urlscan.io logo urlscan.io
SecurityTrails logo

gauchazh.clicrbs.com.br Open in urlscan Pro
195.181.174.138  Public Scan

Go To Rescan Add Verdict Report
URL: https://gauchazh.clicrbs.com.br/
Submission Tags: falconsandbox
Submission: On February 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 60 IPs in 10 countries across 47 domains to perform 303 HTTP transactions. The main IP is 195.181.174.138, located in Frankfurt am Main, Germany and belongs to CDN77 ^_^, GB. The main domain is gauchazh.clicrbs.com.br. The Cisco Umbrella rank of the primary domain is 224959.
TLS certificate: Issued by Thawte RSA CA 2018 on July 5th 2021. Valid for: a year.
This is the only time gauchazh.clicrbs.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
53 195.181.174.138 60068 (CDN77 ^_^)
2 2600:9000:205... 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 189.76.157.100 28357 (RBS ZERO ...)
11 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42:400... 54113 (FASTLY)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 18.66.2.60 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 143.204.98.104 16509 (AMAZON-02)
1 143.204.215.95 16509 (AMAZON-02)
2 2a03:2880:f12... 32934 (FACEBOOK)
28 151.101.1.44 54113 (FASTLY)
3 2606:4700::68... 13335 (CLOUDFLAR...)
10 2a00:1450:400... 15169 (GOOGLE)
4 89.187.169.47 60068 (CDN77 ^_^)
1 108.128.120.89 16509 (AMAZON-02)
1 65.9.63.66 16509 (AMAZON-02)
1 4 108.157.4.80 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
7 142.250.186.130 15169 (GOOGLE)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 3.208.98.15 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.228.86.47 14618 (AMAZON-AES)
1 54.173.41.153 14618 (AMAZON-AES)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
4 142.250.185.130 15169 (GOOGLE)
1 2602:803:c003... 26667 (RUBICONPR...)
2 5 37.252.172.249 29990 (ASN-APPNEX)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
24 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
9 25 172.217.23.98 15169 (GOOGLE)
4 8 184.87.213.8 16625 (AKAMAI-AS)
1 2 34.249.30.33 16509 (AMAZON-02)
2 3 2620:116:800d... 16509 (AMAZON-02)
2 2 18.157.231.140 16509 (AMAZON-02)
3 66.155.71.149 13768 (COGECO-PEER1)
2 2 72.251.249.14 29791 (VOXEL-DOT...)
2 2 13.248.245.213 16509 (AMAZON-02)
2 34.98.64.218 15169 (GOOGLE)
2 104.111.242.245 16625 (AKAMAI-AS)
1 2a04:4e42:600... 54113 (FASTLY)
3 2600:9000:214... 16509 (AMAZON-02)
1 141.226.224.32 200478 (TABOOLA-AS)
1 2 2001:678:cb4:... 56396 (AMOBEE)
1 1 185.29.134.248 30419 (MEDIAMATH...)
1 1 35.186.193.173 15169 (GOOGLE)
6 6 213.19.147.44 26120 (RHYTHMONE)
1 185.86.138.131 201081 (SMARTADSE...)
1 35.227.252.103 15169 (GOOGLE)
1 1 69.173.144.138 26667 (RUBICONPR...)
2 2 18.185.44.17 16509 (AMAZON-02)
2 2 18.156.0.31 16509 (AMAZON-02)
1 2a03:5f80:a::... 50952 (DATAIX-AS...)
7 52.37.64.197 16509 (AMAZON-02)
2 89.187.169.15 60068 (CDN77 ^_^)
303 60
53    195.181.174.138 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-195-181-174-138.datapacket.com
gauchazh.clicrbs.com.br
www.rbsdirect.com.br
ad.clicrbs.com.br
pagamento.clicrbs.com.br
nossa-loader.clicrbs.com.br
identificacao.clicrbs.com.br
liverdgaupoa.rbsdirect.com.br
2    2600:9000:2057:5600:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
5    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    189.76.157.100 (Brazil)

ASN28357 (RBS ZERO HORA EDITORA JORNALISTICA, BR)
flipzh.clicrbs.com.br
11    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a04:4e42:400::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
1    2606:4700:20::681a:a5b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.privacytools.com.br
1    18.66.2.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-60.txl50.r.cloudfront.net
static.hotjar.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    143.204.98.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-104.fra50.r.cloudfront.net
script.hotjar.com
1    143.204.215.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-95.fra53.r.cloudfront.net
vars.hotjar.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
28    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
15.taboola.com
vidstat.taboola.com
imprammp.taboola.com
3    2606:4700::6810:ff3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
usr.navdmp.com
cdn.navdmp.com
10    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
news.google.com
4    89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com
l.getsitecontrol.com
s2.getsitecontrol.com
1    108.128.120.89 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-120-89.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    65.9.63.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-63-66.fra56.r.cloudfront.net
vc.hotjar.io
4    108.157.4.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-80.dus51.r.cloudfront.net
sb.scorecardresearch.com
1    2606:4700::6810:ef3 (United States)

ASN13335 (CLOUDFLARENET, US)
opi.navdmp.com
4    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)
us-central1-metrics-prd.cloudfunctions.net
7    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
www.googleadservices.com
googleads4.g.doubleclick.net
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    3.208.98.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-98-15.compute-1.amazonaws.com
events.getsitectrl.com
1    2a00:1450:400c:c03::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    34.228.86.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-228-86-47.compute-1.amazonaws.com
mabping.chartbeat.net
1    54.173.41.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-41-153.compute-1.amazonaws.com
ping.chartbeat.net
4    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
6    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
11    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
4    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
5    37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
4    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
www.googletagservices.com
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
24    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
15    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
15    2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
25    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
cm.g.doubleclick.net
8    184.87.213.8 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-213-8.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
2    34.249.30.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-30-33.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
3    2620:116:800d:21:ee05:6a01:4b41:8c89 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    18.157.231.140 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-231-140.eu-central-1.compute.amazonaws.com
pm.w55c.net
3    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
2    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
1    2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
3    2600:9000:214f:6400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
1    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
6    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    185.86.138.131 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    18.185.44.17 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-44-17.eu-central-1.compute.amazonaws.com
pixel.advertising.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2a03:5f80:a::b212:e79b (Russian Federation)

ASN50952 (DATAIX-AS Peering Ltd., RU)
code.createjs.com
7    52.37.64.197 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-37-64-197.us-west-2.compute.amazonaws.com
dt.adsafeprotected.com
2    89.187.169.15 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-632.bunnyinfra.net
m2.getsitecontrol.com
Apex Domain
Subdomains		 Transfer
43 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 92
4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 120
218 KB
42 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 67
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276
cm.g.doubleclick.net — Cisco Umbrella Rank: 175
308 KB
37 clicrbs.com.br
gauchazh.clicrbs.com.br — Cisco Umbrella Rank: 224959
flipzh.clicrbs.com.br
ad.clicrbs.com.br
pagamento.clicrbs.com.br
nossa-loader.clicrbs.com.br
identificacao.clicrbs.com.br
1 MB
30 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 983
trc.taboola.com — Cisco Umbrella Rank: 571
images.taboola.com — Cisco Umbrella Rank: 1580
15.taboola.com — Cisco Umbrella Rank: 1878
vidstat.taboola.com — Cisco Umbrella Rank: 1885
imprammp.taboola.com — Cisco Umbrella Rank: 12723
pips.taboola.com — Cisco Umbrella Rank: 1788
cds.taboola.com — Cisco Umbrella Rank: 1006
711 KB
26 google.com
news.google.com — Cisco Umbrella Rank: 5027
www.google.com — Cisco Umbrella Rank: 2
play.google.com — Cisco Umbrella Rank: 32
adservice.google.com — Cisco Umbrella Rank: 59
79 KB
17 rbsdirect.com.br
www.rbsdirect.com.br — Cisco Umbrella Rank: 892583
liverdgaupoa.rbsdirect.com.br
184 KB
15 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 246
2 MB
15 gstatic.com
fonts.gstatic.com
www.gstatic.com
303 KB
12 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 671
static.adsafeprotected.com — Cisco Umbrella Rank: 502
dt.adsafeprotected.com — Cisco Umbrella Rank: 465
96 KB
8 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488
7 KB
6 getsitecontrol.com
l.getsitecontrol.com — Cisco Umbrella Rank: 19008
s2.getsitecontrol.com — Cisco Umbrella Rank: 29212
m2.getsitecontrol.com — Cisco Umbrella Rank: 95588
145 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
5 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
55 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 480
3 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 129
2 KB
4 navdmp.com
tag.navdmp.com — Cisco Umbrella Rank: 21001
usr.navdmp.com — Cisco Umbrella Rank: 24275
opi.navdmp.com — Cisco Umbrella Rank: 391030
cdn.navdmp.com — Cisco Umbrella Rank: 4083
6 KB
4 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 574
script.hotjar.com — Cisco Umbrella Rank: 726
vars.hotjar.com — Cisco Umbrella Rank: 809
in.hotjar.com — Cisco Umbrella Rank: 1615
66 KB
4 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1242
mab.chartbeat.com — Cisco Umbrella Rank: 2250
25 KB
3 openx.net
us-u.openx.net — Cisco Umbrella Rank: 322
rtb.openx.net — Cisco Umbrella Rank: 1330
769 B
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 542
573 B
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 927
1 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 146
114 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 6342
adservice.google.de — Cisco Umbrella Rank: 9027
1 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 331
12 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
197 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 269
921 B
2 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 307
939 B
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 821
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 653
r.turn.com — Cisco Umbrella Rank: 2694
869 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 792
344 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 356
951 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 598
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 704
2 KB
2 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 436
pixel.rubiconproject.com — Cisco Umbrella Rank: 288
3 KB
2 chartbeat.net
mabping.chartbeat.net — Cisco Umbrella Rank: 4891
ping.chartbeat.net — Cisco Umbrella Rank: 1099
402 B
2 getsitectrl.com
events.getsitectrl.com — Cisco Umbrella Rank: 25547
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
386 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
114 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
3 KB
1 createjs.com
code.createjs.com — Cisco Umbrella Rank: 1135
63 KB
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1193
75 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 36433
514 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 387
863 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 99
15 KB
1 cloudfunctions.net
us-central1-metrics-prd.cloudfunctions.net
419 B
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2057
257 B
1 privacytools.com.br
cdn.privacytools.com.br — Cisco Umbrella Rank: 110479
106 KB
303 47
Domain Requested by
25 cm.g.doubleclick.net 9 redirects googleads.g.doubleclick.net
4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
24 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
gauchazh.clicrbs.com.br
googleads.g.doubleclick.net
www.googletagservices.com
21 gauchazh.clicrbs.com.br gauchazh.clicrbs.com.br
16 www.rbsdirect.com.br gauchazh.clicrbs.com.br
15 s0.2mdn.net 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
gauchazh.clicrbs.com.br
s0.2mdn.net
15 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
gauchazh.clicrbs.com.br
11 play.google.com www.gstatic.com
11 cdn.taboola.com gauchazh.clicrbs.com.br
cdn.taboola.com
11 fonts.gstatic.com fonts.googleapis.com
news.google.com
10 news.google.com gauchazh.clicrbs.com.br
news.google.com
www.gstatic.com
8 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
7 dt.adsafeprotected.com 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
7 images.taboola.com gauchazh.clicrbs.com.br
7 ad.clicrbs.com.br gauchazh.clicrbs.com.br
identificacao.clicrbs.com.br
ad.clicrbs.com.br
6 googleads4.g.doubleclick.net gauchazh.clicrbs.com.br
6 googleads.g.doubleclick.net www.googleadservices.com
4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
gauchazh.clicrbs.com.br
6 identificacao.clicrbs.com.br nossa-loader.clicrbs.com.br
identificacao.clicrbs.com.br
5 ib.adnxs.com 2 redirects ad.clicrbs.com.br
googleads.g.doubleclick.net
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 www.google-analytics.com gauchazh.clicrbs.com.br
www.google-analytics.com
www.googletagmanager.com
4 sync.1rx.io 4 redirects
4 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 securepubads.g.doubleclick.net ad.clicrbs.com.br
securepubads.g.doubleclick.net
4 www.google.com gauchazh.clicrbs.com.br
tpc.googlesyndication.com
4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
4 www.gstatic.com news.google.com
www.gstatic.com
4 sb.scorecardresearch.com 1 redirects cdn.taboola.com
gauchazh.clicrbs.com.br
3 static.adsafeprotected.com fw.adsafeprotected.com
4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
3 pixel-sync.sitescout.com 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
3 cms.quantserve.com 2 redirects 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
3 www.googletagservices.com 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
3 trc.taboola.com cdn.taboola.com
gauchazh.clicrbs.com.br
3 bat.bing.com www.googletagmanager.com
bat.bing.com
gauchazh.clicrbs.com.br
3 l.getsitecontrol.com gauchazh.clicrbs.com.br
l.getsitecontrol.com
3 www.googletagmanager.com gauchazh.clicrbs.com.br
www.googletagmanager.com
2 m2.getsitecontrol.com
2 ups.analytics.yahoo.com 2 redirects
2 pixel.advertising.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 eb2.3lift.com 2 redirects
2 ap.lijit.com 2 redirects
2 pm.w55c.net 2 redirects
2 fw.adsafeprotected.com 1 redirects gauchazh.clicrbs.com.br
2 www.google.de gauchazh.clicrbs.com.br
2 events.getsitectrl.com s2.getsitecontrol.com
2 www.facebook.com gauchazh.clicrbs.com.br
2 connect.facebook.net gauchazh.clicrbs.com.br
connect.facebook.net
2 mab.chartbeat.com static.chartbeat.com
2 fonts.googleapis.com gauchazh.clicrbs.com.br
client
2 static.chartbeat.com gauchazh.clicrbs.com.br
1 code.createjs.com s0.2mdn.net
1 pixel.rubiconproject.com 1 redirects
1 rtb.openx.net 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
1 ssbsync.smartadserver.com 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
1 gcm.ctnsnet.com 1 redirects
1 sync.mathtag.com 1 redirects
1 r.turn.com 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
1 ad.turn.com 1 redirects
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 fastlane.rubiconproject.com ad.clicrbs.com.br
1 imprammp.taboola.com gauchazh.clicrbs.com.br
1 15.taboola.com cdn.taboola.com
1 liverdgaupoa.rbsdirect.com.br gauchazh.clicrbs.com.br
1 ping.chartbeat.net gauchazh.clicrbs.com.br
1 mabping.chartbeat.net gauchazh.clicrbs.com.br
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googleadservices.com www.googletagmanager.com
1 us-central1-metrics-prd.cloudfunctions.net ad.clicrbs.com.br
1 cdn.navdmp.com tag.navdmp.com
1 s2.getsitecontrol.com l.getsitecontrol.com
1 opi.navdmp.com tag.navdmp.com
1 usr.navdmp.com tag.navdmp.com
1 vc.hotjar.io script.hotjar.com
1 in.hotjar.com script.hotjar.com
1 nossa-loader.clicrbs.com.br gauchazh.clicrbs.com.br
1 pagamento.clicrbs.com.br gauchazh.clicrbs.com.br
1 tag.navdmp.com gauchazh.clicrbs.com.br
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com www.googletagmanager.com
1 cdn.privacytools.com.br gauchazh.clicrbs.com.br
1 flipzh.clicrbs.com.br gauchazh.clicrbs.com.br
303 86
Subject Issuer Validity Valid
*.clicrbs.com.br
Thawte RSA CA 2018		 2021-07-05 -
2022-07-13		 a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2021-05-20 -
2022-06-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.rbsdirect.com.br
Thawte RSA CA 2018		 2022-02-07 -
2023-02-04		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-10-02 -
2022-10-01		 a year crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-25 -
2022-02-23		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.news.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.getsitecontrol.com
Go Daddy Secure Certificate Authority - G2		 2020-03-05 -
2022-05-04		 2 years crt.sh
*.hotjar.io
Amazon		 2021-08-17 -
2022-09-15		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
misc.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
*.getsitectrl.com
Amazon		 2022-01-13 -
2023-02-11		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
teads.tv
R3		 2022-01-03 -
2022-04-03		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
tls.adobe.com
DigiCert SHA2 Secure Server CA		 2020-06-01 -
2022-06-06		 2 years crt.sh
dt.adsafeprotected.com
Amazon		 2021-11-19 -
2022-12-18		 a year crt.sh

This page contains 23 frames:

Primary Page: https://gauchazh.clicrbs.com.br/
Frame ID: 8EA9802B5597ED9C29584AA4360EB99C
Requests: 164 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: AA0FECF63153C6CDD4936BC864689A13
Requests: 1 HTTP requests in this frame

Frame: https://identificacao.clicrbs.com.br/gzh/0/?nossa-allow-metrics=false&full_referrer=https://gauchazh.clicrbs.com.br/
Frame ID: DAEEA0C0335AAE99D2E85DB10EE16497
Requests: 8 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456951&publicationId=gauchazh.clicrbs.com.br
Frame ID: F8262E370FDEDEB097B7FB7FCD71B592
Requests: 15 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=C4844EB4D344065477552731586&cicmp=1337627&cijs=1&dast=V7rNQCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHEMajkYrCmnEGY0Gs9VoN1vMRrPRbLcYLJcwMYvFYjRcrUZjzWKxGE1mq-EUDLbwOd3dbQBB0-nwue71OofrY3RYj3aN2emxXDx3jd9tl1j-cgAAAAB4ACBqiYbY8W1ojwAAAACQ4Bm5VqAIqPi3ELgAAAAAwAAgEAvXAIDiOECX5ea3nPwBAPCgAAIAIIARAqBpDy8CAAAAMAIAAABAAiCQWFgC4HC3aAIAEPA3UGIqdgIAAHBQJ_O0zfL___8fA5D33iQDQJG2cWPQA_DgA_AgBAAA8DGUxQVcW288WUNUsFfECAAAACC3etP0aFInVBZV_____1YAVwAAAX8DJaaPWTcnxaxhAAAAAGML9LD4_WaHXeN3u-z_________3-z_DABNCCpTMy1oQaFHjWfkWmHtFxAAgO3dAADeBOBiDsAOAAAA4O7___8_DwAAgGSPku21Gs8eZb3PYAuf091dvwlbjFaTyWY5nC0Xk8FwNByN9ieQwwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKJFg8lqNJosJsPVaLKaLRe73QYpWrWajTaD4Wo2me12q-FguByNcMIWo9VkslkOZ8vFZDAcDUejIR5UnUvn8-p8fIjhai5ZbOaK1WqumM1WCQAAAAAAAABgCVPmTQAAAABOg5jNJrvdihtv9kwQa7Va1gAAAADcupED!&excid=22&tst=1&docw=0&cs=false
Frame ID: 13DFF2E2DEB715A0774EBDA9013790F4
Requests: 1 HTTP requests in this frame

Frame: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EB4801164D4442031951CC0601C6B69E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CE739FAE9294DD27F1CEF2366AEAA557
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 26C0296AD295C93497394824D0B539B6
Requests: 2 HTTP requests in this frame

Frame: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4A7B0AD3DBD25A3F0E241B3DD5C5398E
Requests: 24 HTTP requests in this frame

Frame: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F4A04B15BD673D50CA78DDCCC5278C84
Requests: 13 HTTP requests in this frame

Frame: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 69AB000298E1C3DC3825E55733C4975B
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIY0Z7QwQEwAQ&v=APEucNVnE94Mel9o8frZguwZO2CYAriLBB1f8BB1RXwKF4_ibbt7ZbzLElfDDC1xqQbU7ceZbWjoz3MTGNRbGuo7Mz15yy9BfB0VR3asyxqzaBx_5yDtUmLY7ysEqjdb_TmoBhl9lVOSbAec7AMCMtE6-37yTUPixv3xDzxt91g29v4FtKenZSE
Frame ID: 73CB0E16EB3DDA4A493EE26FD090B129
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhiD0tK7ATAB&v=APEucNWQR5tbHynwDIXTCuSmPdr76yUN2usDy4BKOs12GdVSxZJfyuv9XiJwpwzNmolT3bxjBfYE97cZ9hl5lGwtTXCltS2lHStXOChAtyzGO1ezT-02YSfmkU7WO2iKxzxk8nYYZHc6AAi6vPYDJb13cC7qVAE3VDHTjTlTpDBYiq9pBBBzn9Y
Frame ID: F47A7BED31F0F9FBD8F189BB7B705E9E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLaVcRDXtnQYoZzuwAEwAQ&v=APEucNW6wTn07sY_OP1kxelIeEvnRV4_uiVB9Su23ttnvH8oa4sG4tBFLrVMRBsbopCtdv5v_WHkZad-DynG_MIdJXMVWvsTLbGK9OKGEHJtksBnF0qweNU1hJSGtE3vFOg11PYAxVOHQOk6yJGuhRG1HbVe0zAFIryUcIcwXh7jojcVUAW1LiU
Frame ID: 5F97452BB42CD85F956B9D41CA03E5EB
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DCA5CCBCA260931FF380F7847CF5B81F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 404043A42144A76C8D7290B8A3CC98F1
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 92F0C05566F184737537EE8461951565
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2AB54DA23DACE25562BC7CB3BE4B75D7
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2315661356193284096/index.html
Frame ID: C7B93426D6C93084EE891C8C536C11A1
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9867643997701983945/index.html
Frame ID: AF513C03F3616AD23F623050067B42D7
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BBD18C3CA539D81420F9DFF0A778984D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 84A32AC9E6A5EF95FF04E856F8C59F07
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: CD4F7D43E0CE13C0C02F80B658C1B16F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

GZH - jornal digital com notícias, porto alegre, grêmio, inter, colunistas, jogos ao vivo e mais

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • rx(?:\.\w+)?(?:\.compat|\.global)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • tag\.navdmp\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

303
Requests

91 %
HTTPS

47 %
IPv6

47
Domains

86
Subdomains

60
IPs

10
Countries

5632 kB
Transfer

15552 kB
Size

55
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1645025272401&ns_c=UTF-8&cv=3.5&c8=GZH%20-%20jornal%20digital%20com%20not%C3%ADcias%2C%20porto%20alegre%2C%20gr%C3%AAmio%2C%20inter%2C%20colunistas%2C%20jogos%20ao%20vivo%20e%20mais&c7=https%3A%2F%2Fgauchazh.clicrbs.com.br%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1645025272401&ns_c=UTF-8&cv=3.5&c8=GZH%20-%20jornal%20digital%20com%20not%C3%ADcias%2C%20porto%20alegre%2C%20gr%C3%AAmio%2C%20inter%2C%20colunistas%2C%20jogos%20ao%20vivo%20e%20mais&c7=https%3A%2F%2Fgauchazh.clicrbs.com.br%2F&c9=
Request Chain 213
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLL8ovM7J7zzMp9IayWTGU&google_cver=1
Request Chain 214
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yg0X.6XpGzEjYQKq6XrhtQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLL8ovM7J7zzMp9IayWTGU&google_cver=1&google_hm=2
Request Chain 215
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFX4hrsHpBs44zLdnUg4J1c&google_cver=1
Request Chain 216
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA3MTUxMjAzMDM0NjY3Mzc3OQ%3D%3D
Request Chain 217
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLL8ovM7J7zzMp9IayWTGU&google_cver=1
Request Chain 218
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yg0X.6XpGzEjYQKq6XrhtQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLL8ovM7J7zzMp9IayWTGU&google_cver=1&google_hm=2
Request Chain 219
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFX4hrsHpBs44zLdnUg4J1c&google_cver=1
Request Chain 220
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA3MTUxMjAzMDM0NjY3Mzc3OQ%3D%3D
Request Chain 230
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI4LqbEW07fPpfVxmesBUgI&google_cver=1&google_push=AYg5qPKsVmyxmURvH9Gr7Id_oT22Fhwf03oUKiqb8CJr22pvI6Ig0UkdQwdGjEzhPObbWtaIWUmifaH05PNoqxryFEQ_Q85eIG4 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI4LqbEW07fPpfVxmesBUgI&google_cver=1&google_push=AYg5qPKsVmyxmURvH9Gr7Id_oT22Fhwf03oUKiqb8CJr22pvI6Ig0UkdQwdGjEzhPObbWtaIWUmifaH05PNoqxryFEQ_Q85eIG4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YzJ5Y1VCMHExTmttZEo1&google_gid=CAESEI4LqbEW07fPpfVxmesBUgI&google_cver=1&google_push=AYg5qPKsVmyxmURvH9Gr7Id_oT22Fhwf03oUKiqb8CJr22pvI6Ig0UkdQwdGjEzhPObbWtaIWUmifaH05PNoqxryFEQ_Q85eIG4
Request Chain 232
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPFAxGfgLOOEvzMfJu7KSLA&google_cver=1&google_push=AYg5qPKQIeD3TGWMrglhmlsYFPPQrdpE-nJSQbEjCK7AfdKoGnOAMXWUu73scViMoZRrWMA72KeswZKdHTqHeQVfVMyHX1F6n00 HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPFAxGfgLOOEvzMfJu7KSLA&google_cver=1&google_push=AYg5qPKQIeD3TGWMrglhmlsYFPPQrdpE-nJSQbEjCK7AfdKoGnOAMXWUu73scViMoZRrWMA72KeswZKdHTqHeQVfVMyHX1F6n00&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKQIeD3TGWMrglhmlsYFPPQrdpE-nJSQbEjCK7AfdKoGnOAMXWUu73scViMoZRrWMA72KeswZKdHTqHeQVfVMyHX1F6n00&google_hm=db94abcadefa5d723715cabb
Request Chain 233
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEIoZYM2US07AvINZNXKHchs&google_cver=1&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA
Request Chain 234
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKx18VQO1bHXFv8fzV86kV0&google_cver=1&google_push=AYg5qPKI02HjGmL2QpBNcpyWTKE-nM95nnfumh4CNvjYfxMuB61GUqzNIDf4-IVY5GYN3w9EBIzNr62OU2b6NBdRCCqSinR0hok HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPKI02HjGmL2QpBNcpyWTKE-nM95nnfumh4CNvjYfxMuB61GUqzNIDf4-IVY5GYN3w9EBIzNr62OU2b6NBdRCCqSinR0hok&google_gid=CAESEKx18VQO1bHXFv8fzV86kV0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzM1MTI1MTk3NDMwOTAwNTgxMDU0Mw%3D%3D&google_push=AYg5qPKI02HjGmL2QpBNcpyWTKE-nM95nnfumh4CNvjYfxMuB61GUqzNIDf4-IVY5GYN3w9EBIzNr62OU2b6NBdRCCqSinR0hok
Request Chain 242
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDe8-2j6hrG_cDuC-qQ5DZM&google_cver=1
Request Chain 244
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEBp51hrrXQc9q_AIdWYHgBM&google_cver=1
Request Chain 261
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDKlqZPd0yLXmP-SyMCNMss&google_cver=1&google_push=AYg5qPKw1Hnz6lPdQIh4HC2gKkkSZmURBAKeo9V9W9aJabKgMMrLH7FGm-8SEDqWaitvG0R4qqSSG7pu1tSlB1MaFc89yOTiOxbW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDE3MTE0NjMxMTM5ODcxNzU1Nw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDKlqZPd0yLXmP-SyMCNMss&google_cver=1
Request Chain 262
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELcqwrSELFm6JPBfFKBkMlw&google_cver=1&google_push=AYg5qPJvNG4XVW4qMy1k_Jfy40jqG6isRXLM92rzUtSAmult235rFwGJsQJGw4QLnLljZEok5-7MKvJmQ-TRlk_znEtzA2pyjsYj HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJvNG4XVW4qMy1k_Jfy40jqG6isRXLM92rzUtSAmult235rFwGJsQJGw4QLnLljZEok5-7MKvJmQ-TRlk_znEtzA2pyjsYj&google_hm=7wCVBR-0YR2Yyo69XlWKWw
Request Chain 263
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEFzWhS31tCRI5BLI6ABwljA&google_cver=1&google_push=AYg5qPLKQCVVSYkZH2EIMnixk-28cKQKhYIPMk-omwWAcSG79Bn3Hz2hbq-AAZFaDGjxXXjWWmU7mTIKnsa9ySrNGO6ub5I09rMP-g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLKQCVVSYkZH2EIMnixk-28cKQKhYIPMk-omwWAcSG79Bn3Hz2hbq-AAZFaDGjxXXjWWmU7mTIKnsa9ySrNGO6ub5I09rMP-g
Request Chain 265
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEJNmcwHwDWvKmMDq9R39dXE&google_cver=1&google_push=AYg5qPKptRydamN9CFQR7sZYthss5g0PnJY27Wl2pcCqYejFIr-zHR1cMZc8aHD4OoitIA08plQ7GyXC58DmkXZw7dZFxWVPIUUSog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKptRydamN9CFQR7sZYthss5g0PnJY27Wl2pcCqYejFIr-zHR1cMZc8aHD4OoitIA08plQ7GyXC58DmkXZw7dZFxWVPIUUSog&google_hm=zWtCK_UdQDWHU9bT_3HfSaY
Request Chain 266
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEIIFDWeiMDBJwvUW6HwF4tU&google_cver=1&google_push=AYg5qPI3Vla3YoH6TIRnMdfmMY_7dZ2hdGcCgL5NB6OJpibJ16v6LmBoGt-RfobjqB_hqCtKUOEDz8kxNRnHwMrLtDMPSD9KKNeM HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPI3Vla3YoH6TIRnMdfmMY_7dZ2hdGcCgL5NB6OJpibJ16v6LmBoGt-RfobjqB_hqCtKUOEDz8kxNRnHwMrLtDMPSD9KKNeM&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1645025275851 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ec2d7d7f-7006-44ea-8bb7-ebcc82bb7373-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPI3Vla3YoH6TIRnMdfmMY_7dZ2hdGcCgL5NB6OJpibJ16v6LmBoGt-RfobjqB_hqCtKUOEDz8kxNRnHwMrLtDMPSD9KKNeM%26google_hm%3DA-wtfX9wBkTqi7frzIK7c3M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPI3Vla3YoH6TIRnMdfmMY_7dZ2hdGcCgL5NB6OJpibJ16v6LmBoGt-RfobjqB_hqCtKUOEDz8kxNRnHwMrLtDMPSD9KKNeM&google_hm=A-wtfX9wBkTqi7frzIK7c3M
Request Chain 269
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELcqwrSELFm6JPBfFKBkMlw&google_cver=1&google_push=AYg5qPJ4h1ZWRv3g1ZYYTVEoIOtIXk7fRGvrofm10g8lN-8UmsrnHeWQM5reFfcyLGVrM39u3PiVTOQhv0wfG9smxk93IS0pvNrX HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJ4h1ZWRv3g1ZYYTVEoIOtIXk7fRGvrofm10g8lN-8UmsrnHeWQM5reFfcyLGVrM39u3PiVTOQhv0wfG9smxk93IS0pvNrX&google_hm=7wCVBR-0YR2Yyo69XlWKWw
Request Chain 272
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENMLPr6ygZLFBjSk80PRWug&google_cver=1&google_push=AYg5qPJiYOVLzh7JDT9tGyffkZXmSdHlMtGZi7j5W0EzaEeZ58Je5Ee3HPIXjau1NNGBl_KMno6tu9cGCULIqxCxQ2JfQjCTisGwSg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pQUEtPWkQtUS1LTlVC&google_push=AYg5qPJiYOVLzh7JDT9tGyffkZXmSdHlMtGZi7j5W0EzaEeZ58Je5Ee3HPIXjau1NNGBl_KMno6tu9cGCULIqxCxQ2JfQjCTisGwSg
Request Chain 273
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_cver=1&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZq-1CJGKROjiedZgPNLARU3FvKdmwitH6HhOWxiJLXlBYrQpK5GlXkxhoo6CMu-CEw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZq-1CJGKROjiedZgPNLARU3FvKdmwitH6HhOWxiJLXlBYrQpK5GlXkxhoo6CMu-CEw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZq-1CJGKROjiedZgPNLARU3FvKdmwitH6HhOWxiJLXlBYrQpK5GlXkxhoo6CMu-CEw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZq-1CJGKROjiedZgPNLARU3FvKdmwitH6HhOWxiJLXlBYrQpK5GlXkxhoo6CMu-CEw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZq-1CJGKROjiedZgPNLARU3FvKdmwitH6HhOWxiJLXlBYrQpK5GlXkxhoo6CMu-CEw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZq-1CJGKROjiedZgPNLARU3FvKdmwitH6HhOWxiJLXlBYrQpK5GlXkxhoo6CMu-CEw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZq-1CJGKROjiedZgPNLARU3FvKdmwitH6HhOWxiJLXlBYrQpK5GlXkxhoo6CMu-CEw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZq-1CJGKROjiedZgPNLARU3FvKdmwitH6HhOWxiJLXlBYrQpK5GlXkxhoo6CMu-CEw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZq-1CJGKROjiedZgPNLARU3FvKdmwitH6HhOWxiJLXlBYrQpK5GlXkxhoo6CMu-CEw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZq-1CJGKROjiedZgPNLARU3FvKdmwitH6HhOWxiJLXlBYrQpK5GlXkxhoo6CMu-CEw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZq-1CJGKROjiedZgPNLARU3FvKdmwitH6HhOWxiJLXlBYrQpK5GlXkxhoo6CMu-CEw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZq-1CJGKROjiedZgPNLARU3FvKdmwitH6HhOWxiJLXlBYrQpK5GlXkxhoo6CMu-CEw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZq-1CJGKROjiedZgPNLARU3FvKdmwitH6HhOWxiJLXlBYrQpK5GlXkxhoo6CMu-CEw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZq-1CJGKROjiedZgPNLARU3FvKdmwitH6HhOWxiJLXlBYrQpK5GlXkxhoo6CMu-CEw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZq-1CJGKROjiedZgPNLARU3FvKdmwitH6HhOWxiJLXlBYrQpK5GlXkxhoo6CMu-CEw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZq-1CJGKROjiedZgPNLARU3FvKdmwitH6HhOWxiJLXlBYrQpK5GlXkxhoo6CMu-CEw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZq-1CJGKROjiedZgPNLARU3FvKdmwitH6HhOWxiJLXlBYrQpK5GlXkxhoo6CMu-CEw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZq-1CJGKROjiedZgPNLARU3FvKdmwitH6HhOWxiJLXlBYrQpK5GlXkxhoo6CMu-CEw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZq-1CJGKROjiedZgPNLARU3FvKdmwitH6HhOWxiJLXlBYrQpK5GlXkxhoo6CMu-CEw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZq-1CJGKROjiedZgPNLARU3FvKdmwitH6HhOWxiJLXlBYrQpK5GlXkxhoo6CMu-CEw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZq-1CJGKROjiedZgPNLARU3FvKdmwitH6HhOWxiJLXlBYrQpK5GlXkxhoo6CMu-CEw
Request Chain 274
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEIIFDWeiMDBJwvUW6HwF4tU&google_cver=1&google_push=AYg5qPKdRABY7kIGMEbYCYE6fs-d1EjZm8cyW_vOX_TBgiHtmv11_RGvEGkDUNXFfmBHrIZVDy4Xh7kNUgBs6aMW-BBsfc6KG10L HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPKdRABY7kIGMEbYCYE6fs-d1EjZm8cyW_vOX_TBgiHtmv11_RGvEGkDUNXFfmBHrIZVDy4Xh7kNUgBs6aMW-BBsfc6KG10L&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1645025275797 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-fdb9dc4a-f261-4924-bdd7-45378f72b784-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPKdRABY7kIGMEbYCYE6fs-d1EjZm8cyW_vOX_TBgiHtmv11_RGvEGkDUNXFfmBHrIZVDy4Xh7kNUgBs6aMW-BBsfc6KG10L%26google_hm%3DA_253EryYUkkvddFN49yt4Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKdRABY7kIGMEbYCYE6fs-d1EjZm8cyW_vOX_TBgiHtmv11_RGvEGkDUNXFfmBHrIZVDy4Xh7kNUgBs6aMW-BBsfc6KG10L&google_hm=A_253EryYUkkvddFN49yt4Q
Request Chain 275
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEFZPZFr4Feu9p0wnIVW_qYY&google_cver=1&google_push=AYg5qPLg15_0VSVDOEtv04ViwlzCTzHl111rRhb9-Sa2k5sIcHBcuvZVMGasaIieh0SqqASNpYzUgP5alBrmAeMyqK2pvZ5STsEAgaU HTTP 302
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEFZPZFr4Feu9p0wnIVW_qYY&google_cver=1&google_push=AYg5qPLg15_0VSVDOEtv04ViwlzCTzHl111rRhb9-Sa2k5sIcHBcuvZVMGasaIieh0SqqASNpYzUgP5alBrmAeMyqK2pvZ5STsEAgaU&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEFZPZFr4Feu9p0wnIVW_qYY&google_cver=1&google_push=AYg5qPLg15_0VSVDOEtv04ViwlzCTzHl111rRhb9-Sa2k5sIcHBcuvZVMGasaIieh0SqqASNpYzUgP5alBrmAeMyqK2pvZ5STsEAgaU&apid=UP039c3a76-8f3d-11ec-8929-02e51d21b622 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEFZPZFr4Feu9p0wnIVW_qYY&google_cver=1&google_push=AYg5qPLg15_0VSVDOEtv04ViwlzCTzHl111rRhb9-Sa2k5sIcHBcuvZVMGasaIieh0SqqASNpYzUgP5alBrmAeMyqK2pvZ5STsEAgaU&apid=UP039c3a76-8f3d-11ec-8929-02e51d21b622&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAwMzljM2E3Ni04ZjNkLTExZWMtODkyOS0wMmU1MWQyMWI2MjI%3D&google_push=AYg5qPLg15_0VSVDOEtv04ViwlzCTzHl111rRhb9-Sa2k5sIcHBcuvZVMGasaIieh0SqqASNpYzUgP5alBrmAeMyqK2pvZ5STsEAgaU
Request Chain 280
  • https://fw.adsafeprotected.com/rfw/st/949432/60827849/skeleton.js?ias_dspID=3&ias_campId=26650973&ias_pubId=pub-5313162903174685&ias_chanId=1&ias_placementId=16192691453&bidurl=https://gauchazh.clicrbs.com.br/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h1TMBIwdg_-7A2ErftQvvh&adsafe_url=https%3A%2F%2Fgauchazh.clicrbs.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:ef08e5f7-bab2-7be5-409b-1a71d1ff0083,c:4oJMOc,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-76948bfd6c-h682k,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:publ1,nbld:0,mtim:162,fm:sXCmpxt+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a*.949432-60827849%7C1a1%7C1a2%7C1a3%7C1a4%7C1b1%7C1b2%7C1b3%7C1b4%7C1c1%7C1c2%7C1c3,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:0,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:178,oid:036e9aff-8f3d-11ec-91bc-0e2bce158fac,v:19.8.289,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js

303 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gauchazh.clicrbs.com.br/ 		671 KB
124 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
/
Resource Hash
2a293b4997b6f3013484cdab78bd700bb2b5a6c40a1c8e0a449a8b2ac6798f60
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 16 Feb 2022 15:27:51 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding Accept-Encoding
cache-control
public, max-age=120, stale-while-revalidate=86400, stale-if-error=86400
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains
access-control-allow-origin
*
access-control-allow-methods
*
access-control-max-age
3600
main.bcf9f0b27cb44e772f7f.min.css
gauchazh.clicrbs.com.br/static/ 		48 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/static/main.bcf9f0b27cb44e772f7f.min.css
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
dc0ddd462a72d52805274508b2477314ba9df0c2eebd6a477a121ac681fcb831

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:51 GMT
content-encoding
gzip
vary
Accept-Encoding
x-guploader-uploadid
ADPycdvprUB4AXHOmgCUcVaauQOiSTIM7p1q0SbLffhrlwshyRYqn9f_Qv8EzQF7BHZeAXfNzIlS9eeHxbVCHpo-eHtpk2GbOw
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Mon, 20 Dec 2021 13:40:41 GMT
server
UploadServer
etag
W/"211c5837b8c770cc34eb5c8491a2722b"
access-control-max-age
3600
x-goog-hash
crc32c=lFqGhg==, md5=IRxYN7jHcMw061yEkaJyKw==
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Mon, 20 Dec 2021 13:41:52 GMT
commons.a54cae8f055e6269138e.min.css
gauchazh.clicrbs.com.br/static/ 		222 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/static/commons.a54cae8f055e6269138e.min.css
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
6aedbd5800ac3f78832844813990b17d15abcbc14e740e390aba7e50271ba250

