAOQBgGgBk6AB4qD33yoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTk4NDU3NDA3ODg1NDA3NzSACgOYCwHICwGADAGwE_7ysRLQEwDYEw2IFATYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1677742794637&ai=C_CzMyVIAZIXbDduWjuwPwYqN-A7hhKyJbO6jvs_4EIib77XUDxABIPeUrDBgleKQgqAHoAHe_KCDA8gBBakCG7FG-7XesT6oAwHIA5sEqgSxAk_QobclIRlWYw10PufXIN6Mj5VHX5rtmDAQPGBFoSjKR1SJZP8kmfGyxXyuKr0BMCO9i7nG_CzyDdaMdClnnnJRoOSP26FTPZQVAfsAXx68TUWrVI6tz_b73lvm6Z6tzxUGF0ICNaLK0j9prXcyLuPjr1lrjp91RV2-iBzOy_kc4CwgWBvYpu3oIK8pIT86Rv8NT1Fh4WibAERPVUUeDIKtUFOXryI0d8bxDF0ZV-ygqc0CkNQA-8ojfvw8Xja5uc5v0SnvYYFMT1inMctK8HrPenvAqnHTIv9m8IFvBWTqnvSnPwxz3iEUg2a7qUE7purXTWdcxp-RweXwf7NMJ_m-lS8lqMX3U7iJjWr6dqJ_-KD5BDruIVim_L2Yiq4gZcDpXYhX6rA3exF7xtenDd0OwASjna-YlgTgBAOQBgGgBk6AB4qD33yoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTk4NDU3NDA3ODg1NDA3NzSACgOYCwHICwGADAGwE_7ysRLQEwDYEw2IFATYFAHQFQH4FgGAFwE
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 389B 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~leqsqphr&c=8316298645346&slotId=4158149322673&qqid=CMXj2_nevP0CFVuLgwcdQUUD7w&fb=outstream-lima&ulv=1&cll=0&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:402a:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:54 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 389B 		25 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-B7iOTLVMhoc63ti5vm6z8vn3Oi7lKMNhDeDfWQFJSQtlR5Gh4A9V74pW0BM6SvcJhcqtaCTn8YoMXcI3c4dAskQptC7A&dbm_d=AKAmf-CIEs0g90uzea8DBJmpWhuF3p-q5h2suVvAmOlNl0DC03mxj3RW1S_2_-CLbT1yJahr-7t-fRXzf8qmv9zGe6rgp5Jueu3Fuenizylqr0pluLRmYrCb4jxRNLnrEtiJgSovp4aSZF2SuYYNE1wsYUVF7OTJksMbS4yYQ5Jol3CUWCmq6xq9TiRcyhrqzCzPGPDlXuOBpmHs_h-9DwmK327h_ASg--LCw0bnQJMAAsaB_BtgS8AYxK7vrCcUlQbugE_2RmzHjDRbviAoAoD7zozBJI6d8rlFXuQ8xwdIg2T-YbSsVf-ybJu0tr0WStW7fFgzB6fk38K4otaxuEAp8tqi2zq4dedT-Qx92pRWj3HoCIU83aUdPG9kAgC2bnzhotZhfDxubwVzwh4WiSRDrDISEJdZfjsIa8k3_TDkBtcztYNKhTfeVyfdeECEk91gaoAb8mJjjprRZKmWactMkhygV-TiGXKcIJZsPnQbcsyN_8ZJS_rGY3lKsCwH3i5k4edQvSbgL-3AUkBTkmZhobuhLZeFrl-cP-bSdUQaEg_rV3e_R4OT6A9Bg4nkAJSsuBB81Pgn6sAoBNu1dSHs1tY9iFrc6hBnsz4vv_Fewx7dQkp8wn1SnH_ad3Rg1raWGpHSN6H2TNAwUGATkPSD8PYT1RtlMCDD5vptyhdhIrsH_IpqF524Mw16Hj7XDvBDHPKCfkT8u9jfZ_OnTU7MuKaN9QNxAM9RUFT81KYQQZPsrCfXsxJCXVaQIPhI049fWUTqunGBetYgz1nkXFn907hOt3yT5IhVVUFFWvyuFo3-uKbS1fZSQNbeI4sV5aUj-_tcnlj3dnfWbJl5Cq_q_YzvhWi20OoeLhmp0_VirSFe_nvVsF2X_T5FuLM_HTE59QJNEW-pn63gOjAmIgWtO988G82q7RBtyDXhjrcJ8j1AJfKyYuf_peUgNy9i6FUXViIUfj8lkboJAyCK2EYELn_uQvuzcPBDVmZnKEIHT19IkWD70hdQSwg5gUDgUWUch5w54t4unAGdfOUUrKgGZ5QkWOkmH4_gZdUAdCX-RS0HZ7sJHgudi2nv6c2Rz_ZPGJrcZn5eEiaNQiEM0hLR-N5IeXSK-CyIPaST00ThSDKcnnppraL-Vi66iEu5nww-ufv5ajIsh0us6wbGWQBbgB8r3NMG9SZ54ow3MPo0Qv6OTOTVYojLKEV5MzdfJUwWnoW7oGbXCtkCEDGmo3pPNQvnZVaO_ZPOtZl04SRRuxVoXbEwzacf9eHHLCAJewYCOU9gPMwjrMrI9x-RrgQN_QE5d_VjCgm2uGRtTPbBcU5UPbV1ujgLvwT7T2RIGRhFtho54aGfRt1Gi3tg65Uty5TtW_De6Ra4oK0R086Jqn81AxgEftT6b1F7ILmP90kIRWCH7DYyaHuBd0GBGY33YklLud7XdRQ33ZepzKuG4OMK13Z9oWUnNx4aeTu1eWK1EofdZb72KM3Zs2fNW0RwYV-EVvljrpFqGb3fWkb0Qr9xyyh8GNj6IZBKL1rjROXXoy4APyoX5jJVtJCjS57kzihzR5h2qtpEFJC2Q6nvCawHT1A6H49vxZmmTJbJCRvB1qPAFH85Rl8SAyKM9jiGzq6IK4EheZ5Ox5f_sez6vtoFzO_mxO9FjPpBNF6FcLirBxrH6hW1KRgI8BF00wbVJ59sk9FxOUYj-_KNrEQ_IW3ZCupvEYFUSvgleoBImWeLs8cCDwlYtUhe7_j6976byv_MBH-m6knzIrf64DTk9u4nSM5nFIwEQwNIB76wptHqW_9k8Rj13KQenPBxbiHm85pPqe-spjiXLH0K9ENxq0L7ITIESbL89OairBCHPGH31-Y2VMWiIj-a3ZrLEAyxcou37CSWAdiu6JmMxdUWPoF6VEDhR9YeRbwSCytnUYnkxZFWHwP4MiDi86uZQEw9kEpP8VGJyhLHcSCmeQxeRlUL9DmBEtiEyfLbYmXiG-gFr4ssal0fe8YoiFpvLwS_TJNaTrzsMzhmeBmEK8Sl_Wxi4gRMf9GB3s9aAyecpvphSICVQOqlgBTieaF1jlORs6DiBtZayt7rrzRLvY1MRsBaGgNBjTye-KQjKqTfXK7CALZFhJU_YhVoBvyh6BNJ3ghaHiqrevwTqpjmGPHbt2Qi-NQ3-Sqnk486BaAGYyB1yT9lK5s1vDR3E4YHd3F5drAgTRvXjOi81Y96NZBidz5WbqO5S7Sks9JXrUCIHqVkeNxzqNoih8JnpZiwKqQoS6dlHvTHrXdoXedivoU_BVifZ1cWlXCvbnnppSq6BDKRJQObeNNgatkDA0aDaffXID2f_vh2pBwX-hUa2J9dMZv9Efiy-3VEvLSRSDOc-uUbvMuIDJJpsMLjeyuSJRJFOtELKNLoNpKLl8ZOWQy_HlhL6VBlHzRO9ScKHm1fOx6iApZHElZCt9fEttsDQFRUkDTkt8MMhize1plZuLaREeZFbKRRgGUHUZEpD9ITBDHHisNxrWgMxkK1bvOeip4uTd7QKk_4NHdF1IDYHxiWMUc0a9VlYtXXtKqfzHPL1DMr3lMjv8-zuRFaX8iteqTsvNb9y8vGcs4mz77MpRsssGPM4RIaWB2_9_V7vOvHu-a33-aFZk1C6NP2jBDY_Hi07znN6EyKz6emZBm2vtGgtuDk_wWVQZpdOqnSJD-hAzgQBCGx0ht6bFE_NeUou3CJ02lfckB24e4K9nGoutCVMkSmktkkS1eiPvpc1VlPvcRWMafpuZbNekbtHWN4D2psV9MHpGCV8oB7Ri7v0Nzojqd2vSGqN3MEEBmVlBtzYTCc2FJ3cfK2InjUP33vtXvw4cbq9maEybwvm0uLQvdWrQEZ2jxC6xLYxGv60aoF2gZGk0fTA4i0IKZ0ThUWNZ_G1fla25ETSZlDD_abCRAWR6BqI5XSPOOaAJilQjfdsMbfepLKmrUuZi1V1sj00S1mhaQSWpbS6Ed9JGX_WPoKAHtjbbVdWJPqXr6U24sB0YNTwS-ThxTqQSOVL3WZiFMdGXrPidJTc0WKjXgpx8dE8KCmxoOMR_18HUXp1xzcC4kabRV8bI_RIjkZNFextS2ALdm5ZksH1An7anu3AuQjlwh-retuFCG2Ii_8aq-wzl2aQmeFaoJ0bXZHQItSv-BH4-r-i-VvHs7KSs0twwDeHnaOBf0_Y9hnLObdy6Cv4bpaL4z7HmHToKKTUDakavUoOh8vy0Y_8qi8ntm-uEc1it7IL2pclTg2yZW-A-JyaidrLW8RPLfdsJ6F8jYsdRLCqzlkDvDOiPXxXQH8KLviQoJDXKnLHoHOcIizyRI3Q9SLSudhy7CrlwIsWPWuun6wz97IFQ3KFr1XCPj6cDoWycgQjTy8bCSxpJ1emdmjHngGB_p5mXw5x3MVZmADyv3Yf16X26Laa-Dx2norL98hb4jxIFFA_NG6f1F7xiiaEYz8gF_gvX7G_bbSw9TJ49_bwf_f-UXMdZ1rRaTlukvcseZUg_Tjzkzra7UelJmK9bF3cUzdpbs0BAF0kPdegRwtw-J_-ZlQUyBj2TANA_LL1BwA7NVRh8RiSV5d04bboH_gB_4xXr-21bQoR_aRUdpXAcRDulamYEbZtDq_AtaGQPuUK5vXifgLgKcuBS-YXIpogI_J8_hALiVzTCe7ON9JJB6gF9FwlR621zFH796c6zcucirv-HWK8KULdMHLlY2AJlKhE8xsoeFOgUqjosmmfVuzae-KHb4K11szR7-gMGRTb7NcMuY&cid=CAQSPADUE5ymBO2ojYW_6G45BEhJBASKDGLdbiufLfKpLVV8CtJ_4SNnznlSm4Cq3WlwMkmaM3mV9qulenv4gRgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.27.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ra-in-f154.1e100.net
Software
cafe /
Resource Hash
b600e44cc4b91680fa00c95b8bb850d1352c31751c631bf6c2dd12770bd144d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16566
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3C61 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
71861
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 01 Mar 2023 11:42:13 GMT
etag
48472445140208031
expires
Thu, 02 Mar 2023 11:42:13 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0B2E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ATzuT7xECHIafiyyLgPr1lNVTlte7d6B_o7mBpi0fnDaMld7VL7LW9ssqq2PAYUju9NbZPi1iQjVbIiWghXmyZIqYnYW3T4m6-Jndt0NCfjWpX6_73OOZCIjj3SUC0e0ylTb0tASZtgdi6djeuRlzTl4YNy2auenv976Xmy7ECxbXDWG8&cry=1&dbm_d=AKAmf-CKgBpwHdWWA6gcErMg3XAwrqb8CTJq8lHqTtQpaGMa2Nm5ZCdgT01p2vIIFEGujAPLWb9QUCE84axavEejhNZe3LvRNucGnRga8GFHhLaUazxe1BlR6K5UWS5d2GAERpfCSxzp-IEHOLLdeyUaM4ayEi9XNVJ5HTznI2-CrOTDLmCukxBOrlBK6L22qR9Ao8F3htxYTiwToI6h9083WEEy-Gn0QNsPZSJOULbZmPtp8trTOyCKaOwP4-vK-7Nm2hkvJkkqWYp0bQeMPdpbqS1S2S1TNuzSOqsl-x9zmLaJfmsHrI38mdkP_4ivxd7VctLzwKQ8MesroqmIsf91SwhCCHOQ1y-1H3fgZ8P8rMjPs7s8-B2RkuTcZB509FYLkarFolN23YfoLSgGL-Jziap6muR1AAc0Z3EX_KJ32l1GyW0oNCDOYCI20a3cxL3hKb17aGW73gBJpOwiudUvPiAKhNksk9jT7UFDuefRPB75hJH9gSoQswdfWXzRKsiHvG2YDtFXLjZdkMiSMZG3MWk54Y2-GNSfRwifmHWAeqItj0PrD868_yxqf0apOrFyGu_iowckNpsZFt4i-poQT8JWWeQhsUsqJh2VEEyhfFJPaZ4_zKLhvmcbtCR-Ps4hmdoZjoVYS4Fi8Pct9FUB0h59a7wretltiMvHg9NvbZyxZwvD235RtGht--D5zBhmqzuTyxL-YxYxSDHS142wkKL7BVs5Wtxih3AnzDESjt49dtR4KP9mjie3Qw4yRdJfhnHctIm4K0fyIJIVA6PhtFDzchURKsBj6pm33KRKBAwFnC0r6LucnSYETjkENZ72qaQYOBZ5RpjteQSUXVNQlkwW-B5G-hzBi3S_BE8E_5SXFTAayNDn5V9536_Eu2btQlplwnme-q3U_v6NfT1Ac-_DZDjPkHdpcUlsC0hPus5MTiXIpsajXZpQEWedFNk5EyYBDjuMe3Bpgu9Td1gqoMn4-av17RG7jOsRh0cX7jlnGBG9oBm9BVGmNHrWRPQL4RDQnCzHS2vc8ETfWVfxAsUWk1ClZEmMyERpGoP7mx2GvhHJ_55JZWtYQ_gbgb7US2YnXHncw9jZj7yvGmDMpzXeNYHoV8Wras3IgAHL5pKsv8Tib4P95x1dF6T9fetW0LLnDdnA2WDhoxHZga2R4o7if5InENMl4wiRuuj_pQTALIFLeVoP9jbqAaTyI49UCkFoD0A0AJ_86sZnnx6c45SnYdhQA5PiLWn4SMD99SURxz1MRhjZPf9RFZvTYxTxgEnbAvKK4CGqJ0iWHpq2WiJlw4QNolnrnp8-9hidNN9jfEkVULvawBkJBAxVcq5sROTuliTtLJDOuvGdj74NH6XXndil_DwCu9rwBIzkwFfFfrh3mnb7vB0L9p_mzVBwQEQI4DPFuJeSvbAL6Lo87_5zdEyZ9UJYUHBiijOIVM24OD2VjTzdajCg4J97_1PCiYhjJD2UxOaRXTZQDgI3UfFaIQCETAaRNdqVFXMZ7S_gC1myFWzEtfP_n_imMamUOgIpRXcZxhn0Vyo4TYvA_T_eelmmhedLRpVcFG-N3nA9Kp2lrwI4pAzbuSTR_yLF4KVUALERHyjTmyYG8jUf3umBljbi4ob2TyvvbqJIzo1RBiRZ-XS-TQCMCtSlWnaI4KOjfXdEpcIh1eTNwjAHnPGbFXdDJ1F7nY4PiK_Kw4YRUoVmA8wCEaD4HPrl1V5O5dLEUlS4FOjRyroh3lW-9DMSxCZ57moiQLbMxl0JCULd3tI6IMw0IaJTHBV2De5gYQpuqMqe9k_EjLkYqnDwVtFlLtrZTlPd6-Dtw0T2Zuwq1QreCcW5uN82rBBITZEGu76O2jLqm9Q6S_67JyOvFE1e51yTw3WKDgT98FnGbBeO7osJtXBD1GKb4ezUCR5pVwPn9yjUlTv37bhGM32l_EhOgEbluS3q06wt9dS5aFRGI2WuZRUKZFa5xU6hm-8dcTVnYq9gbRQYe1JAAUdX6kMHWtDD76b10gHjciFBKkRxlM0JB5EVmKeVfjf5FloaHziqtn2MlDWeYFsULp0vwAg22QSCVFpwOBcTzI6YtecAHmVF2bGAhG919CybxB68IuWCT99hPRMchP6ws8tMr1dqkR2PTEhoRXS-Whbl728UlGyD1QvDY8YpTyv-S7zUey9GK6cmxv8aHHO7mi4CJDG9BtkqPr8qorL7QBp_nAvBDSpr0MLdmguNyPd8KVKyHa_FOhCJB7GB0Zs7W5d8buu-_uKMWkzgjjYIBpHow5JXyp_-I6YCGb_KKGLA9DQSdN8Nft0UsN5H8fsHkUE1Du6Ef4hEofofxzbA6KNrs8PM76VqgpihjZIPzk5L1b_IChzbIkPKIEVtd7GVxl3JSmD7kIBlqlNpHwkjR1IDo1SL-bhQgQxk8PoeLDxu70Md22EaK_6YmopYeV1WUHoc7CAfFdLW1aR4gdcHC72dzOUaV4VRbTBzHn-PwgHrwYefJz4fRZ2Pu7oyFB6UyXpvSmBq0g_yEOJsGGcWXu2nEpE1ZsGzr4SGv6KUFRjb_R1LAERkesXSdawp13ghPsSIvvEtGr0v12el3ttX6HB8DqZJSEEK8f7farKb2EVvq0ZW-0wYp50LT7aT_vtVG78wt86sFdamb6cAbmBl0KMmSvHp14NBRLTV48sZKWH4TIJVItq_L88_oc1VoQfOfVta3jIVUhlMmGbKHsy1CpdY81P3KWCNBOlf5vGfmuDj0aa05KMxQiMq157YjmupAsOIOqTuxPcpfe3w8x83dGFMrxI28YwCkF1tZh-bib63BDFuRwyYIacKUMK0jUz7OokCOmHZgK3iamU7E99bjIHccA2neVsubH13H-_4Z8AKxSAhqwpfXX1qX2BDxrABiu7acmfL0aJwG24Q0dBQgRqD2OCmqgXjBh8xlHuutnZUkPlUNKBWg4muWYRuGhVI64-S_jbc1qstHWkuV51k-sEyYgz8OU8d7ngvO-_mJnPu8g5pbghiEDmO22ZfXepoxR24Q2s0pdiSx4Much6Kf_MZAKNEDhQVO1psgBovmJJsixh-_OckL1Ht3fjlV6jtDKclDSE6I5UU2ga28Mz77EzxLgDePlKsXKj6JytvATn9K-vgMknWllxsoYdzpvypxFwGvE7gb9hENCsSgcO-lPNfMTsN69oEHGI&cid=CAQSPADUE5ymBO2ojYW_6G45BEhJBASKDGLdbiufLfKpLVV8CtJ_4SNnznlSm4Cq3WlwMkmaM3mV9qulenv4gRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Folhardireto.com.br%2F&ds=l&xdt=1&iif=1&cor=17429265595382050000&adk=2228999115&idt=77&cac=0&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 18:40:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46785
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Feb 2024 18:40:09 GMT
adj
bid.g.doubleclick.net/xbbe/creative/ Frame 0B2E
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/bgd/1135760/69474538/xbbe/creative/adj?p=APEucNXYmfPfoTjVmlF1Jd08IEchMLhOXyCx7g9zBnXZB--j0HxovnQ&d=CokBAKAmf-C00twB4LvsVFHWZmnMkbiD422gRFFnC8alz5EuIhaRAigHN-7aZRs...
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXYmfPfoTjVmlF1Jd08IEchMLhOXyCx7g9zBnXZB--j0HxovnQ&d=CokBAKAmf-C00twB4LvsVFHWZmnMkbiD422gRFFnC8alz5EuIhaRAigHN-7aZRsiAEhgVrw3kELi1Cl5clvfrNdSy...
67 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXYmfPfoTjVmlF1Jd08IEchMLhOXyCx7g9zBnXZB--j0HxovnQ&d=CokBAKAmf-C00twB4LvsVFHWZmnMkbiD422gRFFnC8alz5EuIhaRAigHN-7aZRsiAEhgVrw3kELi1Cl5clvfrNdSyH-YXQQp0cvBUzzaSzK5MWI16Kmk0kA6THZ2WbtYdwZiaEJswsa7GzrQs4aKAfClnlvzukZZ4DnCYTuSa38p9iQf3KLUCr6U6vIS-RUAoCZ_4Do3CgJYLWIrM-BzMulzcrakirfb3-uVeTKioWIXnk-QuQur1zdO5Ia8iAa7qeyRX5vxjDJhN7cAKq51B7BAWDO8L34onel2tsCCvdZcn75x7DgM7rvl78hZTUeT7gRT9fcjsA302rO40SC__cWrRAKCHXa6scLWSMrML67w5hyRuyZrKiZ7ey5leB-P1dft-adeyvrE_lEvWUe_j5kRxw6KU7H85K2I72K40woVc_TKX4_IpJAZftJk1KcASdfl5qy6L8x2olqOb6nFrc1FqjhOF1yqYV67tOrn8n3GcsXLsPgvS7wlYayXu-EgfeQzo2OK6vAo6Rs0TlbnxB8HUCf_H4lgg4WaijX9TCcgBEFOYy4YZA_j7nUt-2iJ7EzP0WKm62B-Og3SQgM3_jqh9Gk3e4HYvjsuHjmw37X2M1npBRuN6-pKcJh4GfA-1W7JdkRS9xoJb7otS3A8NpCMJktAGvnkPrJXO9zCsetpYmb5TblKc5i7vrS6qjFZBvFwm4i1QuP9YBmvspSTZP3eYCH_KVYobdwL4PuAUqAOfmTSacDZLwjTgpIJOObxaIQpo6ZUovgI0iyASkJwOy0m846ROps8GVzJTfjIPomXuffAo3lI8pPAxLeAwcx2cqa8OJLlMSXXQyUDjD2mLcikajE_wjrPlF16WmO9SFpCS8KFBBlPSBu-ljMq2BvTAxw0fi0oON-8FtEFYasHiouIr4nyoHgVEQtfSFGCzz4kzFgMaYQTeqtAKHL_gwCttmZItS431e2eb25JyCjeQvsW4OWN3l3_ou8gyc_nlIDAcKi12RsVtex39ohAw-gKE4BtVJ7t2NOe-14SwK0EdyqUIb8mw-2S9f4OrNyqlqR4bc0M9TA5BRCjSnrdvAYjqmy8YXXmbOZqW8xb2uqpaLr5VTsYH-OPkwsycZA2g-9bWwUMxysMTefnkHP_9Q_EhiPtJjnVmE2KHgqObcqCg_hIbDDKh3m-gWgGqXxzynRLKnIoAdcfeN1V5LvNHuc_wUWBryBVT4QI1Zrp3GFF7QPWvH6LVfVayIJZYXWKyWhlZVbbAqA2Tyty7zeZ6i7k4MA-G-O2-HwKYStJToAtHYLd5Z7sX85tTNvyXYi4glyqQNN6t6kO76ILP9NL9MPGTYJZ3io8UApPeP0cXNdRflzoK7j8Ftz6WddIBWFUw-dlZoh7HIx8jvdPdgSr2dsKA3PQob8xvfbA1P-lBnTTCnmKRjg18xlqrj8mmmLYUw0_ygmLzoeGt-ybX0Ho4qjTtN7QmR1OOImAYV2m3CX7UkNeZnAwd7WdBved6r-C3LboFUiDI-r0O9gZYnwaBW1mGLV_T1xM7tnYPU4BJoFnXWH3PzHaTq4qK8GcZ3kBZm3eKGNpHhscnFpVBSqo92gP7FnXHwmw0Im9vmlAZlKlgWCZkIRAgQ62_qu4oLxV62l2Q0xEw7sigzolOuqhF6VDC3m5ucQoeqmBtUlXC4oQdQfAmsFZBrHc55znoKOQ44AJESgk7alsuy3dFnyfLL0Sf1skwA-C-q4jz9CfC7gvGBUHtyzO0-X-6abgif2UL8xRc4_GLJqEynRdMC6Q6YhIondZr8-JSIC2WMBpxNv6MG126qU1EgmS5uVEGXNXs69dpujezLX7RAXQ7jh9ngBX_FX_vl369_wl4IC7HgFZPyqTGwy-BY00tyqa5ODo2C09OJLMTiNHJP4_wBKhQYdk8yxPYFH2urAAbONn4Bk4Y5MaRDjD8ELrDzHkrK3PP4dtmYkxJQQd5kcq4PN1LqmO0zDBOTqKP_ywxhXF3LzAdFLk97oM2veYdNTi4TKvl8FKCElJNLdF3k43OPedXfHaWS1nfbvl1haJ0woQvtVe5Z4FnLZVgNHw03Z4fC0VdEKAVQ13PPWb_iWcSbCpBBRqHXa3Y6pFrsCWWbKi90VeRbMlnO12GvX_2ShDtNCYaPeED10a8AcWBl94_CussFzuKH5j9YNfKS69jvqkqRjeqW7A1Jb92E80qkZ7XWmpP2bxLGtkX5JzQUqicYbMLyBWBp07s9QmdgqOQZz-pv11uTZ8m3axOK8kp3uj4YI85-Ez4e9KudRSx-e394SZDJDFR_eDrjThTRpL3BX-z3K2Hm1IeplOAKZUGYwdV3QMTjAzFOTt6EaF6tOWYoY0JFlig7txwAf_OjFip4DcZd1Uq4mOAkevHFk3DT15vO9mGM9W9WJa30H7r_nWqsxAM0yVg8GQiAsAU8jGIZGA4L29e9fBwI7oudZIvgXIVUZG0n4-X4NBzAyv6w6VVnzV_vRt6noq_Uv9x-pwTg7Z-cM1Oc5aDY2X3mvnJvSneiE9cRz3HmbrwFXtZMKdMDr9B3vJJ84cqtCegIrp57GWHzqlMvTyRqTF5RpHhBiSqWL12TxBNxn5MK6-FNEnuEGbQ_nsyYVXcGo6jLzt2QX_oOaI-tmrnbhEkcU0MclO90t-Au8yxFDi3KSxozjvmN8HDFZdg8yyWqB9FJ-D6-z9E8_W_xhUnNPrIURldj2WdK3B9cWo4bDFSOyM5RO0fa_nu1hk71yJCHabfhA8NclVLDSUnPaVcibciERgw4lXtSE03qbMVqajTfWsXqEmn7BUIdJpOEZyBveVDZytUO4EGRXXs3jr4nNbi1ErK2XNqB3y0Gn3ogtNVr_Nbh-y24ciRgE8l0VhqbhiNHiA-Qdg1DoICc7fsOBRQK6C_JAcPa15BzwAblfrBnSmiZKXJFLU_A-Y6PO04HmaC2H2mR9BWjFW2IYfrGAxuheNKRrqNPQFqW1WjhzejCo5r4uVyfLlSrLmzHk4MG3Az2Nnh9y0004APAhdYGNcuLNvzkvHkknsVPjynINgad5JbXVrDpMeFMJBwJPtbMgqBf1vPYMbT1lJ47_p7CW_H1mbP0rR8ydEu8yNnlFqcrn24gDg4RyiOafWVmsSAhiDfQXuudmvEC_Xw8wSkT25GY5A-dz8LouHOzZcCAgbSRiEpYmHHUlRR4GcaqDtEogOQSgTiQGsScz2rU6Nq1m1uPH38Ya5Em2KB2cKP2Q6OuMPSjWxFMdIRfK61F0eurrrGSBHdbakaRqDc80wjzNHdZdIO0Gco35e8_1hq4ke_1r2C0wnVvaHXoIiGhJ7YQm28RG-5OU5fKQ5ajfXUergc5tlcWLef04BitdIFFQXCFk0qnn9b9j3wPaVvdSJ-ysjDkSRO8hiPNTAkB87MPExvLl4Hwn33Y_f75x6_JUj01mPjyy9YIrAhws9cyJ0WyEa3VIjC2Yw2kj3hITQurBDzsu3eMSXiexo3XBQIixINYBAQrFOHPUJc2qEhzPOg8V-lPsIuxn-XKj8ddHT-Rj7UwP927t1PRnJxu8SkIvRKDi5SSiGGnS9woG7VgDOq-OpvrPJsHpCvJ7netJehaSDEP4AH5WxKdrGdjSua6ibuOs1zhTLsSFEkwghjzDPsYV2Qz1SlmNHx78ASAuISPUqBfXUZzWRCE-LVA7Cl3vAGcHS8e6GLkXiWY6l2UYJHHI8GvxsziUpPcXhHiQ0gdiBvhi4dTc7jLXpmGfdO71heXdcqrkystkY0EkGRr_yZK_O71EkWtSo-0FqK6-kXAJES4M-gJlfgXBNBjG7-EM3OL0vR0mn_Clbz-TK1QoAQjrV48vIFOCXmGq9bb68mR0EAHg4euIQVbz05NfbY_-3doJvuCpdxa3-sFpqWaVewxaCrBCWS51nCJghLZvzP4QoTEbeGkIIBBI8ANQTnKYE7aiNhb_objkESEkEBIoMYt1uK58t8qktVXwK0n_hI2fOeVKbgKrdaXAySZozeZX2q6V6e_iBGAFgAQ&bundleId=
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.27.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ra-in-f154.1e100.net
Software
cafe /
Resource Hash
9381cc2bd3c70cdec82a48d3fed524fd24b41b94a7e70de1a84f3ab58bed48cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23899
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:54 GMT
server
nginx
x-server-name
app14.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXYmfPfoTjVmlF1Jd08IEchMLhOXyCx7g9zBnXZB--j0HxovnQ&d=CokBAKAmf-C00twB4LvsVFHWZmnMkbiD422gRFFnC8alz5EuIhaRAigHN-7aZRsiAEhgVrw3kELi1Cl5clvfrNdSyH-YXQQp0cvBUzzaSzK5MWI16Kmk0kA6THZ2WbtYdwZiaEJswsa7GzrQs4aKAfClnlvzukZZ4DnCYTuSa38p9iQf3KLUCr6U6vIS-RUAoCZ_4Do3CgJYLWIrM-BzMulzcrakirfb3-uVeTKioWIXnk-QuQur1zdO5Ia8iAa7qeyRX5vxjDJhN7cAKq51B7BAWDO8L34onel2tsCCvdZcn75x7DgM7rvl78hZTUeT7gRT9fcjsA302rO40SC__cWrRAKCHXa6scLWSMrML67w5hyRuyZrKiZ7ey5leB-P1dft-adeyvrE_lEvWUe_j5kRxw6KU7H85K2I72K40woVc_TKX4_IpJAZftJk1KcASdfl5qy6L8x2olqOb6nFrc1FqjhOF1yqYV67tOrn8n3GcsXLsPgvS7wlYayXu-EgfeQzo2OK6vAo6Rs0TlbnxB8HUCf_H4lgg4WaijX9TCcgBEFOYy4YZA_j7nUt-2iJ7EzP0WKm62B-Og3SQgM3_jqh9Gk3e4HYvjsuHjmw37X2M1npBRuN6-pKcJh4GfA-1W7JdkRS9xoJb7otS3A8NpCMJktAGvnkPrJXO9zCsetpYmb5TblKc5i7vrS6qjFZBvFwm4i1QuP9YBmvspSTZP3eYCH_KVYobdwL4PuAUqAOfmTSacDZLwjTgpIJOObxaIQpo6ZUovgI0iyASkJwOy0m846ROps8GVzJTfjIPomXuffAo3lI8pPAxLeAwcx2cqa8OJLlMSXXQyUDjD2mLcikajE_wjrPlF16WmO9SFpCS8KFBBlPSBu-ljMq2BvTAxw0fi0oON-8FtEFYasHiouIr4nyoHgVEQtfSFGCzz4kzFgMaYQTeqtAKHL_gwCttmZItS431e2eb25JyCjeQvsW4OWN3l3_ou8gyc_nlIDAcKi12RsVtex39ohAw-gKE4BtVJ7t2NOe-14SwK0EdyqUIb8mw-2S9f4OrNyqlqR4bc0M9TA5BRCjSnrdvAYjqmy8YXXmbOZqW8xb2uqpaLr5VTsYH-OPkwsycZA2g-9bWwUMxysMTefnkHP_9Q_EhiPtJjnVmE2KHgqObcqCg_hIbDDKh3m-gWgGqXxzynRLKnIoAdcfeN1V5LvNHuc_wUWBryBVT4QI1Zrp3GFF7QPWvH6LVfVayIJZYXWKyWhlZVbbAqA2Tyty7zeZ6i7k4MA-G-O2-HwKYStJToAtHYLd5Z7sX85tTNvyXYi4glyqQNN6t6kO76ILP9NL9MPGTYJZ3io8UApPeP0cXNdRflzoK7j8Ftz6WddIBWFUw-dlZoh7HIx8jvdPdgSr2dsKA3PQob8xvfbA1P-lBnTTCnmKRjg18xlqrj8mmmLYUw0_ygmLzoeGt-ybX0Ho4qjTtN7QmR1OOImAYV2m3CX7UkNeZnAwd7WdBved6r-C3LboFUiDI-r0O9gZYnwaBW1mGLV_T1xM7tnYPU4BJoFnXWH3PzHaTq4qK8GcZ3kBZm3eKGNpHhscnFpVBSqo92gP7FnXHwmw0Im9vmlAZlKlgWCZkIRAgQ62_qu4oLxV62l2Q0xEw7sigzolOuqhF6VDC3m5ucQoeqmBtUlXC4oQdQfAmsFZBrHc55znoKOQ44AJESgk7alsuy3dFnyfLL0Sf1skwA-C-q4jz9CfC7gvGBUHtyzO0-X-6abgif2UL8xRc4_GLJqEynRdMC6Q6YhIondZr8-JSIC2WMBpxNv6MG126qU1EgmS5uVEGXNXs69dpujezLX7RAXQ7jh9ngBX_FX_vl369_wl4IC7HgFZPyqTGwy-BY00tyqa5ODo2C09OJLMTiNHJP4_wBKhQYdk8yxPYFH2urAAbONn4Bk4Y5MaRDjD8ELrDzHkrK3PP4dtmYkxJQQd5kcq4PN1LqmO0zDBOTqKP_ywxhXF3LzAdFLk97oM2veYdNTi4TKvl8FKCElJNLdF3k43OPedXfHaWS1nfbvl1haJ0woQvtVe5Z4FnLZVgNHw03Z4fC0VdEKAVQ13PPWb_iWcSbCpBBRqHXa3Y6pFrsCWWbKi90VeRbMlnO12GvX_2ShDtNCYaPeED10a8AcWBl94_CussFzuKH5j9YNfKS69jvqkqRjeqW7A1Jb92E80qkZ7XWmpP2bxLGtkX5JzQUqicYbMLyBWBp07s9QmdgqOQZz-pv11uTZ8m3axOK8kp3uj4YI85-Ez4e9KudRSx-e394SZDJDFR_eDrjThTRpL3BX-z3K2Hm1IeplOAKZUGYwdV3QMTjAzFOTt6EaF6tOWYoY0JFlig7txwAf_OjFip4DcZd1Uq4mOAkevHFk3DT15vO9mGM9W9WJa30H7r_nWqsxAM0yVg8GQiAsAU8jGIZGA4L29e9fBwI7oudZIvgXIVUZG0n4-X4NBzAyv6w6VVnzV_vRt6noq_Uv9x-pwTg7Z-cM1Oc5aDY2X3mvnJvSneiE9cRz3HmbrwFXtZMKdMDr9B3vJJ84cqtCegIrp57GWHzqlMvTyRqTF5RpHhBiSqWL12TxBNxn5MK6-FNEnuEGbQ_nsyYVXcGo6jLzt2QX_oOaI-tmrnbhEkcU0MclO90t-Au8yxFDi3KSxozjvmN8HDFZdg8yyWqB9FJ-D6-z9E8_W_xhUnNPrIURldj2WdK3B9cWo4bDFSOyM5RO0fa_nu1hk71yJCHabfhA8NclVLDSUnPaVcibciERgw4lXtSE03qbMVqajTfWsXqEmn7BUIdJpOEZyBveVDZytUO4EGRXXs3jr4nNbi1ErK2XNqB3y0Gn3ogtNVr_Nbh-y24ciRgE8l0VhqbhiNHiA-Qdg1DoICc7fsOBRQK6C_JAcPa15BzwAblfrBnSmiZKXJFLU_A-Y6PO04HmaC2H2mR9BWjFW2IYfrGAxuheNKRrqNPQFqW1WjhzejCo5r4uVyfLlSrLmzHk4MG3Az2Nnh9y0004APAhdYGNcuLNvzkvHkknsVPjynINgad5JbXVrDpMeFMJBwJPtbMgqBf1vPYMbT1lJ47_p7CW_H1mbP0rR8ydEu8yNnlFqcrn24gDg4RyiOafWVmsSAhiDfQXuudmvEC_Xw8wSkT25GY5A-dz8LouHOzZcCAgbSRiEpYmHHUlRR4GcaqDtEogOQSgTiQGsScz2rU6Nq1m1uPH38Ya5Em2KB2cKP2Q6OuMPSjWxFMdIRfK61F0eurrrGSBHdbakaRqDc80wjzNHdZdIO0Gco35e8_1hq4ke_1r2C0wnVvaHXoIiGhJ7YQm28RG-5OU5fKQ5ajfXUergc5tlcWLef04BitdIFFQXCFk0qnn9b9j3wPaVvdSJ-ysjDkSRO8hiPNTAkB87MPExvLl4Hwn33Y_f75x6_JUj01mPjyy9YIrAhws9cyJ0WyEa3VIjC2Yw2kj3hITQurBDzsu3eMSXiexo3XBQIixINYBAQrFOHPUJc2qEhzPOg8V-lPsIuxn-XKj8ddHT-Rj7UwP927t1PRnJxu8SkIvRKDi5SSiGGnS9woG7VgDOq-OpvrPJsHpCvJ7netJehaSDEP4AH5WxKdrGdjSua6ibuOs1zhTLsSFEkwghjzDPsYV2Qz1SlmNHx78ASAuISPUqBfXUZzWRCE-LVA7Cl3vAGcHS8e6GLkXiWY6l2UYJHHI8GvxsziUpPcXhHiQ0gdiBvhi4dTc7jLXpmGfdO71heXdcqrkystkY0EkGRr_yZK_O71EkWtSo-0FqK6-kXAJES4M-gJlfgXBNBjG7-EM3OL0vR0mn_Clbz-TK1QoAQjrV48vIFOCXmGq9bb68mR0EAHg4euIQVbz05NfbY_-3doJvuCpdxa3-sFpqWaVewxaCrBCWS51nCJghLZvzP4QoTEbeGkIIBBI8ANQTnKYE7aiNhb_objkESEkEBIoMYt1uK58t8qktVXwK0n_hI2fOeVKbgKrdaXAySZozeZX2q6V6e_iBGAFgAQ&bundleId=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 1688 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 01:04:21 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
9268534
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
zy6QU1FPMxEbevOg7A3SIXgQAkkZbidG3suIMYRih0gcdvPPp1oHEg==
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6FC1 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D4JbLl-dEXSImEPF1mEbThvmf9EEChibUcLCumEc0UyOTnBfOF8EGTcgH4bjs_eadEyjY20OSIRksHj0Uh3xnzx4uJrg5Ob90BWq0aa9x7-RDqs7ja6F4JcB81Y-jm6vfa3rI6XxeqDoENvpOrif-n_IPsNZgd_kaiA_nljMxLqQvzR8U&cry=1&dbm_d=AKAmf-B7j-cgFrojAR9s70RUOU0I8e6_kSKMiuDdIjY_dfk9g0F6dy1YHNx1Byig1jNy5VfuDmok1cUREMoN5d9XsBji7fYRBfz8ZBI0_swfwRKFMA0Ri50GbBXwJrRdnMo_Wo_-k7ya4fSbJ-AK6IZzl2-b06jpCAEHDhr6l3-ekDrQvmSCgbJ-ROpEjwdhG0LsqTHZ08IDYimKhNWltbsqLYcrQagJMnQ_pklB0iC_AoiE2WJON0cmP19dgjbRaw5KGxWNKZR1Ahq4PE4j3BFA5y5dwFdCd4zwN-B2i3rENSucy9gVgf2wCbBMvTPWM4TwaGeQXiIGzoF77UH9L86L06OZDKPPINV6JvU49G4d2Wu_SJgpi8Xmc3UWbGlZn6YC89OWlAZorixoUOuE4wVpXD_7KPB3x-YaH_-t394gpQL5SoISlfJXO_1HF2cRpT80yZbbXvpIMxuQoN9anjFVkyuIKvGg5f664KNLNXP5JJPCN7VVZfgKaDAREg2JBGLyfFFgVm8fLqt9c4GRamJydlCaQE8X_UlyX7fOyRUyRmUa0kDOK_3mLySQHgQlUBuhw69fSwIW_7G_iOGJdLe1CGSma1utcmkyHj-H2l-WV8dxsV-e1RiotGdz_xLMmSQrhY0WbSsb3V1wk___dv2RjkSNLAaE75fLWiDMivncw-akBXvMsyAd1fsCZIyX-x5P8d-Z7yHgdkuH5C-RNptpq2Zi4XRXFHYBw_i-6zo0lb_D6jNYrNg0GgoJeII84HUEogfffXMc1veb4d0Cr1uL-XUmUVyTByoLCBN_dSdPx_vFvpUW-0WWBAmnapZnY90UOtH4O7_oX7W_zA4qrTrSDWUcIULFdD3Cz-yUPorY8c2L7iRgaX1tl98gx4mUuy2q9RDHrkB2IwB_0JHMVsw6wbxoFzy_y772od84vR2eMgHA1-QvtEltTVV8yzcpUd2TZtIstzLG5tJoXmhHhAU1NUzrazAFeN2XkLlGO8nW2Fj9q04iqbNLRtVPj9M5EsWKK39JEswbsPnwPY_qu_aGyFw_hcANIoyce-7uiLpIp1r8PA3fIiWp6i6LHmur8ykzyUvNi-UI6kNjsdaL7Z8SNxf6uB7lJLHf8KbzkbViY-J2L6b8zmx8U-0d-jnSM-H0bIiXGCi31S-LvEtC20cv3nppcDFkhTzCvx6SJuIenGCXK722TEb-OYV-XU9KrbE8TNNJdJSIplms9QS2VmayMKK1UD5hbDqAuuweDTm0df_gz2SkbydwPmbXCZUtckiypo-f5RwQzr3AfhuhJSB-hsmvo9j8AFcp6waxA6jhff4aMhTphRAl2Ak9YZItA3qU9Dhkv_Qu3bpoH6GzFgBUxIZSsi9l-sCCdt3HaUwH-KNk8eMW6tegV3ZQbIyeiAOmj3mipXaojsDuc_JMHOBzAzfMmzx4mJ9EWuy__a4djWjkZg14kbxlZwMCJhIwadF6w29Kfx026n96TBYaqQwKxfXfNvBmUKdXMiiugMjj-8t1dbdiIsCWcoc9ICj5AwrN-rk8UxlvmI5LuWJTm7UDn1mTJqvQ6y97KvDb3UEu2tCI3zRfyAQ042O3fJBuPR7GNlKKeDHHKNU9tgxyD9gItwg-44EKIOSpONdIIGSCnrplwAocWdr887-Wm3KgbuR776v7GSxy6E-HnMSmMXNDC5rV2VI7VZIuWX2HvCstqboWM8pb29Qsc5GSfhxwZX4cYVDhe5zkL-Vv8k4iMlJyAzFI1qgJ0RbPf5XHaPmzn4do1Dg_GXOxabBosU-Web1aVPeohE12W5jyg1ClXL1HBgwF-kIe2jer75NNIR-6QEwfGkdvBYEcJNwkP5OybJd2_ZPRObc0dGAtD7K88iRrknc-Az31PicqZ0loBSifCrUYr7W-mHdk90Qxg1wLq3YGAM8J7OVO8yOi7kcvagu7MxqGJj_xtQjx9OZtI3xjnVaBqTFnjjAYkKkUufbeTZwDQSlwpkkThbblMoC9lVuRqGKkUKA4u2-2CEL6ONu4RYdUi1Iz_-bK7RNvAhd7MEXiveEJ12C4Wv0nLYiUBWERI_f7GGKchNxi82WeiOgRPRVWKDBHa2eu2wKQdYJgwsQRVogQq59Mw6tuCBOJ2j9cVGR-xOqCM7jE0wkOYD6oztbSMhSfG11p36WI_1F5a9dL6vtrj7CjGSGAYZyF1rdcWoKASaN20iBez2Tu_epDSl5dXyWjeeQmDQETZg7xmN60OVFAXapBN4hacdl9rZQN3N3VcFXR5rty6fjKxxJeNL06_hnRNjCGnLwaeb0Oo-SERmqgY3eXbgvGCAor8-o7l89gcm-Wv6wsSH1DpJJ9QOYNTXCOyZcntieQNQ3kYJ2x3NtfQTJrY9r3MISpj6aK0Q5e398Q5hm3n_bBq9UtrACOkIruCJ0RocuY95dNVHfLLz8niOftdKCvp2bMSy-Q831ykdb2xznbXr3n-O-JqFLbqsi73J2Eid9wxQjpjz2sHQqMdxpQYLC20YO_O-eI2QZ6K_VyM7CGfOGP5mpvuiKop_uWSii-1ZUzRvfXbWVKwdudBiZG_Hrg7IT17HpfBsHHx-PHiKTwJTWZsaBIaw0qPlM1v1xviPMwBNnbUQWelwnvvLdKYQ0IyZ9Zwac0iLcWPmJguDafXcWfHq8gXnVKSu-WGIALim9zwCxS97k8ddhh9aMWI_JW4bGI5W1ldMiQFdA_4mifzEOxZyAk0A8-6OvvTGPGHwU6MCTuvAyCzhN4ecFSZSpI2vhYAMuP1c27YImrSXrtHu_0okmB7envlUSAJn8uXb3Y_617iPSJQby7ybK6dPr-FjTgMlRn-WQOJnYnw4Ft9ZMtLgt58tswUpymIRleZNoWC0xMZcV13fAznavX7KYjP4Zibw6fRaLOCP6ykzXQ8nG0SmT3js1QXmPzTIQGkWT52QAgi6ix6nkO2E_b1gSMt0Dt4UIRZJngIHEfFDLO2cqU2R0OZngC_XsnhZUKq-G_3BO_MvXKjuK3mPVQUWVsetgDaWxog7pyJF0sNRBumhee4t95HatYJTSvsy-2oO4hfrKt1RU404VJMM9iv49EOnHugIbHgF0FHU2tDESeBltxHhPdvR2rc9IVgUA6W9_9uqx5nNRTN8EKHy6h_aHa7nGsP4KOJmGKHSYwaOJXMO9E6RXf_001DRWf_lc&cid=CAQSPADUE5ymBO2ojYW_6G45BEhJBASKDGLdbiufLfKpLVV8CtJ_4SNnznlSm4Cq3WlwMkmaM3mV9qulenv4gRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Folhardireto.com.br%2F&ds=l&xdt=1&iif=1&cor=8897509608532049000&adk=3047537735&idt=120&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 18:40:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46785
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Feb 2024 18:40:09 GMT
pixel
cm.g.doubleclick.net/ Frame 3C61
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDK2pjkT9gJfdBZgSCpzhnc&google_cver=1&google_push=Aa02lx9lasp_3k9kx2jkSYoZxSRUWTLNsiyVKL778ZRlej6eIllOXaqU5Vjw59c8By8Rl02Rt0gcN5O7E-BTxj4R...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx9lasp_3k9kx2jkSYoZxSRUWTLNsiyVKL778ZRlej6eIllOXaqU5Vjw59c8By8Rl02Rt0gcN5O7E-BTxj4Ra47Uw1ViJRK0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx9lasp_3k9kx2jkSYoZxSRUWTLNsiyVKL778ZRlej6eIllOXaqU5Vjw59c8By8Rl02Rt0gcN5O7E-BTxj4Ra47Uw1ViJRK0
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H3
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 02 Mar 2023 07:39:55 GMT
Server
MT3 530 4e92630 master zrh-pixel-x31 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx9lasp_3k9kx2jkSYoZxSRUWTLNsiyVKL778ZRlej6eIllOXaqU5Vjw59c8By8Rl02Rt0gcN5O7E-BTxj4Ra47Uw1ViJRK0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 02 Mar 2023 07:39:54 GMT
pixel
cm.g.doubleclick.net/ Frame 3C61
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEP9GVZm2HC9tLjq_ZcZHSgo&google_cver=1&google_push=Aa02lx9ht700BXVLce3oER3X4JhCovt4bgIrKBW22spYg3dIuLmyNmK4zW_-tyyE4ApmeFz_dw4k789lurRqrktgSkMb7L2...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEP9GVZm2HC9tLjq_ZcZHSgo&google_cver=1&google_push=Aa02lx9ht700BXVLce3oER3X4JhCovt4bgIrKBW22spYg3dIuLmyNmK4zW_-tyyE4ApmeFz_dw4k789lurRqrktgSkMb7...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx9ht700BXVLce3oER3X4JhCovt4bgIrKBW22spYg3dIuLmyNmK4zW_-tyyE4ApmeFz_dw4k789lurRqrktgSkMb7L2D4Hlp
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx9ht700BXVLce3oER3X4JhCovt4bgIrKBW22spYg3dIuLmyNmK4zW_-tyyE4ApmeFz_dw4k789lurRqrktgSkMb7L2D4Hlp
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H3
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx9ht700BXVLce3oER3X4JhCovt4bgIrKBW22spYg3dIuLmyNmK4zW_-tyyE4ApmeFz_dw4k789lurRqrktgSkMb7L2D4Hlp
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 3C61
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJWEr5ZHuWXum1ZgxqEieVA&google_cver=1&google_push=Aa02lx_1L2O-eucKbrCRQlSBvNsW9SR-enEjG04ls-LajPcHoPcu0jxsvlmyK62jPUS62trZKml...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVRU1FOUVEtMUItQ1hJUg==&google_push=Aa02lx_1L2O-eucKbrCRQlSBvNsW9SR-enEjG04ls-LajPcHoPcu0jxsvlmyK62jPUS62trZKmlGuOlTVve7DUx8asMpqIvkUx0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVRU1FOUVEtMUItQ1hJUg==&google_push=Aa02lx_1L2O-eucKbrCRQlSBvNsW9SR-enEjG04ls-LajPcHoPcu0jxsvlmyK62jPUS62trZKmlGuOlTVve7DUx8asMpqIvkUx0
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H3
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVRU1FOUVEtMUItQ1hJUg==&google_push=Aa02lx_1L2O-eucKbrCRQlSBvNsW9SR-enEjG04ls-LajPcHoPcu0jxsvlmyK62jPUS62trZKmlGuOlTVve7DUx8asMpqIvkUx0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
Expires
0
pixel
cm.g.doubleclick.net/ Frame 3C61
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIFUe0GbuTWMmpHqMcY3NK8&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIFUe0GbuTWMmpHqMcY3NK8&google_hm=ZABSyuAxinEnV12jJu_jPAAABH0AAAAB&google_nid=index&google_push=Aa02lx-18hsUS3b_JSbRC6d2qtGG8UGjGfQu4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIFUe0GbuTWMmpHqMcY3NK8&google_hm=ZABSyuAxinEnV12jJu_jPAAABH0AAAAB&google_nid=index&google_push=Aa02lx-18hsUS3b_JSbRC6d2qtGG8UGjGfQu46vR_HMaS8DZnxYPnIvs2eFwzUofycEjXxym0Ucaxah6syA9Oo6DYotmjkxa_qY
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H3
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 02 Mar 2023 07:39:55 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIFUe0GbuTWMmpHqMcY3NK8&google_hm=ZABSyuAxinEnV12jJu_jPAAABH0AAAAB&google_nid=index&google_push=Aa02lx-18hsUS3b_JSbRC6d2qtGG8UGjGfQu46vR_HMaS8DZnxYPnIvs2eFwzUofycEjXxym0Ucaxah6syA9Oo6DYotmjkxa_qY
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
pixel
cm.g.doubleclick.net/ Frame 3C61
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEB-fHqvAgEaLyFF7nR3pscc&google_cver=1&google_push=Aa02lx9VwUSN03-H8FU1tIIMAf4Kk39xeM4rRIZqEV8y_DPVwwRLcSgVyy-11sAcCC2dixPOsIpme1g1DldIJTfjw...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEB-fHqvAgEaLyFF7nR3pscc&google_cver=1&google_push=Aa02lx9VwUSN03-H8FU1tIIMAf4Kk39xeM4rRIZqEV8y_DPVwwRLcSgVyy-11sAcCC2dixPOsIpme1g1DldIJTfjw...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9VwUSN03-H8FU1tIIMAf4Kk39xeM4rRIZqEV8y_DPVwwRLcSgVyy-11sAcCC2dixPOsIpme1g1DldIJTfjwFsL9RGMgLz3&google_hm=GPfLsGZHF7ZQxg8qSTSGvAsM
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9VwUSN03-H8FU1tIIMAf4Kk39xeM4rRIZqEV8y_DPVwwRLcSgVyy-11sAcCC2dixPOsIpme1g1DldIJTfjwFsL9RGMgLz3&google_hm=GPfLsGZHF7ZQxg8qSTSGvAsM
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H3
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 02 Mar 2023 07:39:54 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9VwUSN03-H8FU1tIIMAf4Kk39xeM4rRIZqEV8y_DPVwwRLcSgVyy-11sAcCC2dixPOsIpme1g1DldIJTfjwFsL9RGMgLz3&google_hm=GPfLsGZHF7ZQxg8qSTSGvAsM
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 3C61
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEFVUbu5qhMIyNyOv5ZGODmg&google_cver=1&google_push=Aa02lx8aqRWT_kNrR...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjczNDE0MTgwNTQ3NzE5NzM5NQ%3D%3D&google_gid=CAESEFVUbu5qhMIyNyOv5ZGODmg&google_cver=1&google_push=Aa02lx8aqRWT_kNrRjOMk2H9qhkRGXViHw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjczNDE0MTgwNTQ3NzE5NzM5NQ%3D%3D&google_gid=CAESEFVUbu5qhMIyNyOv5ZGODmg&google_cver=1&google_push=Aa02lx8aqRWT_kNrRjOMk2H9qhkRGXViHwLSc5P65xt2ICdc1CJ0b9gr_34KEgZzsPpGvGWX8Funn4F1U54lOQqXkXV2h5VrpES0
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H3
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 02 Mar 2023 07:39:54 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.138.194.163; 217.138.194.163; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
888593d5-58ac-4d9e-94e5-106218275620
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjczNDE0MTgwNTQ3NzE5NzM5NQ%3D%3D&google_gid=CAESEFVUbu5qhMIyNyOv5ZGODmg&google_cver=1&google_push=Aa02lx8aqRWT_kNrRjOMk2H9qhkRGXViHwLSc5P65xt2ICdc1CJ0b9gr_34KEgZzsPpGvGWX8Funn4F1U54lOQqXkXV2h5VrpES0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3C61
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEAKtKANGq...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEAK...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=a989f02b-4f71-424d-8bdd-1856c83b109f&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=a989f02b-4f71-424d-8bdd-1856c83b109f&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H3
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=a989f02b-4f71-424d-8bdd-1856c83b109f&%%GOOGLE_PUSH_PAIR%%
date
Thu, 02 Mar 2023 07:39:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 3C61 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JemgsdQ3Nj-ES13gWqfqTGL4g32tmwcYkPhN7OWVanY8w6XlumKs30G5YyJLLqMCroaHOg1gY
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:54 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
dt
dt.adsafeprotected.com/ Frame 0B2E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=b4a7d2af-6386-f4ed-b76e-16d38000cb76&tv=%7Bc:5GHjSC,pingTime:-3,time:69,type:v,im:%7BpBlk:49%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:90,t:24%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:69,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B61~0%5D,as:%5B61~970.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:txkxMQV+11%7C12%7C13%7C14%7C1511%7C16*.1135760-69474538%7C161%7C171,idMap:16*,rmeas:1,rend:0,renddet:IMG.us,siq:25%7D&br=c
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:b818:916:ed27:48c4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:55 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
csi
csi.gstatic.com/ Frame 389B 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~leqsqpi0&c=8316298645346&slotId=4158149322673&qqid=CMXj2_nevP0CFVuLgwcdQUUD7w&fb=outstream-lima&vast_v=2.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:402a:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:54 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
69349429
unified.adsafeprotected.com/v2/1135760/ Frame 389B 		17 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://unified.adsafeprotected.com/v2/1135760/69349429?mon=69349430&omidPartner=[OMIDPARTNER]&apiframeworks=[APIFRAMEWORKS]&bundleId=&ias_xappb=&ias_dspId=3&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=v4~~&originalVast=https://ad.doubleclick.net/ddm/pfadx/N7442.1972103DOUBLECLICKBIDMANAG/B28358795.358892927%3Bsz%3D0x0%3BAUCTIONID%3DABAjH0h1X-RVwPutRM0_L8LSPP03%3BEXCHANGEID%3D1%3BSELLERID%3D3813448842%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.0.0.0%3Bdc_osd%3D2%3Bdc_frm%3D2%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://olhardireto.com.br/%3Fves%3DdGltZXN0YW1wOiAxNjc3NzQyNzk0NzI5CmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzc2ZnRk9LbVFCVS1ldzRBVVZsVTRoTUk5MDlMQ0MyVERQTHdFQXRxX2VlQ2NGc3pudW8wWm9UemdVVkJVak5jeHN1TGRwdlgyLWJKMFhQRk5UM2NEWU52a19NeENVX3Zzc0hBanVnTXRVbTJlS2N3WXkzdk85UkdnMHk5c2F1ZWEyczYwMzcwMmRLQWtDcDhIa180UVRRZzhVU1BKRE5WQzhSemZhQnRxWUt6SDhoZlRKMUsybFVhdmdpYWZPSDVXY09DZ3FlYnNwZHAxWlJ3MVRIVTJpb01NOXZ0QmVfQzFEbTZWUjFxRHZRTndFZC01blY4YlZUc3kzeS1JSXdfVVVJQjNGUFZQUl90RjNhN2hnS2Z4azIzcDJyTkhxdWJ1LU50Z1dydlVrUzcwSS0zMU14NlZYZ3RNUFFfelk3UllLaThKOGFZWVEyRGlGNXgzMnBZOFJ4T2txaXVaamsyMXhwczZQMDJDUk85Rm5OSkdvMjcyRnhpZ1NNRnd5amtkLWs1UnotZVQzTDJSazN5N1Q2c25vVnF4SHdYWmY0VGd5UG5Ed2JSQ1kwVUhzTElzM2pWUVNnV3BxSVVWMkJSUXZoZFFUTWx4cHZXTnpxeGtQN2E5dGVOOW5rOHJkSUN4QkNla2gtbWZrNFBsRGdyajBwMHgxTENCcFVGMFpWV042Z3VVbEJRVlZiV2hxU0Vjci1ESnZIUGM2RDBFOHY4SWJQUmp1ZTZaeGpDcGZ5ZUpEc3oyVnB0UVZiSGxTQ2ZJWGo3TWlxSTRaX2lBRHYxdVZabzBVbmVfX18zUnp0OTRHZjBGN3FDcHNYZjdUbHotblV6TkRzSC1VMHowbld0Mmo4U1ptNThiamthS3ZUQkNFOWRtSWpyckZpYWlyZFk1VEVFVndxMFRDcndRR1RFOG9fa09HVXlVU2RXNXBHMkQ1d3ZKdFdaeGRaMy15dF9yWC1QYzhyX1JtSTB4LVdEb0hCcWlsbW5NdDE1TDBHbWdNTGpmckNRZWV2R0l1YjJLS3dUTWZWNnVReU9BYnMxcTU0Szg1ZGtkSVY5eHZWdGs3cUQtLVdRTWg1VWNEM3ZZMTcwVDkwNTdwdnJLRnd6YlRUUll2bl9QZ3VpSWpJNldJLXVJYXhkZ01zRmwtN2lHVnBlTlY1WGhCZGNIR1pFMjFZZGR4NFBOWjIyVlR6eE9Uay04dUVSNFNCVUdCUDNIeFJXT2ZEbF9wT1NjVHFlZGYyd2xza202dFFEbzVsWnA5TlZQSmM0MUNUWm9QWWFpUG5oVnk1anFSX0dSVDh1bTlLRVo2Unp6clRSNjhaRGxtSDRhVEp4cUl6TjA1UTA0WjU5UGQ1dkJLSGFwcDVSbTlteG45M3JCUGdMV0c2WE5CamVUMWhqVlcxUzBLMlA2UVdIVFpsekZmSXk4QnZuTThBc0gwNE1uVVM0YV9iZEJmX0dlSFFXVEFiZnVEb2NzaDZQeC03eXAwMlNyMm1KTUcwcVRNRGRxSEJTNnJKWEswMUJqc1pTYmtkODVhTFVKNEpfWHRtY3NxRllHODFhdlRrdlBsdV9kakU0YklEVm9IVFdwSnVSVmdVSmNBaWw5MVhYamNKWnVvSmVUMzJMR1pTUXk4amxwSmtmeFNjbG5pYi14djdhTk5TUW1fRWV3WjNuYURPVnliOXQxUW9hMURxZVBmMS1ETElublhCNC01dVg0S3F2QmVOQW1TWHpWZkxwOVZFZTRDX0JwQ25tQ0ZleEFDQVVJSWM2OXlRM2RzVGMxWkhoN1FkX1lULTQyUnQ3aW5MWE94UkdFVmRHa251bTBsaDhMRVlwVVZWSkN1RDllUFd3RWlFZDVnR0dZdFltdXZkX1JsSVpMZlBIaGE3NHZlM1l2eXg3QW5ZRlItekJseWZIcGFDb28tb2hHLUwmc2FpPUFNZmwtWVFTZFVwZHBZNU5BVTlLbjN1SVlnT3o5ZlNhVjZkUENKeHJPc0lRamVxV2YyaGhJdHJaRTJqLV9hU1hwNDVNZXZOSEZ3VlpKR3hwYVAxbXcwV0k0SHFmY1hJYnRNVzYxTEFOSFl3Qk1mWnZyWjhNZWZpS1dsV2NZTEp1UzJmVG9LSU43YlNzV0xMWEt2WVhfZjVNYmVlWUVja0xXaXZlYWFXNGswS1g4cmlCZ2IyVG1FN1E0RlkzTDBzUkdqeEtoWC01UUstM0xTMG5hRVZWY3ZMUVFYVkpYd1NUTjlaNWxGZEpXbXRkLVE2SkNSWFNOazVneDlqWkRYYnFVR0tlVkczeXVDeTM1clFrQXVEUjZZSnpVVGtROVJTT1V0RzB3WE1KQnZCWkJPVSZzaWc9Q2cwQXJLSlN6QzhFQ244VmdHVkZFQUUmY3J5PTEmZmJzX2FlaWQ9W2d3X2Zic2FlaWRdJnVybGZpeD0xJmFkdXJsPWh0dHBzOi8vd3d3LmNpc2NvLmNvbS9jL2RlX2RlL3NvbHV0aW9ucy9zZWN1cmUtdGhlLWVudGVycHJpc2UvaW5kZXguaHRtbCUzRkNDSUQlM0RjYzAwMzA1MiUyNk9JRCUzRDAlMjZEVElEJTNEcGRpcHJnMDAwMDAxJTI2ZGNsaWQlM0QlMjVlZGNsaWQhIgo%26dc_cid%3D186445565%26dc_adid%3D550157431
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.50.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-50-76.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ed7e4952bd85725ce837ad04eaff64f846e2700e89f1b52f1093c543c93fef01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 02 Mar 2023 07:39:55 GMT
Content-Encoding
gzip
Vary
Origin
Content-Type
text/xml; charset=UTF-8
Access-Control-Allow-Origin
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Request-Id
cg055itslpii2elvm1e0
Content-Length
5248
dt
dt.adsafeprotected.com/ Frame 0B2E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=b4a7d2af-6386-f4ed-b76e-16d38000cb76&tv=%7Bc:5GHjSH,pingTime:-6,time:74,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:74,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B66~0%5D,as:%5B66~970.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:txkxMQV+11%7C12%7C13%7C14%7C1511%7C16*.1135760-69474538%7C161%7C171,idMap:16*,rmeas:1,rend:0,renddet:IMG.us,siq:25%7D&tpiLookup=ao:olhardireto.com.br*&br=c
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:b818:916:ed27:48c4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:55 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
publishertag.prebid.132.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.132.js
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 03 Mar 2023 07:39:54 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3737 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
46815
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Mar 2023 18:39:39 GMT
expires
Thu, 29 Feb 2024 18:39:39 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adj
bid.g.doubleclick.net/xbbe/creative/ Frame 6FC1
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/bgd/1135760/65089100/xbbe/creative/adj?p=APEucNXyq3IQCB_rQDbnVa--a205ZaEUI7aDdWSLdWsq7fHzkvZ8d_k&d=CokBAKAmf-BtmCJm1G-tfCvVC-g-LstrWKdI23bZbjyAbb7T_jQ_J8zSQQXIFDL...
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXyq3IQCB_rQDbnVa--a205ZaEUI7aDdWSLdWsq7fHzkvZ8d_k&d=CokBAKAmf-BtmCJm1G-tfCvVC-g-LstrWKdI23bZbjyAbb7T_jQ_J8zSQQXIFDLm87xbWaPFED_t7sx8mRLAGb8v2...
67 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXyq3IQCB_rQDbnVa--a205ZaEUI7aDdWSLdWsq7fHzkvZ8d_k&d=CokBAKAmf-BtmCJm1G-tfCvVC-g-LstrWKdI23bZbjyAbb7T_jQ_J8zSQQXIFDLm87xbWaPFED_t7sx8mRLAGb8v2cKLjHAMUkTvRrphPct3WgEoVS8rhvS_DfYcq80q_8sAv2F0j_nFycohA1EtPvn7cGtYnJgbuKQ0OhZSfwct4XGYSPv2Xe8wi0QS-RUAoCZ_4Doh3chFBJY8mvcN-7mQ23R9LBa0HYVNdzxXzaiz5-5ZzYcCgQJ9m2frJtlVeR8S707GmZkea8bnsybjKjhVOuUMZyCkvyc7RXJszEtcX_H7xBy3VvbejRxI46lggQeGW_RXZAYUXO2SPcFukJo79Dm9qTIGbyyXxgTZVePwg3fgZ38YYtNTzEY5lYQe0Cba4_DmBLREjq5WiRrFSwdcdGlLMwDF_bpScnVAnyUuzf8etbAaTrNL3IUkiafTLMZY5QWZEW47PPsNxbvZ3mMTunRa2qcmO6raGc0BsnpIopca3e07_ouxzjoXJESEqMCOfu3w5RVHCsUa81mCreTGqeP9kk_04F7pDXI_APpMBwJA3_zYW0qFMSy_FTHD92bsdX-BJFE58WgW_ZrluEHUr78ProcpEL68Rq30rPuIuF0sMZK_gR2-eia4TYdkJpvfkBpkZHxQEZ2ikkvciIgseiL4uK4J9KsnXiR9BRBtBoFIxjxC4x234NUylgMdwCX2szaLOXMRA4iQW7Zp_GtztLT4FO8OAfULsWfHWHGyGQr_gRctco2xkjIHhk315p0NXXk0rUDbm2AahcKFfb9pv9Ib-M7IGEosaW0TqzX_FcCgEWNTsxeQ04-qXXIst9YvOn-l_HYaakUXF9bRKTynjazE4ieWFqI_JRxamy0UMzn1BU0uwbZgrdLCfYlqPufpQzh13dtBwokaghaiYKg1FrR4MUDyI1PW97Z5cergY4pdzfksLnG1YET_mFdB6gWtJluYK7aJXJuxyd2ZvTS8qqJwU_r5KtlgyP5YnHGsHsVot_XfgcnZMhE1CAdmBezZ6Knnm1p765a7_ZL43DdCPN2Srw6RR6_qh3VO6ooSi2Y74a4f-nRrASPAQXVlpKhnYJi3zwdyR5XtyAzHDwJ0sbPvniNgORiUzRtkmUphIdbc1z9p3b6KiozOxgo_aTqHkb-KdvEUDVCkjJSa9kNdxBrcXL8NGuvdbYlztgiwOa2d-mYrDwVlkhhaG7z31VePg1VnLhgHwQkTu3s7dm_k0XUwkYM71VQbgPZXmSeo_iY0vj6IeaPgyxMKozbuMj_3Jp8vxfVT-N_xb9Dudj0bFlNhCWpHI3jsJdbWj35OFCJ-0QMmhl0CM8EQAja1QikrkZayJxFZArLC4G3asKd9f3zRZsVXQROPfib50LLWAga4TmspTXEHaseeOW7RLHIxJiTQTp5rabvebQ_ZzAXMlUoE1z-7SdYb0cKsA7bmGemDG951JeHAPPNxMnaESHdiF77aAELCZ9D4gqhpxUBvvmPrmvEcBGgKNoQJ8qmBSqgaTD-6DOjKbIMieMWpSjM1Atnj4iHf5Ok6Iv5zYL1HOYlPX0_lGQQSHd6-4o4k8vs5SgrLD_Q1tyMmf2In8fra-f55o3WjtXjmYqifU02Dstle1yB1kGhP9y3Pp-0hBY8q90zbmUvxVCyMWs-GtAGpzB7HanzIXpcyWYXgPBEuAcXjfqMENOuWegTsqzaTHkjd6XRU8fR1V1ybsyK4cQPyB1l2BVaVrO69HxW8MkDNvzu8wZIVwfcIxWLso6hlG69tfOjS2UZDwqWPhKm6Nhl9b16ct9uoTXVnKW2ZcIj9aV_ZcbZsYtYadAof18IwvmfVkGWPjz9qNXGAcv3JbtZ0O3-hLGfiCZMEBdcMHIb9QuvUpudwpNFxigFSQkQ5jezzWj8aCjrM14G4IQLF51gEpdAVDwmrdYFWz-Phz_4L5WGDzipEzPOv-FOhoiayuFA6lZW8U4nmpArwb1tREJ9u4T4zFPPoTBvTQFQEeOUypFGvGS_0YVcWar-z-4kBkM2P0KF9w2T7lXDSHTbT-YUEeEiJzfl_Uz2nR5gc-cZ4ActyOZgyS7FcIPCiIa_cDVQnwwMGoksyxziHqySnBYM7FKRooZVsW6Y4y76-dFcHPvKQprcKKrZ7klDbcPsSzcrbW5v9WxGqC-NqNvCyVNh-dElaOIAXZpJi0s_hi06VE_CxjCM3jAgLdcLDiFjAHZu6-cqoV_jGQRYTb47zqTkS2XE9bZqfr0kowK0JwBxggmwH2qLx5-vag5INbAyNsmjC2A8EesJeb0ztmuvKd2akfXdQdjy041V11iveT7JLKc31R9c6-FLLccuDLvPuRHEQyuO_lpL1y9PzSk-W5PIUG8sSE1HQuRJbVBw8b5oxpKGR5uG-SqMQbqMAXPPtV7KhJhWEQ4wAoT9zTKr8vGNSJ5ic0HX1jpqzNcyO2bdzWnHLZ9axLJA7chDxvjEfODNvn_y_GzNraWWSGHZD188MDmgD0hU7UsJHEnnrsaMRx6Cq3lV_QFfw23KqSu2WaYt6SCB3RVxtPzpV0chem56O9rGtdoiysDEw2wsnW9LYGsvoNxMdxepNiXFnEO9c2s-wuo7nJNrdr-_k8o2YYp_OBl1vOqKuHIqyLm9-vvNIvNzyyGYm6Ka7iQNhbUbNM0Tq6Gn0Q4elOi7ygdkr1uxnBuYQhK0Bni43j25mVKEO2JqiQrnHfNkwI8rAH-Wme2_i_WntQxQNPco0h6NxfKlxaQxkbaArfRIz0H7ux9xlRPP3xS7nQZU2juAdA6EhxwbPq3vbKWMp4L9m_ryEKncuahsDtwsBiqvblD8KmBp0OGST0OeFSGCIKKEjhSrmujnwoexXr4VNNmxeUPHwzNqs6oxaJ9kVbW0MrBxfz8d2bBdguH95LKToVN6CEQY4HsfQ_0OG78cB_CwrOKwksXfHPkg_oCAiwgGorEgWKkF472srYLARWqbmkNThEECfyCl9USGaB98nl7ptl4skMugg0WCLxk6rfkiJAUtgZNZvwskmsphEUTX4V5bLT2hsY8t6g3wbZ9-svuaIw5Sny3_MTE0nDa9iBBmmeYg3PnLSnfd_vTFcCt2J16qHYs5GKsWo6J7ZZ5Q1jOUb9pYcGRUI9Vo99AcShfKQBCOhAznw2u8xBPZ3wJ8Om-PU8j4Wqa-RiGkMllRh70qHSJDp6AOUQSthpHJur7Ykm5YZJh52kNIPTbx6e_NnF7xLIH_0x5dWIDbrGym2ZYbjlw-T2fExQ818B47cZHcq9O21xCvxtilk4QJq1mHvs4wUUTzdeMSeGI-Mq3fRurM2dN4D5Wq8vy8tBdg6edc3LpVDkSpxlWvONEfe3G7BBJTeiNsRzmOVZIKrgf07q_Nsa-95eQkfoKqYijMs1LWd8C7zgTMjSBu6PIONzv-JMWYQaR3jtWYbB8tqggek8pWC0mz0Hk6zcM1oCypB8PLJ67ReoqkRHIGpHOv1fHLV1B8VqDz1_wsV2gBsrUUIn5ojjOFGQmT1qkovLL34FUh8GUVs7VlQ38Y5gskHpUM6fqZJsHTsRxyNcRoSDkEwWu4JU8jEX7rbfZ6aYmZ8SiEhrJm5EBV032uGuz-ikICk33z3_BGUU5bpCOvLVa9ZFLcnysA1cPj1VszFZJtC7D0FMKEFjWIvjVCDszFm8Vet5C530ZOGkPs6VhqnYPBR3XSlhee6JPJ5eFxjaG3vysu2TRERcZyPulmEIsDmHCWunVsu2wMa77HvcoQHHhU4v5Lgx1gfkKpoPjSxAmZggA2vM7A_q7NQDwTWLOmJBeWiwsVyrCib3p8uo_Ee0Z5GuhOhWq26pxhvSevj7aqHAieDLvzlucegjTMS_rr2wd3AYmKuxi3xJ3xSkJT1h8MMgBU50IUaY0qT_EX9AbxXNfpaEsrPa1Usj5fI1Hy5GkIIBBI8ANQTnKYE7aiNhb_objkESEkEBIoMYt1uK58t8qktVXwK0n_hI2fOeVKbgKrdaXAySZozeZX2q6V6e_iBGAFgAQ
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.27.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ra-in-f154.1e100.net
Software
cafe /
Resource Hash
d5d2c4c628b9ac26b34824c6dcdc04a6032792a83407d9e0cf38658735187807
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23857
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:54 GMT
server
nginx
x-server-name
app10.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXyq3IQCB_rQDbnVa--a205ZaEUI7aDdWSLdWsq7fHzkvZ8d_k&d=CokBAKAmf-BtmCJm1G-tfCvVC-g-LstrWKdI23bZbjyAbb7T_jQ_J8zSQQXIFDLm87xbWaPFED_t7sx8mRLAGb8v2cKLjHAMUkTvRrphPct3WgEoVS8rhvS_DfYcq80q_8sAv2F0j_nFycohA1EtPvn7cGtYnJgbuKQ0OhZSfwct4XGYSPv2Xe8wi0QS-RUAoCZ_4Doh3chFBJY8mvcN-7mQ23R9LBa0HYVNdzxXzaiz5-5ZzYcCgQJ9m2frJtlVeR8S707GmZkea8bnsybjKjhVOuUMZyCkvyc7RXJszEtcX_H7xBy3VvbejRxI46lggQeGW_RXZAYUXO2SPcFukJo79Dm9qTIGbyyXxgTZVePwg3fgZ38YYtNTzEY5lYQe0Cba4_DmBLREjq5WiRrFSwdcdGlLMwDF_bpScnVAnyUuzf8etbAaTrNL3IUkiafTLMZY5QWZEW47PPsNxbvZ3mMTunRa2qcmO6raGc0BsnpIopca3e07_ouxzjoXJESEqMCOfu3w5RVHCsUa81mCreTGqeP9kk_04F7pDXI_APpMBwJA3_zYW0qFMSy_FTHD92bsdX-BJFE58WgW_ZrluEHUr78ProcpEL68Rq30rPuIuF0sMZK_gR2-eia4TYdkJpvfkBpkZHxQEZ2ikkvciIgseiL4uK4J9KsnXiR9BRBtBoFIxjxC4x234NUylgMdwCX2szaLOXMRA4iQW7Zp_GtztLT4FO8OAfULsWfHWHGyGQr_gRctco2xkjIHhk315p0NXXk0rUDbm2AahcKFfb9pv9Ib-M7IGEosaW0TqzX_FcCgEWNTsxeQ04-qXXIst9YvOn-l_HYaakUXF9bRKTynjazE4ieWFqI_JRxamy0UMzn1BU0uwbZgrdLCfYlqPufpQzh13dtBwokaghaiYKg1FrR4MUDyI1PW97Z5cergY4pdzfksLnG1YET_mFdB6gWtJluYK7aJXJuxyd2ZvTS8qqJwU_r5KtlgyP5YnHGsHsVot_XfgcnZMhE1CAdmBezZ6Knnm1p765a7_ZL43DdCPN2Srw6RR6_qh3VO6ooSi2Y74a4f-nRrASPAQXVlpKhnYJi3zwdyR5XtyAzHDwJ0sbPvniNgORiUzRtkmUphIdbc1z9p3b6KiozOxgo_aTqHkb-KdvEUDVCkjJSa9kNdxBrcXL8NGuvdbYlztgiwOa2d-mYrDwVlkhhaG7z31VePg1VnLhgHwQkTu3s7dm_k0XUwkYM71VQbgPZXmSeo_iY0vj6IeaPgyxMKozbuMj_3Jp8vxfVT-N_xb9Dudj0bFlNhCWpHI3jsJdbWj35OFCJ-0QMmhl0CM8EQAja1QikrkZayJxFZArLC4G3asKd9f3zRZsVXQROPfib50LLWAga4TmspTXEHaseeOW7RLHIxJiTQTp5rabvebQ_ZzAXMlUoE1z-7SdYb0cKsA7bmGemDG951JeHAPPNxMnaESHdiF77aAELCZ9D4gqhpxUBvvmPrmvEcBGgKNoQJ8qmBSqgaTD-6DOjKbIMieMWpSjM1Atnj4iHf5Ok6Iv5zYL1HOYlPX0_lGQQSHd6-4o4k8vs5SgrLD_Q1tyMmf2In8fra-f55o3WjtXjmYqifU02Dstle1yB1kGhP9y3Pp-0hBY8q90zbmUvxVCyMWs-GtAGpzB7HanzIXpcyWYXgPBEuAcXjfqMENOuWegTsqzaTHkjd6XRU8fR1V1ybsyK4cQPyB1l2BVaVrO69HxW8MkDNvzu8wZIVwfcIxWLso6hlG69tfOjS2UZDwqWPhKm6Nhl9b16ct9uoTXVnKW2ZcIj9aV_ZcbZsYtYadAof18IwvmfVkGWPjz9qNXGAcv3JbtZ0O3-hLGfiCZMEBdcMHIb9QuvUpudwpNFxigFSQkQ5jezzWj8aCjrM14G4IQLF51gEpdAVDwmrdYFWz-Phz_4L5WGDzipEzPOv-FOhoiayuFA6lZW8U4nmpArwb1tREJ9u4T4zFPPoTBvTQFQEeOUypFGvGS_0YVcWar-z-4kBkM2P0KF9w2T7lXDSHTbT-YUEeEiJzfl_Uz2nR5gc-cZ4ActyOZgyS7FcIPCiIa_cDVQnwwMGoksyxziHqySnBYM7FKRooZVsW6Y4y76-dFcHPvKQprcKKrZ7klDbcPsSzcrbW5v9WxGqC-NqNvCyVNh-dElaOIAXZpJi0s_hi06VE_CxjCM3jAgLdcLDiFjAHZu6-cqoV_jGQRYTb47zqTkS2XE9bZqfr0kowK0JwBxggmwH2qLx5-vag5INbAyNsmjC2A8EesJeb0ztmuvKd2akfXdQdjy041V11iveT7JLKc31R9c6-FLLccuDLvPuRHEQyuO_lpL1y9PzSk-W5PIUG8sSE1HQuRJbVBw8b5oxpKGR5uG-SqMQbqMAXPPtV7KhJhWEQ4wAoT9zTKr8vGNSJ5ic0HX1jpqzNcyO2bdzWnHLZ9axLJA7chDxvjEfODNvn_y_GzNraWWSGHZD188MDmgD0hU7UsJHEnnrsaMRx6Cq3lV_QFfw23KqSu2WaYt6SCB3RVxtPzpV0chem56O9rGtdoiysDEw2wsnW9LYGsvoNxMdxepNiXFnEO9c2s-wuo7nJNrdr-_k8o2YYp_OBl1vOqKuHIqyLm9-vvNIvNzyyGYm6Ka7iQNhbUbNM0Tq6Gn0Q4elOi7ygdkr1uxnBuYQhK0Bni43j25mVKEO2JqiQrnHfNkwI8rAH-Wme2_i_WntQxQNPco0h6NxfKlxaQxkbaArfRIz0H7ux9xlRPP3xS7nQZU2juAdA6EhxwbPq3vbKWMp4L9m_ryEKncuahsDtwsBiqvblD8KmBp0OGST0OeFSGCIKKEjhSrmujnwoexXr4VNNmxeUPHwzNqs6oxaJ9kVbW0MrBxfz8d2bBdguH95LKToVN6CEQY4HsfQ_0OG78cB_CwrOKwksXfHPkg_oCAiwgGorEgWKkF472srYLARWqbmkNThEECfyCl9USGaB98nl7ptl4skMugg0WCLxk6rfkiJAUtgZNZvwskmsphEUTX4V5bLT2hsY8t6g3wbZ9-svuaIw5Sny3_MTE0nDa9iBBmmeYg3PnLSnfd_vTFcCt2J16qHYs5GKsWo6J7ZZ5Q1jOUb9pYcGRUI9Vo99AcShfKQBCOhAznw2u8xBPZ3wJ8Om-PU8j4Wqa-RiGkMllRh70qHSJDp6AOUQSthpHJur7Ykm5YZJh52kNIPTbx6e_NnF7xLIH_0x5dWIDbrGym2ZYbjlw-T2fExQ818B47cZHcq9O21xCvxtilk4QJq1mHvs4wUUTzdeMSeGI-Mq3fRurM2dN4D5Wq8vy8tBdg6edc3LpVDkSpxlWvONEfe3G7BBJTeiNsRzmOVZIKrgf07q_Nsa-95eQkfoKqYijMs1LWd8C7zgTMjSBu6PIONzv-JMWYQaR3jtWYbB8tqggek8pWC0mz0Hk6zcM1oCypB8PLJ67ReoqkRHIGpHOv1fHLV1B8VqDz1_wsV2gBsrUUIn5ojjOFGQmT1qkovLL34FUh8GUVs7VlQ38Y5gskHpUM6fqZJsHTsRxyNcRoSDkEwWu4JU8jEX7rbfZ6aYmZ8SiEhrJm5EBV032uGuz-ikICk33z3_BGUU5bpCOvLVa9ZFLcnysA1cPj1VszFZJtC7D0FMKEFjWIvjVCDszFm8Vet5C530ZOGkPs6VhqnYPBR3XSlhee6JPJ5eFxjaG3vysu2TRERcZyPulmEIsDmHCWunVsu2wMa77HvcoQHHhU4v5Lgx1gfkKpoPjSxAmZggA2vM7A_q7NQDwTWLOmJBeWiwsVyrCib3p8uo_Ee0Z5GuhOhWq26pxhvSevj7aqHAieDLvzlucegjTMS_rr2wd3AYmKuxi3xJ3xSkJT1h8MMgBU50IUaY0qT_EX9AbxXNfpaEsrPa1Usj5fI1Hy5GkIIBBI8ANQTnKYE7aiNhb_objkESEkEBIoMYt1uK58t8qktVXwK0n_hI2fOeVKbgKrdaXAySZozeZX2q6V6e_iBGAFgAQ
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame CF42 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 01:04:21 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
9268534
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
yDPio6P4wlIJ6K2t4oTzzAIOySnWvTLdb3i8v8GBdoBxl5IpRuM_uA==
dt
dt.adsafeprotected.com/ Frame 0B2E 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=b4a7d2af-6386-f4ed-b76e-16d38000cb76&tv=%7Bc:5GHjTO,pingTime:-2,time:143,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:297,beZ:299,mfA:301,cmA:303,inA:303,inZ:307,prA:308,prZ:314,si:322,poA:324,bl:346,poZ:346,cmZ:347,mfZ:347,loA:370,loZ:374,ltA:439,ltZ:439%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:90,t:24%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:143,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B135~0%5D,as:%5B135~970.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:txkxMQV+11%7C12%7C13%7C14%7C1511%7C16*.1135760-69474538%7C161%7C171,idMap:16*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,siq:25,sinceFw:115,readyFired:false%7D&br=c
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:b818:916:ed27:48c4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:55 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 6FC1 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=542b93e6-25c5-e4a8-eae4-c8d353bcca5d&tv=%7Bc:5GHjUj,pingTime:-3,time:84,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:25%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:84,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B77~0%5D,as:%5B77~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:txkxMSn+11%7C12%7C13%7C14%7C1511%7C161%7C162%7C163%7C17*.1135760-65089100%7C171,idMap:17*,rmeas:1,rend:0,renddet:IMG.us,siq:26%7D&br=c
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:b818:916:ed27:48c4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:55 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 6FC1 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=542b93e6-25c5-e4a8-eae4-c8d353bcca5d&tv=%7Bc:5GHjUk,pingTime:-6,time:85,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:85,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B78~0%5D,as:%5B78~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:txkxMSn+11%7C12%7C13%7C14%7C1511%7C161%7C162%7C163%7C17*.1135760-65089100%7C171,idMap:17*,rmeas:1,rend:0,renddet:IMG.us,siq:26%7D&tpiLookup=ao:olhardireto.com.br*&br=c
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:b818:916:ed27:48c4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:55 GMT
server
nginx
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 6FC1 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=542b93e6-25c5-e4a8-eae4-c8d353bcca5d&tv=%7Bc:5GHjUy,pingTime:-2,time:99,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:378,beZ:380,mfA:382,cmA:383,inA:384,inZ:388,prA:388,prZ:397,si:404,poA:406,poZ:430,cmZ:430,mfZ:430,loA:464,loZ:466,ltA:477,ltZ:477%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:25%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:99,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B92~0%5D,as:%5B92~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:txkxMQV+11%7C12%7C13%7C14%7C1511%7C16.1135760-69474538%7C161%7C162%7C163%7C17*.1135760-65089100%7C171,idMap:17*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:26,sinceFw:72,readyFired:false%7D&br=c