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:51 GMT
content-encoding
gzip
vary
Accept-Encoding
x-guploader-uploadid
ADPycdtM9xVHpDO6aaUZDBo5qtlxylrqBKB67cZu_4bRk1t7DUusesb9WuiT9t9Vtjh5pnk-pCteyyMlDDUjJE1PU1zxZxFUng
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Wed, 09 Feb 2022 19:10:02 GMT
server
UploadServer
etag
W/"e5d2507fd57c8ed6267015081b2ea299"
access-control-max-age
3600
x-goog-hash
crc32c=R5YgnA==, md5=5dJQf9V8jtYmcBUIGy6imQ==
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Wed, 09 Feb 2022 19:10:34 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		22 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5600:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3d54d65d1a3e03ee57b6b3bea623447a1d39393610bdd51bb389fe20c0b17f78

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 14:34:48 GMT
content-encoding
gzip
last-modified
Fri, 14 Jan 2022 02:25:43 GMT
server
nginx
age
3183
etag
W/"61e0df27-59c1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
Fgu2K09wIwFn_w-bZiLnmT0w2PEvqoORn2CQHiWETk20cDLBpp7NOQ==
expires
Wed, 16 Feb 2022 16:34:48 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6777
date
Wed, 16 Feb 2022 13:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 16 Feb 2022 15:34:54 GMT
gtm.js
www.googletagmanager.com/ 		219 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K8Q8R8N
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d0e5550c8c17c38bdd48c0a38b02ded60e683dcfa9f5da0966c204be47bb7239
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70409
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 16 Feb 2022 15:27:51 GMT
css2
fonts.googleapis.com/ 		40 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Roboto+Slab:wght@300;400;700;800&family=Roboto:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/static/commons.a54cae8f055e6269138e.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
00893818e9dd84c02d708b6b88d85f34d855990f4f3d853df9d1257a6088840e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 15:27:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 16 Feb 2022 15:27:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Feb 2022 15:27:51 GMT
16449756858081_normal.jpg
flipzh.clicrbs.com.br/jornal-digital/files/flip/RBS/24146/up37/ 		120 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flipzh.clicrbs.com.br/jornal-digital/files/flip/RBS/24146/up37/16449756858081_normal.jpg
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
189.76.157.100 , Brazil, ASN28357 (RBS ZERO HORA EDITORA JORNALISTICA, BR),
Reverse DNS
Software
nginx /
Resource Hash
52ab52b0b9bcb9e0486b46c547952e826bf6960fcbba7cdff8d792e1e284d6cd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
last-modified
Wed, 16 Feb 2022 01:41:44 GMT
server
nginx
x-cache-status
HIT
strict-transport-security
max-age=63072000
content-type
image/jpeg
x-hosts
flpappprd05.rbs.com.br
cache-control
max-age=90000, private
accept-ranges
bytes
content-length
123055
expires
Thu, 17 Feb 2022 16:27:52 GMT
95005_cfebaec8c2d75b3.jpg
www.rbsdirect.com.br/filestore/5/0/0/5/9_52152e7a8b23ebb/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbsdirect.com.br/filestore/5/0/0/5/9_52152e7a8b23ebb/95005_cfebaec8c2d75b3.jpg?w=200&h=270
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Google Frontend / Express
Resource Hash
975ac5c49a920a7877668499bf696c9e8f26470a7d9493205a824b83f57f8042

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:51 GMT
server
Google Frontend
x-ims
Enabled
x-powered-by
Express
vary
Accept, Accept-Encoding, x-custom-cache-key
content-type
image/jpeg
x-original-image-size
153431
x-cloud-trace-context
343235568e3e858ddb9d6d97630e2583;o=1
cache-control
public, max-age=2592000
function-execution-id
p9k3i4x1e66d
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12019
expires
Wed, 16 Feb 2022 14:15:45 GMT
27473913.jpg
www.rbsdirect.com.br/imagesrc/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbsdirect.com.br/imagesrc/27473913.jpg?w=200&h=270
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Google Frontend / Express
Resource Hash
624131598e832c386746d7c95eb44b87aa91abdcc9c3868201cc753b03e4c335

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:51 GMT
server
Google Frontend
x-ims
Enabled
x-powered-by
Express
vary
Accept, Accept-Encoding, x-custom-cache-key
content-type
image/jpeg
x-original-image-size
38501
x-cloud-trace-context
13dcc533d0e174bd602fbe779d5ac40f
cache-control
public, max-age=2592000
function-execution-id
5cokg1c5ruoa
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8512
expires
Sat, 12 Feb 2022 18:29:11 GMT
truncated
/ 		194 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ac8588ee6e33be668883f48a806efa162ca555058b822b262d4804890e6d5b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		191 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65a1459160b99d548b8239afbdf7a41ca91fe1e3ba247d1d565df31bea0d6533

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		194 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
afa6b81f1bf984f4a5ea2e070bb58207b870de0001a8ca07d3f66be20be25f3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		194 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1ec4e6bcbe16aa5d5528b53498c024d8e56c5040ad418906cbdd2a0bf37ab69

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
ad-background.png
gauchazh.clicrbs.com.br/static/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gauchazh.clicrbs.com.br/static/images/ad-background.png
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/static/commons.a54cae8f055e6269138e.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
be5efae6930f6ddbf7d7c112ca85838d02bf367a2a1d5c53202250c1e1476962

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/static/commons.a54cae8f055e6269138e.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:51 GMT
access-control-allow-methods
*
x-guploader-uploadid
ADPycdsR04kCleOrrnbTNXITCNQvdjnE54JQefCdU7rsvlzpoUr5tKbF44d4yTUxlZSGfXeuFYkYDv4XrIDbwz2wX4vIOBamlA
x-goog-storage-class
STANDARD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1878
last-modified
Mon, 25 Oct 2021 13:12:31 GMT
server
UploadServer
etag
"dec4d7473a3733d76ccce5099863a8af"
access-control-max-age
3600
x-goog-hash
crc32c=tMzRbA==, md5=3sTXRzo3M9dszOUJmGOorw==
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
expires
Mon, 25 Oct 2021 13:13:30 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Roboto+Slab:wght@300;400;700;800&family=Roboto:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gauchazh.clicrbs.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 09:48:03 GMT
x-content-type-options
nosniff
age
452388
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 11 Feb 2023 09:48:03 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Roboto+Slab:wght@300;400;700;800&family=Roboto:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gauchazh.clicrbs.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:56:19 GMT
x-content-type-options
nosniff
age
595892
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 17:56:19 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Roboto+Slab:wght@300;400;700;800&family=Roboto:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gauchazh.clicrbs.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 13:17:51 GMT
x-content-type-options
nosniff
age
439800
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15724
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:37 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 11 Feb 2023 13:17:51 GMT
BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v22/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v22/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Roboto+Slab:wght@300;400;700;800&family=Roboto:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c2dd34c8a8d2ed4b4e91eed55c2404518bb4a5ff02ae68e7a08f4e14ddb3e46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gauchazh.clicrbs.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 06:02:38 GMT
x-content-type-options
nosniff
age
33913
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32876
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:13:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Feb 2023 06:02:38 GMT
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v29/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Roboto+Slab:wght@300;400;700;800&family=Roboto:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gauchazh.clicrbs.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 09:29:12 GMT
x-content-type-options
nosniff
age
453519
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17304
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 11 Feb 2023 09:29:12 GMT
KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2
fonts.gstatic.com/s/roboto/v29/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Roboto+Slab:wght@300;400;700;800&family=Roboto:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f2778667ce7da721e201618eac589ac1a32af6b43c246675826a8d728eb902b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gauchazh.clicrbs.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 22:59:56 GMT
x-content-type-options
nosniff
age
318475
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17540
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 12 Feb 2023 22:59:56 GMT
js
www.google-analytics.com/gtm/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-WLM7H6P&cid=244207154.1645025271
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5091555405f2ce46dc3c259366f8e43ee71bc4da20cc2ca854527eb0ec5b22ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35860
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 16 Feb 2022 15:27:51 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		1 KB
923 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=clicrbs.com.br&domain=gauchazh.clicrbs.com.br&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8832feec5afafe3117d1fb90217f8fe7a16c03eb515f83582e043ee421d89fab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:51 GMT
content-encoding
gzip
x-cache-hits
1
age
3518
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
570
x-served-by
cache-hhn4041-HHN
access-control-allow-origin
*
x-timer
S1645025272.503022,VS0,VE1
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
via
1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Mon, 14 Feb 2022 14:29:13 GMT
truncated
/ 		194 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d69ff4665e0f752198eaf19b1385789539f11fd46cd069335f90082cfd58042

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		188 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c3728dcae7f124057d95b29a59cc6b580e9dc78a45f5b76bee1f62f345bfeb69

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		194 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4526aff82ef10df4085b45b7b95fa8f7173a81e86a7b4f1f2bdf0c3d08f66877

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
1039793_812e496085083c3.png
www.rbsdirect.com.br/filestore/3/9/7/9/3/0/1_ac2138fcb82ef36/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbsdirect.com.br/filestore/3/9/7/9/3/0/1_ac2138fcb82ef36/1039793_812e496085083c3.png?w=30&h=30&a=c
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Google Frontend / Express
Resource Hash
a49c6db45854a11786964a1d1df051ccdf021097f05b242720cfea23782b2682

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:51 GMT
server
Google Frontend
x-ims
Enabled
x-powered-by
Express
vary
Accept, Accept-Encoding, x-custom-cache-key
content-type
image/png
x-original-image-size
108221
x-cloud-trace-context
6a25ddebebfa726a398ad295cae87e97
cache-control
public, max-age=2592000
function-execution-id
forcsojd4c53
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1461
expires
Tue, 31 Aug 2021 16:31:56 GMT
truncated
/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
385470e1b0daa0a2a4c86aaa0a3c45f7a434a2b72772a257978be7c604d930db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
img/png
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Roboto+Slab:wght@300;400;700;800&family=Roboto:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gauchazh.clicrbs.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:58:32 GMT
x-content-type-options
nosniff
age
595759
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 17:58:32 GMT
verdors-r.f93486301627e2e0864d.min.js
gauchazh.clicrbs.com.br/static/ 		128 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/static/verdors-r.f93486301627e2e0864d.min.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
ee210c77ed7557695e2e2e30d3b6dd67ef4b87e04f47f2fadf2adb88641f2870

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:51 GMT
content-encoding
gzip
vary
Accept-Encoding
x-guploader-uploadid
ADPycdsUc5cvmE5RnTJ7v0Lpubh1sC7CLT9whz2rDyKi7iwnNrEtWrNpfR1iYl3WDRVRF7XGUJcm79Cb9w0b3iv2LOE
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Tue, 07 Dec 2021 12:48:44 GMT
server
UploadServer
etag
W/"18bfcc09541c6c0fc5a7f2ca55034063"
access-control-max-age
3600
x-goog-hash
crc32c=1TlGzQ==, md5=GL/MCVQcbA/Fp/LKVQNAYw==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Tue, 07 Dec 2021 12:49:14 GMT
verdors-a.dc4581bb20e0960111af.min.js
gauchazh.clicrbs.com.br/static/ 		135 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/static/verdors-a.dc4581bb20e0960111af.min.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
6d0cae948ba7b2ae4cf6123744dc1be2c19692879aa527a13c771b432aa18e2c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:51 GMT
content-encoding
gzip
vary
Accept-Encoding
x-guploader-uploadid
ADPycduFJfA8nA1ZxXjfJgqT_u9b_lH--55NV3q2rMs4Hp9tVUkKPl6DZ2lpbxl7vdFVbKFOz8XCBtcRt2q-o-ej7pbQM8EQuw
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Tue, 07 Dec 2021 12:48:44 GMT
server
UploadServer
etag
W/"b5777f5a7951afbb71d2253e981f732f"
access-control-max-age
3600
x-goog-hash
crc32c=TEHKbQ==, md5=tXd/WnlRr7tx0iU+mB9zLw==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Tue, 07 Dec 2021 12:49:14 GMT
verdors-rx.c814559b08d1b5f40cf6.min.js
gauchazh.clicrbs.com.br/static/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/static/verdors-rx.c814559b08d1b5f40cf6.min.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
02519f2ba07081abab568de34e18827f13648e69b65a0a741891bf945bae3705

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:51 GMT
content-encoding
gzip
vary
Accept-Encoding
x-guploader-uploadid
ADPycdtWg4Paeo2i_QCRn2kRZYgLWRq0sFGRDnI7mFZFFTdJl98HQ6cmR9rMGECFTiOO-MDh79Fdcr_mz2oIGqr1wdE
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Tue, 07 Dec 2021 12:48:44 GMT
server
UploadServer
etag
W/"7cf4fe8d120c951d9aee6ed44651e24e"
access-control-max-age
3600
x-goog-hash
crc32c=PG5NJw==, md5=fPT+jRIMlR2a7m7URlHiTg==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Tue, 07 Dec 2021 12:49:14 GMT
vendors-fad58de7366495db4650cfefac2fcd61.486208f33ca7adfd0198.min.js
gauchazh.clicrbs.com.br/static/ 		177 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/static/vendors-fad58de7366495db4650cfefac2fcd61.486208f33ca7adfd0198.min.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
051e78ff49e006565aa057c9ca589e78513468a892d7236136a69cc5808427e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:51 GMT
content-encoding
gzip
vary
Accept-Encoding
x-guploader-uploadid
ADPycdulk5kCkXh-ckgSVJFi0sZpRjur1O7pYGml5_LZk8X_oa8Ix5sgNHqwILJRuhyTonTv-ryowgdLYQXUbvHwt_c
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Tue, 07 Dec 2021 12:48:44 GMT
server
UploadServer
etag
W/"9cb65618c14029e47ef7d1d907dfe937"
access-control-max-age
3600
x-goog-hash
crc32c=kBt4Ew==, md5=nLZWGMFAKeR+99HZB9/pNw==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Tue, 07 Dec 2021 12:49:14 GMT
main.0a0eb0c80e85925a8555.min.js
gauchazh.clicrbs.com.br/static/ 		248 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/static/main.0a0eb0c80e85925a8555.min.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
312d7eb4c26fc423dca77839b887636055fd1aca5c4be355352f1a5c53e997b2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:51 GMT
content-encoding
gzip
vary
Accept-Encoding
x-guploader-uploadid
ADPycdvDZGl2FqAY_ycxkGrEg5HQga9VMmTShszjFZ9Q5qb3VWVAUBaiEfGGlkayNsgfCFrqYr7a-AxhATe98t0bCBk
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Wed, 09 Feb 2022 19:10:07 GMT
server
UploadServer
etag
W/"311250141112a202f692022f6ea0543f"
access-control-max-age
3600
x-goog-hash
crc32c=XOkDng==, md5=MRJQFBESogL2kgIvbqBUPw==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Wed, 09 Feb 2022 19:10:34 GMT
vendors-b2e867c67fc92aee6640d6a53241d181.f0277291dbfeb86baa45.min.js
gauchazh.clicrbs.com.br/static/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/static/vendors-b2e867c67fc92aee6640d6a53241d181.f0277291dbfeb86baa45.min.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
8a3be5c42a100f7deea011d1d5d80652f5f8bc26ba5fdbc12cb470f4ce69bd23

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:51 GMT
content-encoding
gzip
vary
Accept-Encoding
x-guploader-uploadid
ADPycdsitVgJi-gFN3VUlzHj7ELMlcDS8bexalBh296h1TsWDt0gjSusxqjRaDk-3Ad9AqyyKdIJwWcg8-kKJ_BIl1Q
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Mon, 13 Dec 2021 18:58:30 GMT
server
UploadServer
etag
W/"a9dfd4c0d1a94aa88b13b3307f821b2c"
access-control-max-age
3600
x-goog-hash
crc32c=zktprQ==, md5=qd/UwNGpSqiLE7Mwf4IbLA==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Mon, 13 Dec 2021 18:58:55 GMT
vendors-230bf373063d538aa5c79e53551b5a5a.7e371db3868c9a4c4097.min.js
gauchazh.clicrbs.com.br/static/ 		60 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/static/vendors-230bf373063d538aa5c79e53551b5a5a.7e371db3868c9a4c4097.min.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
b16a912d69dab19b2d1e21e13606ff7396983ab7f6337ddcda7c11059091b196

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:51 GMT
content-encoding
gzip
vary
Accept-Encoding
x-guploader-uploadid
ADPycdvrH8XIR4tLSTSQtpgl8j8eObacMRrDsr9Wu0g0stMiuk0JYF8KMNoBBykN0E25HO53vKyBdq3vqW46i2qDydY
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Mon, 13 Dec 2021 18:58:29 GMT
server
UploadServer
etag
W/"9fa1371539bee1f83762809db4c07543"
access-control-max-age
3600
x-goog-hash
crc32c=4KjBPg==, md5=n6E3FTm+4fg3YoCdtMB1Qw==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Mon, 13 Dec 2021 18:58:55 GMT
vendors-0eb2b04b52945091efa61f27a7229882.a51b3007ed6a4c1b8c3c.min.js
gauchazh.clicrbs.com.br/static/ 		79 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/static/vendors-0eb2b04b52945091efa61f27a7229882.a51b3007ed6a4c1b8c3c.min.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
6d16d12a90867ed71e37a43f1c13e71a327fcca58f42df4776f1def56f8031ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:51 GMT
content-encoding
gzip
vary
Accept-Encoding
x-guploader-uploadid
ADPycdv_YRKr_2bcEeM3Gwzi6_MnNwvuEbsEPG2N9JAVKPN9H7jbFYBcN9qIWBPjPpfxRM8-odHY92rrqRQchWYnizw
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Mon, 13 Dec 2021 18:58:29 GMT
server
UploadServer
etag
W/"e1665e489734b6b0d72e3928bdb0259d"
access-control-max-age
3600
x-goog-hash
crc32c=3WMOkA==, md5=4WZeSJc0trDXLjkovbAlnQ==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Mon, 13 Dec 2021 18:59:05 GMT
vendors-4762ca13858d2dcb39282aa38135db10.c6b7360f12fa540b0ce7.min.js
gauchazh.clicrbs.com.br/static/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/static/vendors-4762ca13858d2dcb39282aa38135db10.c6b7360f12fa540b0ce7.min.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
e235dfd21a3870110546f9be94ef0a05928c5cc62b73d356db1879abd2e8cfab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:51 GMT
content-encoding
gzip
vary
Accept-Encoding
x-guploader-uploadid
ADPycduLj93H2nPjzqCU9PTw0ukjSttDefSBHNZ0AoOnn054ERag1eY4DcN_v8Ubx7AExfTigaHUgqSEuwuV_81NIc6N6EmdHg
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Mon, 13 Dec 2021 18:58:30 GMT
server
UploadServer
etag
W/"7e80c3fce6b658c51841ccd9a8115748"
access-control-max-age
3600
x-goog-hash
crc32c=NDWM/Q==, md5=foDD/Oa2WMUYQczZqBFXSA==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Mon, 13 Dec 2021 18:59:05 GMT
commons.c752aecad3555e391264.min.js
gauchazh.clicrbs.com.br/static/ 		425 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/static/commons.c752aecad3555e391264.min.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
954fd4d2ed05350823d3b43782f7e4476fb25689819e4b5d5c5c790e38d9e1ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:51 GMT
content-encoding
gzip
vary
Accept-Encoding
x-guploader-uploadid
ADPycdtnWgIbcoej89ABoQUE8yyjFJwpVCujsTdpcFCZYgdjgjtC1IIu8DOoCtFav8rq6047GS62Zq0_2Bto3jyEres
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Wed, 09 Feb 2022 19:10:02 GMT
server
UploadServer
etag
W/"284cce5abc13584c96e369e38215bdb9"
access-control-max-age
3600
x-goog-hash
crc32c=GI5iWw==, md5=KEzOWrwTWEyW42njghW9uQ==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Wed, 09 Feb 2022 19:10:34 GMT
pages-cover-main.56e2c7c8a3f2905df359.min.js
gauchazh.clicrbs.com.br/static/ 		801 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/static/pages-cover-main.56e2c7c8a3f2905df359.min.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
06b81e88db63cdeaaa646eff63a8b294f45989e4775c46f6e8e53af36147722d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:51 GMT
content-encoding
gzip
vary
Accept-Encoding
x-guploader-uploadid
ADPycdtsSS7YFgc68pWwoE5rnuY_jLJKnk4xF7oSpEcsqR3hWjznbal0x0ZITFfPUapwu0W_74gz4zGZWJMvLGdqQi4
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Mon, 13 Dec 2021 18:58:27 GMT
server
UploadServer
etag
W/"1bfff99293dd732c343abcc69fc4039f"
access-control-max-age
3600
x-goog-hash
crc32c=4N7Ylg==, md5=G//5kpPdcyw0OrzGn8QDnw==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Mon, 13 Dec 2021 18:59:06 GMT
9anW7121.js
cdn.privacytools.com.br/public_api/banner/script/ 		410 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacytools.com.br/public_api/banner/script/9anW7121.js?p=bottom&t=1597177411654
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b9686b0dd2fbbae8f144b9abdcba52367687c53e2ace4654f713a4fcd6f2e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 25 Jan 2022 09:52:38 GMT
server
cloudflare
age
1920913
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=19ImIjqB9HUymMo8VqxGy2dYLH10iwoakE288u5m%2B1BK%2FNdaKY7DiDpzlLOQJ0BGRCVqQolx5dhgZYOU8AMw%2BL7YAKdbw4gBWc14uCDeIKLirEPs6pzgLOaDs69kjUIu1sEhgwg%2BufEGaR%2BokitZgjIFFUnt"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
cache-control
public, max-age=2678400, s-maxage=86400, must-revalidate, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6de7cd6b4faa918e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hotjar-515419.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-515419.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8Q8R8N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-60.txl50.r.cloudfront.net
Software
/
Resource Hash
44c87e5db4ef3e2fc23b77f8ef956311fe8571b23c700261f774613e78099021
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:04 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
46
etag
W/bc47ef8efd87c1e4c64dde16f9fbb80c
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
TXL50-P1
x-amz-cf-id
Lecm5ZPGbbVasdzJQQenar56jN1HMM3vVF1gj81CImd1AHU8olXssg==
via
1.1 2290762b4070c2faf5e496f8e496e184.cloudfront.net (CloudFront)
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26236
x-xss-protection
0
pragma
public
x-fb-debug
wk7z+eszaYe6Cpvs1Dxy0W8z8LOOZRmyS0t6xHreSXOmck3i6kEGrsCc5Fj9EXhSqAZ/cs5G/M2iD5/dEtgYzQ==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 16 Feb 2022 15:27:51 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
modules.855de5fca5328f4d913a.js
script.hotjar.com/ 		235 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.855de5fca5328f4d913a.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-515419.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-104.fra50.r.cloudfront.net
Software
/
Resource Hash
23b3d2b54537739075db04f57c66bd7a4b95aef7a8d95cfd50516c51ec094250
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 17:20:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
511665
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
62578
access-control-allow-origin
*
last-modified
Thu, 10 Feb 2022 17:19:42 GMT
etag
"6f96b4466f1ad2a1f9575d6ac84a137f"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
sdAjAWuBgmUQZ2FpS0Jjzfy6SUDanodGkabiz3Pect4kdQhpGKZ5kA==
871225726343984
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/871225726343984?v=2.9.52&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0e76d996ca804bfb66a6a142afe6189c9123966c3c2d82b4f9d36e93ab5313a4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
6e720r645UHrAJQe1KUsLF/5DhnkyVw38GHaghP4zrEx19apOb73B+5So+Ta90J0xQfjNdkzQGL8nTsQtG+seg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 16 Feb 2022 15:27:51 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
box-acca23410e696f2ca3087d947271c3d0.html
vars.hotjar.com/ Frame AA0F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-515419.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-95.fra53.r.cloudfront.net
Software
/
Resource Hash
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/

Response headers

content-type
text/html
content-length
1044
date
Fri, 04 Feb 2022 08:52:06 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
etag
"6f65fac4e8efe167ff5132c0c54c5729"
last-modified
Fri, 04 Feb 2022 08:51:39 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
Z_IOlwlCsIWL4DaRou7gisX5mI0WoUWSGQ3onpk_6Z6H3kKk1XYp4A==
age
1060545
/
www.facebook.com/tr/ 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=871225726343984&ev=PageView&dl=https%3A%2F%2Fgauchazh.clicrbs.com.br%2F&rl=&if=false&ts=1645025271859&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.2.1645025271858.2076139967&it=1645025271754&coo=false&exp=p0&rqm=GET
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:51 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Wed, 16 Feb 2022 15:27:51 GMT
zem-metrics.min.js
ad.clicrbs.com.br/zm/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.clicrbs.com.br/zm/zem-metrics.min.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/static/main.0a0eb0c80e85925a8555.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
51ad2898e51aeb4b3bb9a563d3c51f29bcd95d37be16d5e7d3d628fb89e0407f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
content-encoding
gzip
vary
Accept-Encoding
version
2
x-guploader-uploadid
ADPycdtCTkyhgZXBLYrMsk7dvzs8gQ1rUouS2Ph2r1SUYKRntEjN11kXqiQ2Dh8itqsxNTOebXdj9lA9gDu755RxjX9ASuiQAQ
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Tue, 29 Jun 2021 13:00:13 GMT
server
UploadServer
etag
W/"fdcc54b7568cfbe13482c5ea3a73843c"
access-control-max-age
3600
x-goog-hash
crc32c=QnqF/w==, md5=/cxUt1aM++E0gsXqOnOEPA==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Tue, 29 Jun 2021 13:01:41 GMT
loader.js
cdn.taboola.com/libtrc/rbs-network/ 		415 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/rbs-network/loader.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/static/vendors-fad58de7366495db4650cfefac2fcd61.486208f33ca7adfd0198.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
915434fa63637faeed4ce9db4624f9d3a2e507f1c37b110e848c283c407cf33e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
zTP.tMGq47q7u_UE9exD0wuc4fNkpuAN
content-encoding
gzip
etag
"b724c6a72e3a689010e91bda3188e29b"
age
51
x-cache
HIT
content-length
34164
x-amz-id-2
NZ1rDnetRvWbkCxbnM/ZcQL0Mw0qsOIsIzbxV3H7u7ZIioa4dwGtSBJnnW1tkqF8HdqXoqDw3Hw=
x-served-by
cache-hhn4050-HHN
last-modified
Mon, 14 Feb 2022 13:36:34 GMT
server
AmazonS3
x-timer
S1645025272.135660,VS0,VE1
date
Wed, 16 Feb 2022 15:27:52 GMT
vary
Accept-Encoding
x-amz-request-id
DH8CVDY9XT9N7E28
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
81
x-cache-hits
1
tm23955.js
tag.navdmp.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/tm23955.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/static/vendors-fad58de7366495db4650cfefac2fcd61.486208f33ca7adfd0198.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccc519a71f76661cdeb01cb054c91a540510c14b29f3973a5da6d3a2655f583c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 10 Feb 2022 18:08:19 GMT
server
cloudflare
etag
W/"62055493-3f80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
6de7cd6ee908925f-FRA
content-type
application/javascript
expires
Wed, 16 Feb 2022 16:27:52 GMT
swg.js
news.google.com/swg/js/v1/ 		143 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/static/vendors-fad58de7366495db4650cfefac2fcd61.486208f33ca7adfd0198.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db8afdb483035e4336145db36463bdbf70bbfd8ed572e886a69a510d73d674ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:15:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
741
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45355
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 18:14:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Feb 2022 16:05:31 GMT
module-ads.min.js
ad.clicrbs.com.br/js/ 		27 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.clicrbs.com.br/js/module-ads.min.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/static/vendors-fad58de7366495db4650cfefac2fcd61.486208f33ca7adfd0198.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
dc930abe14ab06c49001c1ea8ad294e2d2e1145dedda720dfac54f8288640f56

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
access-control-allow-methods
*
version
2
x-guploader-uploadid
ADPycduAV5V4Xw1-Hvp0kpA9YvnPTG27a3UJXyqtPB9rAX9gcNSlfSISXKh60FcRdHYnm9tpfqkPL4fVRs5XXc7K5JU
x-goog-storage-class
STANDARD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27393
last-modified
Wed, 17 Nov 2021 15:42:01 GMT
server
UploadServer
etag
"d160d86e501df7fab63d861aeb36268c"
access-control-max-age
3600
x-goog-hash
crc32c=s30yZg==, md5=0WDYblAd9/q2PYYa6zYmjA==
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
expires
Wed, 17 Nov 2021 15:42:47 GMT
apa-loader.js
pagamento.clicrbs.com.br/loader/ 		65 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagamento.clicrbs.com.br/loader/apa-loader.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/static/vendors-fad58de7366495db4650cfefac2fcd61.486208f33ca7adfd0198.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
/
Resource Hash
395ddc9739ef87bbfd5a7684d16b8b684f0a8601b6d64b8d705502be1603c26a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 19:42:31 GMT
age
1
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
content-length
20904
expires
Wed, 16 Feb 2022 15:32:52 GMT
nossa-loader.js
nossa-loader.clicrbs.com.br/ 		184 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nossa-loader.clicrbs.com.br/nossa-loader.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/static/vendors-fad58de7366495db4650cfefac2fcd61.486208f33ca7adfd0198.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
/
Resource Hash
ab6c2d2f7f2b318e51cbf51913cbc0f30a226a4df15eac7e1f8241a559930e0c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 18:44:45 GMT
x-timer
S1636398338.349015,VS0,VE1
etag
"43ea3097ded2c21b7ec982eb92be4572e19492badd4a0004326e45abb6bfd1a0"
x-served-by
cache-cgh11176-CGH
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
strict-transport-security
max-age=31556926; includeSubDomains; preload
accept-ranges
bytes
content-length
63557
x-cache-hits
1
vendors-912af0dff974604f1321254ca8ff38b6.2ec674b1c1b5fe8f6975.min.js
gauchazh.clicrbs.com.br/static/ 		120 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/static/vendors-912af0dff974604f1321254ca8ff38b6.2ec674b1c1b5fe8f6975.min.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/static/main.0a0eb0c80e85925a8555.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
369a9428fcda0514826cab6a50441b0fa67bb7618018fa72f07d991dac70b098

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
content-encoding
gzip
vary
Accept-Encoding
x-guploader-uploadid
ADPycdsaxpls3KQO68OpjI1Hh2BJKvxahJOy4cU0knEaCnUzLqhG6wEtA30VgC0uL2XppCAcZZrHIGfgXS5LwYWaQ1A
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Tue, 07 Dec 2021 12:48:44 GMT
server
UploadServer
etag
W/"70c5d43b30fcb7d276bbfe75948c9293"
access-control-max-age
3600
x-goog-hash
crc32c=UoEJLg==, md5=cMXUOzD8t9J2u/51lIySkw==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Tue, 07 Dec 2021 12:49:16 GMT
player.dfebc88b296e495e3336.min.css
gauchazh.clicrbs.com.br/static/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/static/player.dfebc88b296e495e3336.min.css
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/static/main.0a0eb0c80e85925a8555.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
f2fa75fb3b2cdc2fbdd29c43a3010acd04e4af6be218651b9f151dbc44756edc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
content-encoding
gzip
vary
Accept-Encoding
x-guploader-uploadid
ADPycdtpiCu5LDAPacaABpuoIPz9DShnQWsW2KZAUYzbCuM_Q18q-Dlee-rqnjuWw1KI3AjyO3gc_dgnOFzlMFvbwz0
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Mon, 13 Dec 2021 18:58:28 GMT
server
UploadServer
etag
W/"439f3515517cecd23b999ba5735855e9"
access-control-max-age
3600
x-goog-hash
crc32c=dog2Yg==, md5=Q581FVF87NI7mZulc1hV6Q==
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Mon, 13 Dec 2021 18:58:57 GMT
player.3a0e3f71f0e51ec4199a.min.js
gauchazh.clicrbs.com.br/static/ 		51 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/static/player.3a0e3f71f0e51ec4199a.min.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/static/main.0a0eb0c80e85925a8555.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
54e399ff7252ace149b100e87451ff4031a94cfbd1cf80916d4b83da6f6014c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
content-encoding
gzip
vary
Accept-Encoding
x-guploader-uploadid
ADPycdv2IdeLBUl5Yv6xUgB7hoBDyRjhJu4RXPKg31W5K-lvlfKdKLXnmnDhp6XZroQ8ye8UDC9seWiA5u4MpWV_jPM
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Mon, 13 Dec 2021 18:58:28 GMT
server
UploadServer
etag
W/"b8028a9ca983485f242ed0ba4b0148db"
access-control-max-age
3600
x-goog-hash
crc32c=hT7DIQ==, md5=uAKKnKmDSF8kLtC6SwFI2w==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Mon, 13 Dec 2021 18:58:57 GMT
settings
gauchazh.clicrbs.com.br/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/settings
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/static/main.0a0eb0c80e85925a8555.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
/
Resource Hash
a17468d71dba20ea2c2dc495fe2ac92cc27d72d57fbbd46b81f2df5451880794
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache-post
yes
etag
W/"5bc-ucLoU+xA9O2hLgqJtMcgQZ2ZF+w"
x-frame-options
DENY
access-control-allow-methods
*
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-max-age
3600
cache-control
public, max-age=60, stale-while-revalidate=86400, stale-if-error=86400
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding, Accept-Encoding
x-xss-protection
1; mode=block
pwpvk5wz.js
l.getsitecontrol.com/ 		433 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://l.getsitecontrol.com/pwpvk5wz.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/static/main.0a0eb0c80e85925a8555.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
c7606d2ad370439c7b03b3b8f4aed04c8861de171b0380be7fbc1c15ceadc129

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
content-encoding
br
cdn-edgestorageid
756
x-amz-request-id
Q9FTB30XQMG8CRDH
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
02/13/2022 10:55:34
cdn-pullzone
89704
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
fVbdwE+7jAGnAPJOHnr7f6gayYowM1veoR0FM1V1ENIN7sHFf+stl+kSvbWPGXGZdZRRfZuhanA=
server
BunnyCDN-DE1-756
access-control-allow-origin
*
last-modified
Fri, 11 Feb 2022 16:32:35 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"d651007a070c88cbb9122f128222fdb0"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control
public, max-age=86400
cdn-requestid
1a172ced08a2f7327b8166eaa1bf9f72
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
1949022_8c5cb683488784e.jpg
www.rbsdirect.com.br/filestore/2/2/0/9/4/9/1_0fc6eb5fc6eb714/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbsdirect.com.br/filestore/2/2/0/9/4/9/1_0fc6eb5fc6eb714/1949022_8c5cb683488784e.jpg?w=575&h=385&a=c
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Google Frontend / Express
Resource Hash
0bd4472749669e4a3631a54111319546ceead544e0548d926cf9e4c7c98a8427

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
server
Google Frontend
x-ims
Enabled
x-powered-by
Express
vary
Accept, Accept-Encoding, x-custom-cache-key
content-type
image/jpeg
x-original-image-size
184701
x-cloud-trace-context
7a63d3543ab1d572f6e477801132ce5c
cache-control
public, max-age=2592000
function-execution-id
524tb2srbp6l
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72528
expires
Thu, 17 Feb 2022 13:32:46 GMT
1948898_c758cbaf81833a3.jpg
www.rbsdirect.com.br/filestore/8/9/8/8/4/9/1_1c7bcf71aa882b4/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbsdirect.com.br/filestore/8/9/8/8/4/9/1_1c7bcf71aa882b4/1948898_c758cbaf81833a3.jpg?w=575&h=385&a=c
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Google Frontend / Express
Resource Hash
f731ff13de53f2bc7fd6c0fa5b530649db506b5544da9c5687b245c82217738f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
server
Google Frontend
x-ims
Enabled
x-powered-by
Express
vary
Accept, Accept-Encoding, x-custom-cache-key
content-type
image/jpeg
x-original-image-size
103548
x-cloud-trace-context
e7de40ddb3daed0c32f11b925d80e7f1;o=1
cache-control
public, max-age=2592000
function-execution-id
buvbibhkzpsk
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42818
expires
Thu, 17 Feb 2022 13:16:09 GMT
1947754_d7bb0df40e29f8e.jpg
www.rbsdirect.com.br/filestore/4/5/7/7/4/9/1_4e54eb9f15e6f16/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbsdirect.com.br/filestore/4/5/7/7/4/9/1_4e54eb9f15e6f16/1947754_d7bb0df40e29f8e.jpg?w=133&h=90&a=c
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Google Frontend / Express
Resource Hash
bb4e5a43c400ad8b5ed7a07da8897663f590de7f60065d5e828792179ba1b958

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
server
Google Frontend
x-ims
Enabled
x-powered-by
Express
vary
Accept, Accept-Encoding, x-custom-cache-key
content-type
image/jpeg
x-original-image-size
88405
x-cloud-trace-context
f5f94b7dd64e25c1bda9d67c9d785780
cache-control
public, max-age=2592000
function-execution-id
xpdkxznz9iky
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4414
expires
Thu, 17 Feb 2022 10:29:41 GMT
1948311_5c863ccb5f6dbef.jpg
www.rbsdirect.com.br/filestore/1/1/3/8/4/9/1_bc56d518ee6fed0/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbsdirect.com.br/filestore/1/1/3/8/4/9/1_bc56d518ee6fed0/1948311_5c863ccb5f6dbef.jpg?w=133&h=90&a=c
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Google Frontend / Express
Resource Hash
85974d7c5ae1b1a0f07bdcb88ff37a2893533248a12af5c40c0c6fcccbed06db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
server
Google Frontend
x-ims
Enabled
x-powered-by
Express
vary
Accept, Accept-Encoding, x-custom-cache-key
content-type
image/jpeg
x-original-image-size
146855
x-cloud-trace-context
71996eb1636bde4f07c125ef798d3b80
cache-control
public, max-age=2592000
function-execution-id
qh4xt8rw6irr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5321
expires
Thu, 17 Feb 2022 11:26:27 GMT
1939294_da71f4585e50904.jpg
www.rbsdirect.com.br/filestore/4/9/2/9/3/9/1_ba9fb68b52fd47d/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbsdirect.com.br/filestore/4/9/2/9/3/9/1_ba9fb68b52fd47d/1939294_da71f4585e50904.jpg?w=133&h=90&a=c
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Google Frontend / Express
Resource Hash
d0bb2cfbc0632201ddefe3bb3cf02bdd82a1f1ce28d82ca2441022068638380c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
server
Google Frontend
x-ims
Enabled
x-powered-by
Express
vary
Accept, Accept-Encoding, x-custom-cache-key
content-type
image/jpeg
x-original-image-size
152100
x-cloud-trace-context
122cb1e678ce6f557fb20e8ad4eb43ae
cache-control
public, max-age=2592000
function-execution-id
xjvkfwpxu0jf
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5266
expires
Thu, 17 Feb 2022 12:06:46 GMT
1573383_8db35f2bae350fc.jpg
www.rbsdirect.com.br/filestore/3/8/3/3/7/5/1_a78c68897d464c2/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbsdirect.com.br/filestore/3/8/3/3/7/5/1_a78c68897d464c2/1573383_8db35f2bae350fc.jpg?w=133&h=90&a=c
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Google Frontend / Express
Resource Hash
e454c728482f2ddb3feabc93952a28ccd255a6074c92343736342394c75f5bb9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
server
Google Frontend
x-ims
Enabled
x-powered-by
Express
vary
Accept, Accept-Encoding, x-custom-cache-key
content-type
image/jpeg
x-original-image-size
101738
x-cloud-trace-context
9b5364b4909d98d93b9f75f9a128ed0b
cache-control
public, max-age=2592000
function-execution-id
powzq387uum5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4389
expires
Fri, 31 Dec 2021 12:41:39 GMT
25492927.jpg
www.rbsdirect.com.br/imagesrc/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbsdirect.com.br/imagesrc/25492927.jpg?w=100&h=100&a=c
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Google Frontend / Express
Resource Hash
c6eba37f3825056552db1ce605bbde19f590bc7cbeb091191bc428b1ac2ccc87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
server
Google Frontend
x-ims
Enabled
x-powered-by
Express
vary
Accept, Accept-Encoding, x-custom-cache-key
content-type
image/jpeg
x-original-image-size
175423
x-cloud-trace-context
2a5f83fc121114d3cba5915b4553c98e
cache-control
public, max-age=2592000
function-execution-id
5j9xt8kxz8oc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2586
expires
Thu, 13 Jan 2022 10:14:48 GMT
25492948.jpg
www.rbsdirect.com.br/imagesrc/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbsdirect.com.br/imagesrc/25492948.jpg?w=100&h=100&a=c
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Google Frontend / Express
Resource Hash
11db909f3d3d75732c94b52aef00d31ff69f9e00813c8f3b9d8bb9aa146e9d2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
server
Google Frontend
x-ims
Enabled
x-powered-by
Express
vary
Accept, Accept-Encoding, x-custom-cache-key
content-type
image/jpeg
x-original-image-size
147331
x-cloud-trace-context
80c3341fd286c44946ad192a8ae91241;o=1
cache-control
public, max-age=2592000
function-execution-id
w7zhqzcq3ew5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2331
expires
Mon, 10 Jan 2022 22:23:31 GMT
25492944.jpg
www.rbsdirect.com.br/imagesrc/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbsdirect.com.br/imagesrc/25492944.jpg?w=100&h=100&a=c
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Google Frontend / Express
Resource Hash
36098142ee4abe732f1ce320ef294850b99cffaec5e5bd9369e6f30defd48181