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:b818:916:ed27:48c4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:55 GMT
server
nginx
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9A13 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
46815
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Mar 2023 18:39:39 GMT
expires
Thu, 29 Feb 2024 18:39:39 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 03 Mar 2023 07:39:54 GMT
U1KVG_mJ4Y43Q94sC__L5Y27Ilp_TqM8IF3zBLVmW9g.js
pagead2.googlesyndication.com/bg/ Frame 3737 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/U1KVG_mJ4Y43Q94sC__L5Y27Ilp_TqM8IF3zBLVmW9g.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5352951bf989e18e3743de2c0bffcbe58dbb225a7f4ea33c205df304b5665bd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 15:53:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
56798
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14276
x-xss-protection
0
last-modified
Thu, 23 Feb 2023 13:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Feb 2024 15:53:16 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 0B2E 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
Origin
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 11:42:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71862
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 02 Mar 2023 11:42:13 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/ Frame 0B2E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/omrhp.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1135760/69474538/xbbe/creative/adj?p=APEucNXYmfPfoTjVmlF1Jd08IEchMLhOXyCx7g9zBnXZB--j0HxovnQ&d=CokBAKAmf-C00twB4LvsVFHWZmnMkbiD422gRFFnC8alz5EuIhaRAigHN-7aZRsiAEhgVrw3kELi1Cl5clvfrNdSyH-YXQQp0cvBUzzaSzK5MWI16Kmk0kA6THZ2WbtYdwZiaEJswsa7GzrQs4aKAfClnlvzukZZ4DnCYTuSa38p9iQf3KLUCr6U6vIS-RUAoCZ_4Do3CgJYLWIrM-BzMulzcrakirfb3-uVeTKioWIXnk-QuQur1zdO5Ia8iAa7qeyRX5vxjDJhN7cAKq51B7BAWDO8L34onel2tsCCvdZcn75x7DgM7rvl78hZTUeT7gRT9fcjsA302rO40SC__cWrRAKCHXa6scLWSMrML67w5hyRuyZrKiZ7ey5leB-P1dft-adeyvrE_lEvWUe_j5kRxw6KU7H85K2I72K40woVc_TKX4_IpJAZftJk1KcASdfl5qy6L8x2olqOb6nFrc1FqjhOF1yqYV67tOrn8n3GcsXLsPgvS7wlYayXu-EgfeQzo2OK6vAo6Rs0TlbnxB8HUCf_H4lgg4WaijX9TCcgBEFOYy4YZA_j7nUt-2iJ7EzP0WKm62B-Og3SQgM3_jqh9Gk3e4HYvjsuHjmw37X2M1npBRuN6-pKcJh4GfA-1W7JdkRS9xoJb7otS3A8NpCMJktAGvnkPrJXO9zCsetpYmb5TblKc5i7vrS6qjFZBvFwm4i1QuP9YBmvspSTZP3eYCH_KVYobdwL4PuAUqAOfmTSacDZLwjTgpIJOObxaIQpo6ZUovgI0iyASkJwOy0m846ROps8GVzJTfjIPomXuffAo3lI8pPAxLeAwcx2cqa8OJLlMSXXQyUDjD2mLcikajE_wjrPlF16WmO9SFpCS8KFBBlPSBu-ljMq2BvTAxw0fi0oON-8FtEFYasHiouIr4nyoHgVEQtfSFGCzz4kzFgMaYQTeqtAKHL_gwCttmZItS431e2eb25JyCjeQvsW4OWN3l3_ou8gyc_nlIDAcKi12RsVtex39ohAw-gKE4BtVJ7t2NOe-14SwK0EdyqUIb8mw-2S9f4OrNyqlqR4bc0M9TA5BRCjSnrdvAYjqmy8YXXmbOZqW8xb2uqpaLr5VTsYH-OPkwsycZA2g-9bWwUMxysMTefnkHP_9Q_EhiPtJjnVmE2KHgqObcqCg_hIbDDKh3m-gWgGqXxzynRLKnIoAdcfeN1V5LvNHuc_wUWBryBVT4QI1Zrp3GFF7QPWvH6LVfVayIJZYXWKyWhlZVbbAqA2Tyty7zeZ6i7k4MA-G-O2-HwKYStJToAtHYLd5Z7sX85tTNvyXYi4glyqQNN6t6kO76ILP9NL9MPGTYJZ3io8UApPeP0cXNdRflzoK7j8Ftz6WddIBWFUw-dlZoh7HIx8jvdPdgSr2dsKA3PQob8xvfbA1P-lBnTTCnmKRjg18xlqrj8mmmLYUw0_ygmLzoeGt-ybX0Ho4qjTtN7QmR1OOImAYV2m3CX7UkNeZnAwd7WdBved6r-C3LboFUiDI-r0O9gZYnwaBW1mGLV_T1xM7tnYPU4BJoFnXWH3PzHaTq4qK8GcZ3kBZm3eKGNpHhscnFpVBSqo92gP7FnXHwmw0Im9vmlAZlKlgWCZkIRAgQ62_qu4oLxV62l2Q0xEw7sigzolOuqhF6VDC3m5ucQoeqmBtUlXC4oQdQfAmsFZBrHc55znoKOQ44AJESgk7alsuy3dFnyfLL0Sf1skwA-C-q4jz9CfC7gvGBUHtyzO0-X-6abgif2UL8xRc4_GLJqEynRdMC6Q6YhIondZr8-JSIC2WMBpxNv6MG126qU1EgmS5uVEGXNXs69dpujezLX7RAXQ7jh9ngBX_FX_vl369_wl4IC7HgFZPyqTGwy-BY00tyqa5ODo2C09OJLMTiNHJP4_wBKhQYdk8yxPYFH2urAAbONn4Bk4Y5MaRDjD8ELrDzHkrK3PP4dtmYkxJQQd5kcq4PN1LqmO0zDBOTqKP_ywxhXF3LzAdFLk97oM2veYdNTi4TKvl8FKCElJNLdF3k43OPedXfHaWS1nfbvl1haJ0woQvtVe5Z4FnLZVgNHw03Z4fC0VdEKAVQ13PPWb_iWcSbCpBBRqHXa3Y6pFrsCWWbKi90VeRbMlnO12GvX_2ShDtNCYaPeED10a8AcWBl94_CussFzuKH5j9YNfKS69jvqkqRjeqW7A1Jb92E80qkZ7XWmpP2bxLGtkX5JzQUqicYbMLyBWBp07s9QmdgqOQZz-pv11uTZ8m3axOK8kp3uj4YI85-Ez4e9KudRSx-e394SZDJDFR_eDrjThTRpL3BX-z3K2Hm1IeplOAKZUGYwdV3QMTjAzFOTt6EaF6tOWYoY0JFlig7txwAf_OjFip4DcZd1Uq4mOAkevHFk3DT15vO9mGM9W9WJa30H7r_nWqsxAM0yVg8GQiAsAU8jGIZGA4L29e9fBwI7oudZIvgXIVUZG0n4-X4NBzAyv6w6VVnzV_vRt6noq_Uv9x-pwTg7Z-cM1Oc5aDY2X3mvnJvSneiE9cRz3HmbrwFXtZMKdMDr9B3vJJ84cqtCegIrp57GWHzqlMvTyRqTF5RpHhBiSqWL12TxBNxn5MK6-FNEnuEGbQ_nsyYVXcGo6jLzt2QX_oOaI-tmrnbhEkcU0MclO90t-Au8yxFDi3KSxozjvmN8HDFZdg8yyWqB9FJ-D6-z9E8_W_xhUnNPrIURldj2WdK3B9cWo4bDFSOyM5RO0fa_nu1hk71yJCHabfhA8NclVLDSUnPaVcibciERgw4lXtSE03qbMVqajTfWsXqEmn7BUIdJpOEZyBveVDZytUO4EGRXXs3jr4nNbi1ErK2XNqB3y0Gn3ogtNVr_Nbh-y24ciRgE8l0VhqbhiNHiA-Qdg1DoICc7fsOBRQK6C_JAcPa15BzwAblfrBnSmiZKXJFLU_A-Y6PO04HmaC2H2mR9BWjFW2IYfrGAxuheNKRrqNPQFqW1WjhzejCo5r4uVyfLlSrLmzHk4MG3Az2Nnh9y0004APAhdYGNcuLNvzkvHkknsVPjynINgad5JbXVrDpMeFMJBwJPtbMgqBf1vPYMbT1lJ47_p7CW_H1mbP0rR8ydEu8yNnlFqcrn24gDg4RyiOafWVmsSAhiDfQXuudmvEC_Xw8wSkT25GY5A-dz8LouHOzZcCAgbSRiEpYmHHUlRR4GcaqDtEogOQSgTiQGsScz2rU6Nq1m1uPH38Ya5Em2KB2cKP2Q6OuMPSjWxFMdIRfK61F0eurrrGSBHdbakaRqDc80wjzNHdZdIO0Gco35e8_1hq4ke_1r2C0wnVvaHXoIiGhJ7YQm28RG-5OU5fKQ5ajfXUergc5tlcWLef04BitdIFFQXCFk0qnn9b9j3wPaVvdSJ-ysjDkSRO8hiPNTAkB87MPExvLl4Hwn33Y_f75x6_JUj01mPjyy9YIrAhws9cyJ0WyEa3VIjC2Yw2kj3hITQurBDzsu3eMSXiexo3XBQIixINYBAQrFOHPUJc2qEhzPOg8V-lPsIuxn-XKj8ddHT-Rj7UwP927t1PRnJxu8SkIvRKDi5SSiGGnS9woG7VgDOq-OpvrPJsHpCvJ7netJehaSDEP4AH5WxKdrGdjSua6ibuOs1zhTLsSFEkwghjzDPsYV2Qz1SlmNHx78ASAuISPUqBfXUZzWRCE-LVA7Cl3vAGcHS8e6GLkXiWY6l2UYJHHI8GvxsziUpPcXhHiQ0gdiBvhi4dTc7jLXpmGfdO71heXdcqrkystkY0EkGRr_yZK_O71EkWtSo-0FqK6-kXAJES4M-gJlfgXBNBjG7-EM3OL0vR0mn_Clbz-TK1QoAQjrV48vIFOCXmGq9bb68mR0EAHg4euIQVbz05NfbY_-3doJvuCpdxa3-sFpqWaVewxaCrBCWS51nCJghLZvzP4QoTEbeGkIIBBI8ANQTnKYE7aiNhb_objkESEkEBIoMYt1uK58t8qktVXwK0n_hI2fOeVKbgKrdaXAySZozeZX2q6V6e_iBGAFgAQ&bundleId=&ias_dspID=3&ias_campId=1008772806&ias_pubId=pub-3619045887187031&ias_chanId=1&ias_placementId=18132952210&bidurl=https://olhardireto.com.br/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0glamt4Zr2TaflPYtZHVBHy&adsafe_url=https%3A%2F%2Folhardireto.com.br&adsafe_type=y&adsafe_url=https%3A%2F%2Folhardireto.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:b4a7d2af-6386-f4ed-b76e-16d38000cb76,c:5GHjRT,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-65fb65bbbb-gc46q,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:txkxMQV+11%7C12%7C13%7C14%7C1511%7C16*.1135760-69474538%7C161%7C171,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:25,oid:6c7ab1bb-b8cd-11ed-bf1a-26554d542d0c,v:19.8.397,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 18:39:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
46815
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3023
x-xss-protection
0
server
cafe
etag
4221495933888618527
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Mar 2023 18:39:39 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame 0B2E 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1135760/69474538/xbbe/creative/adj?p=APEucNXYmfPfoTjVmlF1Jd08IEchMLhOXyCx7g9zBnXZB--j0HxovnQ&d=CokBAKAmf-C00twB4LvsVFHWZmnMkbiD422gRFFnC8alz5EuIhaRAigHN-7aZRsiAEhgVrw3kELi1Cl5clvfrNdSyH-YXQQp0cvBUzzaSzK5MWI16Kmk0kA6THZ2WbtYdwZiaEJswsa7GzrQs4aKAfClnlvzukZZ4DnCYTuSa38p9iQf3KLUCr6U6vIS-RUAoCZ_4Do3CgJYLWIrM-BzMulzcrakirfb3-uVeTKioWIXnk-QuQur1zdO5Ia8iAa7qeyRX5vxjDJhN7cAKq51B7BAWDO8L34onel2tsCCvdZcn75x7DgM7rvl78hZTUeT7gRT9fcjsA302rO40SC__cWrRAKCHXa6scLWSMrML67w5hyRuyZrKiZ7ey5leB-P1dft-adeyvrE_lEvWUe_j5kRxw6KU7H85K2I72K40woVc_TKX4_IpJAZftJk1KcASdfl5qy6L8x2olqOb6nFrc1FqjhOF1yqYV67tOrn8n3GcsXLsPgvS7wlYayXu-EgfeQzo2OK6vAo6Rs0TlbnxB8HUCf_H4lgg4WaijX9TCcgBEFOYy4YZA_j7nUt-2iJ7EzP0WKm62B-Og3SQgM3_jqh9Gk3e4HYvjsuHjmw37X2M1npBRuN6-pKcJh4GfA-1W7JdkRS9xoJb7otS3A8NpCMJktAGvnkPrJXO9zCsetpYmb5TblKc5i7vrS6qjFZBvFwm4i1QuP9YBmvspSTZP3eYCH_KVYobdwL4PuAUqAOfmTSacDZLwjTgpIJOObxaIQpo6ZUovgI0iyASkJwOy0m846ROps8GVzJTfjIPomXuffAo3lI8pPAxLeAwcx2cqa8OJLlMSXXQyUDjD2mLcikajE_wjrPlF16WmO9SFpCS8KFBBlPSBu-ljMq2BvTAxw0fi0oON-8FtEFYasHiouIr4nyoHgVEQtfSFGCzz4kzFgMaYQTeqtAKHL_gwCttmZItS431e2eb25JyCjeQvsW4OWN3l3_ou8gyc_nlIDAcKi12RsVtex39ohAw-gKE4BtVJ7t2NOe-14SwK0EdyqUIb8mw-2S9f4OrNyqlqR4bc0M9TA5BRCjSnrdvAYjqmy8YXXmbOZqW8xb2uqpaLr5VTsYH-OPkwsycZA2g-9bWwUMxysMTefnkHP_9Q_EhiPtJjnVmE2KHgqObcqCg_hIbDDKh3m-gWgGqXxzynRLKnIoAdcfeN1V5LvNHuc_wUWBryBVT4QI1Zrp3GFF7QPWvH6LVfVayIJZYXWKyWhlZVbbAqA2Tyty7zeZ6i7k4MA-G-O2-HwKYStJToAtHYLd5Z7sX85tTNvyXYi4glyqQNN6t6kO76ILP9NL9MPGTYJZ3io8UApPeP0cXNdRflzoK7j8Ftz6WddIBWFUw-dlZoh7HIx8jvdPdgSr2dsKA3PQob8xvfbA1P-lBnTTCnmKRjg18xlqrj8mmmLYUw0_ygmLzoeGt-ybX0Ho4qjTtN7QmR1OOImAYV2m3CX7UkNeZnAwd7WdBved6r-C3LboFUiDI-r0O9gZYnwaBW1mGLV_T1xM7tnYPU4BJoFnXWH3PzHaTq4qK8GcZ3kBZm3eKGNpHhscnFpVBSqo92gP7FnXHwmw0Im9vmlAZlKlgWCZkIRAgQ62_qu4oLxV62l2Q0xEw7sigzolOuqhF6VDC3m5ucQoeqmBtUlXC4oQdQfAmsFZBrHc55znoKOQ44AJESgk7alsuy3dFnyfLL0Sf1skwA-C-q4jz9CfC7gvGBUHtyzO0-X-6abgif2UL8xRc4_GLJqEynRdMC6Q6YhIondZr8-JSIC2WMBpxNv6MG126qU1EgmS5uVEGXNXs69dpujezLX7RAXQ7jh9ngBX_FX_vl369_wl4IC7HgFZPyqTGwy-BY00tyqa5ODo2C09OJLMTiNHJP4_wBKhQYdk8yxPYFH2urAAbONn4Bk4Y5MaRDjD8ELrDzHkrK3PP4dtmYkxJQQd5kcq4PN1LqmO0zDBOTqKP_ywxhXF3LzAdFLk97oM2veYdNTi4TKvl8FKCElJNLdF3k43OPedXfHaWS1nfbvl1haJ0woQvtVe5Z4FnLZVgNHw03Z4fC0VdEKAVQ13PPWb_iWcSbCpBBRqHXa3Y6pFrsCWWbKi90VeRbMlnO12GvX_2ShDtNCYaPeED10a8AcWBl94_CussFzuKH5j9YNfKS69jvqkqRjeqW7A1Jb92E80qkZ7XWmpP2bxLGtkX5JzQUqicYbMLyBWBp07s9QmdgqOQZz-pv11uTZ8m3axOK8kp3uj4YI85-Ez4e9KudRSx-e394SZDJDFR_eDrjThTRpL3BX-z3K2Hm1IeplOAKZUGYwdV3QMTjAzFOTt6EaF6tOWYoY0JFlig7txwAf_OjFip4DcZd1Uq4mOAkevHFk3DT15vO9mGM9W9WJa30H7r_nWqsxAM0yVg8GQiAsAU8jGIZGA4L29e9fBwI7oudZIvgXIVUZG0n4-X4NBzAyv6w6VVnzV_vRt6noq_Uv9x-pwTg7Z-cM1Oc5aDY2X3mvnJvSneiE9cRz3HmbrwFXtZMKdMDr9B3vJJ84cqtCegIrp57GWHzqlMvTyRqTF5RpHhBiSqWL12TxBNxn5MK6-FNEnuEGbQ_nsyYVXcGo6jLzt2QX_oOaI-tmrnbhEkcU0MclO90t-Au8yxFDi3KSxozjvmN8HDFZdg8yyWqB9FJ-D6-z9E8_W_xhUnNPrIURldj2WdK3B9cWo4bDFSOyM5RO0fa_nu1hk71yJCHabfhA8NclVLDSUnPaVcibciERgw4lXtSE03qbMVqajTfWsXqEmn7BUIdJpOEZyBveVDZytUO4EGRXXs3jr4nNbi1ErK2XNqB3y0Gn3ogtNVr_Nbh-y24ciRgE8l0VhqbhiNHiA-Qdg1DoICc7fsOBRQK6C_JAcPa15BzwAblfrBnSmiZKXJFLU_A-Y6PO04HmaC2H2mR9BWjFW2IYfrGAxuheNKRrqNPQFqW1WjhzejCo5r4uVyfLlSrLmzHk4MG3Az2Nnh9y0004APAhdYGNcuLNvzkvHkknsVPjynINgad5JbXVrDpMeFMJBwJPtbMgqBf1vPYMbT1lJ47_p7CW_H1mbP0rR8ydEu8yNnlFqcrn24gDg4RyiOafWVmsSAhiDfQXuudmvEC_Xw8wSkT25GY5A-dz8LouHOzZcCAgbSRiEpYmHHUlRR4GcaqDtEogOQSgTiQGsScz2rU6Nq1m1uPH38Ya5Em2KB2cKP2Q6OuMPSjWxFMdIRfK61F0eurrrGSBHdbakaRqDc80wjzNHdZdIO0Gco35e8_1hq4ke_1r2C0wnVvaHXoIiGhJ7YQm28RG-5OU5fKQ5ajfXUergc5tlcWLef04BitdIFFQXCFk0qnn9b9j3wPaVvdSJ-ysjDkSRO8hiPNTAkB87MPExvLl4Hwn33Y_f75x6_JUj01mPjyy9YIrAhws9cyJ0WyEa3VIjC2Yw2kj3hITQurBDzsu3eMSXiexo3XBQIixINYBAQrFOHPUJc2qEhzPOg8V-lPsIuxn-XKj8ddHT-Rj7UwP927t1PRnJxu8SkIvRKDi5SSiGGnS9woG7VgDOq-OpvrPJsHpCvJ7netJehaSDEP4AH5WxKdrGdjSua6ibuOs1zhTLsSFEkwghjzDPsYV2Qz1SlmNHx78ASAuISPUqBfXUZzWRCE-LVA7Cl3vAGcHS8e6GLkXiWY6l2UYJHHI8GvxsziUpPcXhHiQ0gdiBvhi4dTc7jLXpmGfdO71heXdcqrkystkY0EkGRr_yZK_O71EkWtSo-0FqK6-kXAJES4M-gJlfgXBNBjG7-EM3OL0vR0mn_Clbz-TK1QoAQjrV48vIFOCXmGq9bb68mR0EAHg4euIQVbz05NfbY_-3doJvuCpdxa3-sFpqWaVewxaCrBCWS51nCJghLZvzP4QoTEbeGkIIBBI8ANQTnKYE7aiNhb_objkESEkEBIoMYt1uK58t8qktVXwK0n_hI2fOeVKbgKrdaXAySZozeZX2q6V6e_iBGAFgAQ&bundleId=&ias_dspID=3&ias_campId=1008772806&ias_pubId=pub-3619045887187031&ias_chanId=1&ias_placementId=18132952210&bidurl=https://olhardireto.com.br/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0glamt4Zr2TaflPYtZHVBHy&adsafe_url=https%3A%2F%2Folhardireto.com.br&adsafe_type=y&adsafe_url=https%3A%2F%2Folhardireto.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:b4a7d2af-6386-f4ed-b76e-16d38000cb76,c:5GHjRT,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-65fb65bbbb-gc46q,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:txkxMQV+11%7C12%7C13%7C14%7C1511%7C16*.1135760-69474538%7C161%7C171,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:25,oid:6c7ab1bb-b8cd-11ed-bf1a-26554d542d0c,v:19.8.397,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
555cb911a280dae2e7ab778b5403e27a81533f7b53cfac255d67e175a96c6e86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 18:39:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
46815
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11134
x-xss-protection
0
server
cafe
etag
11889138295710991679
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Mar 2023 18:39:39 GMT
U1KVG_mJ4Y43Q94sC__L5Y27Ilp_TqM8IF3zBLVmW9g.js
pagead2.googlesyndication.com/bg/ Frame 9A13 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/U1KVG_mJ4Y43Q94sC__L5Y27Ilp_TqM8IF3zBLVmW9g.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5352951bf989e18e3743de2c0bffcbe58dbb225a7f4ea33c205df304b5665bd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 15:53:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
56798
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14276
x-xss-protection
0
last-modified
Thu, 23 Feb 2023 13:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Feb 2024 15:53:16 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 6FC1 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
Origin
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 11:42:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71862
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 02 Mar 2023 11:42:13 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/ Frame 6FC1 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/omrhp.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1135760/65089100/xbbe/creative/adj?p=APEucNXyq3IQCB_rQDbnVa--a205ZaEUI7aDdWSLdWsq7fHzkvZ8d_k&d=CokBAKAmf-BtmCJm1G-tfCvVC-g-LstrWKdI23bZbjyAbb7T_jQ_J8zSQQXIFDLm87xbWaPFED_t7sx8mRLAGb8v2cKLjHAMUkTvRrphPct3WgEoVS8rhvS_DfYcq80q_8sAv2F0j_nFycohA1EtPvn7cGtYnJgbuKQ0OhZSfwct4XGYSPv2Xe8wi0QS-RUAoCZ_4Doh3chFBJY8mvcN-7mQ23R9LBa0HYVNdzxXzaiz5-5ZzYcCgQJ9m2frJtlVeR8S707GmZkea8bnsybjKjhVOuUMZyCkvyc7RXJszEtcX_H7xBy3VvbejRxI46lggQeGW_RXZAYUXO2SPcFukJo79Dm9qTIGbyyXxgTZVePwg3fgZ38YYtNTzEY5lYQe0Cba4_DmBLREjq5WiRrFSwdcdGlLMwDF_bpScnVAnyUuzf8etbAaTrNL3IUkiafTLMZY5QWZEW47PPsNxbvZ3mMTunRa2qcmO6raGc0BsnpIopca3e07_ouxzjoXJESEqMCOfu3w5RVHCsUa81mCreTGqeP9kk_04F7pDXI_APpMBwJA3_zYW0qFMSy_FTHD92bsdX-BJFE58WgW_ZrluEHUr78ProcpEL68Rq30rPuIuF0sMZK_gR2-eia4TYdkJpvfkBpkZHxQEZ2ikkvciIgseiL4uK4J9KsnXiR9BRBtBoFIxjxC4x234NUylgMdwCX2szaLOXMRA4iQW7Zp_GtztLT4FO8OAfULsWfHWHGyGQr_gRctco2xkjIHhk315p0NXXk0rUDbm2AahcKFfb9pv9Ib-M7IGEosaW0TqzX_FcCgEWNTsxeQ04-qXXIst9YvOn-l_HYaakUXF9bRKTynjazE4ieWFqI_JRxamy0UMzn1BU0uwbZgrdLCfYlqPufpQzh13dtBwokaghaiYKg1FrR4MUDyI1PW97Z5cergY4pdzfksLnG1YET_mFdB6gWtJluYK7aJXJuxyd2ZvTS8qqJwU_r5KtlgyP5YnHGsHsVot_XfgcnZMhE1CAdmBezZ6Knnm1p765a7_ZL43DdCPN2Srw6RR6_qh3VO6ooSi2Y74a4f-nRrASPAQXVlpKhnYJi3zwdyR5XtyAzHDwJ0sbPvniNgORiUzRtkmUphIdbc1z9p3b6KiozOxgo_aTqHkb-KdvEUDVCkjJSa9kNdxBrcXL8NGuvdbYlztgiwOa2d-mYrDwVlkhhaG7z31VePg1VnLhgHwQkTu3s7dm_k0XUwkYM71VQbgPZXmSeo_iY0vj6IeaPgyxMKozbuMj_3Jp8vxfVT-N_xb9Dudj0bFlNhCWpHI3jsJdbWj35OFCJ-0QMmhl0CM8EQAja1QikrkZayJxFZArLC4G3asKd9f3zRZsVXQROPfib50LLWAga4TmspTXEHaseeOW7RLHIxJiTQTp5rabvebQ_ZzAXMlUoE1z-7SdYb0cKsA7bmGemDG951JeHAPPNxMnaESHdiF77aAELCZ9D4gqhpxUBvvmPrmvEcBGgKNoQJ8qmBSqgaTD-6DOjKbIMieMWpSjM1Atnj4iHf5Ok6Iv5zYL1HOYlPX0_lGQQSHd6-4o4k8vs5SgrLD_Q1tyMmf2In8fra-f55o3WjtXjmYqifU02Dstle1yB1kGhP9y3Pp-0hBY8q90zbmUvxVCyMWs-GtAGpzB7HanzIXpcyWYXgPBEuAcXjfqMENOuWegTsqzaTHkjd6XRU8fR1V1ybsyK4cQPyB1l2BVaVrO69HxW8MkDNvzu8wZIVwfcIxWLso6hlG69tfOjS2UZDwqWPhKm6Nhl9b16ct9uoTXVnKW2ZcIj9aV_ZcbZsYtYadAof18IwvmfVkGWPjz9qNXGAcv3JbtZ0O3-hLGfiCZMEBdcMHIb9QuvUpudwpNFxigFSQkQ5jezzWj8aCjrM14G4IQLF51gEpdAVDwmrdYFWz-Phz_4L5WGDzipEzPOv-FOhoiayuFA6lZW8U4nmpArwb1tREJ9u4T4zFPPoTBvTQFQEeOUypFGvGS_0YVcWar-z-4kBkM2P0KF9w2T7lXDSHTbT-YUEeEiJzfl_Uz2nR5gc-cZ4ActyOZgyS7FcIPCiIa_cDVQnwwMGoksyxziHqySnBYM7FKRooZVsW6Y4y76-dFcHPvKQprcKKrZ7klDbcPsSzcrbW5v9WxGqC-NqNvCyVNh-dElaOIAXZpJi0s_hi06VE_CxjCM3jAgLdcLDiFjAHZu6-cqoV_jGQRYTb47zqTkS2XE9bZqfr0kowK0JwBxggmwH2qLx5-vag5INbAyNsmjC2A8EesJeb0ztmuvKd2akfXdQdjy041V11iveT7JLKc31R9c6-FLLccuDLvPuRHEQyuO_lpL1y9PzSk-W5PIUG8sSE1HQuRJbVBw8b5oxpKGR5uG-SqMQbqMAXPPtV7KhJhWEQ4wAoT9zTKr8vGNSJ5ic0HX1jpqzNcyO2bdzWnHLZ9axLJA7chDxvjEfODNvn_y_GzNraWWSGHZD188MDmgD0hU7UsJHEnnrsaMRx6Cq3lV_QFfw23KqSu2WaYt6SCB3RVxtPzpV0chem56O9rGtdoiysDEw2wsnW9LYGsvoNxMdxepNiXFnEO9c2s-wuo7nJNrdr-_k8o2YYp_OBl1vOqKuHIqyLm9-vvNIvNzyyGYm6Ka7iQNhbUbNM0Tq6Gn0Q4elOi7ygdkr1uxnBuYQhK0Bni43j25mVKEO2JqiQrnHfNkwI8rAH-Wme2_i_WntQxQNPco0h6NxfKlxaQxkbaArfRIz0H7ux9xlRPP3xS7nQZU2juAdA6EhxwbPq3vbKWMp4L9m_ryEKncuahsDtwsBiqvblD8KmBp0OGST0OeFSGCIKKEjhSrmujnwoexXr4VNNmxeUPHwzNqs6oxaJ9kVbW0MrBxfz8d2bBdguH95LKToVN6CEQY4HsfQ_0OG78cB_CwrOKwksXfHPkg_oCAiwgGorEgWKkF472srYLARWqbmkNThEECfyCl9USGaB98nl7ptl4skMugg0WCLxk6rfkiJAUtgZNZvwskmsphEUTX4V5bLT2hsY8t6g3wbZ9-svuaIw5Sny3_MTE0nDa9iBBmmeYg3PnLSnfd_vTFcCt2J16qHYs5GKsWo6J7ZZ5Q1jOUb9pYcGRUI9Vo99AcShfKQBCOhAznw2u8xBPZ3wJ8Om-PU8j4Wqa-RiGkMllRh70qHSJDp6AOUQSthpHJur7Ykm5YZJh52kNIPTbx6e_NnF7xLIH_0x5dWIDbrGym2ZYbjlw-T2fExQ818B47cZHcq9O21xCvxtilk4QJq1mHvs4wUUTzdeMSeGI-Mq3fRurM2dN4D5Wq8vy8tBdg6edc3LpVDkSpxlWvONEfe3G7BBJTeiNsRzmOVZIKrgf07q_Nsa-95eQkfoKqYijMs1LWd8C7zgTMjSBu6PIONzv-JMWYQaR3jtWYbB8tqggek8pWC0mz0Hk6zcM1oCypB8PLJ67ReoqkRHIGpHOv1fHLV1B8VqDz1_wsV2gBsrUUIn5ojjOFGQmT1qkovLL34FUh8GUVs7VlQ38Y5gskHpUM6fqZJsHTsRxyNcRoSDkEwWu4JU8jEX7rbfZ6aYmZ8SiEhrJm5EBV032uGuz-ikICk33z3_BGUU5bpCOvLVa9ZFLcnysA1cPj1VszFZJtC7D0FMKEFjWIvjVCDszFm8Vet5C530ZOGkPs6VhqnYPBR3XSlhee6JPJ5eFxjaG3vysu2TRERcZyPulmEIsDmHCWunVsu2wMa77HvcoQHHhU4v5Lgx1gfkKpoPjSxAmZggA2vM7A_q7NQDwTWLOmJBeWiwsVyrCib3p8uo_Ee0Z5GuhOhWq26pxhvSevj7aqHAieDLvzlucegjTMS_rr2wd3AYmKuxi3xJ3xSkJT1h8MMgBU50IUaY0qT_EX9AbxXNfpaEsrPa1Usj5fI1Hy5GkIIBBI8ANQTnKYE7aiNhb_objkESEkEBIoMYt1uK58t8qktVXwK0n_hI2fOeVKbgKrdaXAySZozeZX2q6V6e_iBGAFgAQ&ias_dspID=3&ias_campId=1008772806&ias_pubId=pub-3619045887187031&ias_chanId=1&ias_placementId=18132952210&bidurl=https://olhardireto.com.br/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0g9vS67yk6d-xjLJr1jidcQ&adsafe_url=https%3A%2F%2Folhardireto.com.br&adsafe_type=y&adsafe_url=https%3A%2F%2Folhardireto.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:542b93e6-25c5-e4a8-eae4-c8d353bcca5d,c:5GHjTm,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-65fb65bbbb-5zw8j,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:txkxMSn+11%7C12%7C13%7C14%7C1511%7C161%7C162%7C163%7C17*.1135760-65089100%7C171,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:26,oid:6c7a8ac5-b8cd-11ed-8d6f-e2905ad07eeb,v:19.8.397,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 18:39:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
46815
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3023
x-xss-protection
0
server
cafe
etag
4221495933888618527
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Mar 2023 18:39:39 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame 6FC1 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1135760/65089100/xbbe/creative/adj?p=APEucNXyq3IQCB_rQDbnVa--a205ZaEUI7aDdWSLdWsq7fHzkvZ8d_k&d=CokBAKAmf-BtmCJm1G-tfCvVC-g-LstrWKdI23bZbjyAbb7T_jQ_J8zSQQXIFDLm87xbWaPFED_t7sx8mRLAGb8v2cKLjHAMUkTvRrphPct3WgEoVS8rhvS_DfYcq80q_8sAv2F0j_nFycohA1EtPvn7cGtYnJgbuKQ0OhZSfwct4XGYSPv2Xe8wi0QS-RUAoCZ_4Doh3chFBJY8mvcN-7mQ23R9LBa0HYVNdzxXzaiz5-5ZzYcCgQJ9m2frJtlVeR8S707GmZkea8bnsybjKjhVOuUMZyCkvyc7RXJszEtcX_H7xBy3VvbejRxI46lggQeGW_RXZAYUXO2SPcFukJo79Dm9qTIGbyyXxgTZVePwg3fgZ38YYtNTzEY5lYQe0Cba4_DmBLREjq5WiRrFSwdcdGlLMwDF_bpScnVAnyUuzf8etbAaTrNL3IUkiafTLMZY5QWZEW47PPsNxbvZ3mMTunRa2qcmO6raGc0BsnpIopca3e07_ouxzjoXJESEqMCOfu3w5RVHCsUa81mCreTGqeP9kk_04F7pDXI_APpMBwJA3_zYW0qFMSy_FTHD92bsdX-BJFE58WgW_ZrluEHUr78ProcpEL68Rq30rPuIuF0sMZK_gR2-eia4TYdkJpvfkBpkZHxQEZ2ikkvciIgseiL4uK4J9KsnXiR9BRBtBoFIxjxC4x234NUylgMdwCX2szaLOXMRA4iQW7Zp_GtztLT4FO8OAfULsWfHWHGyGQr_gRctco2xkjIHhk315p0NXXk0rUDbm2AahcKFfb9pv9Ib-M7IGEosaW0TqzX_FcCgEWNTsxeQ04-qXXIst9YvOn-l_HYaakUXF9bRKTynjazE4ieWFqI_JRxamy0UMzn1BU0uwbZgrdLCfYlqPufpQzh13dtBwokaghaiYKg1FrR4MUDyI1PW97Z5cergY4pdzfksLnG1YET_mFdB6gWtJluYK7aJXJuxyd2ZvTS8qqJwU_r5KtlgyP5YnHGsHsVot_XfgcnZMhE1CAdmBezZ6Knnm1p765a7_ZL43DdCPN2Srw6RR6_qh3VO6ooSi2Y74a4f-nRrASPAQXVlpKhnYJi3zwdyR5XtyAzHDwJ0sbPvniNgORiUzRtkmUphIdbc1z9p3b6KiozOxgo_aTqHkb-KdvEUDVCkjJSa9kNdxBrcXL8NGuvdbYlztgiwOa2d-mYrDwVlkhhaG7z31VePg1VnLhgHwQkTu3s7dm_k0XUwkYM71VQbgPZXmSeo_iY0vj6IeaPgyxMKozbuMj_3Jp8vxfVT-N_xb9Dudj0bFlNhCWpHI3jsJdbWj35OFCJ-0QMmhl0CM8EQAja1QikrkZayJxFZArLC4G3asKd9f3zRZsVXQROPfib50LLWAga4TmspTXEHaseeOW7RLHIxJiTQTp5rabvebQ_ZzAXMlUoE1z-7SdYb0cKsA7bmGemDG951JeHAPPNxMnaESHdiF77aAELCZ9D4gqhpxUBvvmPrmvEcBGgKNoQJ8qmBSqgaTD-6DOjKbIMieMWpSjM1Atnj4iHf5Ok6Iv5zYL1HOYlPX0_lGQQSHd6-4o4k8vs5SgrLD_Q1tyMmf2In8fra-f55o3WjtXjmYqifU02Dstle1yB1kGhP9y3Pp-0hBY8q90zbmUvxVCyMWs-GtAGpzB7HanzIXpcyWYXgPBEuAcXjfqMENOuWegTsqzaTHkjd6XRU8fR1V1ybsyK4cQPyB1l2BVaVrO69HxW8MkDNvzu8wZIVwfcIxWLso6hlG69tfOjS2UZDwqWPhKm6Nhl9b16ct9uoTXVnKW2ZcIj9aV_ZcbZsYtYadAof18IwvmfVkGWPjz9qNXGAcv3JbtZ0O3-hLGfiCZMEBdcMHIb9QuvUpudwpNFxigFSQkQ5jezzWj8aCjrM14G4IQLF51gEpdAVDwmrdYFWz-Phz_4L5WGDzipEzPOv-FOhoiayuFA6lZW8U4nmpArwb1tREJ9u4T4zFPPoTBvTQFQEeOUypFGvGS_0YVcWar-z-4kBkM2P0KF9w2T7lXDSHTbT-YUEeEiJzfl_Uz2nR5gc-cZ4ActyOZgyS7FcIPCiIa_cDVQnwwMGoksyxziHqySnBYM7FKRooZVsW6Y4y76-dFcHPvKQprcKKrZ7klDbcPsSzcrbW5v9WxGqC-NqNvCyVNh-dElaOIAXZpJi0s_hi06VE_CxjCM3jAgLdcLDiFjAHZu6-cqoV_jGQRYTb47zqTkS2XE9bZqfr0kowK0JwBxggmwH2qLx5-vag5INbAyNsmjC2A8EesJeb0ztmuvKd2akfXdQdjy041V11iveT7JLKc31R9c6-FLLccuDLvPuRHEQyuO_lpL1y9PzSk-W5PIUG8sSE1HQuRJbVBw8b5oxpKGR5uG-SqMQbqMAXPPtV7KhJhWEQ4wAoT9zTKr8vGNSJ5ic0HX1jpqzNcyO2bdzWnHLZ9axLJA7chDxvjEfODNvn_y_GzNraWWSGHZD188MDmgD0hU7UsJHEnnrsaMRx6Cq3lV_QFfw23KqSu2WaYt6SCB3RVxtPzpV0chem56O9rGtdoiysDEw2wsnW9LYGsvoNxMdxepNiXFnEO9c2s-wuo7nJNrdr-_k8o2YYp_OBl1vOqKuHIqyLm9-vvNIvNzyyGYm6Ka7iQNhbUbNM0Tq6Gn0Q4elOi7ygdkr1uxnBuYQhK0Bni43j25mVKEO2JqiQrnHfNkwI8rAH-Wme2_i_WntQxQNPco0h6NxfKlxaQxkbaArfRIz0H7ux9xlRPP3xS7nQZU2juAdA6EhxwbPq3vbKWMp4L9m_ryEKncuahsDtwsBiqvblD8KmBp0OGST0OeFSGCIKKEjhSrmujnwoexXr4VNNmxeUPHwzNqs6oxaJ9kVbW0MrBxfz8d2bBdguH95LKToVN6CEQY4HsfQ_0OG78cB_CwrOKwksXfHPkg_oCAiwgGorEgWKkF472srYLARWqbmkNThEECfyCl9USGaB98nl7ptl4skMugg0WCLxk6rfkiJAUtgZNZvwskmsphEUTX4V5bLT2hsY8t6g3wbZ9-svuaIw5Sny3_MTE0nDa9iBBmmeYg3PnLSnfd_vTFcCt2J16qHYs5GKsWo6J7ZZ5Q1jOUb9pYcGRUI9Vo99AcShfKQBCOhAznw2u8xBPZ3wJ8Om-PU8j4Wqa-RiGkMllRh70qHSJDp6AOUQSthpHJur7Ykm5YZJh52kNIPTbx6e_NnF7xLIH_0x5dWIDbrGym2ZYbjlw-T2fExQ818B47cZHcq9O21xCvxtilk4QJq1mHvs4wUUTzdeMSeGI-Mq3fRurM2dN4D5Wq8vy8tBdg6edc3LpVDkSpxlWvONEfe3G7BBJTeiNsRzmOVZIKrgf07q_Nsa-95eQkfoKqYijMs1LWd8C7zgTMjSBu6PIONzv-JMWYQaR3jtWYbB8tqggek8pWC0mz0Hk6zcM1oCypB8PLJ67ReoqkRHIGpHOv1fHLV1B8VqDz1_wsV2gBsrUUIn5ojjOFGQmT1qkovLL34FUh8GUVs7VlQ38Y5gskHpUM6fqZJsHTsRxyNcRoSDkEwWu4JU8jEX7rbfZ6aYmZ8SiEhrJm5EBV032uGuz-ikICk33z3_BGUU5bpCOvLVa9ZFLcnysA1cPj1VszFZJtC7D0FMKEFjWIvjVCDszFm8Vet5C530ZOGkPs6VhqnYPBR3XSlhee6JPJ5eFxjaG3vysu2TRERcZyPulmEIsDmHCWunVsu2wMa77HvcoQHHhU4v5Lgx1gfkKpoPjSxAmZggA2vM7A_q7NQDwTWLOmJBeWiwsVyrCib3p8uo_Ee0Z5GuhOhWq26pxhvSevj7aqHAieDLvzlucegjTMS_rr2wd3AYmKuxi3xJ3xSkJT1h8MMgBU50IUaY0qT_EX9AbxXNfpaEsrPa1Usj5fI1Hy5GkIIBBI8ANQTnKYE7aiNhb_objkESEkEBIoMYt1uK58t8qktVXwK0n_hI2fOeVKbgKrdaXAySZozeZX2q6V6e_iBGAFgAQ&ias_dspID=3&ias_campId=1008772806&ias_pubId=pub-3619045887187031&ias_chanId=1&ias_placementId=18132952210&bidurl=https://olhardireto.com.br/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0g9vS67yk6d-xjLJr1jidcQ&adsafe_url=https%3A%2F%2Folhardireto.com.br&adsafe_type=y&adsafe_url=https%3A%2F%2Folhardireto.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:542b93e6-25c5-e4a8-eae4-c8d353bcca5d,c:5GHjTm,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-65fb65bbbb-5zw8j,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:txkxMSn+11%7C12%7C13%7C14%7C1511%7C161%7C162%7C163%7C17*.1135760-65089100%7C171,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:26,oid:6c7a8ac5-b8cd-11ed-8d6f-e2905ad07eeb,v:19.8.397,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
555cb911a280dae2e7ab778b5403e27a81533f7b53cfac255d67e175a96c6e86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 18:39:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
46816
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11134
x-xss-protection
0
server
cafe
etag
11889138295710991679
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Mar 2023 18:39:39 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8EF7 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
71862
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 01 Mar 2023 11:42:13 GMT
etag
48472445140208031
expires
Thu, 02 Mar 2023 11:42:13 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 0B2E 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
581a45a9d6ddf5ae0430bd30c65aebade67e59e4a51a88fba090f2698be49c01

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
csi
csi.gstatic.com/ Frame 389B 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~leqsqpm9&c=8316298645346&slotId=4158149322673&qqid=CMXj2_nevP0CFVuLgwcdQUUD7w&fb=outstream-lima&vmfc=11&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:402a:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 389B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 18:39:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46834
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Feb 2024 18:39:21 GMT
file.mp4
r4---sn-4g5lznek.c.2mdn.net/videoplayback/id/2e292c906935baf1/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3820062023/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 389B
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/2e292c906935baf1/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3820062023/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
  • https://r4---sn-4g5lznek.c.2mdn.net/videoplayback/id/2e292c906935baf1/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3820062023/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r4---sn-4g5lznek.c.2mdn.net/videoplayback/id/2e292c906935baf1/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3820062023/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7CFF8C169DAC90CF26B2512429AA90FF33FD82B3.36F72FB394078B072BE8375DE5C6323D74E2655B/key/cms1/cms_redirect/yes/mh/yV/mip/2001:ac8:20:3c00:1011:57f7:532:bbfe/mm/42/mn/sn-4g5lznek/ms/onc/mt/1677742367/mv/m/mvi/4/pl/50/file/file.mp4
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
HTTP/1.1
Server
2a00:1450:4001:14::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 02 Mar 2023 07:39:55 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
3965009
Last-Modified
Sun, 05 Feb 2023 16:19:38 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Thu, 02 Mar 2023 07:39:55 GMT