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
server
Google Frontend
x-ims
Enabled
x-powered-by
Express
vary
Accept, Accept-Encoding, x-custom-cache-key
content-type
image/jpeg
x-original-image-size
236688
x-cloud-trace-context
7365dec9aef687542ee12be1d661d84f;o=1
cache-control
public, max-age=2592000
function-execution-id
81bvoofhuf1o
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2608
expires
Thu, 27 Jan 2022 19:14:20 GMT
23689188.jpg
www.rbsdirect.com.br/imagesrc/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbsdirect.com.br/imagesrc/23689188.jpg?w=100&h=100&a=c
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Google Frontend / Express
Resource Hash
7fea1533939a83fdd3078a70cd1e3de934f9f06652c5fcb1bf1846b3ef53056c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
server
Google Frontend
x-ims
Enabled
x-powered-by
Express
vary
Accept, Accept-Encoding, x-custom-cache-key
content-type
image/jpeg
x-original-image-size
62561
x-cloud-trace-context
356c7edf68136e7fc44680f272e1a34a;o=1
cache-control
public, max-age=2592000
function-execution-id
jz59srp9x498
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5809
expires
Fri, 05 Nov 2021 13:28:07 GMT
25492903.jpg
www.rbsdirect.com.br/imagesrc/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbsdirect.com.br/imagesrc/25492903.jpg?w=100&h=100&a=c
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Google Frontend / Express
Resource Hash
8a3a9d32ad0cd9399475182d83800839c53c3a0945c24a1db0a8955522b16547

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
server
Google Frontend
x-ims
Enabled
x-powered-by
Express
vary
Accept, Accept-Encoding, x-custom-cache-key
content-type
image/jpeg
x-original-image-size
155621
x-cloud-trace-context
0d962ca18de646d91d3547ec0eac7920;o=1
cache-control
public, max-age=2592000
function-execution-id
j2e88zz6qk77
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2407
expires
Mon, 07 Feb 2022 18:54:10 GMT
24774143.jpg
www.rbsdirect.com.br/imagesrc/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbsdirect.com.br/imagesrc/24774143.jpg?w=100&h=100&a=c
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Google Frontend / Express
Resource Hash
2652e68706489e729834d94001be164ee8de2f9a7fbd7218a8215464381b174b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
server
Google Frontend
x-ims
Enabled
x-powered-by
Express
vary
Accept, Accept-Encoding, x-custom-cache-key
content-type
image/jpeg
x-original-image-size
67461
x-cloud-trace-context
d2120019f4f4fa2d831d85a63d2ccf76
cache-control
public, max-age=2592000
function-execution-id
dvy9icjxrir9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5712
expires
Fri, 31 Dec 2021 20:57:03 GMT
25492900.jpg
www.rbsdirect.com.br/imagesrc/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbsdirect.com.br/imagesrc/25492900.jpg?w=100&h=100&a=c
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Google Frontend / Express
Resource Hash
ebcf864a2018b4b0f21659ad83c84be23ede2c89453cf7baa9d3865a5d4b9382

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
server
Google Frontend
x-ims
Enabled
x-powered-by
Express
vary
Accept, Accept-Encoding, x-custom-cache-key
content-type
image/jpeg
x-original-image-size
181268
x-cloud-trace-context
a4a61f8b127adc1b86a309dbe800f842
cache-control
public, max-age=2592000
function-execution-id
pfiyeiyibn25
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2654
expires
Fri, 29 Oct 2021 20:54:27 GMT
visit-data
in.hotjar.com/api/v2/client/sites/515419/ 		146 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/515419/visit-data?sv=7
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.855de5fca5328f4d913a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.120.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-120-89.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bd50219667293fd4ee2c24ca0ab2140a609854fc6b1facb507cbf1d5d1a5effd

Request headers

Referer
https://gauchazh.clicrbs.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
515419
vc.hotjar.io/sessions/ 		0
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/515419?s=0.25&r=0.19667294341533892
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.855de5fca5328f4d913a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-66.fra56.r.cloudfront.net
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
server
Python/3.7 aiohttp/3.5.4
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
vXtRPw_h5oll7ooO8UvJkIbHeX79EMxZq9SapPYvkZdCZcrsLyPFvA==
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		1 KB
662 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=clicrbs.com.br&domain=gauchazh.clicrbs.com.br&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8832feec5afafe3117d1fb90217f8fe7a16c03eb515f83582e043ee421d89fab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
content-encoding
gzip
x-cache-hits
2
age
3519
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
570
x-served-by
cache-hhn4041-HHN
access-control-allow-origin
*
x-timer
S1645025272.342883,VS0,VE0
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
via
1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Mon, 14 Feb 2022 14:29:13 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/rbs-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-80.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 06:20:17 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
32857
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 98bb66c97d4f153aac116d087b36dc40.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
F7ACFCdwPMGRfLNoS4FB6DiCb5Oc5f9r0ozGdpgE4l3W3Ge8Jctk9w==
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=871225726343984&ev=Microdata&dl=https%3A%2F%2Fgauchazh.clicrbs.com.br%2F&rl=&if=false&ts=1645025272372&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22GZH%20-%20jornal%20digital%20com%20not%C3%ADcias%2C%20porto%20alegre%2C%20gr%C3%AAmio%2C%20inter%2C%20colunistas%2C%20jogos%20ao%20vivo%20e%20mais%22%2C%22meta%3Adescription%22%3A%22O%20jornal%20digital%20que%20te%20conecta%20com%20as%20not%C3%ADcias%20do%20RS%2C%20do%20mundo%20e%20do%20seu%20time.%20Tudo%20aqui%2C%20em%20GZH.%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22O%20jornal%20digital%20que%20te%20conecta%20com%20as%20not%C3%ADcias%20do%20RS%2C%20do%20mundo%20e%20do%20seu%20time.%20Tudo%20aqui%2C%20em%20GZH.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fgauchazh.clicrbs.com.br%2Fstatic%2Fimages%2Fshare.jpg%3Fw%3D1200%26h%3D630%26a%3Dc%26version%3D1575255600%22%2C%22og%3Atitle%22%3A%22GZH%20-%20jornal%20digital%20com%20not%C3%ADcias%2C%20porto%20alegre%2C%20gr%C3%AAmio%2C%20inter%2C%20colunistas%2C%20jogos%20ao%20vivo%20e%20mais%22%2C%22og%3Asite_name%22%3A%22GZH%22%2C%22og%3Alocale%22%3A%22pt_BR%22%2C%22og%3Atype%22%3A%22article%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22isAccessibleForFree%22%3Afalse%2C%22publisher%22%3A%7B%22%40type%22%3A%22Organization%22%2C%22logo%22%3A%7B%22%40type%22%3A%22ImageObject%22%2C%22url%22%3A%22https%3A%2F%2Fgauchazh.clicrbs.com.br%2Fstatic%2Ficons%2Ffavicon-96x96.png%22%7D%2C%22name%22%3A%22GZH%22%7D%2C%22hasPart%22%3A%5B%7B%22%40type%22%3A%22WebPageElement%22%2C%22cssSelector%22%3A%22.m-paid-content%22%2C%22isAccessibleForFree%22%3Afalse%7D%5D%2C%22isPartOf%22%3A%7B%22%40type%22%3A%5B%22CreativeWork%22%2C%22Product%22%5D%2C%22name%22%3A%22GZH%22%2C%22productID%22%3A%22gauchazh.clicrbs.com.br%3Amulti_offer%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.2.1645025271858.2076139967&it=1645025271754&coo=false&es=automatic&tm=3&exp=p0&rqm=GET
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Wed, 16 Feb 2022 15:27:52 GMT
swg-button.css
news.google.com/swg/js/v1/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:02:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1502
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6457
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 22:09:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Feb 2022 15:52:50 GMT
loader.svg
news.google.com/swg/js/v1/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:09:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1079
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1049
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Feb 2022 15:59:53 GMT
entitlements
news.google.com/swg/_/api/v1/publication/gauchazh.clicrbs.com.br/ 		2 B
57 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/api/v1/publication/gauchazh.clicrbs.com.br/entitlements
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/plain, application/json
Referer
https://gauchazh.clicrbs.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gauchazh.clicrbs.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1645025272401&ns_c=UTF-8&cv=3.5&c8=GZH%20-%20jornal%20digital%20com%20not%C3%ADcias%2C%20porto%20alegre%2C%20gr%C3%AAmio%2C%20inter%2C...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1645025272401&ns_c=UTF-8&cv=3.5&c8=GZH%20-%20jornal%20digital%20com%20not%C3%ADcias%2C%20porto%20alegre%2C%20gr%C3%AAmio%2C%20inter%2...
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1645025272401&ns_c=UTF-8&cv=3.5&c8=GZH%20-%20jornal%20digital%20com%20not%C3%ADcias%2C%20porto%20alegre%2C%20gr%C3%AAmio%2C%20inter%2C%20colunistas%2C%20jogos%20ao%20vivo%20e%20mais&c7=https%3A%2F%2Fgauchazh.clicrbs.com.br%2F&c9=
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Server
108.157.4.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-80.dus51.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
via
1.1 98bb66c97d4f153aac116d087b36dc40.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
gPswOCJGHw-XoQ3IfBlMyaRNhtUqdjV8JgjUN3ZVnkTHS7ymlsCRTw==
x-cache
Miss from cloudfront

Redirect headers

date
Wed, 16 Feb 2022 15:27:52 GMT
via
1.1 98bb66c97d4f153aac116d087b36dc40.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1645025272401&ns_c=UTF-8&cv=3.5&c8=GZH%20-%20jornal%20digital%20com%20not%C3%ADcias%2C%20porto%20alegre%2C%20gr%C3%AAmio%2C%20inter%2C%20colunistas%2C%20jogos%20ao%20vivo%20e%20mais&c7=https%3A%2F%2Fgauchazh.clicrbs.com.br%2F&c9=
content-length
315
x-amz-cf-id
_MvZATNhBMVB31_M5EsCDyZZYQSznprq6Mz7_ytYxbPWnTgvdFMPWQ==
/
identificacao.clicrbs.com.br/gzh/0/ Frame DAEE 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://identificacao.clicrbs.com.br/gzh/0/?nossa-allow-metrics=false&full_referrer=https://gauchazh.clicrbs.com.br/
Requested by
Host: nossa-loader.clicrbs.com.br
URL: https://nossa-loader.clicrbs.com.br/nossa-loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
/
Resource Hash
0462e37a066b69587431280065cf9adfc4c18aba5392529fbba36c16889a64c6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
content-type
text/html; charset=utf-8
content-length
1154
cache-control
max-age=3600
content-encoding
gzip
etag
"6cbf2b0bf930ccce6da4824b4dcbed46f9c9cbc752f575b5f268d6be1baa485d"
last-modified
Thu, 11 Nov 2021 15:58:43 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-served-by
cache-cgh11172-CGH
x-cache
HIT
x-cache-hits
1
x-timer
S1636646378.994671,VS0,VE1
vary
x-fh-requested-host, accept-encoding
accept-ranges
bytes
pwpvk5wz.json
l.getsitecontrol.com/ 		947 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.getsitecontrol.com/pwpvk5wz.json
Requested by
Host: l.getsitecontrol.com
URL: https://l.getsitecontrol.com/pwpvk5wz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
83d3afbcbb951df99c98213246727083063e4735e16562379ba8bcc083113dca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
content-encoding
br
vary
Accept-Encoding
cdn-edgestorageid
756
x-amz-request-id
07MJJ6TVQ0FKKGG9
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
02/11/2022 16:32:52
cdn-pullzone
89704
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
l07FjHg+9mVB/LyHZ+IUkD7RonBNRPb/aSIJGSob/S71TJZzGTAJ3GsVJQX88DDfVpDiSX/mb3I=
server
BunnyCDN-DE1-756
access-control-allow-origin
*
last-modified
Fri, 11 Feb 2022 16:32:35 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"39f3edb214f833d6d42bf98efc33a704"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
cdn-cache
REVALIDATED
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control
public, max-age=5
cdn-requestid
9d77c9c2a81a771024a481ceb306a1ed
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
pwpvk5wz.json
l.getsitecontrol.com/ 		947 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.getsitecontrol.com/pwpvk5wz.json
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/static/vendors-fad58de7366495db4650cfefac2fcd61.486208f33ca7adfd0198.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
83d3afbcbb951df99c98213246727083063e4735e16562379ba8bcc083113dca

Request headers

Accept
application/json, text/plain, */*
Referer
https://gauchazh.clicrbs.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
content-encoding
br
vary
Accept-Encoding
cdn-edgestorageid
756
x-amz-request-id
07MJJ6TVQ0FKKGG9
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
02/11/2022 16:32:52
cdn-pullzone
89704
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
l07FjHg+9mVB/LyHZ+IUkD7RonBNRPb/aSIJGSob/S71TJZzGTAJ3GsVJQX88DDfVpDiSX/mb3I=
server
BunnyCDN-DE1-756
access-control-allow-origin
*
last-modified
Fri, 11 Feb 2022 16:32:35 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"39f3edb214f833d6d42bf98efc33a704"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
cdn-cache
REVALIDATED
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control
public, max-age=5
cdn-requestid
abe5ca2b33618bae3398ef5e0b6ef170
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
graphql
gauchazh.clicrbs.com.br/ 		531 B
738 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/graphql
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/static/verdors-a.dc4581bb20e0960111af.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
/
Resource Hash
fb1e80d37bd348157da29701377633ef2b99781853f872d7ddd6886fae82c6e0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept
*/*
Referer
https://gauchazh.clicrbs.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type
application/json

Response headers

date
Wed, 16 Feb 2022 15:27:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache-post
yes
etag
W/"213-tRoIMImOv2rkD9p7ijYuhoPk1ZE"
x-frame-options
DENY
access-control-allow-methods
*
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-max-age
3600
cache-control
public, max-age=60, stale-while-revalidate=86400, stale-if-error=86400
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding, Accept-Encoding
x-xss-protection
1; mode=block
graphql
gauchazh.clicrbs.com.br/ 		18 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/graphql
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/static/verdors-a.dc4581bb20e0960111af.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
/
Resource Hash
e86edc1e75e885c59b0df44e8e10757847487c8ffd9d98b5ae79d04aa4570cc5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept
*/*
Referer
https://gauchazh.clicrbs.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type
application/json

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache-post
yes
etag
W/"49fa-qfypcTlM9maoUpras0nlceimnLY"
x-frame-options
DENY
access-control-allow-methods
*
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-max-age
3600
cache-control
public, max-age=60, stale-while-revalidate=86400, stale-if-error=86400
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding, Accept-Encoding
x-xss-protection
1; mode=block
serviceiframe
news.google.com/swg/_/ui/v1/ Frame F826 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/ui/v1/serviceiframe?_=456951&publicationId=gauchazh.clicrbs.com.br
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b26f8e7c3d7f5f2e82dc642c978f143c5d02f499b16538a6057bcc878c229a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-eKWAQFOiNmLkK01dWiGgWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-eKWAQFOiNmLkK01dWiGgWA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/

Response headers

content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible
IE=edge
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 16 Feb 2022 15:27:52 GMT
strict-transport-security
max-age=31536000
cross-origin-resource-policy
same-site
content-security-policy
require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-eKWAQFOiNmLkK01dWiGgWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-eKWAQFOiNmLkK01dWiGgWA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
main.9e7c7a27.chunk.css
identificacao.clicrbs.com.br/identificacao-ipv6-prd/static/css/ Frame DAEE 		66 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://identificacao.clicrbs.com.br/identificacao-ipv6-prd/static/css/main.9e7c7a27.chunk.css
Requested by
Host: identificacao.clicrbs.com.br
URL: https://identificacao.clicrbs.com.br/gzh/0/?nossa-allow-metrics=false&full_referrer=https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
/
Resource Hash
59349af94fef6e16882ee1473345e998bd9c79ab2df27c26ad0faa9c1daf8969
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://identificacao.clicrbs.com.br/gzh/0/?nossa-allow-metrics=false&full_referrer=https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 15:58:43 GMT
x-timer
S1636646375.753609,VS0,VE1
etag
"638083b67126f5b377333f95ef7bc0c5ad5575e1af95ae361314da00cb2dd81e"
x-served-by
cache-cgh11158-CGH
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/css; charset=utf-8
cache-control
max-age=3600
strict-transport-security
max-age=31556926; includeSubDomains; preload
accept-ranges
bytes
content-length
11468
x-cache-hits
1
2.26c95da6.chunk.js
identificacao.clicrbs.com.br/identificacao-ipv6-prd/static/js/ Frame DAEE 		529 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identificacao.clicrbs.com.br/identificacao-ipv6-prd/static/js/2.26c95da6.chunk.js
Requested by
Host: identificacao.clicrbs.com.br
URL: https://identificacao.clicrbs.com.br/gzh/0/?nossa-allow-metrics=false&full_referrer=https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
/
Resource Hash
24610698edf13a9595faaddb0be5e9f5c5163f72fb96035091a983be293313fc
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://identificacao.clicrbs.com.br/gzh/0/?nossa-allow-metrics=false&full_referrer=https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
content-encoding
gzip
last-modified
Thu, 26 Aug 2021 18:16:16 GMT
x-timer
S1630002099.118314,VS0,VE0
etag
"d747237a03837c7b04189a57347966a86ffd21aaa06dbee0af8c6998d1346c01"
x-served-by
cache-cgh11168-CGH
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
strict-transport-security
max-age=31556926; includeSubDomains; preload
accept-ranges
bytes
content-length
165620
x-cache-hits
2
main.97f0312d.chunk.js
identificacao.clicrbs.com.br/identificacao-ipv6-prd/static/js/ Frame DAEE 		157 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identificacao.clicrbs.com.br/identificacao-ipv6-prd/static/js/main.97f0312d.chunk.js
Requested by
Host: identificacao.clicrbs.com.br
URL: https://identificacao.clicrbs.com.br/gzh/0/?nossa-allow-metrics=false&full_referrer=https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
/
Resource Hash
838b7351ffd6539bc4fd81958e31810222038748b89faa4de0bd00e8b2494da6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://identificacao.clicrbs.com.br/gzh/0/?nossa-allow-metrics=false&full_referrer=https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 15:58:43 GMT
x-timer
S1636646372.347742,VS0,VE1
etag
"b25fd9ba39f81a31e10a0bf42274ee28faa2eda8293512e557ca4f7a8bc7046c"
x-served-by
cache-cgh11172-CGH
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
strict-transport-security
max-age=31556926; includeSubDomains; preload
accept-ranges
bytes
content-length
39792
x-cache-hits
1
usr
usr.navdmp.com/ 		77 B
265 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usr.navdmp.com/usr?v=7&acc=23955&upd=1&new=1&wst=0&wct=1&wla=1&dsy=0
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm23955.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50e599ab20e59032fef27234112d9feb1e92acb2a81a3dec69a0254550b0917f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Wed, 16 Feb 2022 15:27:52 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6de7cd721855925f-FRA
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
content-type
application/javascript
expires
Wed, 16 Feb 2022 16:27:52 GMT
watson
opi.navdmp.com/ 		152 B
333 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://opi.navdmp.com/watson?&url=https://gauchazh.clicrbs.com.br/
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm23955.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca4d47df5f2bd23ed98af5a718234733be65fad15a188097a63a9cc4c1357cec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:53 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
6de7cd723a109025-FRA
gtm.js
www.googletagmanager.com/ Frame DAEE 		191 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KL92Z5K&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
08c4bc8832b3dbac61e530d5b7aa263ea66f6429d163177474c231a1db67c7ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://identificacao.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67569
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 16 Feb 2022 15:27:52 GMT
zem-metrics.min.js
ad.clicrbs.com.br/zm/ Frame DAEE 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.clicrbs.com.br/zm/zem-metrics.min.js
Requested by
Host: identificacao.clicrbs.com.br
URL: https://identificacao.clicrbs.com.br/identificacao-ipv6-prd/static/js/main.97f0312d.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
51ad2898e51aeb4b3bb9a563d3c51f29bcd95d37be16d5e7d3d628fb89e0407f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://identificacao.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:53 GMT
content-encoding
gzip
vary
Accept-Encoding
version
2
x-guploader-uploadid
ADPycdtCTkyhgZXBLYrMsk7dvzs8gQ1rUouS2Ph2r1SUYKRntEjN11kXqiQ2Dh8itqsxNTOebXdj9lA9gDu755RxjX9ASuiQAQ
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Tue, 29 Jun 2021 13:00:13 GMT
server
UploadServer
etag
W/"fdcc54b7568cfbe13482c5ea3a73843c"
access-control-max-age
3600
x-goog-hash
crc32c=QnqF/w==, md5=/cxUt1aM++E0gsXqOnOEPA==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Tue, 29 Jun 2021 13:01:41 GMT
cspreport
news.google.com/_/SubscribewithgoogleClientUi/ Frame F826 		0
22 B 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/_/SubscribewithgoogleClientUi/cspreport
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-8RMHfRnn7j8cYvyndorY2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-8RMHfRnn7j8cYvyndorY2A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/swg/_/ui/v1/serviceiframe?_=456951&publicationId=gauchazh.clicrbs.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:52 GMT
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-8RMHfRnn7j8cYvyndorY2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-8RMHfRnn7j8cYvyndorY2A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
swg-button.css
news.google.com/swg/js/v1/ Frame F826 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456951&publicationId=gauchazh.clicrbs.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:02:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1502
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6457
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 22:09:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Feb 2022 15:52:50 GMT
m=_b,_tp
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.gICe8oPiOvE.es5.O/am=GgAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXT... Frame F826 		162 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.gICe8oPiOvE.es5.O/am=GgAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6qOQ3metPa5BQSA5BuuEQTayMp7g/m=_b,_tp
Requested by
Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456951&publicationId=gauchazh.clicrbs.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6771b47b18b9d6c3c553adfa4a75dab513047880500fb37d9814252e8b11c950
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:02:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66316
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58044
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 16:59:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Feb 2023 21:02:36 GMT
runtime.d8fed6e.js
s2.getsitecontrol.com/widgets/es6/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.getsitecontrol.com/widgets/es6/runtime.d8fed6e.js
Requested by
Host: l.getsitecontrol.com
URL: https://l.getsitecontrol.com/pwpvk5wz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
90ab255dd831f5c019c791dc30f6c03be753cc6ad95534ca92bada2837a66618

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
content-encoding
br
cdn-edgestorageid
756
x-amz-request-id
CPYDXPZHDP95HBX9
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
02/02/2022 12:46:42
cdn-pullzone
83560
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
PRI6aodAEl9JMTCtqwZDKjaMJUu4FjEqmtwZkJdriAj1l6Ybq+0LcaBndh2RJnv6lPsgjA9b7Eg=
server
BunnyCDN-DE1-756
access-control-allow-origin
*
last-modified
Wed, 02 Feb 2022 12:42:11 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"4cdb9e72e0e5317a13bb9f442d58d843"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control
public, max-age=22809600
cdn-requestid
7c76c196e351fc7f0e01b6873a042e59
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
req
cdn.navdmp.com/ 		6 B
101 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.navdmp.com/req?v=7&upd=1&new=1&id=103c69733c83a2ac30a2a102e910&acc=23955&url=https%3A//gauchazh.clicrbs.com.br/&tit=GZH%20-%20jornal%20digital%20com%20not%EDcias%2C%20porto%20alegre%2C%20gr%EAmio%2C%20inter%2C%20colunistas%2C%20jogos%20ao%20vivo%20e%20mais&h1=FOTOS%3A%20veja%20imagens%20da%20enxurrada%20que%20causou%20deslizamentos%20e%20dezenas%20de%20mortes%20em%20Petr%F3polis%A0
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm23955.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6de7cd733b71925f-FRA
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/x-javascript
facebook.7401cba6.svg
identificacao.clicrbs.com.br/identificacao-ipv6-prd/static/media/ Frame DAEE 		311 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://identificacao.clicrbs.com.br/identificacao-ipv6-prd/static/media/facebook.7401cba6.svg
Requested by
Host: identificacao.clicrbs.com.br
URL: https://identificacao.clicrbs.com.br/gzh/0/identifique-se?nossa-allow-metrics=false&full_referrer=https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
/
Resource Hash
dc1de07fa34f5a152c80eefde3566285b0aa80328478cb72dff5b67d7c18a07e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://identificacao.clicrbs.com.br/gzh/0/identifique-se?nossa-allow-metrics=false&full_referrer=https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
content-encoding
gzip
last-modified
Thu, 26 Aug 2021 18:16:16 GMT
x-timer
S1630002100.746835,VS0,VE1
etag
"54ac741b7182e2d7b5b951a149195aaa11f7cb3e7b286c211830db0fd63c2cf9"
x-served-by
cache-cgh11168-CGH
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=3600
strict-transport-security
max-age=31556926; includeSubDomains; preload
accept-ranges
bytes
content-length
248
x-cache-hits
1
google.a33ad696.svg
identificacao.clicrbs.com.br/identificacao-ipv6-prd/static/media/ Frame DAEE 		861 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://identificacao.clicrbs.com.br/identificacao-ipv6-prd/static/media/google.a33ad696.svg
Requested by
Host: identificacao.clicrbs.com.br
URL: https://identificacao.clicrbs.com.br/gzh/0/identifique-se?nossa-allow-metrics=false&full_referrer=https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
/
Resource Hash
5a88f85d0def284cbb3518e9df9462e4d4897401f7da3424e53216edeebda383
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://identificacao.clicrbs.com.br/gzh/0/identifique-se?nossa-allow-metrics=false&full_referrer=https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 15:58:43 GMT
x-timer
S1636646379.601274,VS0,VE1
etag
"ff7e23ebaed1c8c4372ce65cc68d51d9242d6a6ee71c0e385f7bc9014ef2cc6e"
x-served-by
cache-cgh11145-CGH
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=3600
strict-transport-security
max-age=31556926; includeSubDomains; preload
accept-ranges
bytes
content-length
481
x-cache-hits
1
chartbeat.js
static.chartbeat.com/js/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/static/main.0a0eb0c80e85925a8555.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5600:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:05:44 GMT
content-encoding
gzip
last-modified
Thu, 03 Feb 2022 22:23:33 GMT
server
nginx
age
1328
etag
W/"61fc55e5-8e96"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
cbnXZiGtreZ_LRcZSoeKf_d3KkZynxf6TWcGGhZ3A7dZ4Ag5jdPHRw==
expires
Wed, 16 Feb 2022 17:05:44 GMT
web_e
us-central1-metrics-prd.cloudfunctions.net/ 		43 B
419 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us-central1-metrics-prd.cloudfunctions.net/web_e
Requested by
Host: ad.clicrbs.com.br
URL: https://ad.clicrbs.com.br/zm/zem-metrics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://gauchazh.clicrbs.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
server
Google Frontend
content-type
image/gif
access-control-allow-origin
https://clicrbs.com.br
x-cloud-trace-context
5ff642af4f80bdb304744484355cf328
cache-control
public, max-age=43200
access-control-allow-credentials
true
function-execution-id
lxo9lmu0zflh
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Thu, 17 Feb 2022 03:27:52 GMT
js
www.googletagmanager.com/gtag/ 		166 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BSW87XLWWR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8Q8R8N
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
de5c5c45f923ca17962270b7c4205f25d317d8024dfb123c9e6ad329b4016f51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63044
x-xss-protection
0
expires
Wed, 16 Feb 2022 15:27:52 GMT
b-pt-br-lt.svg
news.google.com/swg/js/v1/i18n/ 		12 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.google.com/swg/js/v1/i18n/b-pt-br-lt.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg-button.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b35f09e010fba16592b2dde884f40ee679b0f9a7458ed03c1f1917ec45a675d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/swg/js/v1/swg-button.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:16:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
681
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4734
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="news-frontend"
expires
Wed, 16 Feb 2022 16:06:31 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1883081702&t=pageview&_s=1&dl=https%3A%2F%2Fgauchazh.clicrbs.com.br%2F&dp=%2F&ul=en-us&de=UTF-8&dt=GZH%20-%20jornal%20digital%20com%20not%C3%ADcias%2C%20porto%20alegre%2C%20gr%C3%AAmio%2C%20inter%2C%20colunistas%2C%20jogos%20ao%20vivo%20e%20mais&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=1263710369&gjid=1209194556&cid=244207154.1645025271&tid=UA-3469445-1&_gid=233413887.1645025271&_r=1&gtm=2wg290K8Q8R8N&cd12=&cd13=N%C3%A3o%20identificado&z=1817505741
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gauchazh.clicrbs.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gauchazh.clicrbs.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8Q8R8N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14879
x-xss-protection
0
server
cafe
etag
17635014576153706337
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 15:27:52 GMT
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8Q8R8N
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 23:54:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0A524F5609394152AC1CDFA29521F5E3 Ref B: FRAEDGE1306 Ref C: 2022-02-16T15:27:52Z
etag
"806a236c101ed81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11333
ads-config-gauchazh.json
ad.clicrbs.com.br/json/ 		37 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.clicrbs.com.br/json/ads-config-gauchazh.json
Requested by
Host: ad.clicrbs.com.br
URL: https://ad.clicrbs.com.br/js/module-ads.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
6d44d02afbb548f22926b7382566b1ebb3dc908f95b9ba06e7657ec36361fed6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:53 GMT
content-encoding
gzip
vary
Accept-Encoding
version
2
x-guploader-uploadid
ADPycdtM1oRQpGQ-_6wfDlb9PkmsyKyOR1aCHsOZe9zq-9EGv1D0arBGp3shmNDoEoZB8grtT8lSLsCheOtFI180T-Dv182NQw
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Wed, 16 Feb 2022 14:43:54 GMT
server
UploadServer
etag
W/"6351c2377bb12eb76ad700007ee1858d"
access-control-max-age
3600
x-goog-hash
crc32c=8tlFHg==, md5=Y1HCN3uxLrdq1wAAfuGFjQ==
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Wed, 16 Feb 2022 14:48:57 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1883081702&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgauchazh.clicrbs.com.br%2F&ul=en-us&de=UTF-8&dt=GZH%20-%20jornal%20digital%20com%20not%C3%ADcias%2C%20porto%20alegre%2C%20gr%C3%AAmio%2C%20inter%2C%20colunistas%2C%20jogos%20ao%20vivo%20e%20mais&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Assinantes%20-%20GZH&ea=N%C3%A3o%20identificado&el=https%3A%2F%2Fgauchazh.clicrbs.com.br%2F&_u=aGDAAEADQAAAAC~&jid=&gjid=&cid=244207154.1645025271&tid=UA-3469445-1&_gid=233413887.1645025271&gtm=2wg290K8Q8R8N&cd12=&cd13=N%C3%A3o%20identificado&z=80861327
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 07:46:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
27665
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
b-pt-br-dk.svg
news.google.com/swg/js/v1/i18n/ 		12 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.google.com/swg/js/v1/i18n/b-pt-br-dk.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg-button.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a52289797d7a998d98bf08962013ddb03c44e590ef423075542f1e729626839f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/swg/js/v1/swg-button.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:16:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
681
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4727
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Feb 2022 16:06:31 GMT
b
sb.scorecardresearch.com/ 		0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=7279431&ns__t=1645025272896&ns_c=UTF-8&cv=3.5&c8=GZH%20-%20jornal%20digital%20com%20not%C3%ADcias%2C%20porto%20alegre%2C%20gr%C3%AAmio%2C%20inter%2C%20colunistas%2C%20jogos%20ao%20vivo%20e%20mais&c7=https%3A%2F%2Fgauchazh.clicrbs.com.br%2F&c9=
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-80.dus51.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:52 GMT
via
1.1 98bb66c97d4f153aac116d087b36dc40.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
ZbROpibZ4MMhyP4LJxOoD9SJ7ocUa_zUuMIOPDcoUJUQ2CJv58WgNg==
x-cache
Miss from cloudfront
events
events.getsitectrl.com/api/v1/ 		608 B
856 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.getsitectrl.com/api/v1/events
Requested by
Host: s2.getsitecontrol.com
URL: https://s2.getsitecontrol.com/widgets/es6/runtime.d8fed6e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.98.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-98-15.compute-1.amazonaws.com
Software
Getsitecontrol /
Resource Hash
83ff1c1e9e3c36cb6e8443300fce33e7069d7c5e8f35d1cae932a7293caad34f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:53 GMT
server
Getsitecontrol
access-control-allow-methods
GET,POST
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache
access-control-allow-credentials
false
access-control-allow-headers
Content-Type,X-Requested-With
content-length
608
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F826 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456951&publicationId=gauchazh.clicrbs.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
Origin
https://news.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 17:06:41 GMT
x-content-type-options
nosniff
age
80471
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Feb 2023 17:06:41 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3469445-1&cid=244207154.1645025271&jid=1263710369&gjid=1209194556&_gid=233413887.1645025271&_u=aGDAAEACQAAAAC~&z=262332186
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gauchazh.clicrbs.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 16 Feb 2022 15:27:52 GMT
content-type
text/plain
access-control-allow-origin
https://gauchazh.clicrbs.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
mab
mabping.chartbeat.net/ping/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=clicrbs.com.br&p=%2F&d=gauchazh.clicrbs.com.br&u=YecSUCrtEYHCkpqz8&c=0&x=M7tMgSb5sj4f1&v=B&ml=m&sl=Dd4zT2&e=-1
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.228.86.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-86-47.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:53 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=clicrbs.com.br&p=%2F&u=YecSUCrtEYHCkpqz8&d=gauchazh.clicrbs.com.br&g=56047&g0=gauchazh.clicrbs%2C%20gauchazh-capa&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=9212&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=3002&t=Dom5iyBJH2trXrqUMCo19W_CnEvJi&V=129&i=GZH%20-%20jornal%20digital%20com%20not%C3%ADcias%2C%20porto%20alegre%2C%20gr%C3%AAmio%2C%20inter%2C%20colunistas%2C%20jogos%20ao%20vivo%20e%20mais&tz=0&_acct=anon&sn=1&sv=BWa8eCByjjOTy31WCYR1eGDX34Ym&sd=1&im=060b2f3f&_
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.41.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-41-153.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:53 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-BSW87XLWWR&gtm=2oe290&_p=1883081702&sr=1600x1200&ul=en-us&cid=244207154.1645025271&_s=1&dl=https%3A%2F%2Fgauchazh.clicrbs.com.br%2F&dt=GZH%20-%20jornal%20digital%20com%20not%C3%ADcias%2C%20porto%20alegre%2C%20gr%C3%AAmio%2C%20inter%2C%20colunistas%2C%20jogos%20ao%20vivo%20e%20mais&sid=1645025272&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BSW87XLWWR&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gauchazh.clicrbs.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
playlist.m3u8
liverdgaupoa.rbsdirect.com.br/primary/gaucha_rbs.sdp/ 		109 B
222 B 		Media
General
Check archive.org
Download Go to
Full URL
https://liverdgaupoa.rbsdirect.com.br/primary/gaucha_rbs.sdp/playlist.m3u8
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
nginx /
Resource Hash
8f6dda8cd0c0dcc0d8ed29e7e2e1fb751c589de1e92192b86e617a3793a86672

Request headers

Referer
https://gauchazh.clicrbs.com.br/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=0-

Response headers

access-control-allow-origin
*
date
Wed, 16 Feb 2022 15:27:53 GMT
cache-control
no-cache
server
nginx
content-type
application/vnd.apple.mpegurl
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3469445-1&cid=244207154.1645025271&jid=1263710369&_u=aGDAAEACQAAAAC~&z=1365051693
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3469445-1&cid=244207154.1645025271&jid=1263710369&_u=aGDAAEACQAAAAC~&z=1365051693
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m=byfTOb,lsjVmc,LEikZe
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.gICe8oPiOvE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.v0lOH1rwK3o.L.B1... Frame F826 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.gICe8oPiOvE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.v0lOH1rwK3o.L.B1.O/am=GgAg/d=1/exm=_b,_tp/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI6i-XaJe4GVaIEN2Je3d47oz47upA/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,LEikZe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.gICe8oPiOvE.es5.O/am=GgAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6qOQ3metPa5BQSA5BuuEQTayMp7g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
922d6b0274c900d518e815e45bf3e5a646f45ca92fdb3de5ac99aa0d02054b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:22:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65124
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13737
x-xss-protection
0
last-modified
Sat, 12 Feb 2022 01:04:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Feb 2023 21:22:29 GMT
25039324.js
bat.bing.com/p/action/ 		0
111 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/25039324.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 16 Feb 2022 15:27:52 GMT
cache-control
private,max-age=1800
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 57295487602B42DE847C54310CB8CE28 Ref B: FRAEDGE1306 Ref C: 2022-02-16T15:27:53Z
x-powered-by
ARR/3.0
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=25039324&tm=gtm002&Ver=2&mid=e03709e0-3b40-41f2-8c0a-27a2ce5b39bb&sid=01f80f708f3d11ec9a9823bf183d9196&vid=01f840008f3d11ecbb28150fd26ecfb5&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=GZH%20-%20jornal%20digital%20com%20not%C3%ADcias,%20porto%20alegre,%20gr%C3%AAmio,%20inter,%20colunistas,%20jogos%20ao%20vivo%20e%20mais&p=https%3A%2F%2Fgauchazh.clicrbs.com.br%2F&r=&lt=1592&evt=pageLoad&msclkid=N&sv=1&rn=715364
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:52 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 58664B732A2D4F338372E67F6CEE317A Ref B: FRAEDGE1306 Ref C: 2022-02-16T15:27:53Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,gychg,lfpdyf,VWuaCc,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.gICe8oPiOvE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.v0lOH1rwK3o.L.B1... Frame F826 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.gICe8oPiOvE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.v0lOH1rwK3o.L.B1.O/am=GgAg/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI6i-XaJe4GVaIEN2Je3d47oz47upA/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,gychg,lfpdyf,VWuaCc,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.gICe8oPiOvE.es5.O/am=GgAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6qOQ3metPa5BQSA5BuuEQTayMp7g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
296f059f114e04130b26c555f5409e751f1f88407a8d50562b5070e19eb0162d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:22:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65124
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36054
x-xss-protection
0
last-modified
Sat, 12 Feb 2022 01:04:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Feb 2023 21:22:29 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/985330866/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/985330866/?random=1645025273058&cv=9&fst=1645025273058&num=1&label=unn4CJiboJQBELLp69UD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgauchazh.clicrbs.com.br%2F&tiba=GZH%20-%20jornal%20digital%20com%20not%C3%ADcias%2C%20porto%20alegre%2C%20gr%C3%AAmio%2C%20inter%2C%20colunistas%2C%20jogos%20ao%20vivo%20e%20mais&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61f3ee861acfa489ed75dce1bb758fe833aee4e268284ab63ba64778dff5f461
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1138
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
impl.20220209-5-RELEASE.js
cdn.taboola.com/libtrc/ 		617 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/rbs-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
25db276f514822906922fbfedd6557c9418afbf1d9d51d69c4f9dacd722a4baa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
ni.XKnNDCYFnD0XKIPB7fzmdxGXZ7_Rh
content-encoding
br
etag
"47aba8dcefca4560e05ab437baae1ec9"
age
20373
x-cache
HIT
content-length
130247
x-amz-id-2
C4xoagvjSLMQSS56VFYFpwmCZYL2J9LxU/w4DbbnE3PRSAULQr5EoaWsziBWdpu1ediUTKZAKSc=
x-served-by
cache-hhn4050-HHN
last-modified
Wed, 09 Feb 2022 09:39:49 GMT
server
AmazonS3-br
x-timer
S1645025273.133090,VS0,VE0
date
Wed, 16 Feb 2022 15:27:53 GMT
vary
Accept-Encoding
x-amz-request-id
YZ6P6ZMR64YAZW31
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
32
x-cache-hits
16886
card-interference-detector.20220209-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/card-interference-detector.20220209-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/rbs-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d59040ad1ec39e643a31d375c395e40e427d7af21000be2fbdd9eac9dcd47b56