Redirect headers

date
Thu, 02 Mar 2023 07:39:55 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
665
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
location
https://r4---sn-4g5lznek.c.2mdn.net/videoplayback/id/2e292c906935baf1/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3820062023/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7CFF8C169DAC90CF26B2512429AA90FF33FD82B3.36F72FB394078B072BE8375DE5C6323D74E2655B/key/cms1/cms_redirect/yes/mh/yV/mip/2001:ac8:20:3c00:1011:57f7:532:bbfe/mm/42/mn/sn-4g5lznek/ms/onc/mt/1677742367/mv/m/mvi/4/pl/50/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A3E2 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
71862
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 01 Mar 2023 11:42:13 GMT
etag
48472445140208031
expires
Thu, 02 Mar 2023 11:42:13 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6FC1 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf04945793242b3432434265bd36d578d1909b66149241f5541d2fa9a9658ee2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/13882321803870263048/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-ZTHubPageBanners-Security-ALL_0_105/ Frame E488 		189 KB
112 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13882321803870263048/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-ZTHubPageBanners-Security-ALL_0_105/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7c56000312821b7a218f4c40ab54d1b72d072f2b27c58cf6906f9b376abd38d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
258994
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
114781
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 07:43:21 GMT
expires
Tue, 27 Feb 2024 07:43:21 GMT
last-modified
Wed, 08 Feb 2023 07:11:21 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 0B2E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstJzljYM6sRV-Zp8H2DFJ2AUxHGz3F7XUko8vZtAskayq-Fe_RJjeFbFS4xV3eiHB-Buru4FBNmglSJMZhBWEG3B4C1HvyjDXdKn7yGpfTtg-g20RXGtc16dFkZtB8QFLYjVieZ_hJGR9g4Wd-jVTorcdHYvuwZVJ8Hp1PN43oLIZkYuN1gzAmWJT-0Q0cAuijhDvjNK96fy-vPHOk&sai=AMfl-YQccJpBxRNFolV-Q7c1wuUMCljlMdGlDAcob33HdhFo60kHn6gcCwhD8qdko0FGoXM-n2A_fcol-kk_MT1ZR57WaC2w6Q8WZ2o2Kkz5-4EW8QcZpou3UaUtSgUeVwC-ygPZrphQu8YoU47g-No_8feJtmE&sig=Cg0ArKJSzPywjKqe42DJEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=209&cbvp=1&cstd=206&cisv=r20230227.49836&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 02 Mar 2023 07:39:55 GMT
index.html
s0.2mdn.net/sadbundle/9085316032647509763/DE-DEU_XA-10_0_728x90_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/ Frame 230D 		161 KB
92 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9085316032647509763/DE-DEU_XA-10_0_728x90_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eea03b93b1967e92041f44f4a1fa355b2bcc6ba56fc90caea067847e39a9a5b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3051
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
93915
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Mar 2023 06:49:04 GMT
expires
Fri, 01 Mar 2024 06:49:04 GMT
last-modified
Wed, 08 Feb 2023 08:51:25 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 6FC1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu8n77MxA-lBQ9k_1aOUNAaVByUbdgU-zlyepdsqWG1L-8p29E1hROS2XmCJ72b3mQATIv73VP1YESEM8C4gskUs17UaNDAA5gsrfonSHxz0ZY5rqVlrHQO7qSXdoxR6m5D_inzvSqEP-3Vjdzh723pGo50O05B7D_Yn1k1UaKk5h8AVP1VegkM4L_TID13wb8QA0hUMaRTVg5UHQM&sai=AMfl-YQntoWhSu3OR33dzc6vwkrhCqgWT883D0--Av8b2rd-jKOzG4S8SpBoCJTNOagQ1pMV12GXlen0JMJAhuFZ1HjuKJVbMil49r88Qxc3y7P8Gdthfgs9p-0O2epxkkqvKvWFRUuFQA4NnGTllkiyOM1zocE&sig=Cg0ArKJSzDIvIrFBS0eiEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=187&cbvp=1&cstd=185&cisv=r20230227.32413&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 02 Mar 2023 07:39:55 GMT
pixel
cm.g.doubleclick.net/ Frame 8EF7
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFWMRcVcwfKaGF_5lLmeYWs&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFWMRcVcwfKaGF_5lLmeYWs&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eWlkTGRnaTkxUHhEeEY1&google_gid=CAESEFWMRcVcwfKaGF_5lLmeYWs&google_cver=1&google_push=Aa02lx_mNGg6hfpDOxBtDFWUQ0WnSGGebaJgvQi4xl_sYqn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eWlkTGRnaTkxUHhEeEY1&google_gid=CAESEFWMRcVcwfKaGF_5lLmeYWs&google_cver=1&google_push=Aa02lx_mNGg6hfpDOxBtDFWUQ0WnSGGebaJgvQi4xl_sYqnHDsjmGkj7rdve4zHFDnNCVWfjEz7Xnxftk2LUckxq4K_kbCO4jrei
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 02 Mar 2023 07:39:54 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-769-g9857bbc#rel-ec2-master i-0f1140a1efbb82097@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eWlkTGRnaTkxUHhEeEY1&google_gid=CAESEFWMRcVcwfKaGF_5lLmeYWs&google_cver=1&google_push=Aa02lx_mNGg6hfpDOxBtDFWUQ0WnSGGebaJgvQi4xl_sYqnHDsjmGkj7rdve4zHFDnNCVWfjEz7Xnxftk2LUckxq4K_kbCO4jrei
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8EF7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEH1lArAVWBCvAMgEH8WCXqQ&google_push=Aa02lx8ezBikedIkqka6dnDq6Fw919Oi4cmbHq8VCzkxVhowry9RME0cwl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEH1lArAVWBCvAMgEH8WCXqQ&google_push=Aa02lx8ezBikedIkqka6dnDq6Fw919Oi4cmbHq8VCzkxVhowry9RME0cwlEej35d99nkgI6QywCBickEemxXVpLED54wHBaoVXtk
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-hhn-etou8220021-HHN
pragma
no-cache
date
Thu, 02 Mar 2023 07:39:55 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1677742795.237140,VS0,VE92
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEH1lArAVWBCvAMgEH8WCXqQ&google_push=Aa02lx8ezBikedIkqka6dnDq6Fw919Oi4cmbHq8VCzkxVhowry9RME0cwlEej35d99nkgI6QywCBickEemxXVpLED54wHBaoVXtk
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 8EF7
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEFkWAuRW6ubn6oF-LJ8wplI&google_cver=1&google_push=Aa02lx9_j_sjXsndxgi7nyMTgXKlbfIoiHXVqF2Jxb4GOGRmcjJRy5kd6fmdVIj_X-pCesdMQ7nlza_gBTNL2YLWSJehqaXHZcL5
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FF209E9D45984F409524D67338A42B43&google_push=Aa02lx9_j_sjXsndxgi7nyMTgXKlbfIoiHXVqF2Jxb4GOGRmcjJRy5kd6fmdVIj_X-pCesdMQ7nlza_gBTNL2YL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FF209E9D45984F409524D67338A42B43&google_push=Aa02lx9_j_sjXsndxgi7nyMTgXKlbfIoiHXVqF2Jxb4GOGRmcjJRy5kd6fmdVIj_X-pCesdMQ7nlza_gBTNL2YLWSJehqaXHZcL5
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 02 Mar 2023 07:39:55 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FF209E9D45984F409524D67338A42B43&google_push=Aa02lx9_j_sjXsndxgi7nyMTgXKlbfIoiHXVqF2Jxb4GOGRmcjJRy5kd6fmdVIj_X-pCesdMQ7nlza_gBTNL2YLWSJehqaXHZcL5
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 01 Mar 2023 07:39:55 GMT
pixel
cm.g.doubleclick.net/ Frame 8EF7
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEO86B9FGjUv5573HE0n_HDk&google_cver=1&google_push=Aa02lx_hJ9Q4C96XSS7jbhJMjwoE_7S1Ru8GhWl1QtZP-OvU-jZJkMJ3-IXIW8kB184c7PAa4kcfWln5KFL_sj9VIVFJS05...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_hJ9Q4C96XSS7jbhJMjwoE_7S1Ru8GhWl1QtZP-OvU-jZJkMJ3-IXIW8kB184c7PAa4kcfWln5KFL_sj9VIVFJS05PKpQ&google_hm=eS1GWHhkZ1l0RTJwRXZxaWJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_hJ9Q4C96XSS7jbhJMjwoE_7S1Ru8GhWl1QtZP-OvU-jZJkMJ3-IXIW8kB184c7PAa4kcfWln5KFL_sj9VIVFJS05PKpQ&google_hm=eS1GWHhkZ1l0RTJwRXZxaWJuUkh0NDRGLnRJemloN2JBcH5B
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 02 Mar 2023 07:39:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_hJ9Q4C96XSS7jbhJMjwoE_7S1Ru8GhWl1QtZP-OvU-jZJkMJ3-IXIW8kB184c7PAa4kcfWln5KFL_sj9VIVFJS05PKpQ&google_hm=eS1GWHhkZ1l0RTJwRXZxaWJuUkh0NDRGLnRJemloN2JBcH5B
content-length
0
dds
rtb.openx.net/sync/ Frame 8EF7 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEAOf1h5mBG7c3ScRkcA2iB8&google_cver=1&google_push=Aa02lx8EFEPBll36quG7twm5NMquzvrRNpIJwgXp9X-GO07uQ4367oLNedx8F15VBHQ2Z4BAHoeVhbboj3ZczUS1rgeVi9cGH6w
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:55 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
5q7cdhcpv1hqo8ce3njeo8d0gslp1ame
pixel
cm.g.doubleclick.net/ Frame 8EF7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJWEr5ZHuWXum1ZgxqEieVA&google_cver=1&google_push=Aa02lx9IdPPW74aqSrpx44o73qkOCqfVEhTS-zhmmeq864dRaVBhiFiHc2HjiF4UvqVd_oQGCiD...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVRU1FOUVEtMUItQ1hJUg==&google_push=Aa02lx9IdPPW74aqSrpx44o73qkOCqfVEhTS-zhmmeq864dRaVBhiFiHc2HjiF4UvqVd_oQGCiD06OTEHtduXBw3I59W1mYWAoNe
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVRU1FOUVEtMUItQ1hJUg==&google_push=Aa02lx9IdPPW74aqSrpx44o73qkOCqfVEhTS-zhmmeq864dRaVBhiFiHc2HjiF4UvqVd_oQGCiD06OTEHtduXBw3I59W1mYWAoNe
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVRU1FOUVEtMUItQ1hJUg==&google_push=Aa02lx9IdPPW74aqSrpx44o73qkOCqfVEhTS-zhmmeq864dRaVBhiFiHc2HjiF4UvqVd_oQGCiD06OTEHtduXBw3I59W1mYWAoNe
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
Expires
0
/
onetag-sys.com/match/ Frame 8EF7
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEILAiIsw4znGZjq1NGYXisU&google_cver=1&google_push=Aa02lx9BgniZXueGTcHr5E1fn46EplKReIuZVLvmwGLIhSy8n64O4WNZ-5ZeXs2JANWi2AVn_j9rfu_HpVQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9BgniZXueGTcHr5E1fn46EplKReIuZVLvmwGLIhSy8n64O4WNZ-5ZeXs2JANWi2AVn_j9rfu_HpVQ-NDe4LP5Ldwa59tl1
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 8EF7 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IS6viU4g1ZrKKP96a0PbI4v7ARnvbmM3PNPWQ2xuoanUuPli84OWg3Sn4QyEBBGM6CnJO9Hw
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:55 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 2680 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
46834
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Mar 2023 18:39:21 GMT
expires
Thu, 29 Feb 2024 18:39:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
current
dclk-match.dotomi.com/match/bounce/ Frame A3E2 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECHP5gYXZwYzbU_GNSNyO2g&google_cver=1&google_push=Aa02lx8KXZtBcbnaEzV_bysPQFHvupv3F4gvsqtAVqjGDaEFIExXlzMs_nSlBaPFIYA3YhbcUR-x9R0LAvQmt3JkIj4DNe3E4hw
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:55 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame A3E2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDK2pjkT9gJfdBZgSCpzhnc&google_cver=1&google_push=Aa02lx_FDFZniCWCYPSxzcBAqdiV-T6OV6mEb4qkdyv6EVabSTByfPkh2vvpkmbuPAsbkkmpL42RRokxDtg17sy7...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_FDFZniCWCYPSxzcBAqdiV-T6OV6mEb4qkdyv6EVabSTByfPkh2vvpkmbuPAsbkkmpL42RRokxDtg17sy7M1vZjFQWTKAm
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_FDFZniCWCYPSxzcBAqdiV-T6OV6mEb4qkdyv6EVabSTByfPkh2vvpkmbuPAsbkkmpL42RRokxDtg17sy7M1vZjFQWTKAm
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 02 Mar 2023 07:39:55 GMT
Server
MT3 530 4e92630 master zrh-pixel-x25 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_FDFZniCWCYPSxzcBAqdiV-T6OV6mEb4qkdyv6EVabSTByfPkh2vvpkmbuPAsbkkmpL42RRokxDtg17sy7M1vZjFQWTKAm
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 02 Mar 2023 07:39:54 GMT
google
match.adsrvr.org/track/cmf/ Frame A3E2 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESED38udWOA6xHeFyMO_bTQKM&google_cver=1&google_push=Aa02lx9HZrSYGAuJRpIXUJjuD9o_EDrpHArkyibMLKlCxlp3OzMJehukO3m-F_lW7V_GTgZfTHj_4qCjCg11uGoqlDqTtpHMavi7
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 02 Mar 2023 07:39:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame A3E2
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKYnUk9HHfUkB9vTjNjuvH8&google_cver=1&google_push=Aa02lx-7jjc3kb_WDotRLQAGBbzsVY8Xee_Eigex1qafN1iW-EvDr844H9jygZlYQm5DFRvXGcXkt5-zxVtK5D...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwNTg1MDQzNTYzMTU3NzIzMw%3D%3D&google_push=Aa02lx-7jjc3kb_WDotRLQAGBbzsVY8Xee_Eigex1qafN1iW-EvDr844H9jygZlYQm5DFRvXGcXkt5-zxVtK5D6YMd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwNTg1MDQzNTYzMTU3NzIzMw%3D%3D&google_push=Aa02lx-7jjc3kb_WDotRLQAGBbzsVY8Xee_Eigex1qafN1iW-EvDr844H9jygZlYQm5DFRvXGcXkt5-zxVtK5D6YMdPhZ8LLh28
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwNTg1MDQzNTYzMTU3NzIzMw%3D%3D&google_push=Aa02lx-7jjc3kb_WDotRLQAGBbzsVY8Xee_Eigex1qafN1iW-EvDr844H9jygZlYQm5DFRvXGcXkt5-zxVtK5D6YMdPhZ8LLh28
Date
Thu, 02 Mar 2023 07:39:55 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame A3E2
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEP9GVZm2HC9tLjq_ZcZHSgo&google_cver=1&google_push=Aa02lx_ZaQ2IslNVnO0nsnKd5vHdvkT0886oMREIgLj6pbwVfS-7eLaGKGmjXL1IaY0fk42I8wd3EGroe8M9v_ESZeFUcBB...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_ZaQ2IslNVnO0nsnKd5vHdvkT0886oMREIgLj6pbwVfS-7eLaGKGmjXL1IaY0fk42I8wd3EGroe8M9v_ESZeFUcBBLINK1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_ZaQ2IslNVnO0nsnKd5vHdvkT0886oMREIgLj6pbwVfS-7eLaGKGmjXL1IaY0fk42I8wd3EGroe8M9v_ESZeFUcBBLINK1
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_ZaQ2IslNVnO0nsnKd5vHdvkT0886oMREIgLj6pbwVfS-7eLaGKGmjXL1IaY0fk42I8wd3EGroe8M9v_ESZeFUcBBLINK1
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame A3E2
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIFUe0GbuTWMmpHqMcY3NK8&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIFUe0GbuTWMmpHqMcY3NK8&google_hm=ZABSyuAxinEnV12jJu_jPAAABH0AAAAB&google_nid=index&google_push=Aa02lx-A1TDG88Pqs3qNAIJXUh5zZkEHGWQI6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIFUe0GbuTWMmpHqMcY3NK8&google_hm=ZABSyuAxinEnV12jJu_jPAAABH0AAAAB&google_nid=index&google_push=Aa02lx-A1TDG88Pqs3qNAIJXUh5zZkEHGWQI6voX4tD2slRqrvMmBG1vyeqOKnV8DO_LUefm1MWGS4kcUrG_PxjZfMliperLgBjz
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 02 Mar 2023 07:39:55 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIFUe0GbuTWMmpHqMcY3NK8&google_hm=ZABSyuAxinEnV12jJu_jPAAABH0AAAAB&google_nid=index&google_push=Aa02lx-A1TDG88Pqs3qNAIJXUh5zZkEHGWQI6voX4tD2slRqrvMmBG1vyeqOKnV8DO_LUefm1MWGS4kcUrG_PxjZfMliperLgBjz
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
/
onetag-sys.com/match/ Frame A3E2
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEILAiIsw4znGZjq1NGYXisU&google_cver=1&google_push=Aa02lx_C0VSyUNWG8GCf9KDomtJHgT2EiLb2WpeJRu73eO8yjcmSNl8G6xKNHfmzRtp9_cqHU7UVfXKwuUu...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_C0VSyUNWG8GCf9KDomtJHgT2EiLb2WpeJRu73eO8yjcmSNl8G6xKNHfmzRtp9_cqHU7UVfXKwuUuu1EbNuqgooPjwPHl_AQ
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame A3E2 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K5VaCvoMwjZ6g7NaatWCRDmrUE4c1P-YKby92t0YaHaZV_CTOnKuT-q9uu3JLSWO_zgOvPWg
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:55 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
dt
dt.adsafeprotected.com/ Frame 0B2E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=b4a7d2af-6386-f4ed-b76e-16d38000cb76&tv=%7Bc:5GHk0b,time:538,type:e,im:%7BpWait:19%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:538,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B530~0%5D,as:%5B530~970.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:txkxMQV+11%7C12%7C13%7C14%7C1511%7C16*.1135760-69474538%7C161%7C17.1135760-65089100%7C171,idMap:16*,rmeas:1,rend:0,renddet:IMG.us,siq:25,sis:224%7D&br=c
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:b818:916:ed27:48c4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:55 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
Cisco_Logo_no_TM_White-RGB.svg.js
s0.2mdn.net/sadbundle/9085316032647509763/DE-DEU_XA-10_0_728x90_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/ Frame 230D 		2 KB
932 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9085316032647509763/DE-DEU_XA-10_0_728x90_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/Cisco_Logo_no_TM_White-RGB.svg.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9085316032647509763/DE-DEU_XA-10_0_728x90_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e6d975777a7fb65cd5ad3cf67b2ce537c0da4966c0917bb8fb6ba8c290d731c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9085316032647509763/DE-DEU_XA-10_0_728x90_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 06:47:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262356
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
903
x-xss-protection
0
last-modified
Wed, 08 Feb 2023 08:51:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 27 Feb 2024 06:47:19 GMT
dt
dt.adsafeprotected.com/ Frame 0B2E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=b4a7d2af-6386-f4ed-b76e-16d38000cb76&tv=%7Bc:5GHk0K,pingTime:-10,time:573,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEwLjAuNTQ4MS4xNzcgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1677742795302%7C%7C06b4727197e14f1f2aa77207b4559d34%7C%7C15c1c3073e5c3cda0308b87e66c0c1e4%7C%7Cc7e170a0af84e79e4a7ba3ae3bc65b3d%7C%7C119b24bd10f0a552f6b9ec162ce3ace8%7C%7C12ae0c5295e78cf6c6e2625511ebf0da%7C%7C361e92f6ff6d0e9399b42a7227ebdbdc%7C%7C04a1b1e3b5ac987c90564214496a862d%7C%7C1663701684%7D
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:b818:916:ed27:48c4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:55 GMT
server
nginx
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
Cisco_Logo_no_TM_Midnight_Blue-RGB.svg.js
s0.2mdn.net/sadbundle/13882321803870263048/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-ZTHubPageBanners-Security-ALL_0_105/ Frame E488 		2 KB
934 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13882321803870263048/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-ZTHubPageBanners-Security-ALL_0_105/Cisco_Logo_no_TM_Midnight_Blue-RGB.svg.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13882321803870263048/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-ZTHubPageBanners-Security-ALL_0_105/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
752645f928be20f56407f82495b4addb3b490ee9285bff92ed678b12a322d178
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13882321803870263048/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-ZTHubPageBanners-Security-ALL_0_105/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 07:43:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
258994
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
905
x-xss-protection
0
last-modified
Wed, 08 Feb 2023 07:11:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 27 Feb 2024 07:43:21 GMT
fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js
pagead2.googlesyndication.com/bg/ Frame 2680 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e08e3d2a533d1588ed03df877c41c179f79827fd68d75f1a342d6c3d4f59a73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 06:49:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
3013
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14340
x-xss-protection
0
last-modified
Thu, 23 Feb 2023 13:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 01 Mar 2024 06:49:42 GMT
truncated
/ Frame 230D 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24366c51064fc57cb419cc93db561f43bf3461affb1d04deb4d552a7e2ba4956

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
view
googleads4.g.doubleclick.net/pcs/ Frame 6FC1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu8n77MxA-lBQ9k_1aOUNAaVByUbdgU-zlyepdsqWG1L-8p29E1hROS2XmCJ72b3mQATIv73VP1YESEM8C4gskUs17UaNDAA5gsrfonSHxz0ZY5rqVlrHQO7qSXdoxR6m5D_inzvSqEP-3Vjdzh723pGo50O05B7D_Yn1k1UaKk5h8AVP1VegkM4L_TID13wb8QA0hUMaRTVg5UHQM&sai=AMfl-YQntoWhSu3OR33dzc6vwkrhCqgWT883D0--Av8b2rd-jKOzG4S8SpBoCJTNOagQ1pMV12GXlen0JMJAhuFZ1HjuKJVbMil49r88Qxc3y7P8Gdthfgs9p-0O2epxkkqvKvWFRUuFQA4NnGTllkiyOM1zocE&sig=Cg0ArKJSzDIvIrFBS0eiEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=401&vt=11&dtpt=214&dett=3&cstd=185&cisv=r20230227.32413&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 02 Mar 2023 07:39:55 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3737 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZS9yylIAZICgJe-PjuwPnKyDuAYAAAAAOAHgBAI&bg=!2dql2o7NAAbK-VRH6vk7ADkAdvg8WudsDleP6dLyDcc_sahEQa3I2KN_vGCELBS7W-6akGjxVCaAkt_j7mBOwMPDWU-pvn-lCsMCAAABd1IAAAACaAEHmQLwBsNiYNkw4zFbCkbPfQaFR2Lw-U51kTYrkskVFLIiiT9KoguFcqksj2pk472WkdkU7DQQBdBAniAyoEwLbiPy19gtu7HEeXGlZsQyGkoJgCPkKGbRWibbw0GaPs9RutuuWXOTHLg_jWr9_7hMlQ5KRTrlaW3rM2lma2tag37gO5_kixmCo6-zTbX0v5GbYARJk_0UuHKRtm1_1Xyeq0AX3ZfNLjwVPAgRzigEVV3XT-oGf39dXtUhspkFNLiW6Ztnf-Kn3UsO3vgajeDv-4qowCCP87Z_pAIxsvVC5qoWt38yx_WhYL3KNH0dMPDDA8Pdai28dKfo-qYjpTAuYCkfPHXpJl8dA7_epBWmMZg5vvPofG7CZ6N1ufYRiDfc2XyjPegJzATseZxR0x5uLtlseRzw27jjeswF07R7J7qUqrTxifEzPK9sTvFgEF-iXASU87BR_ZarNgRDCZY6dyd4HN3qySYQNy1bsZKfDlXFA9bHvdS9GH0rRr-iYUBmRvpLbeKxMchtEY-pdEozgEPn2LtqWiREGeGD2yldnczxVeysA4zKFPmZcwGnL3SCXpt-vtBqHLvSwAZfD4JEp5hwpDlBlejKxX5biv8DBfGEcGcgU-RS5PS5S8RiJRfXbgXPrWSTjKnzBIX3UH-ASHP0CHX4Pr9HJJDQArQXJQgTMCQulwP4Fo9QU5O-qGv3LhoONxKh11gIcJDR9EwpRFJVVXiOJIU0eKEqSV_kMj_DDo07sqEYbN4QlqbeBkjQyuB8UjkRi848PQlvLGNrsKy3FW_CPk5FDfHp9gzPKGseXLB41urrbAcrejZUoGO28mpWZyccf3tTQvGxGgLxcFfLZrDwqj_S7cW-ANj1zBCN2JKA9FOBVkg7RMWegUzMVW8wz6ahYDg_RsJE2as_986Lsrd-R_wWcOHVWZLgmR__xR_sOMeQ8bkYYkbH6FfH25m9Bf69LiSyj95pTcuXRVngz32rggmrl6m53LmODAXIf6k
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.mp4
r4---sn-4g5lznek.c.2mdn.net/videoplayback/id/2e292c906935baf1/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3820062023/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 389B 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-4g5lznek.c.2mdn.net/videoplayback/id/2e292c906935baf1/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3820062023/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7CFF8C169DAC90CF26B2512429AA90FF33FD82B3.36F72FB394078B072BE8375DE5C6323D74E2655B/key/cms1/cms_redirect/yes/mh/yV/mip/2001:ac8:20:3c00:1011:57f7:532:bbfe/mm/42/mn/sn-4g5lznek/ms/onc/mt/1677742367/mv/m/mvi/4/pl/50/file/file.mp4
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:14::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Range
bytes=0-

Response headers

expires
Thu, 02 Mar 2023 07:39:55 GMT
date
Thu, 02 Mar 2023 07:39:55 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-3965008/3965009
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
3965009
last-modified
Sun, 05 Feb 2023 16:19:38 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
client-protocol
quic
XDR-GettyImages-1080277602-1.png
s0.2mdn.net/sadbundle/9085316032647509763/DE-DEU_XA-10_0_728x90_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/ Frame 230D 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9085316032647509763/DE-DEU_XA-10_0_728x90_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/XDR-GettyImages-1080277602-1.png?
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b65f9fb36dae13c057c8dca3d7fc3ade4042e37b117a2f0d4a54f1ef116b5d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9085316032647509763/DE-DEU_XA-10_0_728x90_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 06:47:19 GMT
x-content-type-options
nosniff
age
262356
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36069
x-xss-protection
0
last-modified
Wed, 08 Feb 2023 08:51:25 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 27 Feb 2024 06:47:19 GMT
truncated
/ Frame E488 		73 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
truncated
/ Frame E488 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
07e6f3168093c33bfa27220377734d37ae59e13e3ad1d6220fe1ee429d10a255

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
font/woff;charset=utf-8
view
googleads4.g.doubleclick.net/pcs/ Frame 0B2E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstJzljYM6sRV-Zp8H2DFJ2AUxHGz3F7XUko8vZtAskayq-Fe_RJjeFbFS4xV3eiHB-Buru4FBNmglSJMZhBWEG3B4C1HvyjDXdKn7yGpfTtg-g20RXGtc16dFkZtB8QFLYjVieZ_hJGR9g4Wd-jVTorcdHYvuwZVJ8Hp1PN43oLIZkYuN1gzAmWJT-0Q0cAuijhDvjNK96fy-vPHOk&sai=AMfl-YQccJpBxRNFolV-Q7c1wuUMCljlMdGlDAcob33HdhFo60kHn6gcCwhD8qdko0FGoXM-n2A_fcol-kk_MT1ZR57WaC2w6Q8WZ2o2Kkz5-4EW8QcZpou3UaUtSgUeVwC-ygPZrphQu8YoU47g-No_8feJtmE&sig=Cg0ArKJSzPywjKqe42DJEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=483&vt=11&dtpt=274&dett=3&cstd=206&cisv=r20230227.49836&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 02 Mar 2023 07:39:55 GMT
Zero-Trust-2-Woman-looking-up-and-smiling-Gradient-STE-FY23-Q2.png
s0.2mdn.net/sadbundle/13882321803870263048/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-ZTHubPageBanners-Security-ALL_0_105/ Frame E488 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13882321803870263048/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-ZTHubPageBanners-Security-ALL_0_105/Zero-Trust-2-Woman-looking-up-and-smiling-Gradient-STE-FY23-Q2.png?
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0e6ad0e03fff07b5a1715c93496836075fba3bc819328569ce6300f66cbf357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13882321803870263048/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-ZTHubPageBanners-Security-ALL_0_105/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 07:43:21 GMT
x-content-type-options
nosniff
age
258994
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74945
x-xss-protection
0
last-modified
Wed, 08 Feb 2023 07:11:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 27 Feb 2024 07:43:21 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A13 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BzMPdylIAZODoJ5aTjuwP04ml4AUAAAAAOAHgBAI&bg=!KyilKHzNAAbK-VRH6vk7ADkAdvg8WqRvoW6hqs0vc_ZffS4FWni9RYRjT0ojNXUptNgfUcv1tha0owztphe7mLHlA9S6ltB3_QECAAABUlIAAAACaAEHmQLouiQZoNxeAdpta_DkVY1BkYlpVIHNqNvBgNGTynKxGdg1Cu4sOxh716FOLt9YPPfQ0vsynQpt4-6Z1TLsMTsXYZUePnOE1QcdyfRt546Ce7CpQts4UGG-ojTPPu2HAR9kwldRCDXtphEQou7YyRR7NPoFqF__unk16DU1U-UPiLXPzcULSKt8I_tKgCKfn6HpWZuS8Q0NhcfYpYZ9Pnx8XLRd5q3zRN9n_o_XjcJH0cZ1-dV2qFR_ux1N_6EUxPcWqYCSmrrBsNXWFJmBdtPCquPfrX_AQhV2r0dZ49Hbx_vaj4ZQQRLczMt6xCVwZaQ0Qq_YDSzaWNaxbGU1Oqc9mC4e18vKoeyyLlxHr7AMtkO-N4ETZl1VfE2APyLHKwsA09AazQNb8tFvZm3l5rjbi2aIz6DORlqyBABGSupj_FjtnmdpxtdSFIL7RScA6Vtb-2NURL2KFt5IwirCS2nmpm50wgYch8ZUFSZEDkFTivy-CnzB8q5m-QJhQAqtjMhFdUikZxT0TLJRpAs24Gofu3_wdSbuCTpgEiK4wTVvwFTr6KDfEHg65aM9IufcHXLQCa9ryO53-ig0GP6yE0x1X4TfDWnf34PX87FgJhPNlwtjNhPDV5TBCwoB201gjQFmnbch7wPm_bYGhvyG5eRrPAvcxImswZl9OS4-nbGtVd0yLhu7aGGKfN2i7fKQF7V0ZjXrenWcMM6rWSyEtnZuT2hPeYy_OnI1tQJXUeqsYGypINM5O9ktsCwK5gcJsEgJqJek21zDhefIAZBxuKvMPRoTm_yt08d_BLoA5-uVrX7j3zRWxvtEEppYailY-OyCxSRp3QS9dqS1r1CweoyF6601sw8DTfdfpNX9_77JiXjIivPUfRXxvOgMlFfWpnQn8myHPYO3uKVTrENGY95gCPKNsB3xovPL5_x5_PvX-ui103aip0LX_tbU7GjdpRGLvIcpNJiI8j1P6a6pat_M-eoYHe8pGex6
Requested by
Host: 0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
URL: https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
XDR-GettyImages-1080277602-1.png
s0.2mdn.net/sadbundle/9085316032647509763/DE-DEU_XA-10_0_728x90_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/ Frame 230D 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9085316032647509763/DE-DEU_XA-10_0_728x90_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/XDR-GettyImages-1080277602-1.png?
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9085316032647509763/DE-DEU_XA-10_0_728x90_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b65f9fb36dae13c057c8dca3d7fc3ade4042e37b117a2f0d4a54f1ef116b5d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9085316032647509763/DE-DEU_XA-10_0_728x90_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 06:47:19 GMT
x-content-type-options
nosniff
age
262356
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36069
x-xss-protection
0
last-modified
Wed, 08 Feb 2023 08:51:25 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 27 Feb 2024 06:47:19 GMT
Zero-Trust-2-Woman-looking-up-and-smiling-Gradient-STE-FY23-Q2.png
s0.2mdn.net/sadbundle/13882321803870263048/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-ZTHubPageBanners-Security-ALL_0_105/ Frame E488 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13882321803870263048/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-ZTHubPageBanners-Security-ALL_0_105/Zero-Trust-2-Woman-looking-up-and-smiling-Gradient-STE-FY23-Q2.png?
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13882321803870263048/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-ZTHubPageBanners-Security-ALL_0_105/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0e6ad0e03fff07b5a1715c93496836075fba3bc819328569ce6300f66cbf357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13882321803870263048/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-ZTHubPageBanners-Security-ALL_0_105/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 07:43:21 GMT
x-content-type-options
nosniff
age
258994
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74945
x-xss-protection
0
last-modified
Wed, 08 Feb 2023 07:11:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 27 Feb 2024 07:43:21 GMT
dt
dt.adsafeprotected.com/ Frame 6FC1 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=542b93e6-25c5-e4a8-eae4-c8d353bcca5d&tv=%7Bc:5GHk4N,time:734,type:e,im:%7Bpci:%7Btdr:522%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:734,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B727~0%5D,as:%5B727~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:619,fm:txkxMQV+11%7C12%7C13%7C14%7C1511%7C16.1135760-69474538%7C161%7C162%7C163%7C17*.1135760-65089100%7C171,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:26,sis:173%7D&br=c
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:b818:916:ed27:48c4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:55 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 0B2E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=b4a7d2af-6386-f4ed-b76e-16d38000cb76&tv=%7Bc:5GHk5g,time:853,type:e,im:%7Bpci:%7Btdr:561%7D,pLoad:797%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:242,o:611,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B603~0%5D,as:%5B603~970.90%5D%7D%7D,%7Bsl:i,t:611,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B242~100%5D,as:%5B242~970.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:223,fm:txkxMQV+11%7C12%7C13%7C14%7C1511%7C16*.1135760-69474538%7C161%7C17.1135760-65089100%7C171,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:25,sis:224%7D&br=c
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:b818:916:ed27:48c4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:55 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2680 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BJotZylIAZLXAK87rgAfFoqTgBwAAAAA4AeAEAg&bg=!hYalhtLNAAbK-VRH6vk7ADkAdvg8WlbO-2v-mFoHEN82k9XdJ33pngsMR55jfN5h72H9NeAIfE33NAjo7KS9o_eT_XLcQFkXdJQCAAAAiVIAAAACaAEHmQM4ZxIWMcFLoNZD4Slga48K0e8iLiL1zARkHMpinfpTphsp_Pb62YUqr3wLGKxKqSaeCFVFLOZOq2aZPthnAYYNwZCyLKkkC6tPHLA14itqf3NuaS000DhapDNy62oZyyxLoAZJPT7M1PyY97B_yO6gyLO-iUqG7MDpMMceEo5CmljgPHDmr2BvC6MWhMa9FM6GUuBFJ7qPJKyQiOivL__spV8a9F-cToC1PvMaseZXPsx4Kq34S1Pn8SCbt6pnXEyNqrt1rjSasWvxLnl_A1_RkBLzAQg6mGn9tblgJX2zBPdioVNqjyZvKkzbyq_2ooX5dmT3P-f1zERtX44wCbn1QB_fmLoN798oyVBFUOlb_V15-ouJZVjflinFTdYg_HAKpPoe1i6CGnx0c7zulFNd-Z5kXkcIXO4XFBIZmI2IfGt1AfMywvwqZ_68PQkYqry0ulK08wty6fgZ3N7l2ON_mb8vP_Zn6L6wu09bOLwXpC0AsOU7GM4FEcb86L2JDApZAkXJMxY00d2JwBVduS7vXCxs4cJNU-A2HM2cmKXSWc3DwOb42lxvybA1eZW4A1E-fwu8FBgs-ivWglz7dTz8HfsMDj-NyyRXpRyiRXuAgUua9ox0UzX7NLrW_gRZAlg8arK24orPmbaQiq4EF_v7f8cP9StpnJZegnTGSIg6sRIWH5T-O4XNgMGpczhiYqVR8y-5PKZx9TvwyZXivNiD9aZ6FqQ_oXITjOpZNbFOiDg3IHcvFW-GDMrQRBYXINUPa9CxBXB_yhCsm6DxnlsOoCuFpCKypVySdvB7W2cw1xkwwF0y6QYedICVf44t0et2Tdgcd213k-H2Qu4SOWEDaOawXDOaRwnIWuo0RyeB9NUgqHkwAy3rLyyPezeQgAUet3Z1dfNiEZu3JDtRvR58YH9zlmWMh5UMfNpV55yvT8D3HT9EpoSriUU1cMCSvhMCWsJiRJINf0tKyCnoIqEtT6aigWmDciRuxkHZ_PzDBVy0FNhwI3JYdIBPdykxQqeAK9l-r6RjrAUzLqiMIcRJf9tM6CVc5KnPlPFGPCx-nRbYs22FJer8FNxIBz1x5ehfxM1yWDYw1HQ
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 389B 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~leqsqpu8&c=8316298645346&slotId=4158149322673&qqid=CMXj2_nevP0CFVuLgwcdQUUD7w&fb=outstream-lima&gpm_i=8&gpm_c=8&gpm_a=8&smb=1000&br=860&mt=video%2Fmp4&vs=720x720&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=346&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:402a:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 6FC1 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=542b93e6-25c5-e4a8-eae4-c8d353bcca5d&tv=%7Bc:5GHkbo,pingTime:-10,time:1143,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEwLjAuNTQ4MS4xNzcgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1677742795302%7C%7C06b4727197e14f1f2aa77207b4559d34%7C%7C15c1c3073e5c3cda0308b87e66c0c1e4%7C%7Cc7e170a0af84e79e4a7ba3ae3bc65b3d%7C%7C119b24bd10f0a552f6b9ec162ce3ace8%7C%7C12ae0c5295e78cf6c6e2625511ebf0da%7C%7C361e92f6ff6d0e9399b42a7227ebdbdc%7C%7C04a1b1e3b5ac987c90564214496a862d%7C%7C1663701684,sca:%7Bspg:b4a7d2af-6386-f4ed-b76e-16d38000cb76%7D%7D
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:b818:916:ed27:48c4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:56 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame 0B2E 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0ajqKYQv5rifBuBgZRP-2vHDQZlZKyrTCOdedKam5cPaUxOYZp-UWSmUnkw4bdXSKaLjz50xKUswG9nLM61dMA26ZxuCE0hzv5LdRdyAkyrWQru-q8mSvHNHwYwTQhv8xWf5QNg&sai=AMfl-YSBxTJ8ur1CF4rs38XPtTKCLXJ3IyiyQwe3PXXcSIeXYSdjLN8ys-G59mky6yWLfa7Ie3E-lgLsRimSTOucgxarsohMQ9PTqFMVlB1c08y-JbO1PlX9CuupATf8&sig=Cg0ArKJSzKjKzWrir7EuEAE&cid=CAQSPADUE5ymBO2ojYW_6G45BEhJBASKDGLdbiufLfKpLVV8CtJ_4SNnznlSm4Cq3WlwMkmaM3mV9qulenv4gRgB&id=lidar2&mcvt=1001&p=1138,315,1228,1285&mtos=852,961,1001,1040,1040&tos=852,109,40,39,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1667006778&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677742794432&rpt=628&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 0B2E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=b4a7d2af-6386-f4ed-b76e-16d38000cb76&tv=%7Bc:5GHkhw,pingTime:1,time:1613,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:90,t:24%7D,%7Bpiv:100,vs:i,r:,t:611%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1002,o:611,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B603~0%5D,as:%5B603~970.90%5D%7D%7D,%7Bsl:i,t:611,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~970.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:170,fm:txkxMQV+11%7C12%7C13%7C14%7C1511%7C16*.1135760-69474538%7C161%7C17.1135760-65089100%7C171,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:25,sis:224%7D&br=c
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:b818:916:ed27:48c4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:56 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 0B2E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=b4a7d2af-6386-f4ed-b76e-16d38000cb76&tv=%7Bc:5GHkhx,pingTime:1,time:1614,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:90,t:24%7D,%7Bpiv:100,vs:i,r:,t:611%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1003,o:611,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B603~0%5D,as:%5B603~970.90%5D%7D%7D,%7Bsl:i,t:611,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1003~100%5D,as:%5B1003~970.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:170,fm:txkxMQV+11%7C12%7C13%7C14%7C1511%7C16*.1135760-69474538%7C161%7C17.1135760-65089100%7C171,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:25,sis:224%7D&br=c
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:b818:916:ed27:48c4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:56 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6FC1 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3802961930662&version=m202301230201&ct=76&x=1&cor=8897509608532049000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B2E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2264306706639&version=m202301230201&ct=76&x=1&cor=17429265595382050000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
video-loader.js
cdn.avantisvideo.com/avm/js/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/avm/js/video-loader.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/b32c8ddb-e07d-4acd-85a5-5e4a5a1f208b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20dc:3400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8bdd9261b915c4d7b7faf89a43d8f75d56af75523415b9a8d2e38f2e7a41cba1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
o3_UP5DBpj34HIRp37PMEele1xlw3U13
content-encoding
gzip
via
1.1 785863fe1b0961dc0a54153752ab0c4c.cloudfront.net (CloudFront)
date
Wed, 01 Mar 2023 14:39:26 GMT
last-modified
Sun, 29 May 2022 06:35:41 GMT
server
AmazonS3
x-amz-cf-pop
MXP64-C1
age
61232
etag
W/"d29171b34ea93548beb17fd35f5b439b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
8tjlBTO2hgrBvDdhDp6e6bapjFaL8w1N93at2m_M-I-sMFd7zXO56w==
universal.min.js
tag.navdmp.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/universal.min.js
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/b32c8ddb-e07d-4acd-85a5-5e4a5a1f208b
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d257a75764e746d9a1aafb79d8e47744cb44ee1af115ab2adbd0012c69cf676c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 17 May 2022 12:22:37 GMT
server
cloudflare
age
3569
etag
W/"6283938d-3671"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7a17fd2189239b98-FRA
expires
Thu, 02 Mar 2023 07:40:28 GMT
tag.js
a.teads.tv/analytics/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/b32c8ddb-e07d-4acd-85a5-5e4a5a1f208b
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.36.4 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-4.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
date
Thu, 02 Mar 2023 07:39:57 GMT
content-encoding
br
last-modified
Wed, 02 Nov 2022 09:38:15 GMT
x-amz-request-id
Y238J3PE1T350KQE
etag
"6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
3391
x-amz-id-2
7D94DmvcJFvs5OQ4PhfYq+5z8C0JzpuUU8LWTA7PyqhlXj6+H4ZIcj/WRv0Bjz2UTFZjRPzaeuY=
46575
tag.navdmp.com/u/ 		497 B
475 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/u/46575
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27f6c8c22d2d9d2f7483a241cd3197bb47761032845bdd1c28cc0e2713484af3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:57 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Fri, 26 Aug 2022 15:00:58 GMT
server
cloudflare
etag
W/"6308e02a-1f1"
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7a17fd21b95b9b98-FRA
expires
Thu, 02 Mar 2023 08:39:57 GMT
abc.txt
static.avantisvideo.com/data/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.avantisvideo.com/data/abc.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:5000:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6a0fcba65912d9b7a629bcf8bb33451adf56c8de79c3f7aff26fd9ee478f4067

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Mar 2023 11:22:45 GMT
content-encoding
gzip
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
73033
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sun, 26 Feb 2023 15:20:42 GMT
server
AmazonS3
etag
W/"12c6925606264d1fe4de2ba9d3e9b826"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://olhardireto.com.br
access-control-allow-credentials
true
x-amz-cf-id
zv7mBaGKzJRDzu-azTWn5LOHIhH78mlR2226DobdGY_ngqPJrhk6IA==
/
events1.avantisvideo.com/ 		0
35 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.11.3.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-11-3-6.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 02 Mar 2023 07:39:57 GMT
fpc
at.teads.tv/ 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_13576&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=8480ba3&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.209.30 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-209-30.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Mar 2023 07:39:57 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://olhardireto.com.br
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 02 Mar 2023 07:39:57 GMT
usr
usr.navdmp.com/ 		359 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usr.navdmp.com/usr?v=7&acc=46575&u=1&new=1&wst=0&wct=1&wla=1
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da981b4a7798c3ab09f2de1314d8d0655d30f0dce5816881a170ae695f13a153

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
public
date
Thu, 02 Mar 2023 07:39:57 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
cf-ray
7a17fd22caf19b98-FRA
expires
Thu, 02 Mar 2023 08:39:57 GMT
u_d.html
cdn1.avantisvideo.com/connect/ Frame 1C0E 		46 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn1.avantisvideo.com/connect/u_d.html
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20dc:3400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848

Request headers

Referer
https://olhardireto.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
61243
content-encoding
gzip
content-type
text/html
date
Wed, 01 Mar 2023 14:39:15 GMT
etag
W/"f9678e3c391d61d33ed4b6129f75c60e"
last-modified
Wed, 06 Apr 2022 12:25:53 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 785863fe1b0961dc0a54153752ab0c4c.cloudfront.net (CloudFront)
x-amz-cf-id
MM7zIf6604baGSxlZfROKYx7nzTMkCxtuGu56dsBstCOLEeAxQCCsw==
x-amz-cf-pop
MXP64-C1
x-amz-version-id
dem0VvOWe0jwgvR1YOcBwtPtUobNlIGA
x-cache
Hit from cloudfront
geoip
avm.avantisvideo.com/api/v1/ Frame 1C0E 		238 B
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:ee00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
54fbbcd44c747818c87d29f587ef56c4d6b57e3512c30eb9764b78c82ecb8528
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn1.avantisvideo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 02 Mar 2023 07:39:57 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA2-C1
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
content-length
238
x-xss-protection
0
referrer-policy
no-referrer
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cdn1.avantisvideo.com
x-download-options
noopen
access-control-allow-credentials
true
x-amz-cf-id
O55vohwM7tUrQAJMedHOGA1AVAuC39l2Rn6XzZYRfPvmLjoUM37tJg==
geoip
avm.avantisvideo.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:ee00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://cdn1.avantisvideo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://cdn1.avantisvideo.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Thu, 02 Mar 2023 07:39:57 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
x-amz-cf-id
_CI7Mz6jU5MawzCv0N1esDrSIxvrhodPgZlBZ3OucrUx_OmA-xZ1zA==
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
req
cdn.navdmp.com/ 		6 B
77 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.navdmp.com/req?v=7&id=1251e995be54d65804f3ef06a410%7C0&acc=46575&tit=Not%25EDcias%2520de%2520MT%2520%257C%2520Olhar%2520Direto&url=https%253A%2F%2Folhardireto.com.br%2F&upd=1&new=1&h1=Olhar%2520Direto
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7a17fd23dc3e9b98-FRA
content-length
6
content-type
application/x-javascript
sync
sync2.navdmp.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=78683674046
  • https://sync2.navdmp.com/sync?prtid=2&id=78683674046&google_gid=CAESEAYq69Pp4_zfyXWUAvRaHbk&google_cver=1
6 B
57 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync2.navdmp.com/sync?prtid=2&id=78683674046&google_gid=CAESEAYq69Pp4_zfyXWUAvRaHbk&google_cver=1
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7a17fd246d0a9b98-FRA
content-length
6
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync2.navdmp.com/sync?prtid=2&id=78683674046&google_gid=CAESEAYq69Pp4_zfyXWUAvRaHbk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
sync.navdmp.com/
Redirect Chain
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
  • https://sync.navdmp.com/sync?img=1&mdia=f9506400-52cc-4100-a9b5-8737be7d095b
43 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.navdmp.com/sync?img=1&mdia=f9506400-52cc-4100-a9b5-8737be7d095b
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:57 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
cf-ray
7a17fd260f1b9b98-FRA
content-length
43
content-type
image/gif

Redirect headers

Date
Thu, 02 Mar 2023 07:39:57 GMT
Server
MT3 530 4e92630 master zrh-pixel-x15 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Location
https://sync.navdmp.com/sync?img=1&mdia=f9506400-52cc-4100-a9b5-8737be7d095b
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Thu, 02 Mar 2023 07:39:56 GMT
sync
sync.navdmp.com/
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
  • https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
  • https://sync.navdmp.com/sync?prtid=12&yahid=y-BRJ3n7ZE2p7DST7AIxmowsotmYB1HoFzv4Q-~A
6 B
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.navdmp.com/sync?prtid=12&yahid=y-BRJ3n7ZE2p7DST7AIxmowsotmYB1HoFzv4Q-~A
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7a17fd257e449b98-FRA
content-length
6
content-type
application/javascript

Redirect headers

location
https://sync.navdmp.com/sync?prtid=12&yahid=y-BRJ3n7ZE2p7DST7AIxmowsotmYB1HoFzv4Q-~A
date
Thu, 02 Mar 2023 07:39:57 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Folhardireto.com.br%2F&domain=olhardireto.com.br&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=aHMTT3wrRXJaVmZyY3N0bUlzVjlxSWZXRWk1bDloWS81dlN1a0s1YVdnUEJzeVB6aDF1bDBZWnh4OGxsaFFwRFZ5YnB4M2VOWmpaVStlZlV1YUQwbXpkTHU3TDJLbGJCSlZXUHJEay9nTkFsY1I2M1ZaTDNKNHBDaVVTbm...
362 B
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=aHMTT3wrRXJaVmZyY3N0bUlzVjlxSWZXRWk1bDloWS81dlN1a0s1YVdnUEJzeVB6aDF1bDBZWnh4OGxsaFFwRFZ5YnB4M2VOWmpaVStlZlV1YUQwbXpkTHU3TDJLbGJCSlZXUHJEay9nTkFsY1I2M1ZaTDNKNHBDaVVTbmo2TXorcmxjOGVyVExxSURwQ1laY1lGOHk0TDhpNGN6TEpqWnI5RUFnZXJ5UHlDNGhvOTJjR2F1UWJCb3dRWlAwQzRnWlZoWnQvdjBQUnQ1dEVKZ0VnY3I4a0hlUTZNTlNYV2g1dkprTUY5d24zYzFOZVhVRW5BbW5OUTd0cVF2dlIwZkhPeG5vfA&cppv=2
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7794777de5e40f2f5c9a78b2dda439247bfe2a01ea3714280c835ba50cf712fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:57 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
715332
expires
0

Redirect headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:57 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=aHMTT3wrRXJaVmZyY3N0bUlzVjlxSWZXRWk1bDloWS81dlN1a0s1YVdnUEJzeVB6aDF1bDBZWnh4OGxsaFFwRFZ5YnB4M2VOWmpaVStlZlV1YUQwbXpkTHU3TDJLbGJCSlZXUHJEay9nTkFsY1I2M1ZaTDNKNHBDaVVTbmo2TXorcmxjOGVyVExxSURwQ1laY1lGOHk0TDhpNGN6TEpqWnI5RUFnZXJ5UHlDNGhvOTJjR2F1UWJCb3dRWlAwQzRnWlZoWnQvdjBQUnQ1dEVKZ0VnY3I4a0hlUTZNTlNYV2g1dkprTUY5d24zYzFOZVhVRW5BbW5OUTd0cVF2dlIwZkhPeG5vfA&cppv=2
access-control-allow-origin
https://olhardireto.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
362161
content-length
0
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Folhardireto.com.br%2F&domain=olhardireto.com.br&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://olhardireto.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://olhardireto.com.br
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 02 Mar 2023 07:39:57 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
256390
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame D249 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://olhardireto.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 02 Mar 2023 07:39:57 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame BB4C 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://olhardireto.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 02 Mar 2023 07:39:57 GMT
/
onetag-sys.com/usync/ Frame 7485 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1677742792353
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://olhardireto.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame C5A0 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.181 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-181.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://olhardireto.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 02 Mar 2023 07:39:58 GMT
ETag
"623de86a-cf34"
Expires
Fri, 03 Mar 2023 07:40:00 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
video-loader2.2-cr.js
cdn.avantisvideo.com/js/ 		249 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/video-loader2.2-cr.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20dc:3400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
afb5179b52398a341cf58f7ad175cc2168aad9f3b1b86f6510edd4bd188f1df9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
8O5k7zBb6quAXsEM5lSh.7VnVgHe2B4O
content-encoding
gzip
via
1.1 785863fe1b0961dc0a54153752ab0c4c.cloudfront.net (CloudFront)
date
Wed, 01 Mar 2023 14:38:20 GMT
last-modified
Sun, 26 Feb 2023 14:38:12 GMT
server
AmazonS3
x-amz-cf-pop
MXP64-C1
age
61297
x-amz-server-side-encryption
AES256
etag
W/"eac34ef128efc3154803dcbe3881f59f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
TGy-shVjd-F6UunVboulc0T_PVbLBM2KBhTPu-2Vg8qCuGnW58Ef1w==
geoip
avm.avantisvideo.com/api/v1/ 		238 B
988 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.2-cr.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:ee00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
54fbbcd44c747818c87d29f587ef56c4d6b57e3512c30eb9764b78c82ecb8528
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 02 Mar 2023 07:39:58 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA2-C1
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
content-length
238
x-xss-protection
0
referrer-policy
no-referrer
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://olhardireto.com.br
x-download-options
noopen
access-control-allow-credentials
true
x-amz-cf-id
FvD9ZF1eA_vxH0lsEqWFIKuAkr3efrEFNCIzF8ucQwl6rVMWDe85wA==
geoip
avm.avantisvideo.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:ee00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://olhardireto.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://olhardireto.com.br
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Thu, 02 Mar 2023 07:39:57 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
x-amz-cf-id
0oTnYBVzkhVga7mQmegFx8Wm9towbXHMKQ_qdp0N11p52VSbYpwW9w==
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
/
events1.avantisvideo.com/ 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.11.3.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-11-3-6.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 02 Mar 2023 07:39:57 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=aHMTT3wrRXJaVmZyY3N0bUlzVjlxSWZXRWk1bDloWS81dlN1a0s1YVdnUEJzeVB6aDF1bDBZWnh4OGxsaFFwRFZ5YnB4M2VOWmpaVStlZlV1YUQwbXpkTHU3TDJLbGJCSlZXUHJEay9nTkFsY1I2M1ZaTDNKNHBDaVVTbmo2TXorcmxjOGVyVExxSURwQ1laY1lGOHk0TDhpNGN6TEpqWnI5RUFnZXJ5UHlDNGhvOTJjR2F1UWJCb3dRWlAwQzRnWlZoWnQvdjBQUnQ1dEVKZ0VnY3I4a0hlUTZNTlNYV2g1dkprTUY5d24zYzFOZVhVRW5BbW5OUTd0cVF2dlIwZkhPeG5vfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 02 Mar 2023 07:39:57 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
274645
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame D249 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e9f369eb7d4ad8e504e369b1f56fd374d9db9b6c00106486c554ebcc1ed97573