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
AYMkGBuiCB3GQVOuPN3bR3qO8B2VchDJ
content-encoding
gzip
etag
"a36fa12fa9daf2f6ba6a51286bdd5fd2"
age
1639
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2178
x-amz-id-2
yFHCPRp8T+BdVRKvFW9A1e4AefcoIvAXBYFfiQuJvvWc7jqTfaj3+pguwbKberis8WD8S0NDj+w=
x-served-by
cache-hhn4050-HHN
last-modified
Wed, 16 Feb 2022 15:00:29 GMT
server
AmazonS3
x-timer
S1645025273.180504,VS0,VE0
date
Wed, 16 Feb 2022 15:27:53 GMT
vary
Accept-Encoding
x-amz-request-id
BF9N8QZEDCDAVYT6
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
32
x-cache-hits
847
json
trc.taboola.com/rbs-gauchazh/trc/3/ 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/rbs-gauchazh/trc/3/json?tim=15%3A27%3A53.181&lti=deflated&data=%7B%22id%22%3A926%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1644845789853%2C%22vi%22%3A1645025273180%2C%22cv%22%3A%2220220209-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fgauchazh.clicrbs.com.br%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fgauchazh.clicrbs.com.br%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A9212%2C%22nsid%22%3A%22rbs-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A7%2C%22uim%22%3A%22alternating-thumbnails-a-home%3Apub%3Drbs-network%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Homepage%22%2C%22orig_uip%22%3A%22Right%20Rail%20Homepage%22%2C%22cd%22%3A3982.34375%2C%22mw%22%3A343%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CRight%20Rail%20Homepage%3Dalternating-thumbnails-a-home%3Apub%3Drbs-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6d724b5900757c907e3c9e088a83c3a4d76fb5da7293323fba6540c4b45d6592

Request headers

Referer
https://gauchazh.clicrbs.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
190
date
Wed, 16 Feb 2022 15:27:53 GMT
content-encoding
gzip
server
nginx
x-timer
S1645025273.193803,VS0,VE190
x-served-by
cache-hhn4050-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://gauchazh.clicrbs.com.br
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
module-ads.google1.6.21.min.js
ad.clicrbs.com.br/js/ 		49 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.clicrbs.com.br/js/module-ads.google1.6.21.min.js
Requested by
Host: ad.clicrbs.com.br
URL: https://ad.clicrbs.com.br/js/module-ads.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
2c9c81639ba7877372b0df3229f7a80feb08c51f1bd333f96b8eb73a9a037a72

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:53 GMT
content-encoding
gzip
vary
Accept-Encoding
version
2
x-guploader-uploadid
ADPycdsQyhOHHDOvnsrJI5iV33bW3MYe8Wk6rBKbGf3h_AKxDUx0DwrOiXRrJlxZ_5OyWJP86vZAV_ANGy-dt2WkIYKR5nClrA
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Fri, 14 Jan 2022 12:26:40 GMT
server
UploadServer
etag
W/"a915146b77888de3f0e2ebc039686ff6"
access-control-max-age
3600
x-goog-hash
crc32c=2bEi4g==, md5=qRUUa3eIjePw4uvAOWhv9g==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Fri, 14 Jan 2022 12:30:02 GMT
module-ads.prebid1.3.3.min.js
ad.clicrbs.com.br/js/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.clicrbs.com.br/js/module-ads.prebid1.3.3.min.js
Requested by
Host: ad.clicrbs.com.br
URL: https://ad.clicrbs.com.br/js/module-ads.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
4bb6981f122b7913e0bbd004eb2cc0b6a681bcf520a7c30d4800d0b16df49abd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:53 GMT
content-encoding
gzip
vary
Accept-Encoding
version
2
x-guploader-uploadid
ADPycdtvh1PUzFnKyytIpfFAq4-jOS77c4EClc94vrMdpY5sJDuG5ddb5zP_IVUA-umuLGy0mWJsvTgH4G93izNxx0I
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Mon, 21 Jun 2021 15:06:37 GMT
server
UploadServer
etag
W/"74187e2bba185f64d88c77ee915c0240"
access-control-max-age
3600
x-goog-hash
crc32c=892Pgg==, md5=dBh+K7oYX2TYjHfukVwCQA==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Mon, 19 Jul 2021 19:29:08 GMT
batchexecute
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame F826 		461 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2F_%2Fui%2Fv1%2Fserviceiframe&f.sid=7233914927157846183&bl=boq_subscribewithgoogleclientserver_20220214.08_p0&hl=de&soc-app=673&soc-platform=1&soc-device=1&_reqid=55674&rt=c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.gICe8oPiOvE.es5.O/am=GgAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6qOQ3metPa5BQSA5BuuEQTayMp7g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
21477c315faf43ecd3df791695191da51cbbc19fe15d0eae781049de1596e723
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://news.google.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 16 Feb 2022 15:27:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.gICe8oPiOvE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.v0lOH1rwK3o.L.B1... Frame F826 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.gICe8oPiOvE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.v0lOH1rwK3o.L.B1.O/am=GgAg/d=1/exm=COQbmf,DfBslb,KG2eXe,LEikZe,NwH0H,OmgaI,PQaYAf,U0aPgd,VWuaCc,ZfAoz,_b,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,lPKSwe,lfpdyf,lsjVmc,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI6i-XaJe4GVaIEN2Je3d47oz47upA/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.gICe8oPiOvE.es5.O/am=GgAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6qOQ3metPa5BQSA5BuuEQTayMp7g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4589e9be8fb2fe056439ef9a65adf444c3ca964227299f2753ddd1db3242023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:22:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65124
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7245
x-xss-protection
0
last-modified
Sat, 12 Feb 2022 01:04:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Feb 2023 21:22:29 GMT
/
www.google.com/pagead/1p-user-list/985330866/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/985330866/?random=1645025273058&cv=9&fst=1645023600000&num=1&label=unn4CJiboJQBELLp69UD&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&frm=0&url=https%3A%2F%2Fgauchazh.clicrbs.com.br%2F&tiba=GZH%20-%20jornal%20digital%20com%20not%C3%ADcias%2C%20porto%20alegre%2C%20gr%C3%AAmio%2C%20inter%2C%20colunistas%2C%20jogos%20ao%20vivo%20e%20mais&async=1&fmt=3&is_vtc=1&random=1848514814&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/985330866/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/985330866/?random=1645025273058&cv=9&fst=1645023600000&num=1&label=unn4CJiboJQBELLp69UD&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&frm=0&url=https%3A%2F%2Fgauchazh.clicrbs.com.br%2F&tiba=GZH%20-%20jornal%20digital%20com%20not%C3%ADcias%2C%20porto%20alegre%2C%20gr%C3%AAmio%2C%20inter%2C%20colunistas%2C%20jogos%20ao%20vivo%20e%20mais&async=1&fmt=3&is_vtc=1&random=1848514814&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log
play.google.com/ Frame F826 		131 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.gICe8oPiOvE.es5.O/am=GgAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6qOQ3metPa5BQSA5BuuEQTayMp7g/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 16 Feb 2022 15:27:53 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Wed, 16 Feb 2022 15:27:53 GMT
log
play.google.com/ Frame F826 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.gICe8oPiOvE.es5.O/am=GgAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6qOQ3metPa5BQSA5BuuEQTayMp7g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 16 Feb 2022 15:27:53 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Wed, 16 Feb 2022 15:27:53 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://news.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://news.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Wed, 16 Feb 2022 15:27:53 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 16 Feb 2022 15:27:53 GMT
cache-control
private
log
play.google.com/ Frame F826 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.gICe8oPiOvE.es5.O/am=GgAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6qOQ3metPa5BQSA5BuuEQTayMp7g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 16 Feb 2022 15:27:53 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Wed, 16 Feb 2022 15:27:53 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://news.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://news.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Wed, 16 Feb 2022 15:27:53 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 16 Feb 2022 15:27:53 GMT
cache-control
private
log
play.google.com/ Frame F826 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.gICe8oPiOvE.es5.O/am=GgAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6qOQ3metPa5BQSA5BuuEQTayMp7g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 16 Feb 2022 15:27:53 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Wed, 16 Feb 2022 15:27:53 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://news.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://news.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Wed, 16 Feb 2022 15:27:53 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 16 Feb 2022 15:27:53 GMT
cache-control
private
log
play.google.com/ Frame F826 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.gICe8oPiOvE.es5.O/am=GgAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6qOQ3metPa5BQSA5BuuEQTayMp7g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 16 Feb 2022 15:27:53 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Wed, 16 Feb 2022 15:27:53 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://news.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://news.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Wed, 16 Feb 2022 15:27:53 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 16 Feb 2022 15:27:53 GMT
cache-control
private
log
play.google.com/ Frame F826 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.gICe8oPiOvE.es5.O/am=GgAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6qOQ3metPa5BQSA5BuuEQTayMp7g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 16 Feb 2022 15:27:53 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Wed, 16 Feb 2022 15:27:53 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://news.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://news.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Wed, 16 Feb 2022 15:27:53 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 16 Feb 2022 15:27:53 GMT
cache-control
private
cta-component.20220209-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/cta-component.20220209-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/rbs-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a217093482f8f267d7b2687f71cb07e0d1d54f2006e6895e78b94e3b390721bb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
fsqJbYRZH0Vk5MHWXlwXqsZ1s5LHOxkt
content-encoding
gzip
etag
"9849d7a808261a0a8eb56398b3b71925"
age
1639
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5020
x-amz-id-2
ccszxAZCEqwoNX5c4Fw3tAmXlhyBZ4pzNTSUnA/cTLyyBFWHupsOhhbPQwynpOlOBCEfiQa08uI=
x-served-by
cache-hhn4050-HHN
last-modified
Wed, 16 Feb 2022 15:00:29 GMT
server
AmazonS3
x-timer
S1645025273.422756,VS0,VE0
date
Wed, 16 Feb 2022 15:27:53 GMT
vary
Accept-Encoding
x-amz-request-id
BF9T7221R1SE4SXF
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
32
x-cache-hits
1210
userx.20220209-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20220209-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/rbs-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8847cc60ae38e9ee058fe1c1ead1cd834995c605c5d940437078419e622ce933

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
P9_LYrfEY.Yh2nfVQAvBmtAIScK8Fh_v
content-encoding
gzip
etag
"61e315da9d36378bf5cee1884d4b1acb"
age
1694
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5396
x-amz-id-2
bIXYHO41yy2ptbIFzG6h+cYiJdFyMjNVvKnqhNlJJn+dtpcjdBOudsBR374D1x0XOnhP4FqDxw4=
x-served-by
cache-hhn4050-HHN
last-modified
Wed, 16 Feb 2022 14:59:35 GMT
server
AmazonS3
x-timer
S1645025273.422852,VS0,VE0
date
Wed, 16 Feb 2022 15:27:53 GMT
vary
Accept-Encoding
x-amz-request-id
N710C9MAQ62PZJ2H
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
32
x-cache-hits
845
distance-from-article.20220209-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20220209-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/rbs-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d111500bf25634f687194ff4d0d56fdbf0408efbf5d3b7fbb5698a5427bda0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
4YMWkK_C6ft5aF.L0.kVansPWysF878i
content-encoding
gzip
etag
"985b3679263be8e68090502d42c0b343"
age
1642
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1003
x-amz-id-2
EjSGp22y7ipt1cMNx2U6nQPCIvM/NlOzas7wYTdBu6wujucizWIkxetciDi7FiGxqLUSVUbJIgc=
x-served-by
cache-hhn4050-HHN
last-modified
Wed, 16 Feb 2022 15:00:25 GMT
server
AmazonS3
x-timer
S1645025273.423224,VS0,VE0
date
Wed, 16 Feb 2022 15:27:53 GMT
vary
Accept-Encoding
x-amz-request-id
XG3WNDTYS29RX7T9
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
32
x-cache-hits
701
article-detection.20220209-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20220209-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/rbs-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f8223c715d6927d3966caef0d8ee78e4ee5be665e2c26c8d7226d68ea052445f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
ZsVF7DRgWjZjveI815HxrwNO0ULaJo00
content-encoding
gzip
etag
"c7dddf34530fc6e1ab95602fa7bfe77c"
age
1479
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1234
x-amz-id-2
bWEDS5ym+uH7aKXe9HqZoXYe3N1XAZ/DsSksbKQcMbuBCBGcscRw56cUKZcJxDAR6YL6yFwgZdk=
x-served-by
cache-hhn4050-HHN
last-modified
Wed, 16 Feb 2022 15:00:30 GMT
server
AmazonS3
x-timer
S1645025273.423469,VS0,VE0
date
Wed, 16 Feb 2022 15:27:53 GMT
vary
Accept-Encoding
x-amz-request-id
CV3SWVJJMZC3EME2
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
32
x-cache-hits
621
c585eab0856c459b264f750c22753efd.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c585eab0856c459b264f750c22753efd.jpg
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0f8d9aff3126d4ecc57a3c6a6ffdb0d1e0ca76750d5da550d297ec7b5ce184b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 16 Feb 2022 15:27:53 GMT
via
1.1 varnish, 1.1 varnish
age
1967181
edge-cache-tag
534192908577081554588663175709576281919,324797993976713913133880255001903442353,29ecf9b93bbf306179626feeda1fab70
cache-tag
534192908577081554588663175709576281919,324797993976713913133880255001903442353,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
74
expiration
expiry-date="Thu, 24 Feb 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c585eab0856c459b264f750c22753efd.jpg
content-length
4908
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Mon, 24 Jan 2022 15:03:04 GMT
server
nginx
x-timer
S1645025273.450384,VS0,VE1
etag
"a9ba00b75f9ccc220c064f48bdb6b9a2"
x-served-by
cache-bwi5035-BWI, cache-iad-kiad7000034-IAD, cache-hhn4050-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
share.jpg%3Fw%3D1200%26h%3D630%26a%3Dc%26version%3D1575255600
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gauchazh.clicrbs.com.br/static/images/ 		612 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gauchazh.clicrbs.com.br/static/images/share.jpg%3Fw%3D1200%26h%3D630%26a%3Dc%26version%3D1575255600
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2be149f5e75208addf12839a437f423992d2964e9064305a2bdc73323daa49f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 16 Feb 2022 15:27:53 GMT
via
1.1 varnish, 1.1 varnish
age
2367307
edge-cache-tag
395612515767782709795148446319283160263,324797993976713913133880255001903442353,29ecf9b93bbf306179626feeda1fab70
cache-tag
395612515767782709795148446319283160263,324797993976713913133880255001903442353,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
24
expiration
expiry-date="Sat, 12 Feb 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gauchazh.clicrbs.com.br/static/images/share.jpg%3Fw%3D1200%26h%3D630%26a%3Dc%26version%3D1575255600
content-length
612
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Wed, 12 Jan 2022 08:14:06 GMT
server
nginx
x-timer
S1645025273.450492,VS0,VE1
etag
"9e233efb554e1f18de3143d2d7484db1"
x-served-by
cache-bwi5048-BWI, cache-iad-kjyo7100110-IAD, cache-hhn4050-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 2, 1
tbp
15.taboola.com/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c4589b945bd8de0e3f875dd97acd2bcb6f05c735ce512747e5f0117fa563b7cf

Request headers

Referer
https://gauchazh.clicrbs.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 16 Feb 2022 15:27:53 GMT
content-encoding
gzip
access-control-allow-origin
https://gauchazh.clicrbs.com.br
machineid
1403
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4050-HHN
pragma
no-cache
server
nginx
x-timer
S1645025273.440031,VS0,VE54
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
9adf2a98315baed83bd4692f1333a9e2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9adf2a98315baed83bd4692f1333a9e2.jpg
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bc0c653fc6616c9a804051df24255ac47ebdb98a5d32a1973844165dc0bcdc4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 16 Feb 2022 15:27:53 GMT
via
1.1 varnish, 1.1 varnish
age
4148276
edge-cache-tag
586919808178527439769263544249810208008,324797993976713913133880255001903442353,29ecf9b93bbf306179626feeda1fab70
cache-tag
586919808178527439769263544249810208008,324797993976713913133880255001903442353,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
75
expiration
expiry-date="Mon, 10 Jan 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9adf2a98315baed83bd4692f1333a9e2.jpg
content-length
3468
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Fri, 10 Dec 2021 09:05:28 GMT
server
nginx
x-timer
S1645025273.450665,VS0,VE1
etag
"72135394c3addc1a8e9242fa489fda03"
x-served-by
cache-wdc5571-WDC, cache-iad-kjyo7100094-IAD, cache-hhn4050-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
1904821_9e85c5576ceb566.jpg%3Fw%3D1200%26h%3D630%26a%3Dc%26version%3D1575255600
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.rbsdirect.com.br/filestore/1/2/8/4/0/9/1_d7529e25a604ac1/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.rbsdirect.com.br/filestore/1/2/8/4/0/9/1_d7529e25a604ac1/1904821_9e85c5576ceb566.jpg%3Fw%3D1200%26h%3D630%26a%3Dc%26version%3D1575255600
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6f5884155aa9570de0a6f43f119a642904d6bd9f412f8f798bc666b99051f895

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 16 Feb 2022 15:27:53 GMT
via
1.1 varnish, 1.1 varnish
age
406739
edge-cache-tag
358166426060560102999484036592504830973,324797993976713913133880255001903442353,29ecf9b93bbf306179626feeda1fab70
cache-tag
358166426060560102999484036592504830973,324797993976713913133880255001903442353,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
334
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.rbsdirect.com.br/filestore/1/2/8/4/0/9/1_d7529e25a604ac1/1904821_9e85c5576ceb566.jpg%3Fw%3D1200%26h%3D630%26a%3Dc%26version%3D1575255600
content-length
3088
x-request-id
54f79c806f7ac419e9cf9154531952e0
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Fri, 11 Feb 2022 19:10:56 GMT
server
nginx
x-timer
S1645025273.450853,VS0,VE1
etag
"0f70d11c5dfce0a621fe75e78d060654"
x-served-by
cache-bwi5041-BWI, cache-iad-kjyo7100140-IAD, cache-hhn4050-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
a9ef3a397c66667e89252f11878b6505.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a9ef3a397c66667e89252f11878b6505.jpg
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bd1a6ed773a5ffd85d292aaf7c25c593686b1dc20baadaf69cb993e4b2ba6725

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 16 Feb 2022 15:27:53 GMT
via
1.1 varnish, 1.1 varnish
age
908028
edge-cache-tag
485038705070740944095279653345771261870,324797993976713913133880255001903442353,29ecf9b93bbf306179626feeda1fab70
cache-tag
485038705070740944095279653345771261870,324797993976713913133880255001903442353,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
358
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a9ef3a397c66667e89252f11878b6505.jpg
content-length
3188
x-request-id
1014f4a100b8cc19da537720328d4d14
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Mon, 17 Jan 2022 07:21:04 GMT
server
nginx
x-timer
S1645025273.450569,VS0,VE1
etag
"60bab4203a7535cd0ac262d0dd28002a"
x-served-by
cache-bwi5057-BWI, cache-iad-kiad7000142-IAD, cache-hhn4050-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
7a195214717e77641aaf024e1eb139bf.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7a195214717e77641aaf024e1eb139bf.jpg
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
62de9da5a2ba071c5b0d8bd3d3e9163099da2b088e402a4cc1867b0d36362cb4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 16 Feb 2022 15:27:53 GMT
via
1.1 varnish, 1.1 varnish
age
761449
edge-cache-tag
519195973858999311292900124756826519703,324797993976713913133880255001903442353,29ecf9b93bbf306179626feeda1fab70
cache-tag
519195973858999311292900124756826519703,324797993976713913133880255001903442353,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
72
expiration
expiry-date="Sat, 12 Feb 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7a195214717e77641aaf024e1eb139bf.jpg
content-length
2398
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Wed, 12 Jan 2022 22:10:53 GMT
server
nginx
x-timer
S1645025273.450769,VS0,VE1
etag
"3e5a6a40f5c9972660771c74364c2e6c"
x-served-by
cache-bwi5054-BWI, cache-iad-kcgs7200021-IAD, cache-hhn4050-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
1904674_94266ef75b71cd1.jpg%3Fw%3D1200%26h%3D630%26a%3Dc%26version%3D1575255600
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.rbsdirect.com.br/filestore/4/7/6/4/0/9/1_898ec3f8b5a8c2f/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.rbsdirect.com.br/filestore/4/7/6/4/0/9/1_898ec3f8b5a8c2f/1904674_94266ef75b71cd1.jpg%3Fw%3D1200%26h%3D630%26a%3Dc%26version%3D1575255600
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b2303d8d7c4b54c60d39d1993f00736c924667edd9f5438842b4f955f539e027

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 16 Feb 2022 15:27:53 GMT
via
1.1 varnish, 1.1 varnish
age
419771
edge-cache-tag
465045967326877441709920749120407693655,324797993976713913133880255001903442353,29ecf9b93bbf306179626feeda1fab70
cache-tag
465045967326877441709920749120407693655,324797993976713913133880255001903442353,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
441
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.rbsdirect.com.br/filestore/4/7/6/4/0/9/1_898ec3f8b5a8c2f/1904674_94266ef75b71cd1.jpg%3Fw%3D1200%26h%3D630%26a%3Dc%26version%3D1575255600
content-length
2188
x-request-id
6ea90ca6015bfc2fcb179123e56eec2e
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Fri, 11 Feb 2022 18:08:42 GMT
server
nginx
x-timer
S1645025273.460779,VS0,VE1
etag
"6d18d235c578b659e8c19fcec7cbd745"
x-served-by
cache-dca17776-DCA, cache-iad-kjyo7100144-IAD, cache-hhn4050-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
supply-feature
trc.taboola.com/rbs-gauchazh/log/3/ 		0
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/rbs-gauchazh/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=61d6ed68fe95398b917cc52f1ffa52ed&sd=v2_7cb5a427a8982af2167b7ede6906e41b_2ec1a381-efee-4e48-a364-65580c8441e2-tuct9069d79_1645025273_1645025273_CIi3jgYQ8OVMGNzKlpnwLyABKAEwODib4wlAiIoQSN622QNQouwQWABgAGjGot3Fm8C5-osBcAA&ui=2ec1a381-efee-4e48-a364-65580c8441e2-tuct9069d79&pi=/&wi=-4465994688655033163&pt=home&vi=1645025273180&d=%7B%22event_type%22%3A%22END_OF_ARTICLE_MEASUREMENT%22%2C%22event_state%22%3A%22REPORTED%22%2C%22event_value%22%3A%22%7B%5C%22distance%5C%22%3A498.390625%2C%5C%22articleClasses%5C%22%3A%5C%22gzh-content%20fade-in%5C%22%2C%5C%22articleTag%5C%22%3A%5C%22DIV%5C%22%2C%5C%22threshold%5C%22%3A%5C%22450%5C%22%7D%22%7D&tim=15%3A27%3A53.511&id=6525&llvl=2&cv=20220209-5-RELEASE&
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Wed, 16 Feb 2022 15:27:53 GMT
via
1.1 varnish
server
nginx
x-timer
S1645025274.515297,VS0,VE9
x-served-by
cache-hhn4050-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
creative_js.js
vidstat.taboola.com/vpaid/units/27_2_17/creatives/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:53 GMT
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront), 1.1 varnish
age
1179264
x-amz-meta-mtime
1580720676
x-cache
Hit from cloudfront, HIT
x-amz-meta-ctime
1580720957
x-amz-meta-mode
33188
content-encoding
gzip
content-length
1904
x-served-by
cache-hhn4050-HHN
last-modified
Mon, 03 Feb 2020 09:09:18 GMT
server
AmazonS3
x-timer
S1645025274.519069,VS0,VE0
etag
"d80eacb3ed43f93a2da80d76e65d19a8"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/javascript
access-control-allow-headers
*
x-amz-cf-id
weURnwUwOHgFt6bTo3Iz_wVjW8GmAzFabBY2qdh0wOmhvZi_Ab2wtQ==
x-cache-hits
43144
prebid6.11.0.min.js
ad.clicrbs.com.br/js/ 		215 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.clicrbs.com.br/js/prebid6.11.0.min.js
Requested by
Host: ad.clicrbs.com.br
URL: https://ad.clicrbs.com.br/js/module-ads.prebid1.3.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
36b8d7c1c0f7498119dcba5a42fc5b0002df4ec86e6f06e87dd4b06301578458

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:53 GMT
content-encoding
gzip
vary
Accept-Encoding
version
2
x-guploader-uploadid
ADPycdszaqkbgPwLcHNHi1PuRAYOx9ThSdc8zINjHZ3XzHFRZWm3iDLsUc1XvnSVoVjtaFc31fpTfMvEpqVWYbCvDT8
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Wed, 16 Feb 2022 13:21:41 GMT
server
UploadServer
etag
W/"86a2fef577405cbbfa951f2624a9e0fb"
access-control-max-age
3600
x-goog-hash
crc32c=jHRiRQ==, md5=hqL+9XdAXLv6lR8mJKng+w==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Wed, 16 Feb 2022 14:49:26 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ad.clicrbs.com.br
URL: https://ad.clicrbs.com.br/js/module-ads.google1.6.21.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
6b4f8e0237a7bb7453744e9bab1eebfe7f70c88c6243735aff0adf3e275419ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27380
x-xss-protection
0
server
sffe
etag
"1133 / 309 of 1000 / last-modified: 1645013142"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 16 Feb 2022 15:27:53 GMT
st
imprammp.taboola.com/ Frame 13DF 		0
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=C4844EB4D344065477552731586&cicmp=1337627&cijs=1&dast=V7rNQCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHEMajkYrCmnEGY0Gs9VoN1vMRrPRbLcYLJcwMYvFYjRcrUZjzWKxGE1mq-EUDLbwOd3dbQBB0-nwue71OofrY3RYj3aN2emxXDx3jd9tl1j-cgAAAAB4ACBqiYbY8W1ojwAAAACQ4Bm5VqAIqPi3ELgAAAAAwAAgEAvXAIDiOECX5ea3nPwBAPCgAAIAIIARAqBpDy8CAAAAMAIAAABAAiCQWFgC4HC3aAIAEPA3UGIqdgIAAHBQJ_O0zfL___8fA5D33iQDQJG2cWPQA_DgA_AgBAAA8DGUxQVcW288WUNUsFfECAAAACC3etP0aFInVBZV_____1YAVwAAAX8DJaaPWTcnxaxhAAAAAGML9LD4_WaHXeN3u-z_________3-z_DABNCCpTMy1oQaFHjWfkWmHtFxAAgO3dAADeBOBiDsAOAAAA4O7___8_DwAAgGSPku21Gs8eZb3PYAuf091dvwlbjFaTyWY5nC0Xk8FwNByN9ieQwwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKJFg8lqNJosJsPVaLKaLRe73QYpWrWajTaD4Wo2me12q-FguByNcMIWo9VkslkOZ8vFZDAcDUejIR5UnUvn8-p8fIjhai5ZbOaK1WqumM1WCQAAAAAAAABgCVPmTQAAAABOg5jNJrvdihtv9kwQa7Va1gAAAADcupED!&excid=22&tst=1&docw=0&cs=false
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/

Response headers

server
nginx
accept-ranges
bytes
date
Wed, 16 Feb 2022 15:27:53 GMT
via
1.1 varnish
x-served-by
cache-hhn4050-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1645025274.534763,VS0,VE9
content-length
0
cmTagCUSTOM.js
vidstat.taboola.com/vpaid/units/30_3_6010/infra/ 		604 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
f11884de40899d47234c1cf86074c4e1daf2adf2b83ecff07996dba83044fa47

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:53 GMT
via
1.1 varnish
age
2173655
x-amz-meta-mtime
1637665336
x-cache
HIT
x-amz-meta-ctime
1637665337
x-amz-meta-mode
33188
content-encoding
br
content-length
114684
x-amz-id-2
0nGhQyYL6JJMNrNtgN9DZ54Xe47FlcMytbRNYowkLHISIE+ayuuCG0l+V0ZSZ+siOhY7wKkivBg=
x-served-by
cache-hhn4050-HHN
accept-ranges
bytes
last-modified
Tue, 23 Nov 2021 11:02:18 GMT
server
AmazonS3-br
x-timer
S1645025274.534524,VS0,VE0
etag
"c85616763ae0c5c14b78b36594bb92db"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
1BJTM91JQABF5B1D
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
239467
cmOsUnit.css
vidstat.taboola.com/vpaid/units/30_3_6010/assets/css/ 		61 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/30_3_6010/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
e811e414f4376d969d84db459974e258fbea5cb9aaa9fc90049c18946eb2a6e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:53 GMT
via
1.1 varnish
age
2174490
x-amz-meta-mtime
1637665346
x-cache
HIT
x-amz-meta-ctime
1637665346
x-amz-meta-mode
33188
content-encoding
br
content-length
8011
x-amz-id-2
DorYSe3tYgOl1kHh+s4QSJZ4EV7e6QatR1h0Kst7losPnxWoI5OXRUDbs44/HPvWpI9TzqPsi28=
x-served-by
cache-hhn4050-HHN
accept-ranges
bytes
last-modified
Tue, 23 Nov 2021 11:02:27 GMT
server
AmazonS3-br
x-timer
S1645025274.534634,VS0,VE0
etag
"35d592e602402e62e13fc963c20298fc"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
QF5WB9J15028EQTS
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
text/css
access-control-allow-headers
*
x-cache-hits
224015
PMS.js
vidstat.taboola.com/PMS/2.2.1/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/PMS/2.2.1/PMS.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:53 GMT
via
1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront), 1.1 varnish
age
521963
x-amz-meta-mtime
1542789750
x-cache
Hit from cloudfront, HIT
x-amz-meta-mode
33188
content-encoding
gzip
content-length
15795
x-served-by
cache-hhn4050-HHN
last-modified
Wed, 21 Nov 2018 08:42:31 GMT
server
AmazonS3
x-timer
S1645025274.615189,VS0,VE0
etag
"57a7ebef371550a9ab54a2f0f82547af"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
access-control-allow-headers
*
x-amz-cf-id
0O7z6VW9AL1L88cf_kIuoP_A5jN71DAJkA3vm2xv6yILK0B1A5FTlg==
x-cache-hits
36159
video-autoplay-detector.js
vidstat.taboola.com/video-autoplay-detector/1.0.0/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/video-autoplay-detector/1.0.0/video-autoplay-detector.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:53 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront), 1.1 varnish
age
1518741
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
2210
x-served-by
cache-hhn4050-HHN
last-modified
Mon, 10 Jun 2019 11:55:53 GMT
server
AmazonS3
x-timer
S1645025274.699753,VS0,VE0
etag
"2fac39530c1c168282a35d1ab56450ed"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
dMQndaMYz4lAKRlFPrdUyMaueOEjTlwBX-FuhX2o7-w7PeNmsjlMEw==
x-cache-hits
305676
ouaykopohidvhwmew1gp.mp4
cdn.taboola.com/libtrc/static/video/v1635496243/ 		351 KB
352 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1635496243/ouaykopohidvhwmew1gp.mp4
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4a8e9886c01a5f3d4174d6ed6eaf8d429059f0a5bd9a64f3796d445ee312c7d

Request headers

Referer
https://gauchazh.clicrbs.com.br/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
TREDgmZi.mMQ4hnHJXc3gxv3CQfxPERp
via
1.1 varnish
etag
"1dd4db87e200d8b35fe8f90753e33c24"
age
34
x-cache
HIT
Content-Range
bytes 0-359817/359818
x-amz-replication-status
COMPLETED
Content-Length
359818
x-amz-id-2
8Uhbc2un9EUnE0zojOinaejcrxNoyRbAgMC7Ut6eBOHTnTqR2oV2X/kZnYOE2C7yUZXjgBG1IqE=
x-served-by
cache-hhn4050-HHN
last-modified
Fri, 29 Oct 2021 08:30:49 GMT
server
AmazonS3
x-timer
S1645025274.717973,VS0,VE1
date
Wed, 16 Feb 2022 15:27:53 GMT
x-amz-request-id
PSZQA0T5NM19WP20
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
32
x-cache-hits
0
df7c42cf-7f4b-4cff-ab55-e330d667dfd5
https://gauchazh.clicrbs.com.br/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://gauchazh.clicrbs.com.br/df7c42cf-7f4b-4cff-ab55-e330d667dfd5
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
https://gauchazh.clicrbs.com.br/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
147c04ff-2955-4b6a-9350-2d6600c5a52a
https://gauchazh.clicrbs.com.br/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://gauchazh.clicrbs.com.br/147c04ff-2955-4b6a-9350-2d6600c5a52a
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
https://gauchazh.clicrbs.com.br/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
pubads_impl_2022021501.js
securepubads.g.doubleclick.net/gpt/ 		360 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021501.js?31064925
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
a442b080c731f6b7d20e4935475c6de21cd18a8826fc4348a1ae306a502e66a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 13:04:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8579
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123417
x-xss-protection
0
last-modified
Tue, 15 Feb 2022 09:34:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Feb 2023 13:04:54 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		244 B
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=gauchazh.clicrbs.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
12a8acbea80254ddfe9586aff910d6a6c67aabd7e29af4c39194cc82bcf4a2c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Feb 2022 15:27:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143
x-xss-protection
0
expires
Wed, 16 Feb 2022 15:27:53 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		592 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13786&site_id=65062&zone_id=791082&size_id=2%3B15%3B15%3B15&alt_size_ids=55%2C57%2C221%3B16%3B16%3B10%2C16&rf=https%3A%2F%2Fgauchazh.clicrbs.com.br%2F&tk_flint=pbjs_lite_v6.11.0&x_source.tid=1d981426-5185-47d6-9cca-ebf38589f652%3Bd13a2519-0eba-49a6-988b-23dade693b24%3B8f1c4ba6-3b95-4295-af91-9afe17e1d662%3Bf06f8713-35ba-46d0-8c41-15b48f5c5c92&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=4&rand=0.7331468395398044
Requested by
Host: ad.clicrbs.com.br
URL: https://ad.clicrbs.com.br/js/prebid6.11.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
b7a55018234eb38eb68a2bb7c8a5625ad96c29e5681e5344a464a8c328b33ba6