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 02 Mar 2023 07:39:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Mar 2023 21:13:57 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=48867
Connection
keep-alive
Content-Length
10005
Expires
Thu, 02 Mar 2023 21:14:25 GMT
async_usersync
ib.adnxs.com/ Frame C5A0 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Mar 2023 07:39:58 GMT
AN-X-Request-Uuid
81b9073e-6d20-4417-a19e-37b96f93392f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.194.163; 217.138.194.163; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
3
avm.avantisvideo.com/api/v1/vl/645b490f-24f2-429d-a04c-d266868eea7c/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/vl/645b490f-24f2-429d-a04c-d266868eea7c/3?no_cache=false&target=true&device=desktop&countryAllowed=false&cb=1677742798187&subId=&browser=chrome&utm=&os=windows&url=https%3A%2F%2Folhardireto.com.br%2F&eu=true&country=DE&hour=7&amp=false&domain=olhardireto.com.br
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.2-cr.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:ee00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4db14a7761aac762d0a762ec77cb792b83321ef3f7f594a9b21bbcdefe06cd07
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 02 Mar 2023 07:39:58 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
via
1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
x-xss-protection
0
referrer-policy
no-referrer
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://olhardireto.com.br
x-download-options
noopen
access-control-allow-credentials
true
x-amz-cf-id
MqyzkoMFCYKmYP5EfD0ph9G_urWrmxYpJPlnr9sSBqAtKHMW5X307w==
3
avm.avantisvideo.com/api/v1/vl/645b490f-24f2-429d-a04c-d266868eea7c/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/vl/645b490f-24f2-429d-a04c-d266868eea7c/3?no_cache=false&target=true&device=desktop&countryAllowed=false&cb=1677742798187&subId=&browser=chrome&utm=&os=windows&url=https%3A%2F%2Folhardireto.com.br%2F&eu=true&country=DE&hour=7&amp=false&domain=olhardireto.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:ee00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://olhardireto.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://olhardireto.com.br
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Thu, 02 Mar 2023 07:39:58 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
x-amz-cf-id
HV5jA2S83bQl-pgmLfgvGwptX_b5Zx4RpL2QoQs4ZXQKI2Fk4UgxNw==
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
/
events.avantisvideo.com/ 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.11.3.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-11-3-6.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 02 Mar 2023 07:39:58 GMT
tap.php
pixel.rubiconproject.com/ Frame D249
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKdHll_Y1QSm-hQ5EMTRZ_s&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKdHll_Y1QSm-hQ5EMTRZ_s&google_cver=1
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKdHll_Y1QSm-hQ5EMTRZ_s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame D249
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/BvQzwHec8ayfAmU1daqM_Mn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-bkTIomFE2oIaAxSON2oauXUUggABHpuhpiJ87w--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-bkTIomFE2oIaAxSON2oauXUUggABHpuhpiJ87w--~A
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 02 Mar 2023 07:39:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-bkTIomFE2oIaAxSON2oauXUUggABHpuhpiJ87w--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame D249
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVRU1FOUVEtMUItQ1hJUg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVRU1FOUVEtMUItQ1hJUg==
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H3
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVRU1FOUVEtMUItQ1hJUg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame D249
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=YQuFfyECSZygOMgLOlY5XA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=YQuFfyECSZygOMgLOlY5XA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=YQuFfyECSZygOMgLOlY5XA
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
HTTP/1.1
Server
54.239.33.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Mar 2023 07:39:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
T350DWC7PJ99EPTWP10A
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=YQuFfyECSZygOMgLOlY5XA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame D249
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEQSQNQQ-1B-CXIR
0
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEQSQNQQ-1B-CXIR
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:57 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 3835FC53F7A849D981E72BBD43B1860F Ref B: FRAEDGE1210 Ref C: 2023-03-02T07:39:58Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX15e+GV5hblyZI/s3wKQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEQSQNQQ-1B-CXIR
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame D249 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 02 Mar 2023 07:39:58 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame D249
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTA0ZjQwYjRmN2FjYzc5YzFkMTRmMjJmYWMwMjRmNjJmZWU1YzYyYQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTA0ZjQwYjRmN2FjYzc5YzFkMTRmMjJmYWMwMjRmNjJmZWU1YzYyYQ
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H3
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTA0ZjQwYjRmN2FjYzc5YzFkMTRmMjJmYWMwMjRmNjJmZWU1YzYyYQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame D249
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=rO83saskQviLlUEokL5Mmw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=rO83saskQviLlUEokL5Mmw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=rO83saskQviLlUEokL5Mmw
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Mar 2023 07:39:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SFSVJA644E34KDNVKWSH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=rO83saskQviLlUEokL5Mmw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		362 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.2-cr.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32da02f599892468c7a58fe88da372b97c0fccdce8f2dba4877eed604ea3d0ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:39:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
124064
x-xss-protection
0
expires
Thu, 02 Mar 2023 07:39:58 GMT
5.ebeca9a481e99dabf73d-vl-cr.js
cdn.avantisvideo.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/5.ebeca9a481e99dabf73d-vl-cr.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.2-cr.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20dc:3400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fd2af4af27d0ec3b416e356e9302be5b8e346d940a698c71b87d8ad72f695f99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
JOBXhh_wdnPOGS_VZdvL3bVGwYsNf1vr
content-encoding
gzip
via
1.1 785863fe1b0961dc0a54153752ab0c4c.cloudfront.net (CloudFront)
date
Wed, 01 Mar 2023 14:38:21 GMT
last-modified
Thu, 23 Feb 2023 06:06:48 GMT
server
AmazonS3
x-amz-cf-pop
MXP64-C1
age
61297
x-amz-server-side-encryption
AES256
etag
W/"5b39a7601cce382127eda58612ab9324"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
4m9mPTABrEs5kKz8PiiHNYMv-fZLYitgrOLyz4DECthqsaSQEdBsrg==
0.ebeca9a481e99dabf73d-vl-cr.js
cdn.avantisvideo.com/js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/0.ebeca9a481e99dabf73d-vl-cr.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.2-cr.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20dc:3400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d9f8511cf5b554346aa0e14aef16a8700dbba6cdfd032d20facc994e42f53e6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
hDvSlGHIUVteLLJKEBgAWqnzDWr36Ujh
content-encoding
gzip
via
1.1 785863fe1b0961dc0a54153752ab0c4c.cloudfront.net (CloudFront)
date
Wed, 01 Mar 2023 14:38:19 GMT
last-modified
Thu, 23 Feb 2023 06:06:48 GMT
server
AmazonS3
x-amz-cf-pop
MXP64-C1
age
61299
x-amz-server-side-encryption
AES256
etag
W/"38796bbbc84e1524c303a989fe90b054"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
ZIHh5qr7oymJ9gmfZBOTWqnRt90aT3jQAmUOAIwKr6sFeKLa2RcCww==
1.ebeca9a481e99dabf73d-vl-cr.js
cdn.avantisvideo.com/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/1.ebeca9a481e99dabf73d-vl-cr.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.2-cr.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20dc:3400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5cd28819ef01d483bd656bae3b7892cf1e94f9bf2910da931ef402e8815ad7dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 14:38:20 GMT
x-amz-version-id
UQWKpBvYOIpuz2Fraf9y6SoMRZSuPCU1
content-encoding
gzip
last-modified
Thu, 23 Feb 2023 06:06:48 GMT
server
AmazonS3
via
1.1 785863fe1b0961dc0a54153752ab0c4c.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP64-C1
etag
W/"126f3174b05631d799be4718abc06bc2"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
61299
x-amz-cf-id
3n5JA_Y4lqAfqrYzlNTsmUrKoB-xmX-zW5j26ObufhHuMaN0tYE9kA==
os-player.js
cdn.avantisvideo.com/js/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/os-player.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.2-cr.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20dc:3400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e43b61b5f1b05fa1ef4a334528de3825fdc8d23610ef5e61174052bfe6b6797

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 11:21:30 GMT
x-amz-version-id
DszgTCp5RGxIDw0.TRL5vgiUur_opAlO
content-encoding
gzip
last-modified
Wed, 01 Mar 2023 11:21:19 GMT
server
AmazonS3
via
1.1 785863fe1b0961dc0a54153752ab0c4c.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP64-C1
etag
W/"fc50a7ad3c2bd61925cea08cc06e0ebf"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
73109
x-amz-cf-id
xmZqHwEQ1GGV-ppX7CuNZpDxFRZ20uWbHtrGw0UfD90wbw6W3pZwxg==
prebid.js
cdn.avantisvideo.com/js/ 		625 KB
195 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/prebid.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.2-cr.js?id=645b490f-24f2-429d-a04c-d266868eea7c&tagId=3&subId=&callback=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20dc:3400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c731a21b14de3186dfd68ca0c5541a40533d361ce5f30212f34684b36ed6374

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 19:30:58 GMT
x-amz-version-id
8HK5PbthUyJ8kN0.OJxajif_gujCUBdT
content-encoding
gzip
last-modified
Mon, 26 Dec 2022 12:43:24 GMT
server
AmazonS3
via
1.1 785863fe1b0961dc0a54153752ab0c4c.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP64-C1
etag
W/"1504749178902401f3689760d17c9ed8"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
43741
x-amz-cf-id
LhtWdMFf3ZL64Sy_zdIS8vOiY5LYsNm_wT-f2N_CEPuejgq9y63Kxg==
os-player.css
cdn.avantisvideo.com/style/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/style/os-player.css
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/1.ebeca9a481e99dabf73d-vl-cr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20dc:3400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e245ca92c09a55cd4ada741ca10d43a0d095f93adb355d859e3eacc5df4d511c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
1WT.iJqu0bb9k8ucDnNhjWil0ArXlrfg
content-encoding
gzip
via
1.1 785863fe1b0961dc0a54153752ab0c4c.cloudfront.net (CloudFront)
date
Wed, 01 Mar 2023 17:26:48 GMT
last-modified
Thu, 24 Feb 2022 10:56:10 GMT
server
AmazonS3
x-amz-cf-pop
MXP64-C1
age
51191
etag
W/"187d5380bc1b7cc4d9fd876475b2fff3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
3KWsJHQHICRXWG9dsCPLd-jh1c73yAD2HviECUBoNWVvSiPShsIdCA==
prebid-request
onetag-sys.com/ 		15 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://olhardireto.com.br
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid-request
onetag-sys.com/ 		15 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://olhardireto.com.br
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
translator
hbopenbid.pubmatic.com/ 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://olhardireto.com.br
date
Thu, 02 Mar 2023 07:39:58 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		138 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
1e39c57ba787f793f88d81a794b583a55c39bcf27893b09c230c7e92247b2e5d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 02 Mar 2023 07:39:58 GMT
AN-X-Request-Uuid
d6b3d6e9-70b5-4439-acc7-3a5e93c2c1dd
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://olhardireto.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.194.163; 217.138.194.163; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pb
ad.360yield.com/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.189.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-189-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://olhardireto.com.br
date
Thu, 02 Mar 2023 07:39:58 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
auction
prebid-server.rubiconproject.com/openrtb2/ 		173 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.210.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-210-122.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
12537e599dc7f83b42823057e0c491f55f6a979c4c277d6066129fdab3b6bb93

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:58 GMT
content-encoding
gzip
x-prebid
pbs-java/1.112.0
content-type
application/json
access-control-allow-origin
https://olhardireto.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
prebid
ib.adnxs.com/ut/v3/ 		139 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
d79b70c2523d568f498f7fb49ad81dfdee1d7ff812d47524ef78e9afc0bcf69b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 02 Mar 2023 07:39:58 GMT
AN-X-Request-Uuid
a72026a2-9f0f-4ce5-a39c-f8efd00f028e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://olhardireto.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.194.163; 217.138.194.163; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		173 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.210.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-210-122.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
d3048747bb6f595a0b70a0bb95bca3288d6bf858e634437719ecf5de70727c8c

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:58 GMT
content-encoding
gzip
x-prebid
pbs-java/1.112.0
content-type
application/json
access-control-allow-origin
https://olhardireto.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
/
events.avantisvideo.com/ 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.11.3.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-11-3-6.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 02 Mar 2023 07:39:58 GMT
/
events.avantisvideo.com/ 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.11.3.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-11-3-6.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 02 Mar 2023 07:39:58 GMT
async_usersync
ib.adnxs.com/ Frame C5A0 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Mar 2023 07:39:59 GMT
AN-X-Request-Uuid
4eec8d8e-afdd-48cf-a90b-fcfe7863c272
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.194.163; 217.138.194.163; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://olhardireto.com.br
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid-request
onetag-sys.com/ 		15 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://olhardireto.com.br
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://olhardireto.com.br
date
Thu, 02 Mar 2023 07:39:58 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		139 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5ee52353c29dcf86b124e02776d7c3473bc887b2469e341cb4b91ecf340700af
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 02 Mar 2023 07:39:59 GMT
AN-X-Request-Uuid
f106b54c-034e-4c64-ac34-41f59c9b370b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://olhardireto.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.194.163; 217.138.194.163; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pb
ad.360yield.com/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.189.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-189-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://olhardireto.com.br
date
Thu, 02 Mar 2023 07:39:59 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
auction
prebid-server.rubiconproject.com/openrtb2/ 		173 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.210.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-210-122.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6c2f667f26425a07b818a0f92fb27efc27cb6b4047265012b04fcc060a215ee7

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:59 GMT
content-encoding
gzip
x-prebid
pbs-java/1.112.0
content-type
application/json
access-control-allow-origin
https://olhardireto.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
169
expires
0
prebid
ib.adnxs.com/ut/v3/ 		139 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c1f172c587682626a3c2ce85e7b1668b1f6ab7abd2e4a4ead0b7e51bad2c8277
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 02 Mar 2023 07:39:59 GMT
AN-X-Request-Uuid
6e199e1c-791c-4be3-bb38-168d764a6410
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://olhardireto.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.194.163; 217.138.194.163; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		173 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.210.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-210-122.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
276a3b9ba6d9b29db6717f0907f27b0ff194764a66c0dbaa6b0950595b08e804

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:59 GMT
content-encoding
gzip
x-prebid
pbs-java/1.112.0
content-type
application/json
access-control-allow-origin
https://olhardireto.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
169
expires
0
/
events.avantisvideo.com/ 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.11.3.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-11-3-6.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://olhardireto.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 02 Mar 2023 07:39:59 GMT
dt
dt.adsafeprotected.com/ Frame 0B2E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=b4a7d2af-6386-f4ed-b76e-16d38000cb76&tv=%7Bc:5GHlk1,pingTime:5,time:5612,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:90,t:24%7D,%7Bpiv:100,vs:i,r:,t:611%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5002,o:611,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B603~0%5D,as:%5B603~970.90%5D%7D%7D,%7Bsl:i,t:611,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5002~100%5D,as:%5B5002~970.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:275,fm:txkxMQV+11%7C12%7C13%7C14%7C1511%7C16*.1135760-69474538%7C161%7C17.1135760-65089100%7C171,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:25,sis:224%7D&br=c
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:b818:916:ed27:48c4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:40:00 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 0B2E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=b4a7d2af-6386-f4ed-b76e-16d38000cb76&tv=%7Bc:5GHlk3,pingTime:5,time:5614,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:90,t:24%7D,%7Bpiv:100,vs:i,r:,t:611%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5003,o:611,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B603~0%5D,as:%5B603~970.90%5D%7D%7D,%7Bsl:i,t:611,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5004~100%5D,as:%5B5004~970.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:275,fm:txkxMQV+11%7C12%7C13%7C14%7C1511%7C16*.1135760-69474538%7C161%7C17.1135760-65089100%7C171,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:25,sis:224%7D&br=c
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:b818:916:ed27:48c4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:40:00 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
page.php
www.facebook.com/v10.0/plugins/ Frame 7A2D 		42 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v10.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15ad8aacd109e4%26domain%3Dolhardireto.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Folhardireto.com.br%252Ff2939143f829ad4%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Folhardiretomt&locale=pt_BR&sdk=joey&show_facepile=false&small_header=false&tabs=&width=
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=755ba6ba50e438130e4912ea09705ba8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5ccd2b0521f4828bb1be771f07d08d2b80af297242c00739dcc23e7b19ed6dc7
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://olhardireto.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Thu, 02 Mar 2023 07:40:00 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v10.0
origin-agent-cluster
?0
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
jDGvgK7EhdPhmZRJAbJW6gIvm5TdtdjQZLg9T6Fkl74oxauTUFy03ZlcShO8UI6vDb2OlLNK387leFEyj3wCCQ==
x-fb-rlafr
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230227&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6337956849655550&plah=olhardireto.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8550edd4db06074d1031d592865a73a7e9c005500e4e240f9ec2013aaae4328
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:40:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11423
x-xss-protection
0
syncframe
gum.criteo.com/ Frame FB9D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=olhardireto.com.br
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
97d67f8c2575e19d30ae28a32bad7610849e0e56c81ca66e51178124a5c5eed2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://olhardireto.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 02 Mar 2023 07:39:59 GMT
server
Kestrel
server-processing-duration-in-ticks
509826
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6337956849655550&plah=olhardireto.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:40:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 02 Mar 2023 07:40:00 GMT
sid
mug.criteo.com/ Frame FB9D
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=olhardireto.com.br&sn=ChromeSyncframe&so=3&topUrl=olhardireto.com.br&bundle=I-yajF9FRlhWTjA3aCUyRm1VNUtHTTN3QWhtMm0lMkJGJTJCTSUyQjNFMWp6VG...
  • https://mug.criteo.com/sid?cpp=N_o3hXxycENvaE83ZFRjcFljZmdJRFlIYVRyRnMwSXlid20zOFNsNUZQZTViS0tnUGlUb2cvT1R5THVJOFUrL3RiL1pVZXJ4Sm5SRU1uWEJIR09zaERCWGQ4azRVUmNtYWtVYXV2MWYwT0N2eUpQS09XTXV0VE9GaEJMS1...
452 B
674 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=N_o3hXxycENvaE83ZFRjcFljZmdJRFlIYVRyRnMwSXlid20zOFNsNUZQZTViS0tnUGlUb2cvT1R5THVJOFUrL3RiL1pVZXJ4Sm5SRU1uWEJIR09zaERCWGQ4azRVUmNtYWtVYXV2MWYwT0N2eUpQS09XTXV0VE9GaEJMS1RxUG84cldxTzhUd2V4dy9xTFUyR0RSakgzREwrR1piVDcybkJTUWpPTUdRMUFPSHFWYndNYkNJSkl6TTRDUS9zNURUbXNodGhVYUdCZHlZQ1lwTWMrLzBJWFpJbVJGZHorY0V1cGhNVHJkSGF2ZGlGSkY5Znh2WkhkS1J4cjdqZmNCa3Bid1RBajJna0VTUVRTTElNQllFMGNmNzVsenVTMFl0RUlHYUpDa1JzU2tRd2owZz18&cppv=2
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ca003e3ef78644b01094c7bc0e00bd52e97843e5ca83e2afe19fef03b18cbd0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:39:59 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1595084
expires
0

Redirect headers

pragma
no-cache
date
Thu, 02 Mar 2023 07:40:00 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=N_o3hXxycENvaE83ZFRjcFljZmdJRFlIYVRyRnMwSXlid20zOFNsNUZQZTViS0tnUGlUb2cvT1R5THVJOFUrL3RiL1pVZXJ4Sm5SRU1uWEJIR09zaERCWGQ4azRVUmNtYWtVYXV2MWYwT0N2eUpQS09XTXV0VE9GaEJMS1RxUG84cldxTzhUd2V4dy9xTFUyR0RSakgzREwrR1piVDcybkJTUWpPTUdRMUFPSHFWYndNYkNJSkl6TTRDUS9zNURUbXNodGhVYUdCZHlZQ1lwTWMrLzBJWFpJbVJGZHorY0V1cGhNVHJkSGF2ZGlGSkY5Znh2WkhkS1J4cjdqZmNCa3Bid1RBajJna0VTUVRTTElNQllFMGNmNzVsenVTMFl0RUlHYUpDa1JzU2tRd2owZz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
430868
content-length
0
expires
0
z1dR0DkdtFj.css
static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/ Frame 7A2D 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/z1dR0DkdtFj.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15ad8aacd109e4%26domain%3Dolhardireto.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Folhardireto.com.br%252Ff2939143f829ad4%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Folhardiretomt&locale=pt_BR&sdk=joey&show_facepile=false&small_header=false&tabs=&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e8bbc378bcd6aa828c12e956294979ffd6cb27ef742323c54558186cca039ee3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:40:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
/mSHdUByrvbDtBliDhHsew==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4926
x-fb-rlafr
0
x-fb-debug
sMLfjA3aVWvPdI6rJFoZoZreOYtsUlZli2I7kcTgN2WP4MPqt8/FTgfioahGaXnUCSSsXtdwAhjwNGWC/wKwjA==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 29 Feb 2024 16:03:45 GMT
k9frVvgZWTr.css
static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/ Frame 7A2D 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/k9frVvgZWTr.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15ad8aacd109e4%26domain%3Dolhardireto.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Folhardireto.com.br%252Ff2939143f829ad4%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Folhardiretomt&locale=pt_BR&sdk=joey&show_facepile=false&small_header=false&tabs=&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:40:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
q6bCky1+00PrRbx3auADnQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
833
x-fb-rlafr
0
x-fb-debug
fZ2DHMxt+D1HC9rPrU50JKTbnIqugzV3e7+LOCJcpAsmkuDcn5mFWyeJ1cPaaiXKZN7phbNlXeIuhLKE0fF7nQ==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 23 Feb 2024 14:05:51 GMT
E1VUnRBtU87.js
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 7A2D 		294 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/E1VUnRBtU87.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15ad8aacd109e4%26domain%3Dolhardireto.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Folhardireto.com.br%252Ff2939143f829ad4%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Folhardiretomt&locale=pt_BR&sdk=joey&show_facepile=false&small_header=false&tabs=&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d2c3253b961bbd704cf79c7e14b9e64a3ef2d80ca7a5073a8bed78f556eff029
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:40:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
on3S6cXd0Wz71EbB5+ql2g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
80385
x-fb-rlafr
0
x-fb-debug
97HeJtKgQ9Ab78oTsv/45qmtlwZzDWjxnC4SHpvmAVGWC32INWOiqYQIIWCBuA90NV9NhBXccoSy8Gv4IQDMsA==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 29 Feb 2024 05:44:38 GMT
1vqdAx4Rupn.js
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ Frame 7A2D 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yi/r/1vqdAx4Rupn.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15ad8aacd109e4%26domain%3Dolhardireto.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Folhardireto.com.br%252Ff2939143f829ad4%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Folhardiretomt&locale=pt_BR&sdk=joey&show_facepile=false&small_header=false&tabs=&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27302414bb400fb5bba84b2c45cb8357941264798f37e00e15a1e070631a02a1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:40:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
LRYt+mU9MFNtaKgLk+CCoA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4112
x-fb-rlafr
0
x-fb-debug
KVsZdRawcy/th6ywcIqig55xxmzXcX/QmjG9V+RJz0X5CoW1Kno2bzm1z+0SvEnAWvFMEtdmNhbjw7xbocO5Ag==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 29 Feb 2024 03:32:59 GMT
j4Er48pjWRE.js
static.xx.fbcdn.net/rsrc.php/v3/yq/r/ Frame 7A2D 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yq/r/j4Er48pjWRE.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15ad8aacd109e4%26domain%3Dolhardireto.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Folhardireto.com.br%252Ff2939143f829ad4%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Folhardiretomt&locale=pt_BR&sdk=joey&show_facepile=false&small_header=false&tabs=&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eefd8f91ec0802f2ceeea25e98dbba3220e233382bcc7dfacf84319679ba612e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:40:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
MgSLIShqPKdQrqkRBpZr9Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12243
x-fb-rlafr
0
x-fb-debug
5qHTJxzaPa12ZLvv9S0WGXRhwgwxSiZrPrHLASvQ7uVttVqsERm0FRoz4JF8iV/bOibcE1h1wQ1YW55jTEmhVQ==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 23 Feb 2024 01:18:20 GMT
HyhgiZ73_5A.js
static.xx.fbcdn.net/rsrc.php/v3/yo/r/ Frame 7A2D 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/HyhgiZ73_5A.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15ad8aacd109e4%26domain%3Dolhardireto.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Folhardireto.com.br%252Ff2939143f829ad4%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Folhardiretomt&locale=pt_BR&sdk=joey&show_facepile=false&small_header=false&tabs=&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9c493d1302c8850350fc1eda89435fc84074ca72d5f11a69fef52643cc1034ac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:40:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
0rRGkrjIBd4xz8qtA4nKQg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16219
x-fb-rlafr
0
x-fb-debug
DvoObVire/OWmXGi1nRvIJ2Z/1WXKDCinYP8mfBnAntFOTN0CC+KPt/4zWWAdQ33BJUfkxf+9YvxBoXmtxhVpw==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 23 Feb 2024 01:18:31 GMT
v1IyAO488IL.js
static.xx.fbcdn.net/rsrc.php/v3iM-F4/yD/l/pt_BR/ Frame 7A2D 		81 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iM-F4/yD/l/pt_BR/v1IyAO488IL.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15ad8aacd109e4%26domain%3Dolhardireto.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Folhardireto.com.br%252Ff2939143f829ad4%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Folhardiretomt&locale=pt_BR&sdk=joey&show_facepile=false&small_header=false&tabs=&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8404583717e1c624060b153f42b00168f94c879f496720ff0b726b366d41232e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:40:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
UW43vOi7BfneM/cP7pTDhA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
22694
x-fb-rlafr
0
x-fb-debug
2r3oWmqs0Plq7qbL65TiodOfU7YY0yFg3Ww3CtN/deUBRvOm3jW138RPTnCOZ4DGiBltsU8qhNC6UpXuIhMQIA==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 29 Feb 2024 06:05:08 GMT
327297850_1356863315097511_1555653522003838302_n.png
scontent-fra3-1.xx.fbcdn.net/v/t39.30808-6/ Frame 7A2D 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-fra3-1.xx.fbcdn.net/v/t39.30808-6/327297850_1356863315097511_1555653522003838302_n.png?stp=dst-png_p130x130&_nc_cat=101&ccb=1-7&_nc_sid=dd9801&_nc_ohc=0hpa5eYFsG8AX-OmNB1&_nc_ht=scontent-fra3-1.xx&edm=AD5vYhEEAAAA&oh=00_AfDb8eRwk4bDJWxIESjhuTD0fVW4ah_Awu-ROngwmoKdlg&oe=64058504
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15ad8aacd109e4%26domain%3Dolhardireto.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Folhardireto.com.br%252Ff2939143f829ad4%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Folhardiretomt&locale=pt_BR&sdk=joey&show_facepile=false&small_header=false&tabs=&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
576406c6453a76e76524b4b28bcc59ced7b4624e6bc627ec561bc66ff4f33659

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-haystack-needlechecksum
70432964
date
Thu, 02 Mar 2023 07:40:00 GMT
content-digest
adler32=2205336732
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
63017
x-fb-trip-id
1679558926
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Fri, 27 Jan 2023 21:16:37 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
x-fb-edge-debug
TGjBTouGm6Ox66hzE_I_bsF6oHNpdeKoiVAN_hfdCJhpBrno6wYHuhvQvBM9azu6k3fx6WkkY3uasrIE19R6bC1rhh8kucJF_j_pw9e6gZ7wKV15dPLmG58yLmiYdTHu
x-needle-checksum
466701047
accept-ranges
bytes
timing-allow-origin
*
10661779_822471371119142_3894857862264567149_o.jpg
scontent-fra5-2.xx.fbcdn.net/v/t31.18172-1/ Frame 7A2D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-fra5-2.xx.fbcdn.net/v/t31.18172-1/10661779_822471371119142_3894857862264567149_o.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=107&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=ljtJF1tfZoYAX_ZCSg_&_nc_ht=scontent-fra5-2.xx&edm=AD5vYhEEAAAA&oh=00_AfCwEgFfnOd0gYyqvwJpe-1oclLXAIU6Rw2pqbYuZEyRZg&oe=6427DC79
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15ad8aacd109e4%26domain%3Dolhardireto.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Folhardireto.com.br%252Ff2939143f829ad4%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Folhardiretomt&locale=pt_BR&sdk=joey&show_facepile=false&small_header=false&tabs=&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
91a3dbe914c3af91467d8b7bc7823a815644700ddb7bd38b3c908e7ecf4ab92f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-haystack-needlechecksum
781140876
date
Thu, 02 Mar 2023 07:40:00 GMT
x-fb-trip-id
1679558926
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Wed, 17 Sep 2014 20:46:03 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=270009202
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2853675519
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1549
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 7A2D 		573 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/z1dR0DkdtFj.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/z1dR0DkdtFj.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:40:00 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
573
x-fb-rlafr
0
x-fb-debug
dp95N0jiv4FdIx6XZBqSpj+DcaAlF4ayw3vwqXMam8qEQ9ZZzEcfQiqk5SpvPJ3uhEdppXxbRNpwXidt8+lhKA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 01 Mar 2024 00:31:24 GMT
sVQ3JfvxQUC.js
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame 7A2D 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/sVQ3JfvxQUC.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/E1VUnRBtU87.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c7ca86b3d2509fa402905d693a707c331bb640cbcf67318381634bf9dab8a8eb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:40:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
AsuhHdwcEb9c49p/r76wxQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6950
x-fb-rlafr
0
x-fb-debug
SDEcRpuEPk+me2L874sexWNQkaL8t9wWQ/iapCrvXgC27XrBWXn5hbPaqnpowx5688ujy+/wppNSPv37qkLNlg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 29 Feb 2024 01:29:05 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 48B5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://olhardireto.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
7213
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Mar 2023 05:39:47 GMT
expires
Fri, 01 Mar 2024 05:39:47 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 29F5 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
67fcbdadd409b6c9d798ae562744acd531e8fde3d37d5c20d89e60a285f3a671
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RhQ7MEc8jTNbw4jIelKTSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://olhardireto.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-RhQ7MEc8jTNbw4jIelKTSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 02 Mar 2023 07:40:00 GMT
expires
Thu, 02 Mar 2023 07:40:00 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
U1KVG_mJ4Y43Q94sC__L5Y27Ilp_TqM8IF3zBLVmW9g.js
pagead2.googlesyndication.com/bg/ Frame 48B5 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/U1KVG_mJ4Y43Q94sC__L5Y27Ilp_TqM8IF3zBLVmW9g.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5352951bf989e18e3743de2c0bffcbe58dbb225a7f4ea33c205df304b5665bd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 15:53:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
56804
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14276
x-xss-protection
0
last-modified
Thu, 23 Feb 2023 13:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Feb 2024 15:53:16 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 29F5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230227&jk=2759212288538101&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 48B5 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?fQVJTg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:40:00 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
avw.gif
c.4dex.io/ 		0
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/avw.gif?adu_code=P_OLHAR_DIRETO_HEADERSTICKY_0&evt=exp_chg&pv_id=16265ed6-8311-45c1-83bb-f7b296ef079d&adu_el_id=P_OLHAR_DIRETO_HEADERSTICKY_0&v=0&tz_off=0&js_late=1&js_ts=1677742792364&size=1000x90&pbjs_sizes=970x90%2C728x90%2C1000x90&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=6052&pg_durat=9295&pg_paused=0&pg_exp=9295&vsbl=1&adsrv_vsbl=1&adsrv_att_delta=490&clk_time=&reset=0&adsrv_adu_exp=5650&navs_ts=1677742789534&trgr_ts=1677742794435&init_ts=1677742794435&start_ts=1677742794437&reset_ts=&vsbl_ts=1677742796238&adsrv_vsbl_ts=1677742796676&auct_id=fa689c2d-0c7e-4639-ac86-f5a82565807d&featv=1&pn=1&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=home&env=desktop&org_id=1048&pgtyp=home&plcmt=OLHAR_DIRETO_INFEED_01&site=olhardireto-com-br&subcat=&adsrv=dfp&adsrv_advrt_id=&adsrv_cmpgn_id=&adsrv_crea_id=&adsrv_empty=0&adsrv_lnitem_id=&adsrv_size=970x90&adgjsv=1.16.2
Requested by
Host: olhardireto.com.br
URL: https://olhardireto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:40:01 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230227&jk=2759212288538101&bg=!oKOlo_fNAAbK-VRH6vk7ADkAdvg8WnXduhCuxiQB5TVL08suHTAGQWvpZHvYywnUCpofO_uCy4geG3qAZAI1C7XcaxWIKq75-kcCAAAARVIAAAALaAEHmQKdDKUAK6BF-JWBDIdQZetAVLUb74rdXFsrJDDWXmTNyiY1ld9u2mt-dgoxQ2bupqpbJZtVrpQyyagKd2K5zYiQy2HxYfMZnG4zRE5SpB3N5_xZ_IliWYn24KUI-67D8fChWWxTbKqj8yaekGm3LfLJtvi-imAJP1ZjSDXAZbRZF0rb4WX2c5iKkvp3iI4QcTkHoP1eJzQHMMqFJNmlQ98hq9zDUwUXQF8TUfKeaZfNdoA3pnCzZcJB_gQY6-9KxjMvQhC1TRXwpZyUZprGssHGYBkgTFR6YFvA2Gl7zUat9Ks_9C6lrXLZW8DIbnkchLMXRV7dkMDakpDtuBInjyA2otKbQwFu36sZvu_GZNt1NmqbbfdP1U9MZ6hoyZ9_jJdee1IXcK_2AQfvA58RTRV1HxbxpYJP3HeWijOtRpeI74N14t8i6UiiBuV3t2xi8kCIT-Mi-QRyjmemS93LXV7SZO1JmPnYaNtQ-0l6MBQDp3mS0uef6mtlchmidMP7bh2jehMtjqhv7TNygOpmfdwEq6HrZssjEUvePCmtOB7ZNphN3VpY0KHhA0VxtXquf8iTvH4sKhWhPyXuJQPl-kuktUP68NdqvtM8oK4VgVtA0Hsh8rTFHFkTCed8Fsi9ovsEDTePAOtOQikwPU1O8Vn_BNdS0TbupmWfiQ9fxFOYESihIIBVKqMcEN60bOtCjiZAnpQ9n2mfZF4C8a3gkn4xb9lnQgyTGQRKd5ZYmgDUYdIQ5Z57QJ4vUAegu2ju5uVX3ZV-5IxZmhZUJ8-YDZ3cNkmyhsF_Nd4WPh8A682ip0fnmglF9H0PGItzrV3vLjeuudog1g8Wi_wILU50H2SWuNEhETPMTDHmsn8Foc9UzYwPgMy96HofE8_fVEtQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
/
onetag-sys.com/usync/ 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-store
ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159970
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159970&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODVDMjdFOUItRTY1Qy00REY3LTk3QkEtMkQxNjU0MDlFNkI3&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://olhardireto.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 07:40:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Thu, 02 Mar 2023 07:40:00 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
certify.alexametrics.com
URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Not%C3%ADcias%20de%20MT%20%7C%20Olhar%20Direto&time=1677742792013&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Folhardireto.com.br%2F&random_number=17648268145&sess_cookie=c3007112186a1435d4dd67aac93&sess_cookie_flag=1&user_cookie=c3007112186a1435d4dd67aac93&user_cookie_flag=1&dynamic=true&domain=olhardireto.com.br&account=3jjuk1acBb008D&jsv=20130128&user_lang=en-US