Request headers

Referer
https://gauchazh.clicrbs.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 15:27:54 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://gauchazh.clicrbs.com.br
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
592
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		519 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ad.clicrbs.com.br
URL: https://ad.clicrbs.com.br/js/prebid6.11.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
cfebcfcdc234c34c83c38c822c20fe2a85b4d929232ebe5e16b29927754be98d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://gauchazh.clicrbs.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Feb 2022 15:27:54 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
83cefe43-7ad1-4840-8bd3-8926df3dc305
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://gauchazh.clicrbs.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=gauchazh.clicrbs.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021501.js?31064925
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Feb 2022 15:27:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=gauchazh.clicrbs.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021501.js?31064925
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Feb 2022 15:27:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		306 KB
87 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3669123844490151&correlator=1496030413863378&eid=31061814%2C31064925%2C31064868%2C31063246%2C44756432&output=ldjh&gdfp_req=1&vrg=2022021501&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220216&iu_parts=21766049037%2CGauchaZH%2Ccapa&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=120x38%2C1200x250%7C1200x150%7C970x250%7C970x90%7C949x90%7C728x90%7C1x1%2C300x250%7C336x280%2C1200x250%7C1200x150%7C970x250%7C970x90%7C949x90%7C728x90%7C1x1%2C320x50%2C320x50%2C300x250%7C336x280%2C1200x250%7C1200x150%7C970x250%7C970x90%7C949x90%7C728x90%7C1x1%2C300x250%7C336x280%7C300x700%7C300x600%2C1200x250%7C1200x150%7C970x250%7C970x90%7C949x90%7C728x90%7C1x1%2C1200x400%7C1200x250%7C1200x150%7C970x250%7C970x90%7C949x90%7C728x90%7C1x1%2C120x38%2C120x38&fluid=0%2C0%2C0%2C0%2Cheight%2Cheight%2C0%2C0%2C0%2C0%2C0%2C0%2C0&prev_scp=FORMATOS%3DSELO%2520PLAYER%26REFRESH%3Dtrue%7CFORMATOS%3DHORIZONTAL%25201%26REFRESH%3Dtrue%7CFORMATOS%3DBLOCO%25201%26REFRESH%3Dtrue%7CFORMATOS%3DHORIZONTAL%25202%26REFRESH%3Dtrue%7CFORMATOS%3DNATIVO%25201%26REFRESH%3Dtrue%7CFORMATOS%3DNATIVO%25202%26REFRESH%3Dtrue%7CFORMATOS%3DBLOCO%25202%26REFRESH%3Dtrue%7CFORMATOS%3DHORIZONTAL%25203%26REFRESH%3Dtrue%7CFORMATOS%3DBLOCO%25203%26REFRESH%3Dtrue%7CFORMATOS%3DHORIZONTAL%25204%26REFRESH%3Dtrue%7CFORMATOS%3DPARALLAX%26REFRESH%3Dtrue%7CFORMATOS%3DLISTA%25201%26REFRESH%3Dtrue%7CFORMATOS%3DLISTA%25202%26REFRESH%3Dtrue&eri=1&cust_params=ESTILO-DE-NATIVO%3DPADR%25C3%2583O%252CPROGRAM%25C3%2581TICA%252CVENDA%2520DIRETA%252CRBS%2520BRAND%2520STUDIO%252CESTILO%25201%252CESTILO%25202%252CESTILO%25203%252CESTILO%25204%252CESTILO%25205%26nvg_gender%3D%26nvg_age%3D%26nvg_educat%3D%26nvg_marita%3D%26nvg_income%3D%26nvg_connec%3D%26nvg_city%3D%26nvg_region%3D%26nvg_countr%3D%26nvg_everyo%3D%26nvg_custom%3D%26nvg_brand%3D%26nvg_intere%3D%26nvg_produc%3D%26nvg_career%3D%26nvg_everyb%3D%26nvg_pgende%3D%26nvg_page%3D%26nvg_peduca%3D%26nvg_pmarit%3D%26nvg_pincom%3D%26nvg_lookal%3D%26nvg_opiint%3D102%26nvg_opiinc%3D13%26nvg_opione%3D46%26nvg_sentim%3D2698%26logged%3Dfalse%26assinante%3Dfalse&cookie_enabled=1&bc=31&abxe=1&dt=1645025274252&lmt=1645025274&dlt=1645025271195&idt=2763&frm=20&biw=1600&bih=1200&oid=2&adxs=874%2C200%2C1063%2C200%2C666%2C666%2C1063%2C200%2C988%2C200%2C200%2C814%2C439&adys=1156%2C257%2C559%2C1613%2C2322%2C3057%2C1932%2C5060%2C7524%2C6017%2C3517%2C3997%2C3997&adks=1691805672%2C2964830580%2C1224838769%2C2849293477%2C3257275126%2C2389341144%2C892145560%2C4069479754%2C2228749829%2C2353039560%2C3649228102%2C3243859688%2C4137030131&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fgauchazh.clicrbs.com.br%2F&vis=1&scr_x=0&scr_y=0&psz=120x-1%7C1200x254%7C343x254%7C1200x254%7C343x1%7C343x0%7C343x254%7C1200x254%7C343x254%7C1200x254%7C1600x400%7C120x50%7C120x50&msz=120x-1%7C1200x0%7C343x0%7C1200x0%7C343x0%7C343x0%7C343x0%7C1200x0%7C343x0%7C1200x0%7C1600x0%7C120x0%7C120x0&ga_vid=244207154.1645025271&ga_sid=1645025274&ga_hid=1883081702&ga_fc=true&fws=516%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1200%2C1200%2C1200%2C1200%2C1200%2C1200%2C1200%2C1200%2C1600%2C1200%2C1200&btvi=0%7C0%7C0%7C1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021501.js?31064925
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
01cf2ca0e1910a41e29b6e6690542eeb860dd852c7558332cacffe0ad37d439d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89076
x-xss-protection
0
google-lineitem-id
-2,-1,-1,-1,5924082617,-1,5917111173,-1,5906860239,-1,-1,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-1,-1,-1,138381167963,-1,138380898957,-1,138380885242,-1,-1,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gauchazh.clicrbs.com.br
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022021501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021501.js?31064925
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7ebb311a1415b8c006a9d92a2fae996bad78989ba002091919fdaf15dee05bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Feb 2022 15:27:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10071
x-xss-protection
0
container.html
4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EB48 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021501.js?31064925
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 16 Feb 2022 15:27:54 GMT
expires
Thu, 16 Feb 2023 15:27:54 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bulk
trc.taboola.com/rbs-gauchazh/log/3/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/rbs-gauchazh/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gauchazh.clicrbs.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Wed, 16 Feb 2022 15:27:54 GMT
via
1.1 varnish
server
nginx
x-timer
S1645025274.438460,VS0,VE9
x-served-by
cache-hhn4050-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://gauchazh.clicrbs.com.br
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021501.js?31064925
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Feb 2022 15:27:54 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
643 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
827
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
yeuhtSaIHTRzn5Sb/BhoRbmorY6jlIGKTN3jBjNJ2gjscig6jQv3GZOmCUvDSqzUCzHWH69H00k=
x-served-by
cache-hhn4050-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1645025275.528809,VS0,VE0
date
Wed, 16 Feb 2022 15:27:54 GMT
x-amz-request-id
DM4PBFJ9QH08DD7N
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
32
x-cache-hits
258
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CE73 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 16 Feb 2022 13:07:31 GMT
expires
Thu, 16 Feb 2023 13:07:31 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
8423
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 26C0 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6e0cedb145ed1fe551a1f7cd45a70be4bc5921932e15625df937a9ee3553b315
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZzeP+8kFip6nT978eD1Rfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 16 Feb 2022 15:27:54 GMT
date
Wed, 16 Feb 2022 15:27:54 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-ZzeP+8kFip6nT978eD1Rfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4A7B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021501.js?31064925
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 16 Feb 2022 15:27:54 GMT
expires
Thu, 16 Feb 2023 15:27:54 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F4A0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021501.js?31064925
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 16 Feb 2022 15:27:54 GMT
expires
Thu, 16 Feb 2023 15:27:54 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 69AB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021501.js?31064925
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 16 Feb 2022 15:27:54 GMT
expires
Thu, 16 Feb 2023 15:27:54 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame 26C0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022021501&jk=3669123844490151&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js
pagead2.googlesyndication.com/bg/ Frame CE73 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de17bd4924cf4f37df1890d004e4d972fa7fce83bb13cbf4dfc7a456d67fe958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 13:54:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
5608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13552
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Feb 2023 13:54:27 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 73CB 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIY0Z7QwQEwAQ&v=APEucNVnE94Mel9o8frZguwZO2CYAriLBB1f8BB1RXwKF4_ibbt7ZbzLElfDDC1xqQbU7ceZbWjoz3MTGNRbGuo7Mz15yy9BfB0VR3asyxqzaBx_5yDtUmLY7ysEqjdb_TmoBhl9lVOSbAec7AMCMtE6-37yTUPixv3xDzxt91g29v4FtKenZSE
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 16 Feb 2022 15:27:55 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 4A7B 		87 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhzDz5Ol6WjNgZiFPkftZaAZYkfIVIXCyj2a0mK-bB7ll9JnEnkM5rpmERW33q6YGtbjasdbIs1i-I_4kfnF17NUdaha6eIE5IIgpD3AknxHb4qSfFt7x9Uz5DUrtezblPV00TU2Bhq47fD2jZqcJtnHZVBA&dbm_d=AKAmf-BJfnuAuIpJYkcofyv0fykxdE2G8kO2RuUAOBwp7w-zXLcvFiKyoV-XGq8GN1zZgknFJAEENGCTwDA0lSF-fePQ1o64TqzNJdhTRVm-HcC-qdiU2h52UufyXV11G5LWAjv9FUFhckhKqY8pl7m_M5xluMpuMvLXZspBVXiXKVBuRipyXJDVfSo1w7KKuR4ZXP8foM01M2Mkn8bGSWvrMqnJevF9Z3q0gkztgziKgsgL4NsQ7K3_lHPjuyrFXAdSRJpusXZhxEAn8Q_O4aKe7sn-MRmO8nwO1MnC2HLF0DO9Ek8CsYdOCZ2O46L_JaYoWjC75CgqV9Ll1oiw_pwb9YnCnu2meiGEz-EnlyXqWap5Cb4lNMogAyJuqzu3CbkwW-0BLyIuvt6QN9z7lss6BTrMi4phpT46gKJjr0YL-M3Wddj31_YKzLIqYEe9954TfEwWwKwlGfH68gaMyYQHjvuuff4T6DNROc4ArJ0T6fMGaeEX7lwzNa-9g6oZTP9sZFgtDcBlUbTHaogUun5kTFITk5Pd_tEfGekeQS-OEvur53cO-nltqheSHVBfrYxOEUPfjFXZ-QjHIHCGp8u2yVRDobxMjkv2O8hMXhTQS8nfviBFR-jk8ybi5dj7kkEAVyohCHl68Bv5aFf-CekfS8ELjj0wGhbXxc8k9seM0ttTxVbwYAfSqQolkKjTcpwYF3WPMk_AL_Mpq-WOp31tdWFsk2DkyMrFxQd0DBErPHlZ2hhCwfg_aUCxNCsrYNDos33TsnaKraJVRd3ve0NOyrrOXxr348uY5FDrNoE7-5xfJQnb5LYH8QrQLJSZtlct8ua9wWVmsg_5BCJzkjyC1TmTtaZ_sxIykvZlbBP3WoBXK1hjPIZnaf-Qu1qZAnULN6St-PGM5SxIHzWgkUs_zzsxQ9eGIu5GD1kLfdGNl-vAT48IC1iFyvg46fXidHEiBevlbZHldZ6Cvkt_MmvTl_7-dxqEPydj-aXrg6gpdZApW3I2moMVV7lhMdavFLdh02dyxNom4Yw7irXpviV13pc32n4dupj2Jw8AaDYVwI7gsw1awEACoHoTlBdqYDanUfWTWUD9rHEshFmQ0XLCPWJ9NUwIVK-bIPCM-sc64UQ2dPtUwQwJB3RepflZYkIPBkzVbCPRg1cTS4-ioOFKHTYaky5J6yfAPnlcgmNdgTJ0YeBbdXIOy14I5yOk7pQOfdH5REeSe3VJ8EQyAJFkszWgcJKsu0h3cVCBDgC1QzGj4k5Br7HASVAp6GsPOhEnqMspeloB-m27AMHdgtgiekSJppQ4kyakpkU_cQp8tMudHeAZ_pKzfJLanTYc837NPbg_wyzHFFIHv_x6tf46tFwsQnlbprJKz-4PD4-z6P7kVdq3cC6e3NKwkNyeXDTrbWaoIDM2B5VvpsbYhSLD9r9052Iw45o0o9pWpWC7crkTyacgIKgHnG574IBwjoqh19XQmNdG5cGu3IDIbZFdiP9FDQ-a3HyxvE6xQiGI61coMMl8xfmfYAhVkJUH-Yyu8F5K5rf1SPIdqXS9DkB5tFx_uLboEK1B5nh9fjm6hM9puFtlxfLQHUARghmFDEG_Fr6gPT2w1XBLQ5lelmvks1VPK-uqpHJTPSW2gUsXko_qY_jKkzwzIeSEMB1ftE705har-0YrtpW8FZQERNgzxu-CO967rlzmYC9AobIJSIiZElrBubIlhwwRDwOt9upWcFG8TCwmtN56YkGGPhsJtQqIdP9RAdnUmVQg17dUZ1xGjvPiV71E9-TEzojm4HaiBNAYo-8fPM1fyv_0ZtLanoYIF-z2WsB-KsLg3UPSstMG39iTXKXPEbVgeQMP2SbwPh8k1YPk-v0y44a3-I2fTatckqh1Sk0ERYOuO1Pu_8Fh0OBF4eDEvbiLdjdXllPQID6e38LUtsuS9YeWaVL-IfWwzTRZzbMalPBFc3-Rq9OIHi0iwWfv1apldLQ3rFOjz3owFfeL6ZgrmJZMllfpeagdDh6nhXVIa-uU7cdeHseabA31VQx0PsztbGpIwOjLmEBuzpX2ZOJzG5QUJiDEX02MamTdWZRbE4S_edxZqHvlQSuyXv6Cn5td3Jz7v1RsPXaxfYftlkw1Rmwcr9tiYHkpLbpxz5sQJQ6P1LWAKB7tMQDsRjCtAzMxJfWsuAzoESb-7oApks_1kjAEAx6hw22m8Gt2fYMShHP_3sOhaoliHtjVmPG1aWZLDxot5pqz8cVKexPO7wU3FqTlRRge4pbMDX8LAw4gWs_btBu3CQuDAa4qCw-6zaHmLG7g_eaLHK9W5RFGHmS0gVQ0Tkqdg0gnt_nDLNr5e_iVj5uBnslbKEYGDPcOFSRjR-EgSXNZb-NSLoixtEsgWJt8ZA5B8WM22CDsvRDuOLjU4Bc9AS8Vs7CSAhgYKqIDEOJD9S41wHonBVX7Q0MsIAzu5PUaoYyvovoOqG9py_RsNkGniz4ygS62rnX6kDhERC2jZ9blP7Vl9KWtRRk8SsmJH2-YIuxdC7FwWEnTsdG-lbPcawvuVyoLqFa5c9Nz0D4x89yr5wxrDDLbdyrTzEDoOP8vVozUhNivkrT-_mKdP7KFd1FwNaUPW1TLwQUzZAanCPaDWOpDecOWyJDa2IZ5QjiaaPsJ25pG36I_PPoawsFUYIa5qVE_MXGdrKiqz4fsX1DbT03hP61MeNysO83PzAFlIiDXfC69aSte96Za7VutVRrcpuu_mcUqI2fvUNRih2yvGr2L76dJc2TY_Lv1H8M3u_Qi8v8gRmb_wt3E-ZMjv46NknawL5owrVyaydTz-oO2FaK9WuDK-rb-WKFo9-mBdHGmf5oUg0n2bAOdzZiQCtB_zVOMZxb1mkifFK54m5DuUMY36LukqT0hFNWRoDKNU_VzJOWzywkvORI8Tkk1YSEfZ4YrshIvkEOEThWXq9I20rhxlMtL0wUj5E1nh8-53pp3vmK-gc6ntFE2ijpG2Z8rbwQ7B5oyMcVnMAveH-8yt76ll3saLhHGXEQlhVGTtFlFoP5YL7-v80sYudoJBJMdmki5fNY0Cc-naNZ2dYJeAah6xXprjTqZU-UfcAgs9ZX2Xvf5XOiP3sd9xYeUuShR7IWpLezDHgl2gfgQ6Q-yWZ_KRJys-nGU746nfEE42EXurpuu6cOM-2keZ5Do9r4a93Or0Lal4MqMO3IapkThT-WMhPUI678HxRhZf_A79af3dww64qZHnZJumLLDYwxYBsfAkIw-m4e51KOC-CP1549ck2Vr&cid=CAQSOwCNIrLMUfx5xh3WqsRYqcvS5chgyWfLd1SEcQc0LFIV2yPs-3mqgIXr6yC43c7yWlxL7jsE1krUqjrXGAE&rfl=1%2Chttps%253A%252F%252Fgauchazh.clicrbs.com.br%252F%240
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a9ea9672685ffe7f8d0a317cd04a31a01382386cf7554408960dcc1f105f005
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34707
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4A7B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DXT3jr1N16mNU6XNsbyTLD0I4azemg7nKy1zfs9kTsxfFEeb9WZRKiD2zEX0O90zstzSICSWKz63Zm50BtOC9VTL2Tzhi2fpnET0soajy2gplim8I
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/ Frame 4A7B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/window_focus_fy2019.js
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:21:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
367
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Mar 2022 15:21:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4A7B 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38569
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1644842073869169"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Feb 2022 15:27:55 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/ Frame 4A7B 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3975966229b1c0ceebf499c9785110a8142f42b5bddb0122e3eca5666707ae45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:20:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
439
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6405
x-xss-protection
0
server
cafe
etag
2993485572248006277
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Mar 2022 15:20:36 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame F47A 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhiD0tK7ATAB&v=APEucNWQR5tbHynwDIXTCuSmPdr76yUN2usDy4BKOs12GdVSxZJfyuv9XiJwpwzNmolT3bxjBfYE97cZ9hl5lGwtTXCltS2lHStXOChAtyzGO1ezT-02YSfmkU7WO2iKxzxk8nYYZHc6AAi6vPYDJb13cC7qVAE3VDHTjTlTpDBYiq9pBBBzn9Y
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 16 Feb 2022 15:27:55 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame F4A0 		76 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BRIdqkG6a4JZeaf-PeMPwqPRbMbaVAHFtJgjF3Kb0BQ1mnGRdAogo244CVND3-zso8-OdYAcsx7ZVF7xB9qxdnYGXGJk7iYsT4Q64AXt06s2tpvYqG66vr_J_sragQSFx5RqPPpD3aGRDxOUpvOrUUZzOBlQ&dbm_d=AKAmf-C_3lJacAHHJ6KLsxQvXsHJ1I2CxdR-D_LPena8B3Uv2XTNaghHZbxdg8K5nkj-mf1trHVUlTV4v1gZyYZWX0E4qzPJpzcchybZjfxiTmhli9natUEcATTq45LQZa0Xfa74-_YtX2H_Jgq79yfUvqubuWP8hAgOsYSd9beoUzW66IL9Bn3jY3MVvXyCQ67qseBxc3g4LGWrTqab_Lb0DUjm3Rboy2JSwQ9_xVqBRz-y8__txTaEMSACqP36NjIrU6IRIVOVnK_VQxsj8DwbXjMTfURCd5V681k_ngM6ptM-Br1ND25GCYf3tc4XzoWWq7_I2BERBORx5wupBIztltZrKMBtcfGpS0I9MyvRMl3d_uLmF9S83KsIdwgBgHxy4Xl1Z6BEVUZcN7yErYSGBYeAYdYEcsQhp6OlNlK7fGhZdIW1BtgbohfDDczbmqKeaJBzilfVyKOElN0brh7xqUX-LBQThWETc4NxnBA-3wjPG8uxheNh20ZoTLjVdnEBUiyv3hc2a54uGtpu3Y2ojCJkVLBIm7vWRuxRAQfyrViJeuKT7shHpEqLnwdHmYcz0qs-S1-nply6ZPMR7xRaHf0TtzWWvxosn56QCH6gKleu36yG4t6S3eXdqXXsy49N51SbYNgtc2uQkDg_fhySm-H0K7krL1YD9Tpk6E8x6l_GwewO53ChpgLKceQPr-_FrLhkBKoLdKLZDfQAax1pNDdt8o8mP6R3UfMzGzVaEUXqLba62AwfaW3KlIN4krlGZM1SsfJ73N1VIsukvww0sl9Hy9ekXUHyuy8mubrSotoZHmKZPyFhLjPREO3XSTwrOtTRFv7Bg4IsrMgSUb-dCNCN8OFzjKZCG8_kq9wj8-z6LxTeaYz4SFqDe0mBBoScWWPDgVvnATcJDBTNJHREevDCCeW3dOWJ2qXADeJVaHjnZpyCS2OVPMVyMYJ6GlUTurP8F763xnHBaXx_g2dFVo8jFpSaO3M5ESA2BT9T2IKTLuP-3fb8_0olIeRAJeG76HvBA9Fwf4CWCbHrXoAxWLAirfRUjECf3a0wBTlSquDtf_RsE6HdJQEqfXPMOZ-7qzihhty6biFhWUHTj7LhEoIbxDWxHanq3b_pdSAVX8NXr49EghM2Bk27vL81ujLIP3PoBpJXhtSiVoiL_SzKJaMortL6ElG7Ay6gsvbdYiIat6Y2a0k09tWt2h8ZrDxuyZHgeg4sBdRAbJ2fjw43wWRjEStkgTQviboZuI_4_YcN5JD9lMT5xeXYRWtXdIUl7_0UPdsu0YUpotYVoM6SU3XMkYbqB1YVhMICUWHdy8krorgTK2a_PUeEMMijQMYUcZdf17yo4ZqHA5lDfZSKrPUHHg3s4Al3Cbsv3xuBLqhZTdtW0U4ovLFnKpfojh6l2jhPB3D3fYT3D4NlV8mToTnYi-9NXi1E-nTK8RB6Q9RaCs4mGjrKL1ZB4XwB_bQ8lFBY5ahdp80ytXJ9lRHb_8xXrWSFQrD1BiwJu336zjCtP_1ISr-LMHk2xuhTLf96XsfL9O4ZR0CLMWSGocih519g0M0y2B7UNIhcvmtIhnCDNyIvhoZ_a-5XOPUcoJvQf3UatUk7MJSrRTCJMoBS9PcN0Whp5PKwv1jhcUQYBMYI1eafQpqfD1mG-iAH8bv3P6bGJt1Z24w401rRNrNI2fSvDtFrtrUkvc2pn-M8cpsS46FGk6oAeWZF5eoBPw79zo2LwLIRP1wUsIER6WjDCx__DW-t7zRAB010rGRPIl17s7daEQsXdEaoAELRK8IJhncencMJXDho1DIUbb65rX0y3I0Ie_nqEK5Pzbsnle7_PzMTAJIclTQzD1dQcDvrzJ_AbVg-KyeBdLdU4rFP1WZ9x067yw05DJwFVbar39tshxGvA1Fu7Xljocj6fh41EdfCcWmbo7krkZtS7whe0PN9rQVhrXEW8mNxoNbMyYWRf7zfeVEmIIeTG-TxlrmRu9lVBcQ3GL5xvrHUOGsQVd9Xm_hqqowsOIpwoVink4CRZf8wglb38dzPsH9eLpVOlN3e-o76xfQeMJqG7JFeDk3KLq27lmgNVocvHgS1YrChKRPKJZB5gbsalH4coy2OVOlfw0aHuYmmAKR37X0pD9dpja8z7vVsw7gXDnjuqNblEbuswK1FUcjLdnmqPnKYCzXoziI47P_BZ0MjRfyff07xTbRgkLLnpbRx5zHjGvKXbRMCa-GiLwTGM-kdsbyJnLBVN7RfrqIgozpWrN6UwYuWDApB8dxuTjT9-cUH221qyqyxtTMh20Nnii9oXXtKn0LUvZCiBxjUFuE4yKElQDcCWA76Aca-MKCs2Y2E-JHB1C8oiRazG3Cs1zQjv9eEJEJxLMhY7WtHQkuqjR5rEamvA0O34xnMh3cRSqiN8JEep7zn2dspJNPF-IE6nh-T1__zOvw_9H83t9atuMvy667_lVUIShVaQb-it1fWLx3TUeAWu2tivVNnPh2_WwREJ6XSUEHcdpzzXZo7qPTxklOIX-D2_ATvgEfUGC-BWvg1Ax1c1Fe9I_Pkl6hERl52akr3eSWWBxHi5hUbtdKG1NtGOC_ZjeL1sGLFDgtfKMlmx1WhEKtddxSxybtGs3dZ37TZudjbg2enuLDYALF2I0dZb23ygLaqN2vpkNfN7mFMdovOcvS5pXFGYaIesCobML6d8w1STsRKjgYO4m_1po6CpbPKzGCfB12bua3aK7METLkuo_rYDJvgDdjKJzrIaNrvfTZW1aY9rypw58LpXwJPzmkMxR0cIbeBVSlniMgfzdaoFIW8_Zq6hK_lAtYDdEmUYvDio5RVMXWA4J3CoFyZUpahbvWJb8T6z5c3Ll7uFQC5szFaetbBZA2hsowaLjt7Ar5qTF5CP0KOtf7t2i1Oum6RCgWZIc94ZbN6oLrfo6aBMMx82d0N9PJsT5Hm-XQzMWf8fGsZyS7DiPtRfkuCeVTXetg9-VWqitr-2B0hKZHG96XtRGKh4pC34Xq7pAhw-Kw8S64U9WtRiy5VjDpclJR_IYWQm9iARZ3Oqz4JpYUvM607c0KaMN-dtN-im3mJtSzNocs5CsbF6lvAp5ZDD6pbNxoqHcH1FycRlCnStX8mMWmPMySop7zQWQqAiCIuyG_Qil1CAt7D9Dk2xftElYKXRfxyIOXKDZrGtd4biIzWHKgIl1Pw83zA940GNVXxgp89MRML2u9hD0E5xPTtXPrBMdhNSjGiS3O9vb9p0LRyoSruXivg4YQCEFYC3oqgA1CovCm-_LSwQNsgvqpPs3bX-m0Oe-VN-u_ttQGI1F41HWC32Fi2QFnhlWX687mDlX_83lCALBZ4mAv7nFxnqCbE8tWYlSuxZ4CtvGIBf7gsZTakezYK1BWRN5dK0hwrKuAg&cid=CAQSOwCNIrLMUfx5xh3WqsRYqcvS5chgyWfLd1SEcQc0LFIV2yPs-3mqgIXr6yC43c7yWlxL7jsE1krUqjrXGAE&rfl=1%2Chttps%253A%252F%252Fgauchazh.clicrbs.com.br%252F%240
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8d4852661013ae82b0514554117f5e18111f594a20124fbb417cdeb6c4bdfc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32565
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F4A0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BSqHP-d2u2sjEwxV2NT8HEAKdsyXr_B52sQKmHZ_TAw9EWr22t6XEeruuazT05-yVArirCYvY78wMrqlOlxyaRlqehLfINAMHCw6q9i9ARcT1UEwQ
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/ Frame F4A0 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/window_focus_fy2019.js
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:21:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
367
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Mar 2022 15:21:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F4A0 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38569
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1644842073869169"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Feb 2022 15:27:55 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/ Frame F4A0 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3975966229b1c0ceebf499c9785110a8142f42b5bddb0122e3eca5666707ae45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:20:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
439
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6405
x-xss-protection
0
server
cafe
etag
2993485572248006277
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Mar 2022 15:20:36 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5F97 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLaVcRDXtnQYoZzuwAEwAQ&v=APEucNW6wTn07sY_OP1kxelIeEvnRV4_uiVB9Su23ttnvH8oa4sG4tBFLrVMRBsbopCtdv5v_WHkZad-DynG_MIdJXMVWvsTLbGK9OKGEHJtksBnF0qweNU1hJSGtE3vFOg11PYAxVOHQOk6yJGuhRG1HbVe0zAFIryUcIcwXh7jojcVUAW1LiU
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 16 Feb 2022 15:27:55 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220214/r20110914/ Frame 69AB 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220214/r20110914/abg_lite_fy2019.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b52450a51eb0ff7ca3a47d71c81fe11ae9bb2defd351861dc135fcc68d48736
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1449
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7847
x-xss-protection
0
server
cafe
etag
11854797672689052815
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Mar 2022 15:03:46 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220214/r20110914/elements/html/ Frame 69AB 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220214/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 14:56:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1883
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2626
x-xss-protection
0
server
cafe
etag
8548655983161038638
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Mar 2022 14:56:32 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 69AB 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstdXKMlI-dk_YfwSyjiClTiPtpQG7ETXTkTDWVDsh_J687oEeR0-xQJl2gBKeoHGYpUG9KzWm5ZshIZIAwjj23MxSYruY1zFLifYnbBbQfPJDSUkRA6mrnkwIhDtPPSrfnJH95pL8vdVjreYlDcOSe0due4YYpIlKeM0tVcO22yJT44POxr9FTHtOnEDsfzmuxGGW-lUw9pDFISY9YC-rXM0ZCm4duXxmjQeBau9LRUukqttJ0ygQ8QO5ZHFgTasA8iQqH_qPtq_Fn_-7QaniXY1DAfUZbrF--Me_GrhsYYAqJRbtCxfTkSWKiVH-XbJjLCCyPGHOWF2ASNz5gVZ36mUGqcwGGAgaEK0CtyJjMiE-3bLf7BflIeIhMIkcvBVduZMhu9-R1FHL4HXTMREkRrmdOX4fsh17Urr_nnXb6FO2kx0s22AtOEJpU3Ck2peC0cH4n14aXSIAFND-LyoT44rVgTmQqqlUT6F80oxdGyYK32OGdcHnvLa3EEx441fDYTDIkGTDgi3zfjU70ndxmfqd1igZ8jpfVb9yiXMEXx7vvnk85HrLBIGufYhYY195Q3ff0S1rKKYb6nL0qrsaUN1fRQbxazBtSMsA_N_YTN_yKMgKwATNMJsL1U0OZY35rErFAthI8BouEl7luygeGCIawmI2bKpKdSBpGtH9qvTZGzUp_fTGm_LX1RojJKEWAe7vG_oL40lFXpGaIAj7Mbg1aij_y0rhAj1ktqxiGM0TDXR1AyDEJXi4D3UCweooX_YpF7F7ejxxWUo2bD5DVQ6pP-QkeaqhDvO2-w1pED9EEi4wWCcU_gRzew8OJHyLT2D6Mk4IjNGXy175nlJ1Tq38NPOkx_yshZs2HPBnb1EbJNLmxFEaLbLV1mqJENceJR7uqUIOFTFRVrCM1iICkCYi1sUNBgepLv9EuG7lw12D0iwFduPPeE5zIpXjw7jQ1RLfsLcaBTFs8mAVTsu179dNQpVBat2H1sI_g9yJab8sVIIhYewx5E6ytJldxBgK-E6C0PUb59U1sq97GwjLiRhuaUrqTfjmu849KqQUzr4lCtWQ4KgXW7g_Om0nlyFW4YLv-eW-D_cgDmhWe-ZOLi9ji3zDsx75mRxs85Sj8nwIdfxa9HXDcAL50m5CrETYyWQ_H5edeDJTDqZ5qVyDqcIMYN2GJVZ4HNWwzxtMgcoiTAXMqFr_tK1bx-JiLnPLqSMzPx3KDtt1EgxCuZDm1m_X1U0RO2J5fx9hhklawBGH7zs0XO2IGyq104zWZxzNi2Jby4sBbSr6bxTg3l3XY9Rauk8eFsxyAgg8Id12DHCq4&sai=AMfl-YR7zscfs1nSZdpo-Kr8448EqdGzOpXMJ6VmlMGtCqUjOiLdmGeMOgln_Uyt20xrIg3uoXxZIaLWabuKC2QUnamc8lQ0fqhMA7pfIub4mYTxL_6b4swwHYL7CasXTKaE3CZ8BbTANWkLOENYN-2j5YGtvJcP6aXV6WMxcuJTkOCpPZPptdU9Nl3AzlpsLQXxR8pmEOLxQAGkcIxKL9y2HtrPJTl5dI-LezVTVpjtrSx3tpiYrXNg0ir5YqFGxcGmuKEOr8bhEWlN1JSu9gxYqwkZKxXv66Rw2MHvFXiJvkez58lmSvCSk6BB8pU6fQZLETYwkw&sig=Cg0ArKJSzBSqLfVPD6uQEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220214.58704&adurl=
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 16 Feb 2022 15:27:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 69AB 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 23:59:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
314879
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Feb 2023 23:59:56 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 69AB 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DN4teiTb1ukLXcSVNjAh1gxiAv0-0NPJQPJCw30yS2TbZtBAXiT4NDQwnnP_6d90Md3yj_oTLa11am2g1PCF8jsne8Hs0Pf1gHJxcND9f-qK3PJX0
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/ Frame 69AB 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/window_focus_fy2019.js
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:21:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
367
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Mar 2022 15:21:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 69AB 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38569
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1644842073869169"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Feb 2022 15:27:55 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/ Frame 69AB 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3975966229b1c0ceebf499c9785110a8142f42b5bddb0122e3eca5666707ae45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:20:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
439
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6405
x-xss-protection
0
server
cafe
etag
2993485572248006277
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Mar 2022 15:20:36 GMT
l
www.google.com/ads/measurement/ Frame 69AB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR2fTBAlWZXTnSQZ7LbA-KFGDVlDGIjxEVNsPZrdSaSYgAdS7vT8cxBAah01R_OY3nCJiK3Yhba8YLNCjCz6Sx8-6U_Aw
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
16439529265708222993
s0.2mdn.net/simgad/ Frame 69AB 		136 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/16439529265708222993
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c92420cfb439508b1c4df21f2d911a9ea8097d83953c07ba38dbe5759681f63e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 14:41:30 GMT
x-content-type-options
nosniff
age
175585
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139539
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 10:58:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 14 Feb 2023 14:41:30 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame DCA5 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 13 Feb 2022 01:16:16 GMT
expires
Mon, 13 Feb 2023 01:16:16 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
310299
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4040 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Wed, 16 Feb 2022 05:53:44 GMT
expires
Thu, 17 Feb 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
34451
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rum
dsum-sec.casalemedia.com/ Frame 5F97
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLL8ovM7J7zzMp9IayWTGU&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLL8ovM7J7zzMp9IayWTGU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLaVcRDXtnQYoZzuwAEwAQ&v=APEucNW6wTn07sY_OP1kxelIeEvnRV4_uiVB9Su23ttnvH8oa4sG4tBFLrVMRBsbopCtdv5v_WHkZad-DynG_MIdJXMVWvsTLbGK9OKGEHJtksBnF0qweNU1hJSGtE3vFOg11PYAxVOHQOk6yJGuhRG1HbVe0zAFIryUcIcwXh7jojcVUAW1LiU
Protocol
HTTP/1.1
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 15:27:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Feb 2022 15:27:55 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLL8ovM7J7zzMp9IayWTGU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5F97
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yg0X.6XpGzEjYQKq6XrhtQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLL8ovM7J7zzMp9IayWTGU&google_cver=1&google_hm=2
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLL8ovM7J7zzMp9IayWTGU&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLaVcRDXtnQYoZzuwAEwAQ&v=APEucNW6wTn07sY_OP1kxelIeEvnRV4_uiVB9Su23ttnvH8oa4sG4tBFLrVMRBsbopCtdv5v_WHkZad-DynG_MIdJXMVWvsTLbGK9OKGEHJtksBnF0qweNU1hJSGtE3vFOg11PYAxVOHQOk6yJGuhRG1HbVe0zAFIryUcIcwXh7jojcVUAW1LiU
Protocol
HTTP/1.1
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 15:27:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Feb 2022 15:27:55 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLL8ovM7J7zzMp9IayWTGU&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 5F97
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFX4hrsHpBs44zLdnUg4J1c&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEFX4hrsHpBs44zLdnUg4J1c&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLaVcRDXtnQYoZzuwAEwAQ&v=APEucNW6wTn07sY_OP1kxelIeEvnRV4_uiVB9Su23ttnvH8oa4sG4tBFLrVMRBsbopCtdv5v_WHkZad-DynG_MIdJXMVWvsTLbGK9OKGEHJtksBnF0qweNU1hJSGtE3vFOg11PYAxVOHQOk6yJGuhRG1HbVe0zAFIryUcIcwXh7jojcVUAW1LiU
Protocol
HTTP/1.1
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 15:27:55 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7ecd2571-bbd8-498d-a80f-4b7bf07194ce
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEFX4hrsHpBs44zLdnUg4J1c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5F97
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA3MTUxMjAzMDM0NjY3Mzc3OQ%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA3MTUxMjAzMDM0NjY3Mzc3OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLaVcRDXtnQYoZzuwAEwAQ&v=APEucNW6wTn07sY_OP1kxelIeEvnRV4_uiVB9Su23ttnvH8oa4sG4tBFLrVMRBsbopCtdv5v_WHkZad-DynG_MIdJXMVWvsTLbGK9OKGEHJtksBnF0qweNU1hJSGtE3vFOg11PYAxVOHQOk6yJGuhRG1HbVe0zAFIryUcIcwXh7jojcVUAW1LiU
Protocol
H2
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 15:27:55 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
13946d3f-c8e8-49b8-a89f-b82ba8e5f423
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA3MTUxMjAzMDM0NjY3Mzc3OQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F47A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLL8ovM7J7zzMp9IayWTGU&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLL8ovM7J7zzMp9IayWTGU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhiD0tK7ATAB&v=APEucNWQR5tbHynwDIXTCuSmPdr76yUN2usDy4BKOs12GdVSxZJfyuv9XiJwpwzNmolT3bxjBfYE97cZ9hl5lGwtTXCltS2lHStXOChAtyzGO1ezT-02YSfmkU7WO2iKxzxk8nYYZHc6AAi6vPYDJb13cC7qVAE3VDHTjTlTpDBYiq9pBBBzn9Y
Protocol
HTTP/1.1
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 15:27:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Feb 2022 15:27:55 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLL8ovM7J7zzMp9IayWTGU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F47A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yg0X.6XpGzEjYQKq6XrhtQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLL8ovM7J7zzMp9IayWTGU&google_cver=1&google_hm=2
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLL8ovM7J7zzMp9IayWTGU&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhiD0tK7ATAB&v=APEucNWQR5tbHynwDIXTCuSmPdr76yUN2usDy4BKOs12GdVSxZJfyuv9XiJwpwzNmolT3bxjBfYE97cZ9hl5lGwtTXCltS2lHStXOChAtyzGO1ezT-02YSfmkU7WO2iKxzxk8nYYZHc6AAi6vPYDJb13cC7qVAE3VDHTjTlTpDBYiq9pBBBzn9Y
Protocol
HTTP/1.1
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 15:27:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Feb 2022 15:27:55 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLL8ovM7J7zzMp9IayWTGU&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame F47A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFX4hrsHpBs44zLdnUg4J1c&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEFX4hrsHpBs44zLdnUg4J1c&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhiD0tK7ATAB&v=APEucNWQR5tbHynwDIXTCuSmPdr76yUN2usDy4BKOs12GdVSxZJfyuv9XiJwpwzNmolT3bxjBfYE97cZ9hl5lGwtTXCltS2lHStXOChAtyzGO1ezT-02YSfmkU7WO2iKxzxk8nYYZHc6AAi6vPYDJb13cC7qVAE3VDHTjTlTpDBYiq9pBBBzn9Y
Protocol
HTTP/1.1
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 15:27:55 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2fb22fb8-d3ab-43c0-a0ce-2cf326188478
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEFX4hrsHpBs44zLdnUg4J1c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F47A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA3MTUxMjAzMDM0NjY3Mzc3OQ%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA3MTUxMjAzMDM0NjY3Mzc3OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhiD0tK7ATAB&v=APEucNWQR5tbHynwDIXTCuSmPdr76yUN2usDy4BKOs12GdVSxZJfyuv9XiJwpwzNmolT3bxjBfYE97cZ9hl5lGwtTXCltS2lHStXOChAtyzGO1ezT-02YSfmkU7WO2iKxzxk8nYYZHc6AAi6vPYDJb13cC7qVAE3VDHTjTlTpDBYiq9pBBBzn9Y
Protocol
H2
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 15:27:55 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
eb6b662a-c8a4-49e3-acdd-3f732d113200
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA3MTUxMjAzMDM0NjY3Mzc3OQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame CE73 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?JvLpYQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame F4A0 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
Origin
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 23:59:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55680
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Feb 2022 23:59:55 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220214/r20110914/elements/html/ Frame F4A0 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220214/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BRIdqkG6a4JZeaf-PeMPwqPRbMbaVAHFtJgjF3Kb0BQ1mnGRdAogo244CVND3-zso8-OdYAcsx7ZVF7xB9qxdnYGXGJk7iYsT4Q64AXt06s2tpvYqG66vr_J_sragQSFx5RqPPpD3aGRDxOUpvOrUUZzOBlQ&dbm_d=AKAmf-C_3lJacAHHJ6KLsxQvXsHJ1I2CxdR-D_LPena8B3Uv2XTNaghHZbxdg8K5nkj-mf1trHVUlTV4v1gZyYZWX0E4qzPJpzcchybZjfxiTmhli9natUEcATTq45LQZa0Xfa74-_YtX2H_Jgq79yfUvqubuWP8hAgOsYSd9beoUzW66IL9Bn3jY3MVvXyCQ67qseBxc3g4LGWrTqab_Lb0DUjm3Rboy2JSwQ9_xVqBRz-y8__txTaEMSACqP36NjIrU6IRIVOVnK_VQxsj8DwbXjMTfURCd5V681k_ngM6ptM-Br1ND25GCYf3tc4XzoWWq7_I2BERBORx5wupBIztltZrKMBtcfGpS0I9MyvRMl3d_uLmF9S83KsIdwgBgHxy4Xl1Z6BEVUZcN7yErYSGBYeAYdYEcsQhp6OlNlK7fGhZdIW1BtgbohfDDczbmqKeaJBzilfVyKOElN0brh7xqUX-LBQThWETc4NxnBA-3wjPG8uxheNh20ZoTLjVdnEBUiyv3hc2a54uGtpu3Y2ojCJkVLBIm7vWRuxRAQfyrViJeuKT7shHpEqLnwdHmYcz0qs-S1-nply6ZPMR7xRaHf0TtzWWvxosn56QCH6gKleu36yG4t6S3eXdqXXsy49N51SbYNgtc2uQkDg_fhySm-H0K7krL1YD9Tpk6E8x6l_GwewO53ChpgLKceQPr-_FrLhkBKoLdKLZDfQAax1pNDdt8o8mP6R3UfMzGzVaEUXqLba62AwfaW3KlIN4krlGZM1SsfJ73N1VIsukvww0sl9Hy9ekXUHyuy8mubrSotoZHmKZPyFhLjPREO3XSTwrOtTRFv7Bg4IsrMgSUb-dCNCN8OFzjKZCG8_kq9wj8-z6LxTeaYz4SFqDe0mBBoScWWPDgVvnATcJDBTNJHREevDCCeW3dOWJ2qXADeJVaHjnZpyCS2OVPMVyMYJ6GlUTurP8F763xnHBaXx_g2dFVo8jFpSaO3M5ESA2BT9T2IKTLuP-3fb8_0olIeRAJeG76HvBA9Fwf4CWCbHrXoAxWLAirfRUjECf3a0wBTlSquDtf_RsE6HdJQEqfXPMOZ-7qzihhty6biFhWUHTj7LhEoIbxDWxHanq3b_pdSAVX8NXr49EghM2Bk27vL81ujLIP3PoBpJXhtSiVoiL_SzKJaMortL6ElG7Ay6gsvbdYiIat6Y2a0k09tWt2h8ZrDxuyZHgeg4sBdRAbJ2fjw43wWRjEStkgTQviboZuI_4_YcN5JD9lMT5xeXYRWtXdIUl7_0UPdsu0YUpotYVoM6SU3XMkYbqB1YVhMICUWHdy8krorgTK2a_PUeEMMijQMYUcZdf17yo4ZqHA5lDfZSKrPUHHg3s4Al3Cbsv3xuBLqhZTdtW0U4ovLFnKpfojh6l2jhPB3D3fYT3D4NlV8mToTnYi-9NXi1E-nTK8RB6Q9RaCs4mGjrKL1ZB4XwB_bQ8lFBY5ahdp80ytXJ9lRHb_8xXrWSFQrD1BiwJu336zjCtP_1ISr-LMHk2xuhTLf96XsfL9O4ZR0CLMWSGocih519g0M0y2B7UNIhcvmtIhnCDNyIvhoZ_a-5XOPUcoJvQf3UatUk7MJSrRTCJMoBS9PcN0Whp5PKwv1jhcUQYBMYI1eafQpqfD1mG-iAH8bv3P6bGJt1Z24w401rRNrNI2fSvDtFrtrUkvc2pn-M8cpsS46FGk6oAeWZF5eoBPw79zo2LwLIRP1wUsIER6WjDCx__DW-t7zRAB010rGRPIl17s7daEQsXdEaoAELRK8IJhncencMJXDho1DIUbb65rX0y3I0Ie_nqEK5Pzbsnle7_PzMTAJIclTQzD1dQcDvrzJ_AbVg-KyeBdLdU4rFP1WZ9x067yw05DJwFVbar39tshxGvA1Fu7Xljocj6fh41EdfCcWmbo7krkZtS7whe0PN9rQVhrXEW8mNxoNbMyYWRf7zfeVEmIIeTG-TxlrmRu9lVBcQ3GL5xvrHUOGsQVd9Xm_hqqowsOIpwoVink4CRZf8wglb38dzPsH9eLpVOlN3e-o76xfQeMJqG7JFeDk3KLq27lmgNVocvHgS1YrChKRPKJZB5gbsalH4coy2OVOlfw0aHuYmmAKR37X0pD9dpja8z7vVsw7gXDnjuqNblEbuswK1FUcjLdnmqPnKYCzXoziI47P_BZ0MjRfyff07xTbRgkLLnpbRx5zHjGvKXbRMCa-GiLwTGM-kdsbyJnLBVN7RfrqIgozpWrN6UwYuWDApB8dxuTjT9-cUH221qyqyxtTMh20Nnii9oXXtKn0LUvZCiBxjUFuE4yKElQDcCWA76Aca-MKCs2Y2E-JHB1C8oiRazG3Cs1zQjv9eEJEJxLMhY7WtHQkuqjR5rEamvA0O34xnMh3cRSqiN8JEep7zn2dspJNPF-IE6nh-T1__zOvw_9H83t9atuMvy667_lVUIShVaQb-it1fWLx3TUeAWu2tivVNnPh2_WwREJ6XSUEHcdpzzXZo7qPTxklOIX-D2_ATvgEfUGC-BWvg1Ax1c1Fe9I_Pkl6hERl52akr3eSWWBxHi5hUbtdKG1NtGOC_ZjeL1sGLFDgtfKMlmx1WhEKtddxSxybtGs3dZ37TZudjbg2enuLDYALF2I0dZb23ygLaqN2vpkNfN7mFMdovOcvS5pXFGYaIesCobML6d8w1STsRKjgYO4m_1po6CpbPKzGCfB12bua3aK7METLkuo_rYDJvgDdjKJzrIaNrvfTZW1aY9rypw58LpXwJPzmkMxR0cIbeBVSlniMgfzdaoFIW8_Zq6hK_lAtYDdEmUYvDio5RVMXWA4J3CoFyZUpahbvWJb8T6z5c3Ll7uFQC5szFaetbBZA2hsowaLjt7Ar5qTF5CP0KOtf7t2i1Oum6RCgWZIc94ZbN6oLrfo6aBMMx82d0N9PJsT5Hm-XQzMWf8fGsZyS7DiPtRfkuCeVTXetg9-VWqitr-2B0hKZHG96XtRGKh4pC34Xq7pAhw-Kw8S64U9WtRiy5VjDpclJR_IYWQm9iARZ3Oqz4JpYUvM607c0KaMN-dtN-im3mJtSzNocs5CsbF6lvAp5ZDD6pbNxoqHcH1FycRlCnStX8mMWmPMySop7zQWQqAiCIuyG_Qil1CAt7D9Dk2xftElYKXRfxyIOXKDZrGtd4biIzWHKgIl1Pw83zA940GNVXxgp89MRML2u9hD0E5xPTtXPrBMdhNSjGiS3O9vb9p0LRyoSruXivg4YQCEFYC3oqgA1CovCm-_LSwQNsgvqpPs3bX-m0Oe-VN-u_ttQGI1F41HWC32Fi2QFnhlWX687mDlX_83lCALBZ4mAv7nFxnqCbE8tWYlSuxZ4CtvGIBf7gsZTakezYK1BWRN5dK0hwrKuAg&cid=CAQSOwCNIrLMUfx5xh3WqsRYqcvS5chgyWfLd1SEcQc0LFIV2yPs-3mqgIXr6yC43c7yWlxL7jsE1krUqjrXGAE&rfl=1%2Chttps%253A%252F%252Fgauchazh.clicrbs.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Mar 2022 15:27:17 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220214/r20110914/ Frame F4A0 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220214/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BRIdqkG6a4JZeaf-PeMPwqPRbMbaVAHFtJgjF3Kb0BQ1mnGRdAogo244CVND3-zso8-OdYAcsx7ZVF7xB9qxdnYGXGJk7iYsT4Q64AXt06s2tpvYqG66vr_J_sragQSFx5RqPPpD3aGRDxOUpvOrUUZzOBlQ&dbm_d=AKAmf-C_3lJacAHHJ6KLsxQvXsHJ1I2CxdR-D_LPena8B3Uv2XTNaghHZbxdg8K5nkj-mf1trHVUlTV4v1gZyYZWX0E4qzPJpzcchybZjfxiTmhli9natUEcATTq45LQZa0Xfa74-_YtX2H_Jgq79yfUvqubuWP8hAgOsYSd9beoUzW66IL9Bn3jY3MVvXyCQ67qseBxc3g4LGWrTqab_Lb0DUjm3Rboy2JSwQ9_xVqBRz-y8__txTaEMSACqP36NjIrU6IRIVOVnK_VQxsj8DwbXjMTfURCd5V681k_ngM6ptM-Br1ND25GCYf3tc4XzoWWq7_I2BERBORx5wupBIztltZrKMBtcfGpS0I9MyvRMl3d_uLmF9S83KsIdwgBgHxy4Xl1Z6BEVUZcN7yErYSGBYeAYdYEcsQhp6OlNlK7fGhZdIW1BtgbohfDDczbmqKeaJBzilfVyKOElN0brh7xqUX-LBQThWETc4NxnBA-3wjPG8uxheNh20ZoTLjVdnEBUiyv3hc2a54uGtpu3Y2ojCJkVLBIm7vWRuxRAQfyrViJeuKT7shHpEqLnwdHmYcz0qs-S1-nply6ZPMR7xRaHf0TtzWWvxosn56QCH6gKleu36yG4t6S3eXdqXXsy49N51SbYNgtc2uQkDg_fhySm-H0K7krL1YD9Tpk6E8x6l_GwewO53ChpgLKceQPr-_FrLhkBKoLdKLZDfQAax1pNDdt8o8mP6R3UfMzGzVaEUXqLba62AwfaW3KlIN4krlGZM1SsfJ73N1VIsukvww0sl9Hy9ekXUHyuy8mubrSotoZHmKZPyFhLjPREO3XSTwrOtTRFv7Bg4IsrMgSUb-dCNCN8OFzjKZCG8_kq9wj8-z6LxTeaYz4SFqDe0mBBoScWWPDgVvnATcJDBTNJHREevDCCeW3dOWJ2qXADeJVaHjnZpyCS2OVPMVyMYJ6GlUTurP8F763xnHBaXx_g2dFVo8jFpSaO3M5ESA2BT9T2IKTLuP-3fb8_0olIeRAJeG76HvBA9Fwf4CWCbHrXoAxWLAirfRUjECf3a0wBTlSquDtf_RsE6HdJQEqfXPMOZ-7qzihhty6biFhWUHTj7LhEoIbxDWxHanq3b_pdSAVX8NXr49EghM2Bk27vL81ujLIP3PoBpJXhtSiVoiL_SzKJaMortL6ElG7Ay6gsvbdYiIat6Y2a0k09tWt2h8ZrDxuyZHgeg4sBdRAbJ2fjw43wWRjEStkgTQviboZuI_4_YcN5JD9lMT5xeXYRWtXdIUl7_0UPdsu0YUpotYVoM6SU3XMkYbqB1YVhMICUWHdy8krorgTK2a_PUeEMMijQMYUcZdf17yo4ZqHA5lDfZSKrPUHHg3s4Al3Cbsv3xuBLqhZTdtW0U4ovLFnKpfojh6l2jhPB3D3fYT3D4NlV8mToTnYi-9NXi1E-nTK8RB6Q9RaCs4mGjrKL1ZB4XwB_bQ8lFBY5ahdp80ytXJ9lRHb_8xXrWSFQrD1BiwJu336zjCtP_1ISr-LMHk2xuhTLf96XsfL9O4ZR0CLMWSGocih519g0M0y2B7UNIhcvmtIhnCDNyIvhoZ_a-5XOPUcoJvQf3UatUk7MJSrRTCJMoBS9PcN0Whp5PKwv1jhcUQYBMYI1eafQpqfD1mG-iAH8bv3P6bGJt1Z24w401rRNrNI2fSvDtFrtrUkvc2pn-M8cpsS46FGk6oAeWZF5eoBPw79zo2LwLIRP1wUsIER6WjDCx__DW-t7zRAB010rGRPIl17s7daEQsXdEaoAELRK8IJhncencMJXDho1DIUbb65rX0y3I0Ie_nqEK5Pzbsnle7_PzMTAJIclTQzD1dQcDvrzJ_AbVg-KyeBdLdU4rFP1WZ9x067yw05DJwFVbar39tshxGvA1Fu7Xljocj6fh41EdfCcWmbo7krkZtS7whe0PN9rQVhrXEW8mNxoNbMyYWRf7zfeVEmIIeTG-TxlrmRu9lVBcQ3GL5xvrHUOGsQVd9Xm_hqqowsOIpwoVink4CRZf8wglb38dzPsH9eLpVOlN3e-o76xfQeMJqG7JFeDk3KLq27lmgNVocvHgS1YrChKRPKJZB5gbsalH4coy2OVOlfw0aHuYmmAKR37X0pD9dpja8z7vVsw7gXDnjuqNblEbuswK1FUcjLdnmqPnKYCzXoziI47P_BZ0MjRfyff07xTbRgkLLnpbRx5zHjGvKXbRMCa-GiLwTGM-kdsbyJnLBVN7RfrqIgozpWrN6UwYuWDApB8dxuTjT9-cUH221qyqyxtTMh20Nnii9oXXtKn0LUvZCiBxjUFuE4yKElQDcCWA76Aca-MKCs2Y2E-JHB1C8oiRazG3Cs1zQjv9eEJEJxLMhY7WtHQkuqjR5rEamvA0O34xnMh3cRSqiN8JEep7zn2dspJNPF-IE6nh-T1__zOvw_9H83t9atuMvy667_lVUIShVaQb-it1fWLx3TUeAWu2tivVNnPh2_WwREJ6XSUEHcdpzzXZo7qPTxklOIX-D2_ATvgEfUGC-BWvg1Ax1c1Fe9I_Pkl6hERl52akr3eSWWBxHi5hUbtdKG1NtGOC_ZjeL1sGLFDgtfKMlmx1WhEKtddxSxybtGs3dZ37TZudjbg2enuLDYALF2I0dZb23ygLaqN2vpkNfN7mFMdovOcvS5pXFGYaIesCobML6d8w1STsRKjgYO4m_1po6CpbPKzGCfB12bua3aK7METLkuo_rYDJvgDdjKJzrIaNrvfTZW1aY9rypw58LpXwJPzmkMxR0cIbeBVSlniMgfzdaoFIW8_Zq6hK_lAtYDdEmUYvDio5RVMXWA4J3CoFyZUpahbvWJb8T6z5c3Ll7uFQC5szFaetbBZA2hsowaLjt7Ar5qTF5CP0KOtf7t2i1Oum6RCgWZIc94ZbN6oLrfo6aBMMx82d0N9PJsT5Hm-XQzMWf8fGsZyS7DiPtRfkuCeVTXetg9-VWqitr-2B0hKZHG96XtRGKh4pC34Xq7pAhw-Kw8S64U9WtRiy5VjDpclJR_IYWQm9iARZ3Oqz4JpYUvM607c0KaMN-dtN-im3mJtSzNocs5CsbF6lvAp5ZDD6pbNxoqHcH1FycRlCnStX8mMWmPMySop7zQWQqAiCIuyG_Qil1CAt7D9Dk2xftElYKXRfxyIOXKDZrGtd4biIzWHKgIl1Pw83zA940GNVXxgp89MRML2u9hD0E5xPTtXPrBMdhNSjGiS3O9vb9p0LRyoSruXivg4YQCEFYC3oqgA1CovCm-_LSwQNsgvqpPs3bX-m0Oe-VN-u_ttQGI1F41HWC32Fi2QFnhlWX687mDlX_83lCALBZ4mAv7nFxnqCbE8tWYlSuxZ4CtvGIBf7gsZTakezYK1BWRN5dK0hwrKuAg&cid=CAQSOwCNIrLMUfx5xh3WqsRYqcvS5chgyWfLd1SEcQc0LFIV2yPs-3mqgIXr6yC43c7yWlxL7jsE1krUqjrXGAE&rfl=1%2Chttps%253A%252F%252Fgauchazh.clicrbs.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6df0e79bf174f517cea1f243496e6a4e577650894430e419f398d393cda9db9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:24:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
181
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9617
x-xss-protection
0
server
cafe
etag
10975767963254409397
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Mar 2022 15:24:54 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/949432/60827849/ Frame 4A7B 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/949432/60827849/skeleton.js?ias_dspID=3&ias_campId=26650973&ias_pubId=pub-5313162903174685&ias_chanId=1&ias_placementId=16192691453&bidurl=https://gauchazh.clicrbs.com.br/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h1TMBIwdg_-7A2ErftQvvh
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.30.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-30-33.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7025e11b403e9e1415114aff1413e251c7002800c610e8bf02ff400a8f67a50e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 4A7B 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
Origin
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 23:59:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55680
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Feb 2022 23:59:55 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220214/r20110914/elements/html/ Frame 4A7B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220214/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhzDz5Ol6WjNgZiFPkftZaAZYkfIVIXCyj2a0mK-bB7ll9JnEnkM5rpmERW33q6YGtbjasdbIs1i-I_4kfnF17NUdaha6eIE5IIgpD3AknxHb4qSfFt7x9Uz5DUrtezblPV00TU2Bhq47fD2jZqcJtnHZVBA&dbm_d=AKAmf-BJfnuAuIpJYkcofyv0fykxdE2G8kO2RuUAOBwp7w-zXLcvFiKyoV-XGq8GN1zZgknFJAEENGCTwDA0lSF-fePQ1o64TqzNJdhTRVm-HcC-qdiU2h52UufyXV11G5LWAjv9FUFhckhKqY8pl7m_M5xluMpuMvLXZspBVXiXKVBuRipyXJDVfSo1w7KKuR4ZXP8foM01M2Mkn8bGSWvrMqnJevF9Z3q0gkztgziKgsgL4NsQ7K3_lHPjuyrFXAdSRJpusXZhxEAn8Q_O4aKe7sn-MRmO8nwO1MnC2HLF0DO9Ek8CsYdOCZ2O46L_JaYoWjC75CgqV9Ll1oiw_pwb9YnCnu2meiGEz-EnlyXqWap5Cb4lNMogAyJuqzu3CbkwW-0BLyIuvt6QN9z7lss6BTrMi4phpT46gKJjr0YL-M3Wddj31_YKzLIqYEe9954TfEwWwKwlGfH68gaMyYQHjvuuff4T6DNROc4ArJ0T6fMGaeEX7lwzNa-9g6oZTP9sZFgtDcBlUbTHaogUun5kTFITk5Pd_tEfGekeQS-OEvur53cO-nltqheSHVBfrYxOEUPfjFXZ-QjHIHCGp8u2yVRDobxMjkv2O8hMXhTQS8nfviBFR-jk8ybi5dj7kkEAVyohCHl68Bv5aFf-CekfS8ELjj0wGhbXxc8k9seM0ttTxVbwYAfSqQolkKjTcpwYF3WPMk_AL_Mpq-WOp31tdWFsk2DkyMrFxQd0DBErPHlZ2hhCwfg_aUCxNCsrYNDos33TsnaKraJVRd3ve0NOyrrOXxr348uY5FDrNoE7-5xfJQnb5LYH8QrQLJSZtlct8ua9wWVmsg_5BCJzkjyC1TmTtaZ_sxIykvZlbBP3WoBXK1hjPIZnaf-Qu1qZAnULN6St-PGM5SxIHzWgkUs_zzsxQ9eGIu5GD1kLfdGNl-vAT48IC1iFyvg46fXidHEiBevlbZHldZ6Cvkt_MmvTl_7-dxqEPydj-aXrg6gpdZApW3I2moMVV7lhMdavFLdh02dyxNom4Yw7irXpviV13pc32n4dupj2Jw8AaDYVwI7gsw1awEACoHoTlBdqYDanUfWTWUD9rHEshFmQ0XLCPWJ9NUwIVK-bIPCM-sc64UQ2dPtUwQwJB3RepflZYkIPBkzVbCPRg1cTS4-ioOFKHTYaky5J6yfAPnlcgmNdgTJ0YeBbdXIOy14I5yOk7pQOfdH5REeSe3VJ8EQyAJFkszWgcJKsu0h3cVCBDgC1QzGj4k5Br7HASVAp6GsPOhEnqMspeloB-m27AMHdgtgiekSJppQ4kyakpkU_cQp8tMudHeAZ_pKzfJLanTYc837NPbg_wyzHFFIHv_x6tf46tFwsQnlbprJKz-4PD4-z6P7kVdq3cC6e3NKwkNyeXDTrbWaoIDM2B5VvpsbYhSLD9r9052Iw45o0o9pWpWC7crkTyacgIKgHnG574IBwjoqh19XQmNdG5cGu3IDIbZFdiP9FDQ-a3HyxvE6xQiGI61coMMl8xfmfYAhVkJUH-Yyu8F5K5rf1SPIdqXS9DkB5tFx_uLboEK1B5nh9fjm6hM9puFtlxfLQHUARghmFDEG_Fr6gPT2w1XBLQ5lelmvks1VPK-uqpHJTPSW2gUsXko_qY_jKkzwzIeSEMB1ftE705har-0YrtpW8FZQERNgzxu-CO967rlzmYC9AobIJSIiZElrBubIlhwwRDwOt9upWcFG8TCwmtN56YkGGPhsJtQqIdP9RAdnUmVQg17dUZ1xGjvPiV71E9-TEzojm4HaiBNAYo-8fPM1fyv_0ZtLanoYIF-z2WsB-KsLg3UPSstMG39iTXKXPEbVgeQMP2SbwPh8k1YPk-v0y44a3-I2fTatckqh1Sk0ERYOuO1Pu_8Fh0OBF4eDEvbiLdjdXllPQID6e38LUtsuS9YeWaVL-IfWwzTRZzbMalPBFc3-Rq9OIHi0iwWfv1apldLQ3rFOjz3owFfeL6ZgrmJZMllfpeagdDh6nhXVIa-uU7cdeHseabA31VQx0PsztbGpIwOjLmEBuzpX2ZOJzG5QUJiDEX02MamTdWZRbE4S_edxZqHvlQSuyXv6Cn5td3Jz7v1RsPXaxfYftlkw1Rmwcr9tiYHkpLbpxz5sQJQ6P1LWAKB7tMQDsRjCtAzMxJfWsuAzoESb-7oApks_1kjAEAx6hw22m8Gt2fYMShHP_3sOhaoliHtjVmPG1aWZLDxot5pqz8cVKexPO7wU3FqTlRRge4pbMDX8LAw4gWs_btBu3CQuDAa4qCw-6zaHmLG7g_eaLHK9W5RFGHmS0gVQ0Tkqdg0gnt_nDLNr5e_iVj5uBnslbKEYGDPcOFSRjR-EgSXNZb-NSLoixtEsgWJt8ZA5B8WM22CDsvRDuOLjU4Bc9AS8Vs7CSAhgYKqIDEOJD9S41wHonBVX7Q0MsIAzu5PUaoYyvovoOqG9py_RsNkGniz4ygS62rnX6kDhERC2jZ9blP7Vl9KWtRRk8SsmJH2-YIuxdC7FwWEnTsdG-lbPcawvuVyoLqFa5c9Nz0D4x89yr5wxrDDLbdyrTzEDoOP8vVozUhNivkrT-_mKdP7KFd1FwNaUPW1TLwQUzZAanCPaDWOpDecOWyJDa2IZ5QjiaaPsJ25pG36I_PPoawsFUYIa5qVE_MXGdrKiqz4fsX1DbT03hP61MeNysO83PzAFlIiDXfC69aSte96Za7VutVRrcpuu_mcUqI2fvUNRih2yvGr2L76dJc2TY_Lv1H8M3u_Qi8v8gRmb_wt3E-ZMjv46NknawL5owrVyaydTz-oO2FaK9WuDK-rb-WKFo9-mBdHGmf5oUg0n2bAOdzZiQCtB_zVOMZxb1mkifFK54m5DuUMY36LukqT0hFNWRoDKNU_VzJOWzywkvORI8Tkk1YSEfZ4YrshIvkEOEThWXq9I20rhxlMtL0wUj5E1nh8-53pp3vmK-gc6ntFE2ijpG2Z8rbwQ7B5oyMcVnMAveH-8yt76ll3saLhHGXEQlhVGTtFlFoP5YL7-v80sYudoJBJMdmki5fNY0Cc-naNZ2dYJeAah6xXprjTqZU-UfcAgs9ZX2Xvf5XOiP3sd9xYeUuShR7IWpLezDHgl2gfgQ6Q-yWZ_KRJys-nGU746nfEE42EXurpuu6cOM-2keZ5Do9r4a93Or0Lal4MqMO3IapkThT-WMhPUI678HxRhZf_A79af3dww64qZHnZJumLLDYwxYBsfAkIw-m4e51KOC-CP1549ck2Vr&cid=CAQSOwCNIrLMUfx5xh3WqsRYqcvS5chgyWfLd1SEcQc0LFIV2yPs-3mqgIXr6yC43c7yWlxL7jsE1krUqjrXGAE&rfl=1%2Chttps%253A%252F%252Fgauchazh.clicrbs.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Mar 2022 15:27:17 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220214/r20110914/ Frame 4A7B 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220214/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhzDz5Ol6WjNgZiFPkftZaAZYkfIVIXCyj2a0mK-bB7ll9JnEnkM5rpmERW33q6YGtbjasdbIs1i-I_4kfnF17NUdaha6eIE5IIgpD3AknxHb4qSfFt7x9Uz5DUrtezblPV00TU2Bhq47fD2jZqcJtnHZVBA&dbm_d=AKAmf-BJfnuAuIpJYkcofyv0fykxdE2G8kO2RuUAOBwp7w-zXLcvFiKyoV-XGq8GN1zZgknFJAEENGCTwDA0lSF-fePQ1o64TqzNJdhTRVm-HcC-qdiU2h52UufyXV11G5LWAjv9FUFhckhKqY8pl7m_M5xluMpuMvLXZspBVXiXKVBuRipyXJDVfSo1w7KKuR4ZXP8foM01M2Mkn8bGSWvrMqnJevF9Z3q0gkztgziKgsgL4NsQ7K3_lHPjuyrFXAdSRJpusXZhxEAn8Q_O4aKe7sn-MRmO8nwO1MnC2HLF0DO9Ek8CsYdOCZ2O46L_JaYoWjC75CgqV9Ll1oiw_pwb9YnCnu2meiGEz-EnlyXqWap5Cb4lNMogAyJuqzu3CbkwW-0BLyIuvt6QN9z7lss6BTrMi4phpT46gKJjr0YL-M3Wddj31_YKzLIqYEe9954TfEwWwKwlGfH68gaMyYQHjvuuff4T6DNROc4ArJ0T6fMGaeEX7lwzNa-9g6oZTP9sZFgtDcBlUbTHaogUun5kTFITk5Pd_tEfGekeQS-OEvur53cO-nltqheSHVBfrYxOEUPfjFXZ-QjHIHCGp8u2yVRDobxMjkv2O8hMXhTQS8nfviBFR-jk8ybi5dj7kkEAVyohCHl68Bv5aFf-CekfS8ELjj0wGhbXxc8k9seM0ttTxVbwYAfSqQolkKjTcpwYF3WPMk_AL_Mpq-WOp31tdWFsk2DkyMrFxQd0DBErPHlZ2hhCwfg_aUCxNCsrYNDos33TsnaKraJVRd3ve0NOyrrOXxr348uY5FDrNoE7-5xfJQnb5LYH8QrQLJSZtlct8ua9wWVmsg_5BCJzkjyC1TmTtaZ_sxIykvZlbBP3WoBXK1hjPIZnaf-Qu1qZAnULN6St-PGM5SxIHzWgkUs_zzsxQ9eGIu5GD1kLfdGNl-vAT48IC1iFyvg46fXidHEiBevlbZHldZ6Cvkt_MmvTl_7-dxqEPydj-aXrg6gpdZApW3I2moMVV7lhMdavFLdh02dyxNom4Yw7irXpviV13pc32n4dupj2Jw8AaDYVwI7gsw1awEACoHoTlBdqYDanUfWTWUD9rHEshFmQ0XLCPWJ9NUwIVK-bIPCM-sc64UQ2dPtUwQwJB3RepflZYkIPBkzVbCPRg1cTS4-ioOFKHTYaky5J6yfAPnlcgmNdgTJ0YeBbdXIOy14I5yOk7pQOfdH5REeSe3VJ8EQyAJFkszWgcJKsu0h3cVCBDgC1QzGj4k5Br7HASVAp6GsPOhEnqMspeloB-m27AMHdgtgiekSJppQ4kyakpkU_cQp8tMudHeAZ_pKzfJLanTYc837NPbg_wyzHFFIHv_x6tf46tFwsQnlbprJKz-4PD4-z6P7kVdq3cC6e3NKwkNyeXDTrbWaoIDM2B5VvpsbYhSLD9r9052Iw45o0o9pWpWC7crkTyacgIKgHnG574IBwjoqh19XQmNdG5cGu3IDIbZFdiP9FDQ-a3HyxvE6xQiGI61coMMl8xfmfYAhVkJUH-Yyu8F5K5rf1SPIdqXS9DkB5tFx_uLboEK1B5nh9fjm6hM9puFtlxfLQHUARghmFDEG_Fr6gPT2w1XBLQ5lelmvks1VPK-uqpHJTPSW2gUsXko_qY_jKkzwzIeSEMB1ftE705har-0YrtpW8FZQERNgzxu-CO967rlzmYC9AobIJSIiZElrBubIlhwwRDwOt9upWcFG8TCwmtN56YkGGPhsJtQqIdP9RAdnUmVQg17dUZ1xGjvPiV71E9-TEzojm4HaiBNAYo-8fPM1fyv_0ZtLanoYIF-z2WsB-KsLg3UPSstMG39iTXKXPEbVgeQMP2SbwPh8k1YPk-v0y44a3-I2fTatckqh1Sk0ERYOuO1Pu_8Fh0OBF4eDEvbiLdjdXllPQID6e38LUtsuS9YeWaVL-IfWwzTRZzbMalPBFc3-Rq9OIHi0iwWfv1apldLQ3rFOjz3owFfeL6ZgrmJZMllfpeagdDh6nhXVIa-uU7cdeHseabA31VQx0PsztbGpIwOjLmEBuzpX2ZOJzG5QUJiDEX02MamTdWZRbE4S_edxZqHvlQSuyXv6Cn5td3Jz7v1RsPXaxfYftlkw1Rmwcr9tiYHkpLbpxz5sQJQ6P1LWAKB7tMQDsRjCtAzMxJfWsuAzoESb-7oApks_1kjAEAx6hw22m8Gt2fYMShHP_3sOhaoliHtjVmPG1aWZLDxot5pqz8cVKexPO7wU3FqTlRRge4pbMDX8LAw4gWs_btBu3CQuDAa4qCw-6zaHmLG7g_eaLHK9W5RFGHmS0gVQ0Tkqdg0gnt_nDLNr5e_iVj5uBnslbKEYGDPcOFSRjR-EgSXNZb-NSLoixtEsgWJt8ZA5B8WM22CDsvRDuOLjU4Bc9AS8Vs7CSAhgYKqIDEOJD9S41wHonBVX7Q0MsIAzu5PUaoYyvovoOqG9py_RsNkGniz4ygS62rnX6kDhERC2jZ9blP7Vl9KWtRRk8SsmJH2-YIuxdC7FwWEnTsdG-lbPcawvuVyoLqFa5c9Nz0D4x89yr5wxrDDLbdyrTzEDoOP8vVozUhNivkrT-_mKdP7KFd1FwNaUPW1TLwQUzZAanCPaDWOpDecOWyJDa2IZ5QjiaaPsJ25pG36I_PPoawsFUYIa5qVE_MXGdrKiqz4fsX1DbT03hP61MeNysO83PzAFlIiDXfC69aSte96Za7VutVRrcpuu_mcUqI2fvUNRih2yvGr2L76dJc2TY_Lv1H8M3u_Qi8v8gRmb_wt3E-ZMjv46NknawL5owrVyaydTz-oO2FaK9WuDK-rb-WKFo9-mBdHGmf5oUg0n2bAOdzZiQCtB_zVOMZxb1mkifFK54m5DuUMY36LukqT0hFNWRoDKNU_VzJOWzywkvORI8Tkk1YSEfZ4YrshIvkEOEThWXq9I20rhxlMtL0wUj5E1nh8-53pp3vmK-gc6ntFE2ijpG2Z8rbwQ7B5oyMcVnMAveH-8yt76ll3saLhHGXEQlhVGTtFlFoP5YL7-v80sYudoJBJMdmki5fNY0Cc-naNZ2dYJeAah6xXprjTqZU-UfcAgs9ZX2Xvf5XOiP3sd9xYeUuShR7IWpLezDHgl2gfgQ6Q-yWZ_KRJys-nGU746nfEE42EXurpuu6cOM-2keZ5Do9r4a93Or0Lal4MqMO3IapkThT-WMhPUI678HxRhZf_A79af3dww64qZHnZJumLLDYwxYBsfAkIw-m4e51KOC-CP1549ck2Vr&cid=CAQSOwCNIrLMUfx5xh3WqsRYqcvS5chgyWfLd1SEcQc0LFIV2yPs-3mqgIXr6yC43c7yWlxL7jsE1krUqjrXGAE&rfl=1%2Chttps%253A%252F%252Fgauchazh.clicrbs.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6df0e79bf174f517cea1f243496e6a4e577650894430e419f398d393cda9db9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:24:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
181
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9617
x-xss-protection
0
server
cafe
etag
10975767963254409397
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Mar 2022 15:24:54 GMT
dpixel
cms.quantserve.com/ Frame 4040 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELcqwrSELFm6JPBfFKBkMlw&google_cver=1&google_push=AYg5qPJmm8L9yes1DiPyO7O_j3t4L9-uUE35qgjPX6XAyacA_-NguRQdxE_IJvoBxY9Q_uyor6jR_rrM4vcd1of8XWp_fdS4AwR4
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4040
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI4LqbEW07fPpfVxmesBUgI&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI4LqbEW07fPpfVxmesBUgI&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YzJ5Y1VCMHExTmttZEo1&google_gid=CAESEI4LqbEW07fPpfVxmesBUgI&google_cver=1&google_push=AYg5qPKsVmyxmURvH9Gr7Id_oT22Fhwf03oUKiqb8CJr22p...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YzJ5Y1VCMHExTmttZEo1&google_gid=CAESEI4LqbEW07fPpfVxmesBUgI&google_cver=1&google_push=AYg5qPKsVmyxmURvH9Gr7Id_oT22Fhwf03oUKiqb8CJr22pvI6Ig0UkdQwdGjEzhPObbWtaIWUmifaH05PNoqxryFEQ_Q85eIG4
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 15:27:55 GMT
Server
PingMatch/v2.0.30-706-g7d26040#rel-ec2-master i-0159e44e8bb67c5f4@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YzJ5Y1VCMHExTmttZEo1&google_gid=CAESEI4LqbEW07fPpfVxmesBUgI&google_cver=1&google_push=AYg5qPKsVmyxmURvH9Gr7Id_oT22Fhwf03oUKiqb8CJr22pvI6Ig0UkdQwdGjEzhPObbWtaIWUmifaH05PNoqxryFEQ_Q85eIG4
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 4040 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEENH3-TZoD5tQagqYmT8JuM&google_cver=1&google_push=AYg5qPIeFT5J3yVBSapuaoPDrzoDuYuEbc87Sjhvf7DI4LXH4TzjZS8rHU0mIXZWHK2G2HVHqsKkivA5EZ9aUUwdweKINNGoeIs
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 4040
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPFAxGfgLOOEvzMfJu7KSLA&google_cver=1&google_push=AYg5qPKQIeD3TGWMrglhmlsYFPPQrdpE-nJSQbEjCK7AfdKoGnOAMXWUu73scViMoZRrWMA72KeswZKdHTqHeQVfV...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPFAxGfgLOOEvzMfJu7KSLA&google_cver=1&google_push=AYg5qPKQIeD3TGWMrglhmlsYFPPQrdpE-nJSQbEjCK7AfdKoGnOAMXWUu73scViMoZRrWMA72KeswZKdHTqHeQVfV...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKQIeD3TGWMrglhmlsYFPPQrdpE-nJSQbEjCK7AfdKoGnOAMXWUu73scViMoZRrWMA72KeswZKdHTqHeQVfVMyHX1F6n00&google_hm=db94abcadefa5d723715cabb
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKQIeD3TGWMrglhmlsYFPPQrdpE-nJSQbEjCK7AfdKoGnOAMXWUu73scViMoZRrWMA72KeswZKdHTqHeQVfVMyHX1F6n00&google_hm=db94abcadefa5d723715cabb
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 16 Feb 2022 15:27:55 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKQIeD3TGWMrglhmlsYFPPQrdpE-nJSQbEjCK7AfdKoGnOAMXWUu73scViMoZRrWMA72KeswZKdHTqHeQVfVMyHX1F6n00&google_hm=db94abcadefa5d723715cabb
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame 4040
Redirect Chain
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEIoZYM2US07AvINZNXKHchs&google_cver=1&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA
0
0
pixel
cm.g.doubleclick.net/ Frame 4040
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKx18VQO1bHXFv8fzV86kV0&google_cver=1&google_push=AYg5qPKI02HjGmL2QpBNcpyWTKE-nM95nnfumh4CNvjYfxMuB61GUqzNIDf4-IVY5GYN3w9EBIzNr62OU2b6NBdRCCqSinR0hok
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPKI02HjGmL2QpBNcpyWTKE-nM95nnfumh4CNvjYfxMuB61GUqzNIDf4-IVY5GYN3w9EBIzNr62OU2b6NBdRCCqSinR0hok&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzM1MTI1MTk3NDMwOTAwNTgxMDU0Mw%3D%3D&google_push=AYg5qPKI02HjGmL2QpBNcpyWTKE-nM95nnfumh4CNvjYfxMuB61GUqzN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzM1MTI1MTk3NDMwOTAwNTgxMDU0Mw%3D%3D&google_push=AYg5qPKI02HjGmL2QpBNcpyWTKE-nM95nnfumh4CNvjYfxMuB61GUqzNIDf4-IVY5GYN3w9EBIzNr62OU2b6NBdRCCqSinR0hok
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzM1MTI1MTk3NDMwOTAwNTgxMDU0Mw%3D%3D&google_push=AYg5qPKI02HjGmL2QpBNcpyWTKE-nM95nnfumh4CNvjYfxMuB61GUqzNIDf4-IVY5GYN3w9EBIzNr62OU2b6NBdRCCqSinR0hok
date
Wed, 16 Feb 2022 15:27:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
dot.gif
s0.2mdn.net/ Frame 4040 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEHa5gZWbLEmEgSB1rNBpm7s&google_cver=1&google_push=AYg5qPJwHypL20WvG5Chg84u07AZWYPfpGhOKxsgfCuJEv8uPgVyGAeCG1qlpqdavZbWRRTTKhn6bmlM_E5ubDlLQRxBaFSozolxag
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Feb 2022 15:27:55 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 4040 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IpiH1icK9jahm7-dJ1p8cNI_2Edxbp_rAbwKYiHr9quuV2tNTL6mn1uVhBI7WIV4emHq3NPw
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:55 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js
pagead2.googlesyndication.com/bg/ Frame DCA5 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b4cdcac0b1cdecd92288f13bb3e6e98c268619508efd3cd46b8b919e6617de8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 14:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
175057
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13545
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Feb 2023 14:50:18 GMT
truncated
/ Frame 69AB 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d84a848c99199a89d68838b0eb6df9dac584b4e1c59603c0ece2d50ba6502f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
cds-pips.js
cdn.taboola.com/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
2214
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
d2c+S+ILbil9YoWV0pdRt5sw8P0XC/NhHYbhmL4aRwQla6EAzDzo1EmADmZOYSNh2V3J9hbip1I=
x-served-by
cache-hhn4050-HHN
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1645025275.444513,VS0,VE0
date
Wed, 16 Feb 2022 15:27:55 GMT
vary
Accept-Encoding
x-amz-request-id
6CY1FG8Q11T7G8KE
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
32
x-cache-hits
2734
eid.js
cdn.taboola.com/scripts/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
Rgk6TX83.a2Xbi9.mRUycMEPnxVzEJhe
content-encoding
gzip
etag
"f7917ed1eb799a729725a7db50d1f828"
age
22312
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5258
x-amz-id-2
Rhh0WCO+nH/zCfz3jMuRc6c0XnxbSs+HWO0GK9r2x4mf5YFhPlfQqTSv3iCD1wQHcZnxVg9CFQU=
x-served-by
cache-hhn4050-HHN
last-modified
Tue, 28 Dec 2021 08:10:40 GMT
server
AmazonS3
x-timer
S1645025275.444886,VS0,VE0
date
Wed, 16 Feb 2022 15:27:55 GMT
vary
Accept-Encoding
x-amz-request-id
4QYNQ0077R21PYSA
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
32
x-cache-hits
70563
view
googleads4.g.doubleclick.net/pcs/ Frame 69AB 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstdXKMlI-dk_YfwSyjiClTiPtpQG7ETXTkTDWVDsh_J687oEeR0-xQJl2gBKeoHGYpUG9KzWm5ZshIZIAwjj23MxSYruY1zFLifYnbBbQfPJDSUkRA6mrnkwIhDtPPSrfnJH95pL8vdVjreYlDcOSe0due4YYpIlKeM0tVcO22yJT44POxr9FTHtOnEDsfzmuxGGW-lUw9pDFISY9YC-rXM0ZCm4duXxmjQeBau9LRUukqttJ0ygQ8QO5ZHFgTasA8iQqH_qPtq_Fn_-7QaniXY1DAfUZbrF--Me_GrhsYYAqJRbtCxfTkSWKiVH-XbJjLCCyPGHOWF2ASNz5gVZ36mUGqcwGGAgaEK0CtyJjMiE-3bLf7BflIeIhMIkcvBVduZMhu9-R1FHL4HXTMREkRrmdOX4fsh17Urr_nnXb6FO2kx0s22AtOEJpU3Ck2peC0cH4n14aXSIAFND-LyoT44rVgTmQqqlUT6F80oxdGyYK32OGdcHnvLa3EEx441fDYTDIkGTDgi3zfjU70ndxmfqd1igZ8jpfVb9yiXMEXx7vvnk85HrLBIGufYhYY195Q3ff0S1rKKYb6nL0qrsaUN1fRQbxazBtSMsA_N_YTN_yKMgKwATNMJsL1U0OZY35rErFAthI8BouEl7luygeGCIawmI2bKpKdSBpGtH9qvTZGzUp_fTGm_LX1RojJKEWAe7vG_oL40lFXpGaIAj7Mbg1aij_y0rhAj1ktqxiGM0TDXR1AyDEJXi4D3UCweooX_YpF7F7ejxxWUo2bD5DVQ6pP-QkeaqhDvO2-w1pED9EEi4wWCcU_gRzew8OJHyLT2D6Mk4IjNGXy175nlJ1Tq38NPOkx_yshZs2HPBnb1EbJNLmxFEaLbLV1mqJENceJR7uqUIOFTFRVrCM1iICkCYi1sUNBgepLv9EuG7lw12D0iwFduPPeE5zIpXjw7jQ1RLfsLcaBTFs8mAVTsu179dNQpVBat2H1sI_g9yJab8sVIIhYewx5E6ytJldxBgK-E6C0PUb59U1sq97GwjLiRhuaUrqTfjmu849KqQUzr4lCtWQ4KgXW7g_Om0nlyFW4YLv-eW-D_cgDmhWe-ZOLi9ji3zDsx75mRxs85Sj8nwIdfxa9HXDcAL50m5CrETYyWQ_H5edeDJTDqZ5qVyDqcIMYN2GJVZ4HNWwzxtMgcoiTAXMqFr_tK1bx-JiLnPLqSMzPx3KDtt1EgxCuZDm1m_X1U0RO2J5fx9hhklawBGH7zs0XO2IGyq104zWZxzNi2Jby4sBbSr6bxTg3l3XY9Rauk8eFsxyAgg8Id12DHCq4&sai=AMfl-YR7zscfs1nSZdpo-Kr8448EqdGzOpXMJ6VmlMGtCqUjOiLdmGeMOgln_Uyt20xrIg3uoXxZIaLWabuKC2QUnamc8lQ0fqhMA7pfIub4mYTxL_6b4swwHYL7CasXTKaE3CZ8BbTANWkLOENYN-2j5YGtvJcP6aXV6WMxcuJTkOCpPZPptdU9Nl3AzlpsLQXxR8pmEOLxQAGkcIxKL9y2HtrPJTl5dI-LezVTVpjtrSx3tpiYrXNg0ir5YqFGxcGmuKEOr8bhEWlN1JSu9gxYqwkZKxXv66Rw2MHvFXiJvkez58lmSvCSk6BB8pU6fQZLETYwkw&sig=Cg0ArKJSzBSqLfVPD6uQEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=323&vt=11&dtpt=322&dett=2&cstd=0&cisv=r20220214.58704&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Feb 2022 15:27:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sd
us-u.openx.net/w/1.0/ Frame 73CB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDe8-2j6hrG_cDuC-qQ5DZM&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDe8-2j6hrG_cDuC-qQ5DZM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIY0Z7QwQEwAQ&v=APEucNVnE94Mel9o8frZguwZO2CYAriLBB1f8BB1RXwKF4_ibbt7ZbzLElfDDC1xqQbU7ceZbWjoz3MTGNRbGuo7Mz15yy9BfB0VR3asyxqzaBx_5yDtUmLY7ysEqjdb_TmoBhl9lVOSbAec7AMCMtE6-37yTUPixv3xDzxt91g29v4FtKenZSE
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDe8-2j6hrG_cDuC-qQ5DZM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 73CB 		43 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIY0Z7QwQEwAQ&v=APEucNVnE94Mel9o8frZguwZO2CYAriLBB1f8BB1RXwKF4_ibbt7ZbzLElfDDC1xqQbU7ceZbWjoz3MTGNRbGuo7Mz15yy9BfB0VR3asyxqzaBx_5yDtUmLY7ysEqjdb_TmoBhl9lVOSbAec7AMCMtE6-37yTUPixv3xDzxt91g29v4FtKenZSE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 73CB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEBp51hrrXQc9q_AIdWYHgBM&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEBp51hrrXQc9q_AIdWYHgBM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIY0Z7QwQEwAQ&v=APEucNVnE94Mel9o8frZguwZO2CYAriLBB1f8BB1RXwKF4_ibbt7ZbzLElfDDC1xqQbU7ceZbWjoz3MTGNRbGuo7Mz15yy9BfB0VR3asyxqzaBx_5yDtUmLY7ysEqjdb_TmoBhl9lVOSbAec7AMCMtE6-37yTUPixv3xDzxt91g29v4FtKenZSE
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 16 Feb 2022 15:27:55 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEBp51hrrXQc9q_AIdWYHgBM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 73CB 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIY0Z7QwQEwAQ&v=APEucNVnE94Mel9o8frZguwZO2CYAriLBB1f8BB1RXwKF4_ibbt7ZbzLElfDDC1xqQbU7ceZbWjoz3MTGNRbGuo7Mz15yy9BfB0VR3asyxqzaBx_5yDtUmLY7ysEqjdb_TmoBhl9lVOSbAec7AMCMtE6-37yTUPixv3xDzxt91g29v4FtKenZSE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 16 Feb 2022 15:27:55 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F4A0 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 23:59:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
314879
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Feb 2023 23:59:56 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 92F0 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Wed, 16 Feb 2022 05:53:44 GMT
expires
Thu, 17 Feb 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
34451
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame F4A0 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a0e1e44b76ba8f6db13cf9970178e2ee24d6bd6a0435220a2bb66239c5d3393b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4A7B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 23:59:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
314879
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Feb 2023 23:59:56 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2AB5 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Wed, 16 Feb 2022 05:53:44 GMT
expires
Thu, 17 Feb 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
34451
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 4A7B 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38565247c5e2a6727b784198e51c999f1c84c25537b3eddd399903293148d987

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
/
pips.taboola.com/ 		64 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
f36816c7dc5d5f46afaae8b35ccf2e20123f75a38ce319ca0293cd7b5e955c4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:55 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-hhn4031-HHN
access-control-allow-methods
GET
access-control-allow-origin
https://gauchazh.clicrbs.com.br
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
index.html
s0.2mdn.net/sadbundle/2315661356193284096/ Frame C7B9 		261 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2315661356193284096/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b6c5c61d31d9a294660a1999928903900aadb1eda143065f81b59e3c4770cfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
date
Wed, 09 Feb 2022 18:10:31 GMT
expires
Thu, 09 Feb 2023 18:10:31 GMT
cache-control
public, max-age=31536000
last-modified
Thu, 20 Jan 2022 15:37:35 GMT
content-type
text/html
content-length
31830
age
595044
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame F4A0 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvTMOKepHb6Yyz3t_na79sQNmLnsoDXqG0nJ_TMtZsNnkZRHJWQq5n8JjEWLbgaAVI4w-6RPglSWzm9MZa5oXo2WNeLpipnhbWAVS35SXSLU7riMCkEqPVBjKUYDe0AAcfFSKDP8TVLZDyToEeQgpo5yhucl0Blrqo3RRPblv7hZDiuo-fxYPGKFCEOybmX2RxXroJDrlM2RR0K0oGlSj3Sti4NCMlcMnlWe3up5fQWqM49VP9oDGligzusOw8RvgT-WHRFC78ViOBm6PoeVsZIfSpSQoBxjMLVOKAtvwHq9pr_qhEcPzE_iM4Bjj2Kne0tHoRO-xegVNj5im83n0PgKTqQMY5vT8zjVem3EQIF8SPhkU74Q5utPT7oPmwL5db_2Px9-h6XYXkJM-T58HGRf8jzx8tMKYsQG7PLiVPMaFDbnnFUXxszqrGILoEMQeefCaWsp94UUbOpD-Yno311PVK9Pk12UBGi79mCx-ALDBJEUykrP_MijR98K5RU7PJZIKGxb6Aq4aTLsCsKiaB6g0G_G7ClvXLyaPA9Klu1FWBma89JDUEFstvjQti6n200Zg-8sdykxeTj35iy3I5DKlqw0O97tfAC4MHCd9WkT4L7yw87FXgZND0KdoHk56B0fk7Rg2gS9ybDR3nrRDhnr3TCSB_ackZNVEtnRScOvBfFs7bjIcLTrk4aIfC9ZtNdPLLLdW_ONOp1AbQwL2IPqqr2r8atsLC_B_3u8o5FDoqEH0DiaYUofXGaiMZbTyBRNHaGlb0EO0ZSX3VkgVps18kOXr2r4a4A75Q3bci_MjYDORjVrgwAilDlOvryp8O0j0d-u1RsdqTRcd340rFCDGJlzgkBi1ugEMKUbdT6MbOMh9Uebs4MxLDZ384VLdRLR7IxVRavmWqRVKFp0yRqtdblZpUSDMQtrcUbHInSVmV4Zhr7vZwpGlfAJdp__Miwb2BbDR3N0wCsN0l3Ur70XH8gX0q5_eqU7vO2s8b8lH25s1x6k2URq6UgMq0Tw1P_Nwwk4gTFfI2TB2wVFgmkvMJLJhCpqG4LX0BRDRV5gm1K7jHFNL5WASKV1BQ5DjFNJlunevisVHPUkDlBUMRUMLpXhJGCRbsEbhq0t-dmdZuZdea30xdlio-wCsDgUYKatnqPc4oMCeKni456gbIfWmp4nff8xTtXXjYTv3LSCxx1iczvW2XKzEuQjDKG7Qz7DNxJ9TwyDXCmzVxB5hUE9Bgav882aJpzLbEYfAOV8Kwj2IcNGaxVnUzsiNg8Z7HpNqiMGfnOGuVVm3ci08YIWGa352Il7i8c&sai=AMfl-YRPuOTtFS3kZhUQ2D-pP7I9DpoVuxv-QzegZHjwpEk81XvTBsySdbSZlZcuIGunaM3e6xqzYwO0lrEjfm6nTPxkFDajONUgkT6AKHxfyCxEz7ExS-alykgaB-hnezq35vWln3uwqBJdDyssdUqt2cgfU1yqnoBPcp8vkZFHOsl5M4pSvjkw57wfnfS82Om5uCMCDDsMQb756EQSu44SXY4bhgmMvQ6Bx0fy3QxUgJZniuj5ywuArNT5-nIcsn7Xyg&sig=Cg0ArKJSzFTeK_BgaeIIEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=236&cbvp=1&cstd=233&cisv=r20220214.07562&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 16 Feb 2022 15:27:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/sadbundle/9867643997701983945/ Frame AF51 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9867643997701983945/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45c4621c33064249a4e19b55e15fce185bf5adee33d7a7d4cb08f1155b34a5cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
2300
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
date
Fri, 11 Feb 2022 05:24:48 GMT
expires
Sat, 11 Feb 2023 05:24:48 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 31 Jan 2022 14:31:37 GMT
content-type
text/html
age
468187
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 4A7B 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvEs4I8HIXqxHUH0MP9IE4_7YmQeMBLIHbOTLhM7nTR-Ve1DGA6uX5HPVB1SawY-x9Jdchx82kFS8gmGTjqmjxh-EKWClIj8WdAH39_KrZ4zPPu3Rh4BuuFERBhJXc2qZZDaizkr8IPGe8MOwG2AsAX1ml0-8Jr_Vkvv-bKtgf1Dc2EDDKHqDlsBHQnIrteXEUoB5M7Wi0dZyEuFa7SQl215bLDMGnUEK7ofg0VEupVchspec8f7Ujmid2F1uM4UOOQgqOaMSYVNgTQiiOKxjp6uKsTOMC2RCAT3MARgNceZqaVpfDqBgzKXsT6PFDh25ZCXykDO8k764AM3w8Qc8QoHi3uqcLaz7z9g751Fr238IkAr3g2OgavQJYjIiqiN2jyRcdjw9daYjXzBd-ofYt9BVPgOap_ky2dIJhE9pv7cxpO44H8pq--yArnFWoX9fl8KescavdiguEfjsqktXUuKtJFz7ETQQLr3s3_F6sIZ0zXpVeKDz95q0bUmmYnFpCHbIEqehGxamf4QQpfyEFm93AwttCVLKA1VFNXxLmSxECFXleld4g7Sr_TS6ObSXWTZWq73I3l74K_L93FTBdutRETkDYoYL5CAX89FBmFg65I3FClE_bCUyipWlDvGQdr1RsZpOO6cYIRP-CQgvbblAn8MmsPQijMUQNrBUPwdYiFB7vGn1c0ALOjwy9nB-aaqtn1aaO0he9mAppjLB9GQuHVo6Ibuh_YsPk6AU5JaEIBMWrfatMcMFuHDWeQzF44vyYEqjQNwo-8ZTxmB3DI2jN1at4oPYHNPBx2uWT7_2LpS4e0UG5zv3tlMCJPHPUfvDDIy0mBHaU97Ub8hlkKbNfslVm4qmhdPdIa0PkXudKqBjph2asnKNmZ65Y0h_hwj8jQJYjFpCLV185nGxgsVxJgGzt2WNhccwiBuPVZylmaYdKFtrzXJ6j37yXxiaingbGwE6EiSpLn5TgHWec3nVX8UHzywr09wVukqm7f6vKdYWBrYC77qMg3fQlgNMu5jPM1-5CPcKqIscg819Jgr7BZWbmFT77txD9ZfiU4WAIl-CwMIof3krcNS1yqsVIwqN60eIEEmNBHi1XVrpza2L-0NMtwaNzz6nfrl_0CsxtBpdvO3rAQo-19h0xvMRx3P5LGjB3d1foaa0Ier7gA7sj9phK9RPyZYeoQYxwnx2JPZURI-oUPGt4uo-ElGTdqU2nmlT6lfU9wxkjuoqbO-m9piK3OFNLCGFGMKiYxvUXd_cj_kY5CShoESyS9&sai=AMfl-YQNuoGQ9fteb8q7Eh-qPaprG5X7T6SantCBcOLuDKeU4jBg21AI6dEaB2voBRoJv9fX6HbyBM-BRJKC8_XLwfykbHOxisF7Sn1XFkqfAuSh8lEtIOCKDp6RmWzrpGjr8RjuRn7H79ZFW8UFSm7l75ecak-qZaqpmA3N3QsvjFv3jaFKAF_D8wQlku0y5IzEZ7pFyYPmj-08MB-nyUwiOGWsbHdFG0c5Zx1g4v1EptfXXY2R5ICUeVyuJc6pB2ag5w&sig=Cg0ArKJSzFWkH8PEu1QKEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=222&cbvp=1&cstd=220&cisv=r20220214.72887&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 16 Feb 2022 15:27:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
main.gr.19.8.289.js
static.adsafeprotected.com/ Frame 4A7B 		189 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.289.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/949432/60827849/skeleton.js?ias_dspID=3&ias_campId=26650973&ias_pubId=pub-5313162903174685&ias_chanId=1&ias_placementId=16192691453&bidurl=https://gauchazh.clicrbs.com.br/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h1TMBIwdg_-7A2ErftQvvh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:6400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b048e01655cdf47f739c288fc4195c26de3883db4ebc4368242fa38b0ca0062d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 17:07:10 GMT
content-encoding
gzip
age
80446
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 15 Feb 2022 16:52:16 GMT
server
AmazonS3
etag
W/"e894d9dd87d5e06b21396e04a0c29127"
vary
Accept-Encoding
x-amz-version-id
QoliWv7Zm09sOtt_1ftKxG1EPIuNscaU
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA53-C1
content-type
application/javascript
x-amz-cf-id
Y_Q-cQmHb98P_T47MrrOaZChUmTLk3AumI5hbSOpl94dVJ99xf2Cgg==
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame BBD1 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 13 Feb 2022 01:16:16 GMT
expires
Mon, 13 Feb 2023 01:16:16 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
310299
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 84A3 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 13 Feb 2022 01:16:16 GMT
expires
Mon, 13 Feb 2023 01:16:16 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
310299
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
cds.taboola.com/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=2ec1a381-efee-4e48-a364-65580c8441e2-tuct9069d79&uad=50188cba606965d44a4ee00eeb1e29a5b582c06a3e065dffbd0b29391d5a7497
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 16 Feb 2022 15:27:55 GMT
Cache-Control
no-store
Server
nginx
Connection
close
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 92F0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDKlqZPd0yLXmP-SyMCNMss&google_cver=1&google_push=AYg5qPKw1Hnz6lPdQIh4HC2gKkkSZmURBAKeo9V9W9aJabKgMMrLH7FGm-8SEDqWaitvG0R4qqSSG7pu1tSlB1MaFc89yOTiOxbW
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDE3MTE0NjMxMTM5ODcxNzU1Nw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDKlqZPd0yLXmP-SyMCNMss&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDKlqZPd0yLXmP-SyMCNMss&google_cver=1
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDKlqZPd0yLXmP-SyMCNMss&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 92F0
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELcqwrSELFm6JPBfFKBkMlw&google_cver=1&google_push=AYg5qPJvNG4XVW4qMy1k_Jfy40jqG6isRXLM92rzUtSAmult235rFwGJsQ...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJvNG4XVW4qMy1k_Jfy40jqG6isRXLM92rzUtSAmult235rFwGJsQJGw4QLnLljZEok5-7MKvJmQ-TRlk_znEtzA2pyjsYj&google_hm=7wCVBR-0YR2Y...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJvNG4XVW4qMy1k_Jfy40jqG6isRXLM92rzUtSAmult235rFwGJsQJGw4QLnLljZEok5-7MKvJmQ-TRlk_znEtzA2pyjsYj&google_hm=7wCVBR-0YR2Yyo69XlWKWw
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJvNG4XVW4qMy1k_Jfy40jqG6isRXLM92rzUtSAmult235rFwGJsQJGw4QLnLljZEok5-7MKvJmQ-TRlk_znEtzA2pyjsYj&google_hm=7wCVBR-0YR2Yyo69XlWKWw
pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 92F0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEFzWhS31tCRI5BLI6ABwljA&google_cver=1&google_push=AYg5qPLKQCVVSYkZH2EIMnixk-28cKQKhYIPMk-omwWAcSG79Bn3Hz2hbq-AAZFaDGjxXXjWWmU7mTIKnsa9ySrN...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLKQCVVSYkZH2EIMnixk-28cKQKhYIPMk-omwWAcSG79Bn3Hz2hbq-AAZFaDGjxXXjWWmU7mTIKnsa9ySrNGO6ub5I09rMP-g
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLKQCVVSYkZH2EIMnixk-28cKQKhYIPMk-omwWAcSG79Bn3Hz2hbq-AAZFaDGjxXXjWWmU7mTIKnsa9ySrNGO6ub5I09rMP-g
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 16 Feb 2022 15:27:55 GMT
Server
MT3 4133 baa842e master cdg-pixel-x7 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLKQCVVSYkZH2EIMnixk-28cKQKhYIPMk-omwWAcSG79Bn3Hz2hbq-AAZFaDGjxXXjWWmU7mTIKnsa9ySrNGO6ub5I09rMP-g
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 16 Feb 2022 15:27:54 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 92F0 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEENH3-TZoD5tQagqYmT8JuM&google_cver=1&google_push=AYg5qPKgxbRWzS9dB3mzTbTRebQIHOmNIvKmmJbqWrccqSqS6Up2-A-8nbGwml1qosTIhClsQqagFsTQ1F9t05m7s3MhmMljBvrh
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:54 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 92F0
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEJNmcwHwDWvKmMDq9R39dXE&google_cver=1&google_push=AYg5qPKptRydamN9CFQR7sZYthss5g0PnJY27Wl2pcCqYejFIr-zHR1cMZc8aHD4OoitIA08plQ7GyXC58D...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKptRydamN9CFQR7sZYthss5g0PnJY27Wl2pcCqYejFIr-zHR1cMZc8aHD4OoitIA08plQ7GyXC58DmkXZw7dZFxWVPIUUSog&google_hm=zWtCK_UdQDWHU9bT_3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKptRydamN9CFQR7sZYthss5g0PnJY27Wl2pcCqYejFIr-zHR1cMZc8aHD4OoitIA08plQ7GyXC58DmkXZw7dZFxWVPIUUSog&google_hm=zWtCK_UdQDWHU9bT_3HfSaY
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKptRydamN9CFQR7sZYthss5g0PnJY27Wl2pcCqYejFIr-zHR1cMZc8aHD4OoitIA08plQ7GyXC58DmkXZw7dZFxWVPIUUSog&google_hm=zWtCK_UdQDWHU9bT_3HfSaY
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 92F0
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEI...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPI3Vla3YoH6TIRnMdfmMY_7dZ2hdGcCgL5NB6OJpibJ16v6LmBoGt-RfobjqB_hqCtKUOEDz8kxNRnHwMrLtDMPSD9KKNeM&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-ec2d7d7f-7006-44ea-8bb7-ebcc82bb7373-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPI3Vla3YoH6TIRnMdfmM...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPI3Vla3YoH6TIRnMdfmMY_7dZ2hdGcCgL5NB6OJpibJ16v6LmBoGt-RfobjqB_hqCtKUOEDz8kxNRnHwMrLtDMPSD9KKNeM&google_hm=A-wtfX9wBkTqi7frzIK7c3M
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPI3Vla3YoH6TIRnMdfmMY_7dZ2hdGcCgL5NB6OJpibJ16v6LmBoGt-RfobjqB_hqCtKUOEDz8kxNRnHwMrLtDMPSD9KKNeM&google_hm=A-wtfX9wBkTqi7frzIK7c3M
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPI3Vla3YoH6TIRnMdfmMY_7dZ2hdGcCgL5NB6OJpibJ16v6LmBoGt-RfobjqB_hqCtKUOEDz8kxNRnHwMrLtDMPSD9KKNeM&google_hm=A-wtfX9wBkTqi7frzIK7c3M
date
Wed, 16 Feb 2022 15:27:55 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXec2d7d7f700644ea8bb7ebcc82bb7373003
content-type
text/html
sync
ssbsync.smartadserver.com/api/ Frame 92F0 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPMSI6mXOvSiT3M773JGnEI&google_cver=1&google_push=AYg5qPIepjvj1mVZroICieZ_aTps88F9o971Ulo8W5Q5yDzisEoYuRyA_RdOVtuwk6PEQB3UhXWcLk8MFhqelk9jW3D8uXeJ9oAbKw
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:55 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 92F0 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LpgvPxVuK76YVf41VWIuILbdazKSVvzRODJGO2-IZn7LiZVPCH_HKeREGlCrOdDOke52HI
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:55 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 2AB5
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELcqwrSELFm6JPBfFKBkMlw&google_cver=1&google_push=AYg5qPJ4h1ZWRv3g1ZYYTVEoIOtIXk7fRGvrofm10g8lN-8UmsrnHeWQM5...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJ4h1ZWRv3g1ZYYTVEoIOtIXk7fRGvrofm10g8lN-8UmsrnHeWQM5reFfcyLGVrM39u3PiVTOQhv0wfG9smxk93IS0pvNrX&google_hm=7wCVBR-0YR2Y...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJ4h1ZWRv3g1ZYYTVEoIOtIXk7fRGvrofm10g8lN-8UmsrnHeWQM5reFfcyLGVrM39u3PiVTOQhv0wfG9smxk93IS0pvNrX&google_hm=7wCVBR-0YR2Yyo69XlWKWw
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJ4h1ZWRv3g1ZYYTVEoIOtIXk7fRGvrofm10g8lN-8UmsrnHeWQM5reFfcyLGVrM39u3PiVTOQhv0wfG9smxk93IS0pvNrX&google_hm=7wCVBR-0YR2Yyo69XlWKWw
pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 2AB5 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEENH3-TZoD5tQagqYmT8JuM&google_cver=1&google_push=AYg5qPLg6RQqiqpz87LXccWRfkjos323VTM8ut4KFq947q15dODEF7TVyq5wUvysf88b8b1p_rCoSyQmKSSBPLjJkD36Vu1-Mj5PwQ
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
dds
rtb.openx.net/sync/ Frame 2AB5 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEHrkmGZd05SB5caayvornQo&google_cver=1&google_push=AYg5qPJChpbO2oiTMBHNrBKEHIWTtpHJG-BZ8m0FZDc44Wp7Z_1tQu4ds9lqooL4jWih0nKHBNnVQklnC6foyL0aMzNvEjqrubsLUg
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
tejrim6pskjlr9lq5d2t16re3i2712ni
pixel
cm.g.doubleclick.net/ Frame 2AB5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENMLPr6ygZLFBjSk80PRWug&google_cver=1&google_push=AYg5qPJiYOVLzh7JDT9tGyffkZXmSdHlMtGZi7j5W0EzaEeZ58Je5Ee3HPIXjau1NNGBl_KMno6...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pQUEtPWkQtUS1LTlVC&google_push=AYg5qPJiYOVLzh7JDT9tGyffkZXmSdHlMtGZi7j5W0EzaEeZ58Je5Ee3HPIXjau1NNGBl_KMno6tu9cGCULIqxCxQ2JfQjCTisGwSg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pQUEtPWkQtUS1LTlVC&google_push=AYg5qPJiYOVLzh7JDT9tGyffkZXmSdHlMtGZi7j5W0EzaEeZ58Je5Ee3HPIXjau1NNGBl_KMno6tu9cGCULIqxCxQ2JfQjCTisGwSg
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pQUEtPWkQtUS1LTlVC&google_push=AYg5qPJiYOVLzh7JDT9tGyffkZXmSdHlMtGZi7j5W0EzaEeZ58Je5Ee3HPIXjau1NNGBl_KMno6tu9cGCULIqxCxQ2JfQjCTisGwSg
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
pixel
cm.g.doubleclick.net/ Frame 2AB5
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZ...
0
0
pixel
cm.g.doubleclick.net/ Frame 2AB5
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEI...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPKdRABY7kIGMEbYCYE6fs-d1EjZm8cyW_vOX_TBgiHtmv11_RGvEGkDUNXFfmBHrIZVDy4Xh7kNUgBs6aMW-BBsfc6KG10L&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-fdb9dc4a-f261-4924-bdd7-45378f72b784-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPKdRABY7kIGMEbYCYE6f...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKdRABY7kIGMEbYCYE6fs-d1EjZm8cyW_vOX_TBgiHtmv11_RGvEGkDUNXFfmBHrIZVDy4Xh7kNUgBs6aMW-BBsfc6KG10L&google_hm=A_253EryYUkkvddFN49yt4Q
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKdRABY7kIGMEbYCYE6fs-d1EjZm8cyW_vOX_TBgiHtmv11_RGvEGkDUNXFfmBHrIZVDy4Xh7kNUgBs6aMW-BBsfc6KG10L&google_hm=A_253EryYUkkvddFN49yt4Q
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKdRABY7kIGMEbYCYE6fs-d1EjZm8cyW_vOX_TBgiHtmv11_RGvEGkDUNXFfmBHrIZVDy4Xh7kNUgBs6aMW-BBsfc6KG10L&google_hm=A_253EryYUkkvddFN49yt4Q
date
Wed, 16 Feb 2022 15:27:55 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXfdb9dc4af2614924bdd745378f72b784003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 2AB5
Redirect Chain
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEFZPZFr4Feu9p0wnIVW_qYY&google_cver=1&google_push=AYg5qPLg15_0VSVDOEtv04ViwlzCTzHl111rRhb9-Sa2k5sIcHBcuvZV...
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEFZPZFr4Feu9p0wnIVW_qYY&google_cver=1&google_push=AYg5qPLg15_0VSVDOEtv04ViwlzCTzHl111rRhb9-Sa2k5sIcHBcuvZV...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEFZPZFr4Feu9p0wnIVW_qYY&google_cver=1&google_push=AYg5qPLg15_0VSVDOEtv04ViwlzCTzHl111rRhb9-Sa2k5sIcHBcuv...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEFZPZFr4Feu9p0wnIVW_qYY&google_cver=1&google_push=AYg5qPLg15_0VSVDOEtv04ViwlzCTzHl111rRhb9-Sa2k5sIcHBcuv...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAwMzljM2E3Ni04ZjNkLTExZWMtODkyOS0wMmU1MWQyMWI2MjI%3D&google_push=AYg5qPLg15_0VSVDOEtv04ViwlzCTzHl111rRhb9-Sa2k5sIcHBcuvZVMGasaIieh0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAwMzljM2E3Ni04ZjNkLTExZWMtODkyOS0wMmU1MWQyMWI2MjI%3D&google_push=AYg5qPLg15_0VSVDOEtv04ViwlzCTzHl111rRhb9-Sa2k5sIcHBcuvZVMGasaIieh0SqqASNpYzUgP5alBrmAeMyqK2pvZ5STsEAgaU
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAwMzljM2E3Ni04ZjNkLTExZWMtODkyOS0wMmU1MWQyMWI2MjI%3D&google_push=AYg5qPLg15_0VSVDOEtv04ViwlzCTzHl111rRhb9-Sa2k5sIcHBcuvZVMGasaIieh0SqqASNpYzUgP5alBrmAeMyqK2pvZ5STsEAgaU
date
Wed, 16 Feb 2022 15:27:55 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 2AB5 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IKRUDFRCheyQePHXGJOMOJK5du9gpS5hC8VOM6m0HfCwwzoK-NwDsBlUy_Gld14YktU0aWVg
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:55 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
createjs.min.js
code.createjs.com/1.0.0/ Frame AF51 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9867643997701983945/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:5f80:a::b212:e79b , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:55 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Wed, 16 Feb 2022 15:42:55 GMT
index.js
s0.2mdn.net/sadbundle/9867643997701983945/ Frame AF51 		51 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9867643997701983945/index.js?1643623528356
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9867643997701983945/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
197d9605e19ff87a1b75bc5c74a137bba9f5fcdd6e557678fce90dd3d6eebdd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9867643997701983945/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 09:56:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19895
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8160
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 14:31:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Feb 2023 09:56:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DCA5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BEiGG-hcNYouIHs2SgQeL9LZoAAAAADgB4AQC&bg=!h4SlhMDNAAbAtJCDwLQ7ACkAdvg8WucRb601atn1FcxQPcUMrf2nl7tSIPHt-6w4vwXIJ74FqqGd4AIAAADIUgAAAAFoAQeZAxx_3lHe9RMJZdO0jI1Zp3zWg_WTy7lLlRmzFHCASaiDzNYUfp6ODxOlPjNkT5iE1gYvR_mkpcPzO3NWByXaBK_wXjEWumhF1YOmn7p2OIliQDneTgP9agE0a2WoL-uGLLBUQSNUWkNJnglTis0ZhDLzBV_spSqRnNq2RtTA5wsSKVVgAJN2Aul73jQSWYT6PavD0n90OLkRPlRkWT3QOckd_lRxZ3-4wWixW6mtgjlzU5z80It7_lyFIdc12As8oHSOVvrtFcPjs1KSlsWqDBsJ9BXNiumcZwkhirSioeiax21SRoUZtoHjUT_FhjNErD1TRnMAm3rsIOJIZP8V-oErk5-ZY3V9gCj23_z345E5-2Ekuff3wdhLq3-TOkHysDuwlO1JhQtkhpueqKaLWVPhKRxlLjfWPFrCJwv2umtdFDvj91xux6rGWwTSshBXkCn-qtvBHgdiwPuYNSw71ENwxIEk2a0tf5dUaFB2Lgnl54uU680xhwLo1Z_Ch_5SRycNleMVLHY8l0mjtRzwvabJMiNC_TX16-Y3sjvNf0FpOTA7sHtobsOXFCx_qXPf6F7iPDhZJyOUTbxuL5o9s_nHKbmeXTTSHllp-FJqrKS1h0b6AfjTBoJEdqaarzRieCm3HKH_C31mtI62aKOGmR-UESceGdXEb6YvnF2icFKGUvv10I_ftM09nAQeQ9F0zptUTy9-aGZIPxiqxjpzX13GDBM8pfPlGWygbY5juafrtOGKZTSVU0eYADlpnmnzRqpsO8VTz8xeDM61X_KruqkIxucerfQfi-5Zhs77U-3NPRKQVXEDln_5qPyYXGQan75qlvHaEKoHWNfRpYDWD3D4omg9zPD1TK54Wiz5Ww5YFrLo4WT3D626AzRz6jpgc-f0kJbEW1JImPdHDPKc2PW_yhtDbTHj9lXq69zTeNmUjxnQxVsrfvFSWytNmIRiG9_XssVhw_OZ6C-Y8tAEcqs1copR6Iaa2xClEE7wqKQ36M877Bi-KE0uQJshHGX7DL7IVLnYefs5Y6i5eHDz__9YzvhL9UVo20t0uVSJ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.js
static.adsafeprotected.com/ Frame 4A7B
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/949432/60827849/skeleton.js?ias_dspID=3&ias_campId=26650973&ias_pubId=pub-5313162903174685&ias_chanId=1&ias_placementId=16192691453&bidurl=https://gauchazh.cli...
  • https://static.adsafeprotected.com/skeleton.js
17 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:214f:6400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 07 Jul 2021 08:35:57 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
age
19378319
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
R8a3kgjdvUEHU2RI7l_71b03gTdFhyJggncN7mO3-sEbL4Obk_51og==