Verdicts & Comments Add Verdict or Comment

195 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 boolean| credentialless function| $ function| jQuery function| MenuFixoCheck function| FecharLGPD function| CheckLabel function| LoadImage number| tipo function| FaleConosco function| Comentario function| EnvieParaAmigo function| Busca function| Ombudsman function| AnexarArquivo function| EnviaFormulario string| idfoco function| VBusca function| FormatNumber function| AjxAdsOD function| BuscaCampo function| CampoCheck function| IEUpdate function| NewWindow function| Redimensiona function| ExibeFlash function| ajaxInit function| LoadAjax function| smartprint boolean| checando object| win string| ua number| ver boolean| opera boolean| ie boolean| ie6 boolean| ie7 boolean| ie8 boolean| ieBox boolean| moz boolean| nn6 object| jQuery11020603827084707149 number| tamanhofontepadrao number| tamanhofonte function| FonteTamanho function| Fonte function| ResizeSite function| ColunasDireitas function| VersaoSite function| MenuMobile function| EditoriasMobile function| BuscaMobile string| resizetimer number| sitewidthprev boolean| carregado number| sitewidth number| barwidth number| siteheight number| totalwidth number| siteproportion boolean| touch boolean| tablet boolean| mobile boolean| desktop boolean| landscape boolean| portrait boolean| web string| classenome function| LidasPlantao function| LidasPlantaoSync string| GoogleAnalyticsObject function| ga object| _atrk_opts object| space object| LZString object| adsbygoogle object| AMP object| submenus function| over function| out string| tmpiev string| tmpdcss string| tmpacss string| tmpccss string| tmpa string| tmpb string| tmpc number| tmpa1 string| tmpa2 string| tmpa3 string| calvar object| FB object| _ppads object| _pbjs object| googletag object| _taboola function| atrk boolean| _atrk_fired object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __buffer object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter object| _pbjsChunk object| _pbjsGlobals object| ADAGIO string| google_user_agent_client_hint object| Criteo function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| sas object| apntag object| _ADAGIO object| cdtmp number| alturacdtmp number| alturacetmp object| ultmp object| ads string| tmpid number| edicao number| novaedicao object| ONFOCUS object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_132 object| Criteo_prebid_132 object| teads_analytics function| Navegg object| naveggReady object| nvg46575 function| nvgGetSegment function| ltgc object| avntsWebpackJsonp object| avnts object| avntsQ number| avnts_player function| avntsOutstreamPlayer object| avnts_pbChunk object| avnts_pb object| mnet object| _google_rum_ns_ function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| GoogleGcLKhOms

48 Cookies

Domain/Path Name / Value
.olhardireto.com.br/ Name: __asc
Value: c3007112186a1435d4dd67aac93
.olhardireto.com.br/ Name: __auc
Value: c3007112186a1435d4dd67aac93
.olhardireto.com.br/ Name: _ga
Value: GA1.3.315635011.1677742792
.olhardireto.com.br/ Name: _gid
Value: GA1.3.1499800651.1677742792
.olhardireto.com.br/ Name: _gat
Value: 1
olhardireto.com.br/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.00px.net/ Name: v1
Value: wkuYLDwyqRLdPttVvWzaol9NsaZObHHT
.olhardireto.com.br/ Name: __gpi
Value: UID=00000bbd8e32ac02:T=1677742792:RT=1677742792:S=ALNI_Mb_o54jNjGatLPLfYtoHwcnt06Z7Q
.rubiconproject.com/ Name: khaos
Value: LEQSQNQQ-1B-CXIR
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpck2T8J9V5hjpcd3HBZZ775PzI6EyVJjldQcjwJyI730zeRRU1+Wo+jbvHPImACTCAN5w761G34H8gsBGYXdKFps1MDZGKl0iyqVI1k5poNA==
olhardireto.com.br/ Name: nvggid
Value: null
.doubleclick.net/ Name: IDE
Value: AHWqTUmqPYUDCZARlM9F6u392jorniVkOgltsX3MVyHGHujurAkHg-65MEG08VT6a6k
.olhardireto.com.br/ Name: __gads
Value: ID=90f7e10d59e89a10-22125a459fde008c:T=1677742792:S=ALNI_MbyxOd1KbKmHd-Sow7XNUic1ezBoA
.adnxs.com/ Name: uuid2
Value: 2734141805477197395
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C%wJSP:6!@wnfH8K6pQK`!5=E<*L5?%KD3MN?M5w%8T2)OqveW)'h]@hARCk=Kce[c2p%nugO%v4VB%nl`8)cq$'
.casalemedia.com/ Name: CMID
Value: ZABSyuAxinEnV12jJu-jPAAA
.casalemedia.com/ Name: CMPS
Value: 1149
.casalemedia.com/ Name: CMPRO
Value: 1149
.lijit.com/ Name: ljt_reader
Value: GPfLsGZHF7ZQxg8qSTSGvAsM
.bidswitch.net/ Name: tuuid
Value: a989f02b-4f71-424d-8bdd-1856c83b109f
.bidswitch.net/ Name: c
Value: 1677742794
.bidswitch.net/ Name: tuuid_lu
Value: 1677742794
.de17a.com/ Name: guid
Value: 1.5284938163999520806
.w55c.net/ Name: wfivefivec
Value: yidLdgi91PxDxF5
.simpli.fi/ Name: suid
Value: FF209E9D45984F409524D67338A42B43
.mathtag.com/ Name: mt_mop
Value: 4:1677742796
.w55c.net/ Name: matchgoogle
Value: 5
.mathtag.com/ Name: uuid
Value: f9506400-52cc-4100-a9b5-8737be7d095b
.yahoo.com/ Name: A3
Value: d=AQABBMtSAGQCEJLKolFStQYj8hs324YlaLoFEgEBAQGkAWQKZAAAAAAA_eMAAA&S=AQAAAvMEX7WnOYNKjsL-Bm0t8tY
.adfarm1.adition.com/ Name: UserID1
Value: 7205850435631577233
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZABSywAAAE0xZQAb
.navdmp.com/ Name: ac3
Value: 1
.navdmp.com/ Name: nid
Value: 1251e995bed8f36461820be88010|1|92
.olhardireto.com.br/ Name: nvg46575
Value: 1251e995be54d65804f3ef06a410|0_62
.analytics.yahoo.com/ Name: IDSYNC
Value: 19bb~2aa7
.olhardireto.com.br/ Name: cto_bidid
Value: b5fCKl9tNzhWanhKT0R6a1A1NUdtR25VbTRNRHdxc2l1MFgxeFBPb2o2MTYxaEowYUFqbDBjR2lua1ZNMVZma0FuYjUlMkJXRlNIVTJNJTJGN0EwNkVZNmp5VnpjYWclM0QlM0Q
.linkedin.com/ Name: bcookie
Value: "v=2&de7045b5-2051-479b-8437-496047834561"
.linkedin.com/ Name: li_gc
Value: MTswOzE2Nzc3NDI3OTg7MjswMjGzGAfYUFmSXyZSqHs+ozfoZun3cn3pbJOl/vNkrOBRDA==
.linkedin.com/ Name: lidc
Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2522:u=1:x=1:i=1677742798:t=1677829198:v=2:sig=AQFVxKCrksCKuUMkj9izn02iEk9CSfEy"
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: A5LMqvLDPEGNhYVF7oEBdxc
.criteo.com/ Name: uid
Value: 364bc4dd-ee4a-47b0-9b5a-2e302b6910a0
.olhardireto.com.br/ Name: cto_bundle
Value: BdoEYF9FRlhWTjA3aCUyRm1VNUtHTTN3QWhtMnFXV1QxRWFhUmp6YWlaRzVoY1dPM3ZGeW5VMVp3QkpybUJ2RFhIcUdKVTZWTmpTOGpqb2hTSFdzOXY3M1paSVhuSnhuT0JQYlFDZldHcGY3Z2dLUURsbE5WS2klMkZZTm5ObWJoYnJMTnpPRXBNN2tqZFFUSmZ6R1NQJTJCWkM5OHNObzRnZTZoaHFwNzZWMlZCcEdJbEdBR0klM0Q
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: SyncRTB3
Value: 1678924800%3A220
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 85C27E9B-E65C-4DF7-97BA-2D165409E6B7
.pubmatic.com/ Name: pi
Value: 159970:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2

1 Console Messages

Source Level URL
Text
network error URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Not%C3%ADcias%20de%20MT%20%7C%20Olhar%20Direto&time=1677742792013&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Folhardireto.com.br%2F&random_number=17648268145&sess_cookie=c3007112186a1435d4dd67aac93&sess_cookie_flag=1&user_cookie=c3007112186a1435d4dd67aac93&user_cookie_flag=1&dynamic=true&domain=olhardireto.com.br&account=3jjuk1acBb008D&jsv=20130128&user_lang=en-US
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

00px.net
0f20de3d15110c8fe498d0b862a77a47.safeframe.googlesyndication.com
a.teads.tv
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ads.olhardireto.com.br
adservice.google.com
adservice.google.de
ap.lijit.com
at.teads.tv
avm.avantisvideo.com
bid.g.doubleclick.net
bidder.criteo.com
c.4dex.io
cdn.00px.net
cdn.ampproject.org
cdn.avantisvideo.com
cdn.navdmp.com
cdn1.avantisvideo.com
certify.alexametrics.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
csi.gstatic.com
d31qbv1cthcecs.cloudfront.net
d5p.de17a.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
eus.rubiconproject.com
events.avantisvideo.com
events1.avantisvideo.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
id.navegg.com
image2.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
match.adsrvr.org
mp.4dex.io
mug.criteo.com
olhardireto.com.br
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.mathtag.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prg.smartadserver.com
px.ads.linkedin.com
r4---sn-4g5lznek.c.2mdn.net
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb.openx.net
s.amazon-adsystem.com
s0.2mdn.net
scontent-fra3-1.xx.fbcdn.net
scontent-fra5-2.xx.fbcdn.net
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.avantisvideo.com
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.navdmp.com
sync2.navdmp.com
tag.navdmp.com
tags.premiumads.com.br
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
unified.adsafeprotected.com
ups.analytics.yahoo.com
usr.navdmp.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.olhardireto.com.br
x.bidswitch.net
certify.alexametrics.com
13.224.189.58
13.248.245.213
142.250.180.194
142.250.27.154
142.251.39.2
15.197.193.217
151.101.2.49
151.139.128.10
178.250.1.11
18.195.210.122
18.196.123.254
18.202.180.84
185.29.132.245
185.64.189.110
185.64.190.77
185.80.39.216
186.233.88.177
186.233.90.67
198.47.127.18
2.18.36.181
212.82.100.182
213.155.156.184
216.52.2.86
217.182.178.224
23.35.209.30
23.64.52.128
2600:1f13:800:7782:b818:916:ed27:48c4
2600:9000:20dc:3400:1c:38a0:8a40:93a1
2600:9000:20eb:5000:8:9ed9:9c40:93a1
2600:9000:20eb:ee00:3:748e:7940:93a1
2600:9000:21f3:3200:8:48e:53c0:93a1
2602:803:c003:200::21
2604:a880:400:d0::163a:2001
2606:4700:10::6814:e280
2606:4700:20::681a:8a9
2606:4700:20::681a:f79
2606:4700::6810:df3
2606:4700::6812:372
2620:1ec:21::14
2a00:1450:4001:14::9
2a00:1450:400d:803::2002
2a00:1450:400d:805::2002
2a00:1450:400d:807::2001
2a00:1450:400d:807::2002
2a00:1450:400d:808::2003
2a00:1450:400d:808::2004
2a00:1450:400d:808::200a
2a00:1450:400d:80a::2001
2a00:1450:400d:80a::2003
2a00:1450:400d:80a::2006
2a00:1450:400d:80a::200e
2a00:1450:400d:80c::2002
2a00:1450:400d:80c::200a
2a00:1450:400d:80d::2002
2a00:1450:400d:80e::2001
2a00:1450:400d:80e::2002
2a00:1450:400d:80e::200e
2a00:1450:4025:401::9d
2a00:1450:402a:80e::2003
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:fa8:8806:12::1400
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:d29:3602:64d1:cba1:647b:b2f6
3.12.214.117
3.71.149.231
34.255.50.76
34.91.62.186
35.157.189.20
35.157.53.153
35.186.253.211
35.241.34.106
37.252.171.85
37.252.172.123
51.89.9.251
52.11.3.6
52.28.194.209
52.46.151.131
54.239.33.158
69.173.144.139
85.114.159.118
92.123.36.4
92.123.37.164
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
022ee4f5a211f5359f8813dc216fe4537325394a05a8b0d7c5508ae17c51f046
0353e8257b0a86f6429a1ae5591e1bf0b11599cedc0e2a06b8de285a250b671c
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05b84dbe2e2e1a738a56076bf8033b557b82c145fb059c6e21d4706b144fdc88
07e6f3168093c33bfa27220377734d37ae59e13e3ad1d6220fe1ee429d10a255
085f7ba25e718670df2257d26c9f8e8d29c518be3bd26a383ab04e3387dd13da
093159adc80699ff5f9f319a9ffbcb7060943282435e37cb9dd6f5f09b7b54ab
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
12537e599dc7f83b42823057e0c491f55f6a979c4c277d6066129fdab3b6bb93
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13b63bbf00b3c8900e372bb093837b8acf8d28729412446e9abfce4864a6835f
144c296c42dfbf7ccf53e0602fcc89642265c0d5415aff8e9cf6a1da43b6df82
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
186613c3b36b2a3076532792e261a44f0fb256e7b46d8bbd38ff74734adc3567
19aed7d310d8bf5f137d0273df387b2d5b023e7c8eda1d30c1f7a8459d5a3bb9
1b0963f14226beb0e141c1d4def4cc1bc70e8ef8792a527f80a11c8591ba63f0
1c046faecb7dcbed66deaef978ed23b185954b85d0ee4a412d5ae8c1cb6e3c26
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e2229a22c0232548f226e9b33dbb84ad00e77f5f615dd018dcc0c2a0acc574e
1e39c57ba787f793f88d81a794b583a55c39bcf27893b09c230c7e92247b2e5d
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f8f72a2bff1f15bcbee56047a9eaab8ad1605934a73df5ae461945216bfb4b7
202d5714065af4e3b5d16f3cedf57ed5e074e2c337ef77d24e6315a6f133a201
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
209533cb00f87d83ed023fe4ec367b090ece77e1e5632d148084cdf6dd9f0a10
21e279c58cdffdcb99b3112899181786674d0d93d632d4b2bb3e92e545ffb5df
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06
24366c51064fc57cb419cc93db561f43bf3461affb1d04deb4d552a7e2ba4956
24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848
244b1fd48bc16db9ef44aef5ebe42f40de543b4dc49921b565a331cb6531a771
25a5de68d390f7c0ee9384f03a6f087c66bc3b6eb37c37f7351735770183017f
2664ee79c41868fc1186e2b42fef581f6d7cb7da8e7a3b5167eede459a8a7f80
27302414bb400fb5bba84b2c45cb8357941264798f37e00e15a1e070631a02a1
276a3b9ba6d9b29db6717f0907f27b0ff194764a66c0dbaa6b0950595b08e804
27f6c8c22d2d9d2f7483a241cd3197bb47761032845bdd1c28cc0e2713484af3
28426eb42be856ce204465ea487fa637e23a7059dc6c88d998659c257403c362
2982bf750415f174d872f7667ad336f6d92b6fbec6736269a78d7d9af700f256
2d107b6556d53b481330fac841800abd0fdc21e5e254a9b0a26e8ad81cc5bed1
2e6d975777a7fb65cd5ad3cf67b2ce537c0da4966c0917bb8fb6ba8c290d731c
2fe0ce7d503f223d0214a02dd1377b827c853f658707ac7db6f2338641e8bce3
30a9dbde85d59ca64b5394da465aaf2e9e23d47df1ec4a536ce87eed4d46aa55
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31ff2c9db8a4a1f42db338ef643956dad8444d0072eb48786030064501eb82ac
32da02f599892468c7a58fe88da372b97c0fccdce8f2dba4877eed604ea3d0ad
3692b69c3830a91b543f80f0d36a83a2329cb0c4c837f747bb7e525f3a2d7405
36fe7a8419cc533dc4f77fe55675a640a11bb36e64df41a8d6931d5e4f7c9ffb
382c89b018e8ddedd5ae8388b82db7fe2e8d947bfb9653a86e3645a9c461affa
3b5eeacde75aa5f55552756cc2224e5ed590e9b3a112ebb492ff4ebe4f7e20a9
3b76a4eaf21dd0d0c7e882131af095e5a099b56b63ee2ffd2218f12da1734256
3b92591a48df1652af2bfe831454829dbf7c832411985beee3374596d3262b48
3bbaef8039f86455c5867a2cdedef895ae54b77684f144e8aa12e77373454f5a
3c51ab9b74a2f79f522552c483e93341857f88f4cc471df77315339f6284711b
3d4a0cc93e39f2a34c901a4a883a968e4e7f27b0b42b52bb84766fea2de00a67
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e7ebc58821590bee00fc1599f846c398b899c3e32df8525d98b2f6c3ac19602
3f21501286d8e3da3623851051ed221a3a509b8dd3260381a56094bb8f20f768
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43f31b2da74a842080bee5b1f91ada8dd02f6db801c97be1aaa9582b283ae32d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
479acd68c71db1db8bd576c692d181f0eaef09dae74ecbdc7e4c85d514515441
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4a565a2cae39b5baf4a0b2ba73189d1b01999e7c2c39e9f0e3138058ba92e512
4b1a79239a3955fa450845ab94d9ab994c644d329103ad40e309bcbf4670d486
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4db14a7761aac762d0a762ec77cb792b83321ef3f7f594a9b21bbcdefe06cd07
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5352951bf989e18e3743de2c0bffcbe58dbb225a7f4ea33c205df304b5665bd8
54fbbcd44c747818c87d29f587ef56c4d6b57e3512c30eb9764b78c82ecb8528
554b8e59594cfcda7170d4e1b121fd9d79972a7ae87dfd8feac5ce495945a5f8
555cb911a280dae2e7ab778b5403e27a81533f7b53cfac255d67e175a96c6e86
558ffc306fcfed53467bbf376f405a03f22c4b47a02c4a446d05a769852585dc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c50c852891f16726863b3108adf8f5374e21d6e5160a49ed3fcd3e9a642d09
5710f43a66366693f4763c6c617f7dd2a9edda5c4b158f4d7a32535465cdf8f8
576406c6453a76e76524b4b28bcc59ced7b4624e6bc627ec561bc66ff4f33659
581a45a9d6ddf5ae0430bd30c65aebade67e59e4a51a88fba090f2698be49c01
58309bc74d7d4f15314f58c3c87a255ebf82e44e0adc26ab6841993ecc570e59
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5c731a21b14de3186dfd68ca0c5541a40533d361ce5f30212f34684b36ed6374
5ca7cde40d1290ba3c87ac6383bb01c7a32fd61eeed704fe788f9289d205b625
5ccd2b0521f4828bb1be771f07d08d2b80af297242c00739dcc23e7b19ed6dc7
5cd28819ef01d483bd656bae3b7892cf1e94f9bf2910da931ef402e8815ad7dd
5e43b61b5f1b05fa1ef4a334528de3825fdc8d23610ef5e61174052bfe6b6797
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5eacda5c1cdbc143a3f5178fa4d91ae938aeffee65b06ba3b48e0132bcbb60ba
5ee52353c29dcf86b124e02776d7c3473bc887b2469e341cb4b91ecf340700af
6078decc729b426bf84f9695f23d8cd99e24d9097e2090f43242d44b096290ce
613c69f78f56ceb58efb162e65a7e7cc71356b8dc4bf59609840be0f36d192d1
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
628cac9bdfdd9f2427906c0df8e5be29dad7bf412104abd5ba7a1c4956274370
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67fcbdadd409b6c9d798ae562744acd531e8fde3d37d5c20d89e60a285f3a671
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
692d544aefadef93c92a6e7cd0d43f0304aa871a7c7b8cb91529b2b1a1d27b3d
6a0d96c353719068401ebbedf7f58e3be1232756327243922b6ab9690a3591bd
6a0fcba65912d9b7a629bcf8bb33451adf56c8de79c3f7aff26fd9ee478f4067
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c2f667f26425a07b818a0f92fb27efc27cb6b4047265012b04fcc060a215ee7
6f933f7783153abd1d3605c2b082c20cdda9dbf065278150cad89a62b1f193da
7082362b612d04f5232979bc3cd93fa49d3b401fe707f7e7f20b18b778eb8606
7430c47f6c46fe11407a2caa34e9c1c155e802a7eef0a05e1f2fda6ca7d61822
752645f928be20f56407f82495b4addb3b490ee9285bff92ed678b12a322d178
76e984f37d35c98b23bdbcea062c2128c310f3e7b972995b515bd91f3eabab2a
7794777de5e40f2f5c9a78b2dda439247bfe2a01ea3714280c835ba50cf712fd
78294011df7596d166e252f807f4b73a23a1c8d0717f01e101450d173ea8c0a5
796fa10ef812f4320e2f2b7eec0ef4a5245f616451bb246fd2d39fad60e748f7
7e08e3d2a533d1588ed03df877c41c179f79827fd68d75f1a342d6c3d4f59a73
8404583717e1c624060b153f42b00168f94c879f496720ff0b726b366d41232e
843f59b3bb91cd523978365abc551cf9bd5a83ef61564f834db43b29c76a2310
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
8619d8ca4dbc955f16dd61f66aa500b0f1f5ab214f8e445ec4af913a268e429e
8898b414bdaa419a787de60142a63f99fc09edcc75181915cd0f21bf8c3d653a
8b1f030692803f149f888d6c6fe2f2da71feb30f7bfb92fc283c1059396411da
8bdd9261b915c4d7b7faf89a43d8f75d56af75523415b9a8d2e38f2e7a41cba1
8c70d0dd71dda82fffe026e777ce45ff31973987e37f2d574e10c03a0365c3a1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e78ab48b1ecf24833b9121f7d2bd6cb22aba437b288ad52159af15aa9d279ce
9107e145d66feeebc3acbc394cecf92a52aa4e66487226525991e7df51d36d4d
9160158b56ea123f8f81456677b3d2c6051d6db60b21e513291a30680824d1f4
91a3dbe914c3af91467d8b7bc7823a815644700ddb7bd38b3c908e7ecf4ab92f
91bfe499e04842613221aae2667d0bdfd5d0b89d111b0f67d95e8f5422c7a6ee
93532679402036784313b797c09633c900199fdde82d8a17fdaa7edc04923cd9
9381cc2bd3c70cdec82a48d3fed524fd24b41b94a7e70de1a84f3ab58bed48cc
94dcd14e68865e7f965516b33a409b6cc75f737f446a2ab315ad8536efc2070f
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
96d2e34adcf58666637a6acad9a3545c083ffb8db955f657c994f6f62a3fae14
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
97d67f8c2575e19d30ae28a32bad7610849e0e56c81ca66e51178124a5c5eed2
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b65f9fb36dae13c057c8dca3d7fc3ade4042e37b117a2f0d4a54f1ef116b5d6
9c493d1302c8850350fc1eda89435fc84074ca72d5f11a69fef52643cc1034ac
9c7e0822a56ffe42110cdb7e3df67c8705a8d382713af38aa40b90eb7f0e2397
9f1358b07e7a3340d30d284799e5c64ab3b2cb4970f877209e4b7ca1fef63963
9f90b71beb99a068d0214731d0c42a7879045b50079e198715a4c26bce95c3ce
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
a7c56000312821b7a218f4c40ab54d1b72d072f2b27c58cf6906f9b376abd38d
aa3b56bee27e5670548d47f3051373d299275e07b83d65d36f89267eae36754e
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afb5179b52398a341cf58f7ad175cc2168aad9f3b1b86f6510edd4bd188f1df9
b0e33e1e5afb7c3802e391e73c139629748b69d8437e9548001789740faf33b1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b29e8399e3209722045880fd9f05a1b17c4366f8ddf3706d71799a3acfc81642
b348ffa9b4620d2960a389cbb0c4df364686fa32ead3b7331c2822c1870c917a
b600e44cc4b91680fa00c95b8bb850d1352c31751c631bf6c2dd12770bd144d8
b8bcd8ba50ae97a9b5e3e2dfbee1bb48d06249dc9d8ef51bbf9724f0297c7f4b
b92781a06d1bed953d2a51b40c9aa6a3bdd0197ef85a4729c2a03ddd32f420a9
b95c45a39784c0641c59c92a8a185747cef3790ef6c9556b58eda8db05af1bcd
badd35caf39ea8283f2fe251e849f48e5eeba86bce4b1a71b91ec5d2f826e49c
bb0918567eecc81e8249578ca812b86c064802c2bcd99b659dec4257ba500f5e
bb09d0c55cf40f2d5304508d87c5bf76287e5b66bc741d1d558a28040f9a5393
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2fa9ac27a47a72b5c8ef4847a9f8244a92e07749517d30084f1aef28d38a9c
bc657719e2d6e0a6dc2e0a0b24ddcc0b46636b2ad369b5901c1625b1bb256e43
bcd4798f4928fc80c1d402bf33ed90d7f2633b2b44df0c7032c1eb1d7f59c852
bcd71666ea63d4a00969b970c9cdba3cd15b06b53bc84e96df351324c6cd6c5e
bf803591141040597e81e0827de1c31b4e96ae691922af0663a2a61a97970147
c056e5dc6bf365320eccbadec37682b0d6abf752cbd77dbbcd5e5b63ac3bf3c4
c1f172c587682626a3c2ce85e7b1668b1f6ab7abd2e4a4ead0b7e51bad2c8277
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c37390310fcca8953c0831eb086a44d8cafe3486767f8102bcff1d1ec2f8ef66
c52a5ba0aa2cd201dde1b419963bc7d6917827dd0c2d2cbb1fd7112ed7cabc84
c6265a847e8ef645ae49eefb6efdd0659672dd17c55167c74bb067750daa399f
c7ca86b3d2509fa402905d693a707c331bb640cbcf67318381634bf9dab8a8eb
c8194bbd7d6d13decb46c7d09e3f054c154ff1b0aec99f579a10380a30f88b52
c8550edd4db06074d1031d592865a73a7e9c005500e4e240f9ec2013aaae4328
ca003e3ef78644b01094c7bc0e00bd52e97843e5ca83e2afe19fef03b18cbd0a
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ca46f68663e388ac2c3f3b11fbea213cf89a08add9543751539fd85465d1f974
cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b
cbe8c19815005386d05665a6be0642025baca9371040b3e975aa2d9fb62e813b
cf04945793242b3432434265bd36d578d1909b66149241f5541d2fa9a9658ee2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d07304cca832f4d70ceafd73f39bf68de4cb3b8185f24614641e6f860118389b
d0e6ad0e03fff07b5a1715c93496836075fba3bc819328569ce6300f66cbf357
d257a75764e746d9a1aafb79d8e47744cb44ee1af115ab2adbd0012c69cf676c
d2c3253b961bbd704cf79c7e14b9e64a3ef2d80ca7a5073a8bed78f556eff029
d3048747bb6f595a0b70a0bb95bca3288d6bf858e634437719ecf5de70727c8c
d40123320f2928abcd7decab5a6a0211f29a57a44fa83387a3c7f16d0a80adae
d56188930cbbc0e4860e9b1164b6fa0319be8e491ba79bb75674177366e8548d
d5d2c4c628b9ac26b34824c6dcdc04a6032792a83407d9e0cf38658735187807
d63492bd3f32413c9bfc0821d4fc125a0d8e144846fadbb87b3df98fa75abe9b
d79b70c2523d568f498f7fb49ad81dfdee1d7ff812d47524ef78e9afc0bcf69b
d9f8511cf5b554346aa0e14aef16a8700dbba6cdfd032d20facc994e42f53e6d
da981b4a7798c3ab09f2de1314d8d0655d30f0dce5816881a170ae695f13a153
dcec56cab084cdec93d336cdc7e77128a744fd7084d25c65d2d48e8a512e3abd
de3bd2034eaf03fa98618d120e0c75b46b15c421f46b8d872a0538b555374f9b
e245ca92c09a55cd4ada741ca10d43a0d095f93adb355d859e3eacc5df4d511c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4ad52bc93f36b9b521b1d5d7869512a112fb3dd5c9a6eb1c58f49a3c652f842
e4ef66d6d4ebd26473020ed33ed436a9899d8fcb519e1fb7591d6d338e0e2be5
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e6f2cbbe505d713a71dcfd382d1556fd42650e0c7fd685c8f09652dedf406af9
e8bbc378bcd6aa828c12e956294979ffd6cb27ef742323c54558186cca039ee3
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9f369eb7d4ad8e504e369b1f56fd374d9db9b6c00106486c554ebcc1ed97573
ec369b009f74be6fe322f5c510855d8977a123c162e7e55f771667a6ceecb4b0
ed7e4952bd85725ce837ad04eaff64f846e2700e89f1b52f1093c543c93fef01
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
eea03b93b1967e92041f44f4a1fa355b2bcc6ba56fc90caea067847e39a9a5b0
eea0d01a08a40d793d064d203dab4d2271b7b2e876f1ccc0b1620d77359d345f
eefd8f91ec0802f2ceeea25e98dbba3220e233382bcc7dfacf84319679ba612e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe33d0a453649cd5071c82b8a3d6009e09de4075e670d7b6c9ddb40a5b71f68
f011a6d6b747bfe420a1298c46e01061703d5b14b1fd0cb66f22ab780427df29
f3871adaf434ee8c5e40d3344d9ea2a72279406d2b5bc371bdc4fb55d859cc83
f3fcdf1a42c4e820911cab6b03955dfd5e6776dd64471d44110abf39abe2e35e
f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656
f5c2c01d64c7bb889eb7e43467159058e2179a01521b0455024287b6805372df
facebb43aabd063578a32a56a90251df917d9a26f94b33d03b41f308c454096a
fb1a0aa8489c4f6653a38221ab2c756327f91d4508f671467b134f27a9120fdd
fc4e6531288ae8ed7e37923f1f2d52d79dc47238cfee5e03014701ff4f01a2eb
fc67234af4870ab472dd11a686a847af2589cf2bd044333376844bcc669c7d52
fd2af4af27d0ec3b416e356e9302be5b8e346d940a698c71b87d8ad72f695f99
fd76de75e66dc2399a2d5803a63479e71e3516e81f9a7a2777328d044be92249
fe081a84ca6ae1db3a9694b552c5c07cb94958d6468e9a61b58c85366c3ff5bd
ff0637a554aa1eb1cc028ed70664c6de944c0ee30a9f0697781353626f5a7ecd