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:55 GMT
x-server-name
app15.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame CD4F 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:6400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 10:01:19 GMT
content-encoding
gzip
age
7277197
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA53-C1
content-type
application/javascript
x-amz-cf-id
QwmTfM0kzd_IHiIAXvgPiYXgKOPhz7O1tpP63evf-J_VHt7c6-1D6g==
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame C7B9 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2315661356193284096/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2315661356193284096/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 12:53:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9282
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Feb 2022 12:53:13 GMT
dt
dt.adsafeprotected.com/ Frame 4A7B 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=949432&asId=ef08e5f7-bab2-7be5-409b-1a71d1ff0083&tv=%7Bc:4oJMOK,pingTime:-3,time:211,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:177%7D%5D,es:0,sc:1,ha:1,fgad:0,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:211,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:177,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B48~0%5D,as:%5B48~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sXCmpxt+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a*.949432-60827849%7C1a1%7C1a2%7C1a3%7C1a4%7C1b1%7C1b2%7C1b3%7C1b4%7C1c1%7C1c2%7C1c3,idMap:1a*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.37.64.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-64-197.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:56 GMT
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 4A7B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=949432&asId=ef08e5f7-bab2-7be5-409b-1a71d1ff0083&tv=%7Bc:4oJMOL,pingTime:-6,time:212,type:i,es:0,sc:1,ha:1,fgad:0,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:212,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:177,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B49~0%5D,as:%5B49~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sXCmpxt+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a*.949432-60827849%7C1a1%7C1a2%7C1a3%7C1a4%7C1b1%7C1b2%7C1b3%7C1b4%7C1c1%7C1c2%7C1c3,idMap:1a*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:gauchazh.clicrbs.com.br*&br=c
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.37.64.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-64-197.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:56 GMT
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js
pagead2.googlesyndication.com/bg/ Frame BBD1 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de17bd4924cf4f37df1890d004e4d972fa7fce83bb13cbf4dfc7a456d67fe958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 13:54:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
5608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13552
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Feb 2023 13:54:27 GMT
3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js
pagead2.googlesyndication.com/bg/ Frame 84A3 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de17bd4924cf4f37df1890d004e4d972fa7fce83bb13cbf4dfc7a456d67fe958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 13:54:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
5608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13552
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Feb 2023 13:54:27 GMT
dt
dt.adsafeprotected.com/ Frame 4A7B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=949432&asId=ef08e5f7-bab2-7be5-409b-1a71d1ff0083&tv=%7Bc:4oJMP1,pingTime:-2,time:228,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:636,beZ:638,mfA:798,cmA:799,inA:799,inZ:802,prA:802,prZ:807,si:814,poA:815,poZ:828,cmZ:828,mfZ:828,loA:848,loZ:850,ltA:864,ltZ:864%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:177%7D%5D,es:0,sc:1,ha:1,fgad:0,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:229,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:177,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B65~0%5D,as:%5B65~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sXCmpxt+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a*.949432-60827849%7C1a1%7C1a2%7C1a3%7C1a4%7C1b1%7C1b2%7C1b3%7C1b4%7C1c1%7C1c2%7C1c3,idMap:1a*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,sinceFw:49,readyFired:true%7D&br=c
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.37.64.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-64-197.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:56 GMT
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
VolvoNovum-Medium.woff2
s0.2mdn.net/sadbundle/2315661356193284096/ Frame C7B9 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2315661356193284096/VolvoNovum-Medium.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2315661356193284096/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2675ab1d1852f1aa30e272d7c2b1b9616e1f4771a94860e0d92bc7fca6c3c48a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/2315661356193284096/index.html
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 13:51:35 GMT
x-content-type-options
nosniff
age
437780
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39068
x-xss-protection
0
last-modified
Thu, 20 Jan 2022 15:37:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 11 Feb 2023 13:51:35 GMT
VolvoNovum-Regular.woff2
s0.2mdn.net/sadbundle/2315661356193284096/ Frame C7B9 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2315661356193284096/VolvoNovum-Regular.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2315661356193284096/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e5f1317cc82513c64ed99253fb671fcc6d6b8c5078776a38d7f89da22e75d2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/2315661356193284096/index.html
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 13:51:35 GMT
x-content-type-options
nosniff
age
437780
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39156
x-xss-protection
0
last-modified
Thu, 20 Jan 2022 15:37:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 11 Feb 2023 13:51:35 GMT
Volvo_Black.png
s0.2mdn.net/sadbundle/2315661356193284096/ Frame C7B9 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2315661356193284096/Volvo_Black.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2315661356193284096/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5be30616d437d2baf9041a6648598542ae30fed30d261b002266e5d58969685
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2315661356193284096/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 13:51:35 GMT
x-content-type-options
nosniff
age
437780
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4824
x-xss-protection
0
last-modified
Thu, 20 Jan 2022 15:37:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 11 Feb 2023 13:51:35 GMT
Flash.png
s0.2mdn.net/sadbundle/2315661356193284096/ Frame C7B9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2315661356193284096/Flash.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2315661356193284096/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
baea5caffda9109fe3fe251376d60a25ea43c846fa7bb8dc4b15da44a78c6760
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2315661356193284096/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 09:36:15 GMT
x-content-type-options
nosniff
age
21100
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3431
x-xss-protection
0
last-modified
Thu, 20 Jan 2022 15:37:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Feb 2023 09:36:15 GMT
Floor_extend2.png
s0.2mdn.net/sadbundle/2315661356193284096/ Frame C7B9 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2315661356193284096/Floor_extend2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2315661356193284096/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f93264606087b4c1dd4e0bb8bf2ed92549c53fe8b5f095d214c4e72a765f5482
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2315661356193284096/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 13:51:35 GMT
x-content-type-options
nosniff
age
437780
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57259
x-xss-protection
0
last-modified
Thu, 20 Jan 2022 15:37:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 11 Feb 2023 13:51:35 GMT
Spritesheet_XC40_MY23_4.jpg
s0.2mdn.net/sadbundle/2315661356193284096/ Frame C7B9 		783 KB
783 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2315661356193284096/Spritesheet_XC40_MY23_4.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2315661356193284096/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a082bfd96630ab857ec08e4e0055175aae987aea275d450f048ec3fee5de5383
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2315661356193284096/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 13:51:35 GMT
x-content-type-options
nosniff
age
437780
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
801309
x-xss-protection
0
last-modified
Thu, 20 Jan 2022 15:37:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 11 Feb 2023 13:51:35 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022021501&jk=3669123844490151&bg=!tLelt_PNAAbAtJCDwLQ7ACkAdvg8WrlCzNIIsgZLh0xFHTd9errIsK7kf5JtCYKoaZd7oCpL3hehagIAAADiUgAAAAJoAQeZAq33yzSAyt99U0J97x0ByOSrEjGIZll8w60EuFViIJcFY0WBt3_5N4fh3Z8bIKkSs9tjB5-zAMRgk1K1RNCrodOb7uGGxo-yi25NRkytIr_s3FdX61VS-sMAcbHaFfy0OOHIOe-BJUQUThuVzJNqUxoM6B5MCbDULS0aFXBZEhqJztAXEdetvjJHX6_4HievonDHNrT8dVvOOrCYaX_5vH4-N6UwCC1lHMpyFk-4T9RQJxcckfqAsnmybo8osdSbdxTxgMCBWnY6U44rdKCgrZS_OpcZe0WMrycbBO0izSR7vU7G4vfnt3mAKRvXCtWfMd1_YsFC0kVfKI7xAgSLFHDUbUDVgqOVJNVrx4Ve3s2kPcQIesThu6g0qxUih9hHeWzbkFu7q5FmIIeCo-FA1xhQaHGUtbg_wm9lBEcIpjvy_GtIeyeuZbwZIthntwsFewNsY-2AN7ubCHTkVo6j6pSoLoPkE9Nv3tu6dZz0R0R9IpZpfu1vwmGilVfVoU7ooiHGuJ3XIir7QwoLOKHo_wqOoGHIN_BVemKX-_nuZ13UBdXy8_ukKMgsbErwRbkxjyChBdToAbxRLbK64_9BQrtmeIgtUcMV62ZZbg6dOG7xQo_srccUkef4A_erXlQ3z0iJPKWLfGl1_632dw27AW5MBsTohfNuPm_ONNOw4CK6TpWdkUUIBquoXQI2dLlom7jqB47GE0avW-4YBgIdxtQ6r-r58f53ZcPjLbir9FgMpC-I6dAEmMCgCSlk2hHsXaAucLHyV-DqH34GWLBtljFDmH-Bp99H82h6TXZ6_MIOiNkS2JHLsOVZwPzk7p3uxa_aCzUC0K7djrH76QuJw2zghnnrwTmbU67pghtjtMESlVZCd9lp_DiX9i6m6z5PG8bBzhC7tNaXDw2T0ddQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index_atlas_1.png
s0.2mdn.net/sadbundle/9867643997701983945/images/ Frame AF51 		410 KB
410 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9867643997701983945/images/index_atlas_1.png?1643623528285
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8fdb95c7336e5213640983d708ca78e8dd544ef73137bcb0d7f813adf8f0b007
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9867643997701983945/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 09:56:21 GMT
x-content-type-options
nosniff
age
19895
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
419381
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 14:31:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Feb 2023 09:56:21 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4A7B 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvEs4I8HIXqxHUH0MP9IE4_7YmQeMBLIHbOTLhM7nTR-Ve1DGA6uX5HPVB1SawY-x9Jdchx82kFS8gmGTjqmjxh-EKWClIj8WdAH39_KrZ4zPPu3Rh4BuuFERBhJXc2qZZDaizkr8IPGe8MOwG2AsAX1ml0-8Jr_Vkvv-bKtgf1Dc2EDDKHqDlsBHQnIrteXEUoB5M7Wi0dZyEuFa7SQl215bLDMGnUEK7ofg0VEupVchspec8f7Ujmid2F1uM4UOOQgqOaMSYVNgTQiiOKxjp6uKsTOMC2RCAT3MARgNceZqaVpfDqBgzKXsT6PFDh25ZCXykDO8k764AM3w8Qc8QoHi3uqcLaz7z9g751Fr238IkAr3g2OgavQJYjIiqiN2jyRcdjw9daYjXzBd-ofYt9BVPgOap_ky2dIJhE9pv7cxpO44H8pq--yArnFWoX9fl8KescavdiguEfjsqktXUuKtJFz7ETQQLr3s3_F6sIZ0zXpVeKDz95q0bUmmYnFpCHbIEqehGxamf4QQpfyEFm93AwttCVLKA1VFNXxLmSxECFXleld4g7Sr_TS6ObSXWTZWq73I3l74K_L93FTBdutRETkDYoYL5CAX89FBmFg65I3FClE_bCUyipWlDvGQdr1RsZpOO6cYIRP-CQgvbblAn8MmsPQijMUQNrBUPwdYiFB7vGn1c0ALOjwy9nB-aaqtn1aaO0he9mAppjLB9GQuHVo6Ibuh_YsPk6AU5JaEIBMWrfatMcMFuHDWeQzF44vyYEqjQNwo-8ZTxmB3DI2jN1at4oPYHNPBx2uWT7_2LpS4e0UG5zv3tlMCJPHPUfvDDIy0mBHaU97Ub8hlkKbNfslVm4qmhdPdIa0PkXudKqBjph2asnKNmZ65Y0h_hwj8jQJYjFpCLV185nGxgsVxJgGzt2WNhccwiBuPVZylmaYdKFtrzXJ6j37yXxiaingbGwE6EiSpLn5TgHWec3nVX8UHzywr09wVukqm7f6vKdYWBrYC77qMg3fQlgNMu5jPM1-5CPcKqIscg819Jgr7BZWbmFT77txD9ZfiU4WAIl-CwMIof3krcNS1yqsVIwqN60eIEEmNBHi1XVrpza2L-0NMtwaNzz6nfrl_0CsxtBpdvO3rAQo-19h0xvMRx3P5LGjB3d1foaa0Ier7gA7sj9phK9RPyZYeoQYxwnx2JPZURI-oUPGt4uo-ElGTdqU2nmlT6lfU9wxkjuoqbO-m9piK3OFNLCGFGMKiYxvUXd_cj_kY5CShoESyS9&sai=AMfl-YQNuoGQ9fteb8q7Eh-qPaprG5X7T6SantCBcOLuDKeU4jBg21AI6dEaB2voBRoJv9fX6HbyBM-BRJKC8_XLwfykbHOxisF7Sn1XFkqfAuSh8lEtIOCKDp6RmWzrpGjr8RjuRn7H79ZFW8UFSm7l75ecak-qZaqpmA3N3QsvjFv3jaFKAF_D8wQlku0y5IzEZ7pFyYPmj-08MB-nyUwiOGWsbHdFG0c5Zx1g4v1EptfXXY2R5ICUeVyuJc6pB2ag5w&sig=Cg0ArKJSzFWkH8PEu1QKEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=746&vt=11&dtpt=524&dett=3&cstd=220&cisv=r20220214.72887&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Feb 2022 15:27:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dt
dt.adsafeprotected.com/ Frame 4A7B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=949432&asId=ef08e5f7-bab2-7be5-409b-1a71d1ff0083&tv=%7Bc:4oJMUh,pingTime:-10,time:554,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OC4wLjQ3NTguODAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1645025276153%7C%7Ce1709ba9d09c99a8943416ed4e5e9afa%7C%7C920bd99aa4265c459f442b819dba176b%7C%7Ce8681319ea96849a801ea959246803dd%7C%7C8381af2837c311e93119d61067277746%7C%7C194ed5f7594cbda25cac379127dbb26d%7C%7C4f30227b18d6590d341b2d845aeb4704%7C%7C6f23557d76037ba432ce331696e65644%7C%7C1629390669,im:%7Bpci:%7Btdr:335%7D%7D%7D
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.37.64.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-64-197.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:56 GMT
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
view
googleads4.g.doubleclick.net/pcs/ Frame F4A0 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvTMOKepHb6Yyz3t_na79sQNmLnsoDXqG0nJ_TMtZsNnkZRHJWQq5n8JjEWLbgaAVI4w-6RPglSWzm9MZa5oXo2WNeLpipnhbWAVS35SXSLU7riMCkEqPVBjKUYDe0AAcfFSKDP8TVLZDyToEeQgpo5yhucl0Blrqo3RRPblv7hZDiuo-fxYPGKFCEOybmX2RxXroJDrlM2RR0K0oGlSj3Sti4NCMlcMnlWe3up5fQWqM49VP9oDGligzusOw8RvgT-WHRFC78ViOBm6PoeVsZIfSpSQoBxjMLVOKAtvwHq9pr_qhEcPzE_iM4Bjj2Kne0tHoRO-xegVNj5im83n0PgKTqQMY5vT8zjVem3EQIF8SPhkU74Q5utPT7oPmwL5db_2Px9-h6XYXkJM-T58HGRf8jzx8tMKYsQG7PLiVPMaFDbnnFUXxszqrGILoEMQeefCaWsp94UUbOpD-Yno311PVK9Pk12UBGi79mCx-ALDBJEUykrP_MijR98K5RU7PJZIKGxb6Aq4aTLsCsKiaB6g0G_G7ClvXLyaPA9Klu1FWBma89JDUEFstvjQti6n200Zg-8sdykxeTj35iy3I5DKlqw0O97tfAC4MHCd9WkT4L7yw87FXgZND0KdoHk56B0fk7Rg2gS9ybDR3nrRDhnr3TCSB_ackZNVEtnRScOvBfFs7bjIcLTrk4aIfC9ZtNdPLLLdW_ONOp1AbQwL2IPqqr2r8atsLC_B_3u8o5FDoqEH0DiaYUofXGaiMZbTyBRNHaGlb0EO0ZSX3VkgVps18kOXr2r4a4A75Q3bci_MjYDORjVrgwAilDlOvryp8O0j0d-u1RsdqTRcd340rFCDGJlzgkBi1ugEMKUbdT6MbOMh9Uebs4MxLDZ384VLdRLR7IxVRavmWqRVKFp0yRqtdblZpUSDMQtrcUbHInSVmV4Zhr7vZwpGlfAJdp__Miwb2BbDR3N0wCsN0l3Ur70XH8gX0q5_eqU7vO2s8b8lH25s1x6k2URq6UgMq0Tw1P_Nwwk4gTFfI2TB2wVFgmkvMJLJhCpqG4LX0BRDRV5gm1K7jHFNL5WASKV1BQ5DjFNJlunevisVHPUkDlBUMRUMLpXhJGCRbsEbhq0t-dmdZuZdea30xdlio-wCsDgUYKatnqPc4oMCeKni456gbIfWmp4nff8xTtXXjYTv3LSCxx1iczvW2XKzEuQjDKG7Qz7DNxJ9TwyDXCmzVxB5hUE9Bgav882aJpzLbEYfAOV8Kwj2IcNGaxVnUzsiNg8Z7HpNqiMGfnOGuVVm3ci08YIWGa352Il7i8c&sai=AMfl-YRPuOTtFS3kZhUQ2D-pP7I9DpoVuxv-QzegZHjwpEk81XvTBsySdbSZlZcuIGunaM3e6xqzYwO0lrEjfm6nTPxkFDajONUgkT6AKHxfyCxEz7ExS-alykgaB-hnezq35vWln3uwqBJdDyssdUqt2cgfU1yqnoBPcp8vkZFHOsl5M4pSvjkw57wfnfS82Om5uCMCDDsMQb756EQSu44SXY4bhgmMvQ6Bx0fy3QxUgJZniuj5ywuArNT5-nIcsn7Xyg&sig=Cg0ArKJSzFTeK_BgaeIIEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=827&vt=11&dtpt=591&dett=3&cstd=233&cisv=r20220214.07562&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Feb 2022 15:27:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame BBD1 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BB8Ak-xcNYo3_DO6D3gPE666QBwAAAAA4AeAEAg&bg=!rq2lrenNAAbAtJCDwLQ7ACkAdvg8Wif8WmM4TnXo0qB6C0wloAgampqJEs-9wm1OfWBQtn5HozEBHgIAAAEBUgAAAAFoAQcKAAd64Vr2MfsAmQL-_N-VaLtLs4OIvDJZt8yhYn0Wi5jjD-PFNWBts8GoJkPuQFWQb4vhmcpgtqTrwEpriHdWCaIzZ6Nxq5I3ky5TZ3o9GglvfoOpq1XD5Gq2tgE0Xr3PBTrRXDiNInoTD2tTs5smvTmDAL1E2oF65jKWOPTQ1jrhwnjQCydpPn_kunsnjNiLhftYDdwzqKxd_rgF22tYeMoTMInQF7L_TdAPJ0HKSeAj9ijRusibwwwg26kttYTcES8QTfU6l24KRruldAXnV_dMPRn3EwkvuimYmJxFt26y-O-QyBIjRPjQqtd2yn3ylx-XmaylDgBb5vOTPlxmRJsTxiSWU9TankZkkQKDgjh2onaVvHc7CFc_QVgewwJuxVIvyqif4ajFO2T8yxWYAxnGU4-TBEzB1LiXsuqCgNcdZ6grnE-lqikWlrlXralO2rgsBI6nkqaPC-F1_L5HmVQJWsK-BNBm5ntVfj2Re6pCZUFVfEb7CnrGgyfr1od2g5WC9yC-CmPizv24sJjm1VQNbhCmmMX_VcJuTW-9XaFh9PcRxOdUReFfOTbyv1l5cq6xxU6IHwe5JkXxIG1ie8Dp1UC6gRtk-l2VwosJCdcALZyCtSuHj9sJrzwqxpRlOpkp0EMz4MsVtoXtF0CQNZBUvNVgpGuCpKOCX1kYuQS5lSGXWG8w9GG0kAYgPpEURuvj-WDGn73hZv1Pd2J9yIvNRfx437xJ_5ZHpAG-8Bco99cz6dYa_tESQfSvXi7ojVi0aBUQ4U5i0fZyXneFIfzwh392HNrbmR6hQFYJgCQgHu6xduhFjneaJM7wF6AfVYeqzJb3VmC1MAvsErR2pKPMtmecDhjjlAPEudVAnD_ux6-I_fiTwU5pkDyCFd47tTyojVaAXx7fvSvGnKXUPEzB2cqSrq8WK2uW50pL3Iqgfv8CO1j9H7DYCzFMjTiGbIa7EmCRMI9ezYRp-5psFT0c2XpthIK7BQ__aDWa0NVrwVE9JcXoZ0ZZuS3deI1oUqfugQQ10jF0RQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 84A3 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bghou-xcNYqGJDZGorASnnaD4AQAAAAA4AeAEAg&bg=!1tWl1ZHNAAbAtJCDwLQ7ACkAdvg8Wr9w0Yt2ularpXZVpqF5TuP3iz6rnx86-SWQAQumSziDrqhinAIAAADrUgAAAAFoAQeZAwHunEO1FhZeUN8kEeTyK-8iZBL-mtVj8ccQ6-9iToYrM44aGPSD9njnTU72akFh8f5y4hHSlPX_k8dychOFkBRa3KGvI_da8mNUZWdrmcnQIShzj_MxVyPEKaxXfjuiRJ9oZufhoYvX0ECznAs6IEEVcllnmemRH8vZLktYneLe5dmg5wr5FszCqkZXwxNX468cv--Z8g6j16JmMvZZyQ8dNjukYDWmOJdRwYYVYUrJJC7aFvMm3jLZLLZuUO5zClhFeXIO3Wt-pPijeTkdb7qREI2XI8k7a2oUjOWEgFOuvsn-MyC27DjXFUQ6TZBe_lAZ6ZySmZqCmtFKHRGWvHvySl75z3WhQHgy_v3zXI_Le4aWUcX-rearUJ7828sKj5PDVexBySbS8BJb7liXUeaDFi6aG6tq1tjwYOoMajf0mWp-RcvbzlCiDu54I3zp9H8VJVdWVYUoYI0hFZriWVsmJTPbZjbnqdSylMCnIAg7J_NOzHU-ND1IKLBlMNcXuqimO18N8tKo1aZ1EblAUGsSEjQetUONz9DjSJ7V0tqn7JB5msj9JA5fUpQEhcdxMfjy_UXYM7ACYxDYlskXbOnKDBIvt86MmGuLjkrTCJhx4G9ZhmDoekDenagxh3KNnzflvCulDE2Tn9lXIWkO9om-1vvUWBcazYjmQsdpIi4g_V15-XSdyWVZ54Gl0VSS1DvklQDIyOJNOhBkCgOZu8E6bd8LfvfiCtw6Kh3VoTLFv7X2kHMnq5qkWj8ERt41_htKvMrmy8gfOn2keX5oELDGednhK_JEQecPm2sivYueCjspLDC8xeM4QDEPc1hYma7sZ7v0k5KoByidlKziazTcR8VsafNe55X7fuZOwYLZniBCsTmWYbOlrPiodbaBfRcsyNdTw3Pxe6b3dRNzeX6MOh3HdUzZgcdOD1XDwB18RFol20vmV5eWd0d151qf9XHz7ekwYz7LKm6BGKBPEodqu06NAYC6TpS2BG1Gwi-2s6ROHgro_RYCusKO6KP6Y5iV
Requested by
Host: 4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
URL: https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 69AB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssU4BrCmj25eO3JZBDswqZaiW0wzBGhy-YAJYtPCAp2JRDdXlB5Pu2XLgsoUTkOvL_lk2J26dentjiczaB03Y4QxoRvQ_cigizki0_PkBN3SbURIIWyUA&sai=AMfl-YSgU4oEFgxjs6SdIjEwCwh8Tg3lhoSkaEtlyKbHRGBB6-mw7LY7wZ3QVMzWGaa_4TuYJy55FXHeaMqgao0atNanJtkVEo6x3UNDukSWeB61wFrR7Gr5LfQatyE&sig=Cg0ArKJSzK7ra-XZduVkEAE&cid=CAQSOwCNIrLMUfx5xh3WqsRYqcvS5chgyWfLd1SEcQc0LFIV2yPs-3mqgIXr6yC43c7yWlxL7jsE1krUqjrXGAE&id=lidar2&mcvt=1000&p=559,1063,809,1363&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220214&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1224838769&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645025275011&rpt=417&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4A7B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstcnlA3Gz4FhebjCs_jOtntt1ix2Cjtn7msXKfw76LZJDOaYUiMFK1EUrLvHfDOZnutEqQ2wCmX5p1B8NTTQ6Pn4p-_DBF2I61j1cBuw0NFFRphdjdl_Q&sai=AMfl-YSvil9fawSFccJWnnXWr6BaFtqIhJx4i38vpIxe35Q6mk7-QR0UzgWgQfgR_aiE1LWmCk7KB48du7yeZCpxcf02GcBITH7yv8T2YpqGeJN9AhN7NxGf8VCk7bY&sig=Cg0ArKJSzGaGOhb-XgheEAE&cid=CAQSOwCNIrLMUfx5xh3WqsRYqcvS5chgyWfLd1SEcQc0LFIV2yPs-3mqgIXr6yC43c7yWlxL7jsE1krUqjrXGAE&id=lidar2&mcvt=1000&p=259,315,509,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220214&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2964830580&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645025274963&rpt=545&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 4A7B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=949432&asId=ef08e5f7-bab2-7be5-409b-1a71d1ff0083&tv=%7Bc:4oJNlm,pingTime:1,time:2233,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:177%7D,%7Bpiv:100,vs:i,r:,t:1232%7D%5D,es:0,sc:1,ha:1,fgad:0,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1232,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:177,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1069~0,0~100%5D,as:%5B1069~970.250%5D%7D%7D,%7Bsl:i,t:1232,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:706,fm:sXCmpxt+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a*.949432-60827849%7C1a1%7C1a2%7C1a3%7C1a4%7C1b1%7C1b2%7C1b3%7C1b4%7C1c1%7C1c2%7C1c3,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.37.64.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-64-197.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:57 GMT
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 4A7B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=949432&asId=ef08e5f7-bab2-7be5-409b-1a71d1ff0083&tv=%7Bc:4oJNln,pingTime:1,time:2234,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:177%7D,%7Bpiv:100,vs:i,r:,t:1232%7D%5D,es:0,sc:1,ha:1,fgad:0,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1232,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:177,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1069~0,0~100%5D,as:%5B1069~970.250%5D%7D%7D,%7Bsl:i,t:1232,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:706,fm:sXCmpxt+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a*.949432-60827849%7C1a1%7C1a2%7C1a3%7C1a4%7C1b1%7C1b2%7C1b3%7C1b4%7C1c1%7C1c2%7C1c3,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.37.64.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-64-197.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:57 GMT
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 4A7B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=949432&asId=ef08e5f7-bab2-7be5-409b-1a71d1ff0083&tv=%7Bc:4oJNln,pingTime:1,time:2234,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:177%7D,%7Bpiv:100,vs:i,r:,t:1232%7D%5D,es:0,sc:1,ha:1,fgad:0,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1232,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:177,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1069~0,0~100%5D,as:%5B1069~970.250%5D%7D%7D,%7Bsl:i,t:1232,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:706,fm:sXCmpxt+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a*.949432-60827849%7C1a1%7C1a2%7C1a3%7C1a4%7C1b1%7C1b2%7C1b3%7C1b4%7C1c1%7C1c2%7C1c3,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.37.64.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-64-197.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:27:57 GMT
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
css
fonts.googleapis.com/ 		6 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700,900&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4734ffbfd451d92135f5e04a89dcdffa7954a5a22deaba07a7fe1ade9d5519b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 15:05:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 16 Feb 2022 15:27:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Feb 2022 15:27:57 GMT
06b7a9a445ec6c790a7eab905edbd564_223056813.gif
m2.getsitecontrol.com/images/1518/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m2.getsitecontrol.com/images/1518/06b7a9a445ec6c790a7eab905edbd564_223056813.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-632.bunnyinfra.net
Software
BunnyCDN-DE1-632 /
Resource Hash
ac57ea06a2a3f57ffa1b52b3cb23bf406f09d43ea8facecf11c3c46a3af420a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:57 GMT
cdn-edgestorageid
632
x-amz-request-id
66GQDRGPRNSGN41Y
cdn-cachedat
02/08/2022 19:05:53
cdn-pullzone
84985
content-length
33741
x-amz-id-2
rqoedVubABsvRFKMwekX2JcOcGIfPbeSephMc67XAT9G8wI/WH8OooraSiUBu2Rlvic0HZ+1mMo=
server
BunnyCDN-DE1-632
last-modified
Tue, 25 Jan 2022 13:13:35 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"a5195743ef3fb39843ea0e9b752d6810"
content-type
image/gif
cdn-cache
HIT
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control
max-age=2592000
cdn-requestid
eb2a5cf8cfd752dc103104ebc9c98b98
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
34370307012420150f0ca3c3225f025d_223056792.png
m2.getsitecontrol.com/images/1518/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m2.getsitecontrol.com/images/1518/34370307012420150f0ca3c3225f025d_223056792.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-632.bunnyinfra.net
Software
BunnyCDN-DE1-632 /
Resource Hash
0bfacd1e61de29212b6b1b153a4f1559e81cfbe382998fb94fdad5fa980e6871

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:27:57 GMT
cdn-edgestorageid
632
x-amz-request-id
66GXJ87PPX881SXF
cdn-cachedat
02/08/2022 19:05:53
cdn-pullzone
84985
content-length
14524
x-amz-id-2
dB/aC4xI6lv1jOhO6u3sa6Qdesw83Iaw4pa1ewWhe0Ris0idf6gqCqijA/y5QVX7KTfQ2I/UZWA=
server
BunnyCDN-DE1-632
last-modified
Tue, 25 Jan 2022 13:13:15 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"b909bc4901cadc7c3761ee49a89e4675"
content-type
image/png
cdn-cache
HIT
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control
max-age=2592000
cdn-requestid
1c3ebea18dcde4fbbcf291990fea2e8c
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
truncated
/ 		229 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ae3c0ea26abff44f257ccf63f104e48caf74616ba9c6ba3ab9be3c8a76db96a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gauchazh.clicrbs.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 09:48:03 GMT
x-content-type-options
nosniff
age
452395
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 11 Feb 2023 09:48:03 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gauchazh.clicrbs.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 13:17:51 GMT
x-content-type-options
nosniff
age
439807
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15724
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:37 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 11 Feb 2023 13:17:51 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gauchazh.clicrbs.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:56:19 GMT
x-content-type-options
nosniff
age
595899
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 17:56:19 GMT
events
events.getsitectrl.com/api/v1/ 		0
212 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.getsitectrl.com/api/v1/events?ts=1645025278084&sid=5fc0c9695325c24d&t=1645025273.20f96807d27852e98a1ab345f6f60a95.e2e1a67a9d97e90ebc78d7f10d832248&s=17fc9e35c7b51cba35dcc5c70edebcb0
Requested by
Host: s2.getsitecontrol.com
URL: https://s2.getsitecontrol.com/widgets/es6/runtime.d8fed6e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.98.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-98-15.compute-1.amazonaws.com
Software
Getsitecontrol /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gauchazh.clicrbs.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 16 Feb 2022 15:27:58 GMT
server
Getsitecontrol
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
private, no-cache
access-control-allow-credentials
false
access-control-allow-headers
Content-Type,X-Requested-With
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZq-1CJGKROjiedZgPNLARU3FvKdmwitH6HhOWxiJLXlBYrQpK5GlXkxhoo6CMu-CEw

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 function| structuredClone object| dataLayer string| GoogleAnalyticsObject function| ga object| _sf_async_config number| _sf_startpt object| _cb_shared object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| _cbm string| __ISOMORPHIC_DATA__ string| __gzhenv__ string| __GZH_VERSION__ object| google_tag_manager object| google_optimize function| hj object| _hjSettings function| fbq function| _fbq object| pToolsCookieManager object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| privacyBanner object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| __LOADABLE_LOADED_CHUNKS__ object| __ISOMORPHIC_DATAP object| gzh_metrics_data object| GZHAnalytics string| 575-385 string| 945-565 string| 850-508 string| 820-545 string| 640-425 string| 600-400 string| 480-320 string| 414-275 string| 375-250 string| 360-240 string| 320-212 string| 133-90 string| 100-100 string| 350-350 string| 659-439 string| 375-249 string| 75-75 string| 277-185 function| APAAsyncInit object| ZemMetrics object| _zmq object| TRC object| _taboola object| _tblConsole object| _comscore object| ModuleADS object| UrlCache object| SUBSCRIPTIONS object| SWG function| udm_ object| ns_p object| COMSCORE object| APASDK object| APALoader function| NossaLoader object| iframeNossaContainer object| Nossa function| gsc object| nvg23955 function| nvgGetSegment function| ltgc string| prmstr object| prmarr object| tmparr object| GAUCHAZH object| naveggReady object| pers object| _cbq number| _sf_endpt string| __chartbeatLastRouter___ string| __dataLayerLayerLastRouter___ object| webpackJsonp_getsitecontrol object| pSUPERFLY_mab object| pSUPERFLY function| onYouTubeIframeAPIReady function| UET function| UET_init function| UET_push object| ueto_cdaae47b7b object| uetq function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO undefined| msg function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id string| prop object| placementData string| nam object| ModulePrebid object| ModuleAdServer object| cmTag function| webpackHotUpdate function| startCMTagMain object| googletag object| ggeac object| google_js_reporting_queue function| pbjsChunk object| pbjs object| _pbjsGlobals undefined| google_measure_js_timing object| adserver_defined_slots_map object| slot_output_render object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| ampInaboxIframes object| ampInaboxPendingMessages object| google_image_requests

55 Cookies

Domain/Path Name / Value
gauchazh.clicrbs.com.br/ Name: _cb_ls
Value: 1
.clicrbs.com.br/ Name: _gid
Value: GA1.3.233413887.1645025271
gauchazh.clicrbs.com.br/ Name: _t_tests
Value: eyJNN3RNZ1NiNXNqNGYxIjp7ImNob3NlblZhcmlhbnQiOiJCIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJEZDR6VDIiXX0sImxpZnRfZXhwIjoibSJ9
.clicrbs.com.br/ Name: _fbp
Value: fb.2.1645025271858.2076139967
flipzh.clicrbs.com.br/ Name: SERVERID
Value: s5
.clicrbs.com.br/ Name: _hjSessionUser_515419
Value: eyJpZCI6IjhlNDdkMWI2LWM4NmYtNWRmOC1hZjQ5LWExMDYxZDQzYmRkZSIsImNyZWF0ZWQiOjE2NDUwMjUyNzE4MDUsImV4aXN0aW5nIjpmYWxzZX0=
.clicrbs.com.br/ Name: _hjFirstSeen
Value: 1
gauchazh.clicrbs.com.br/ Name: _hjIncludedInSessionSample
Value: 0
.clicrbs.com.br/ Name: _hjSession_515419
Value: eyJpZCI6IjFhYjFhNTUyLWY5MDEtNDUxZC05OTA0LWRmYWJjODNjYzFhOSIsImNyZWF0ZWQiOjE2NDUwMjUyNzIzMzUsImluU2FtcGxlIjpmYWxzZX0=
gauchazh.clicrbs.com.br/ Name: _hjIncludedInPageviewSample
Value: 1
.clicrbs.com.br/ Name: _hjAbsoluteSessionInProgress
Value: 1
.clicrbs.com.br/ Name: metrics_user_id
Value: db004124-a0f2-470e-99e3-d56504e6547a
.clicrbs.com.br/ Name: metrics_origin_zm
Value: true
.scorecardresearch.com/ Name: UID
Value: 177d54603b426bd289e89ba1645025272
.google.com/ Name: NID
Value: 511=BraxwiAADrSEV0JeIjyNX8mjKF60ZfWWB0rRJrF4AjpFksadmKbht15lIEuRnUziZgrhcNFyuFiQ9sq6w1jPYj5vEztrZ_yv3mkHD_lmBmaDgJC4Hm83sH9AelJV-04hzp5NaImbkOgi6DK7RlCbPXkTaJX0qOATQtgbxBW3nZ8
.navdmp.com/ Name: nid
Value: 103c69733c2266f9116632f47e10|0|76
.clicrbs.com.br/ Name: nav23955
Value: 103c69733c83a2ac30a2a102e910|2_48
.clicrbs.com.br/ Name: _gat_UA-3469445-1
Value: 1
.bing.com/ Name: MUID
Value: 382A2B43C3DC677109AF3A0EC20E665E
gauchazh.clicrbs.com.br/ Name: _cb
Value: YecSUCrtEYHCkpqz8
gauchazh.clicrbs.com.br/ Name: _chartbeat2
Value: .1645025272942.1645025272942.1.BWa8eCByjjOTy31WCYR1eGDX34Ym.1
gauchazh.clicrbs.com.br/ Name: _cb_svref
Value: null
gauchazh.clicrbs.com.br/ Name: player-region
Value: Porto%20Alegre
.clicrbs.com.br/ Name: _ga_BSW87XLWWR
Value: GS1.1.1645025272.1.0.1645025272.0
.clicrbs.com.br/ Name: _ga
Value: GA1.1.244207154.1645025271
.clicrbs.com.br/ Name: _uetsid
Value: 01f80f708f3d11ec9a9823bf183d9196
.clicrbs.com.br/ Name: _uetvid
Value: 01f840008f3d11ecbb28150fd26ecfb5
gauchazh.clicrbs.com.br/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D2ec1a381-efee-4e48-a364-65580c8441e2-tuct9069d79
.rubiconproject.com/ Name: khaos
Value: KZPPKOZD-Q-KNUB
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qo6i5ExjwS2YT5APvdogVCbaTd6KyMQnat7y9GyzaExIbAv7rNBnzaKLXPDyLGveX48Egj5e3KacrPtIOOqYiXMJhsHlJbldDf4+2qwceU3wqZr5ZVxLWDe
.adnxs.com/ Name: icu
Value: ChgI1-9FEAoYASABKAEw-q-0kAY4AUABSAEQ-q-0kAYYAA..
.adnxs.com/ Name: uuid2
Value: 8071512030346673779
.doubleclick.net/ Name: IDE
Value: AHWqTUnxofZxh3TRrj7tZnrsQYmSWM3H_AkIqFU963RFc6MrJkwbsgQUgT_-8BjtFrA
.clicrbs.com.br/ Name: __gads
Value: ID=639481c0f15d0b28:T=1645025274:S=ALNI_MZSawYohv0p5u9gi_R7_dFfIHN1Ug
.casalemedia.com/ Name: CMPS
Value: 3271
.casalemedia.com/ Name: CMID
Value: Yg0X.6XpGzEjYQKq6XrhtQAA
.quantserve.com/ Name: d
Value: EAcBCQG6JYEA
.quantserve.com/ Name: mc
Value: 620d17fb-69425-6731e-acac7
.3lift.com/ Name: tluid
Value: 3351251974309005810543
.w55c.net/ Name: wfivefivec
Value: c2ycUB0q1NkmdJ5
.w55c.net/ Name: matchgoogle
Value: 5
.casalemedia.com/ Name: CMPRO
Value: 1154
.casalemedia.com/ Name: CMST
Value: Yg0X+2INF-sA
.lijit.com/ Name: ljt_reader
Value: db94abcadefa5d723715cabb
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In?wjlvF!]tbPl1M>e)ZlrFUfJ+tGXxoHOPs]4^y)DH_(+(?>N.w/avzgc_KBw'B>0VK3If)y3KL9D3I?+uf?8x!
.casalemedia.com/ Name: CMRUM3
Value: 2d620d17fb2760CAESECLL8ovM7J7zzMp9IayWTGU
.advertising.com/ Name: APID
Value: UP039c3a76-8f3d-11ec-8929-02e51d21b622
.mathtag.com/ Name: uuid
Value: a09f620d-17fb-4d00-badf-91dd3283203c
.mathtag.com/ Name: mt_mop
Value: 4:1645025275
.ctnsnet.com/ Name: cid_cd6b422bf51d40358753d6d3ff71df49
Value: 1
.turn.com/ Name: uid
Value: 4171146311398717557
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ec2d7d7f-7006-44ea-8bb7-ebcc82bb7373-003%22%7D
.yahoo.com/ Name: A3
Value: d=AQABBPsXDWICEJ317z27-nf0j91nWKEuaFkFEgEBAQFpDmIWYgAAAAAA_eMAAA&S=AQAAAln28gQ91aGB4mzDgxhhzNU
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ec2d7d7f-7006-44ea-8bb7-ebcc82bb7373-003%22%7D
.analytics.yahoo.com/ Name: IDSYNC
Value: 18wq~239r

3 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJAt6IZKCz25uzcDHE9XYKx7n4fPSBcSbtTdiVd0hGXIbRdIE1W36JXW0zI55-tbAAQDuF_PZSBOdUz3UjPhMIZnT4kHBA
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg0X-6XpGzEjYQKq6XrhtQAABIIAAAIB&google_cver=1&google_gid=CAESEMCGbiuO9nsagSdrV1IvARw&google_push=AYg5qPLU3CK0PE5aa6rQA4lDZQ_2TxPknKvBZq-1CJGKROjiedZgPNLARU3FvKdmwitH6HhOWxiJLXlBYrQpK5GlXkxhoo6CMu-CEw
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
4c964b5c98ad88985915f40c9c5e433a.safeframe.googlesyndication.com
ad.clicrbs.com.br
ad.turn.com
adservice.google.com
adservice.google.de
ap.lijit.com
bat.bing.com
cdn.navdmp.com
cdn.privacytools.com.br
cdn.taboola.com
cds.taboola.com
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
connect.facebook.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
events.getsitectrl.com
fastlane.rubiconproject.com
flipzh.clicrbs.com.br
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gauchazh.clicrbs.com.br
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
identificacao.clicrbs.com.br
images.taboola.com
imprammp.taboola.com
in.hotjar.com
l.getsitecontrol.com
liverdgaupoa.rbsdirect.com.br
m2.getsitecontrol.com
mab.chartbeat.com
mabping.chartbeat.net
news.google.com
nossa-loader.clicrbs.com.br
opi.navdmp.com
pagamento.clicrbs.com.br
pagead2.googlesyndication.com
ping.chartbeat.net
pips.taboola.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.rubiconproject.com
play.google.com
pm.w55c.net
r.turn.com
rtb.openx.net
s0.2mdn.net
s2.getsitecontrol.com
sb.scorecardresearch.com
script.hotjar.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static.adsafeprotected.com
static.chartbeat.com
static.hotjar.com
stats.g.doubleclick.net
sync.1rx.io
sync.mathtag.com
sync.targeting.unrulymedia.com
sync.teads.tv
tag.navdmp.com
tpc.googlesyndication.com
trc.taboola.com
ups.analytics.yahoo.com
us-central1-metrics-prd.cloudfunctions.net
us-u.openx.net
usr.navdmp.com
vars.hotjar.com
vc.hotjar.io
vidstat.taboola.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.rbsdirect.com.br
cm.g.doubleclick.net
104.111.242.245
108.128.120.89
108.157.4.80
13.248.245.213
141.226.224.32
142.250.185.130
142.250.186.130
143.204.215.95
143.204.98.104
151.101.1.44
172.217.23.98
18.156.0.31
18.157.231.140
18.185.44.17
18.66.2.60
184.87.213.8
185.29.134.248
185.86.138.131
189.76.157.100
195.181.174.138
2001:4860:4802:36::36
2001:678:cb4:bbbb::11
213.19.147.44
2600:9000:2057:5600:18:1fcd:34f:cdc1
2600:9000:214f:6400:8:48e:53c0:93a1
2602:803:c003:200::41
2606:4700:20::681a:a5b
2606:4700::6810:ef3
2606:4700::6810:ff3
2620:116:800d:21:ee05:6a01:4b41:8c89
2620:1ec:c11::200
2a00:1450:4001:800::2003
2a00:1450:4001:800::2006
2a00:1450:4001:803::2003
2a00:1450:4001:808::2008
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200e
2a00:1450:400c:c03::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:5f80:a::b212:e79b
2a04:4e42:400::714
2a04:4e42:600::300
3.208.98.15
34.228.86.47
34.249.30.33
34.98.64.218
35.186.193.173
35.227.252.103
37.252.172.249
52.37.64.197
54.173.41.153
65.9.63.66
66.155.71.149
69.173.144.138
72.251.249.14
89.187.169.15
89.187.169.47
00893818e9dd84c02d708b6b88d85f34d855990f4f3d853df9d1257a6088840e
01cf2ca0e1910a41e29b6e6690542eeb860dd852c7558332cacffe0ad37d439d
02519f2ba07081abab568de34e18827f13648e69b65a0a741891bf945bae3705
0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a
0462e37a066b69587431280065cf9adfc4c18aba5392529fbba36c16889a64c6
051e78ff49e006565aa057c9ca589e78513468a892d7236136a69cc5808427e5
06b81e88db63cdeaaa646eff63a8b294f45989e4775c46f6e8e53af36147722d
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
08c4bc8832b3dbac61e530d5b7aa263ea66f6429d163177474c231a1db67c7ba
0ac8588ee6e33be668883f48a806efa162ca555058b822b262d4804890e6d5b9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd4472749669e4a3631a54111319546ceead544e0548d926cf9e4c7c98a8427
0bfacd1e61de29212b6b1b153a4f1559e81cfbe382998fb94fdad5fa980e6871
0e76d996ca804bfb66a6a142afe6189c9123966c3c2d82b4f9d36e93ab5313a4
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f8d9aff3126d4ecc57a3c6a6ffdb0d1e0ca76750d5da550d297ec7b5ce184b1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11db909f3d3d75732c94b52aef00d31ff69f9e00813c8f3b9d8bb9aa146e9d2e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12a8acbea80254ddfe9586aff910d6a6c67aabd7e29af4c39194cc82bcf4a2c0
197d9605e19ff87a1b75bc5c74a137bba9f5fcdd6e557678fce90dd3d6eebdd3
21477c315faf43ecd3df791695191da51cbbc19fe15d0eae781049de1596e723
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
23b3d2b54537739075db04f57c66bd7a4b95aef7a8d95cfd50516c51ec094250
24610698edf13a9595faaddb0be5e9f5c5163f72fb96035091a983be293313fc
25db276f514822906922fbfedd6557c9418afbf1d9d51d69c4f9dacd722a4baa
2652e68706489e729834d94001be164ee8de2f9a7fbd7218a8215464381b174b
2675ab1d1852f1aa30e272d7c2b1b9616e1f4771a94860e0d92bc7fca6c3c48a
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
296f059f114e04130b26c555f5409e751f1f88407a8d50562b5070e19eb0162d
2a293b4997b6f3013484cdab78bd700bb2b5a6c40a1c8e0a449a8b2ac6798f60
2b6c5c61d31d9a294660a1999928903900aadb1eda143065f81b59e3c4770cfe
2be149f5e75208addf12839a437f423992d2964e9064305a2bdc73323daa49f3
2c2dd34c8a8d2ed4b4e91eed55c2404518bb4a5ff02ae68e7a08f4e14ddb3e46
2c9c81639ba7877372b0df3229f7a80feb08c51f1bd333f96b8eb73a9a037a72
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
312d7eb4c26fc423dca77839b887636055fd1aca5c4be355352f1a5c53e997b2
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32b26f8e7c3d7f5f2e82dc642c978f143c5d02f499b16538a6057bcc878c229a
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
36098142ee4abe732f1ce320ef294850b99cffaec5e5bd9369e6f30defd48181
369a9428fcda0514826cab6a50441b0fa67bb7618018fa72f07d991dac70b098
36b8d7c1c0f7498119dcba5a42fc5b0002df4ec86e6f06e87dd4b06301578458
385470e1b0daa0a2a4c86aaa0a3c45f7a434a2b72772a257978be7c604d930db
38565247c5e2a6727b784198e51c999f1c84c25537b3eddd399903293148d987
395ddc9739ef87bbfd5a7684d16b8b684f0a8601b6d64b8d705502be1603c26a
3975966229b1c0ceebf499c9785110a8142f42b5bddb0122e3eca5666707ae45
3b4cdcac0b1cdecd92288f13bb3e6e98c268619508efd3cd46b8b919e6617de8
3d54d65d1a3e03ee57b6b3bea623447a1d39393610bdd51bb389fe20c0b17f78
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44c87e5db4ef3e2fc23b77f8ef956311fe8571b23c700261f774613e78099021
4526aff82ef10df4085b45b7b95fa8f7173a81e86a7b4f1f2bdf0c3d08f66877
45c4621c33064249a4e19b55e15fce185bf5adee33d7a7d4cb08f1155b34a5cb
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
4734ffbfd451d92135f5e04a89dcdffa7954a5a22deaba07a7fe1ade9d5519b1
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a9ea9672685ffe7f8d0a317cd04a31a01382386cf7554408960dcc1f105f005
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bb6981f122b7913e0bbd004eb2cc0b6a681bcf520a7c30d4800d0b16df49abd
4d84a848c99199a89d68838b0eb6df9dac584b4e1c59603c0ece2d50ba6502f0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5091555405f2ce46dc3c259366f8e43ee71bc4da20cc2ca854527eb0ec5b22ad
50e599ab20e59032fef27234112d9feb1e92acb2a81a3dec69a0254550b0917f
51ad2898e51aeb4b3bb9a563d3c51f29bcd95d37be16d5e7d3d628fb89e0407f
52ab52b0b9bcb9e0486b46c547952e826bf6960fcbba7cdff8d792e1e284d6cd
54e399ff7252ace149b100e87451ff4031a94cfbd1cf80916d4b83da6f6014c6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59349af94fef6e16882ee1473345e998bd9c79ab2df27c26ad0faa9c1daf8969
5a88f85d0def284cbb3518e9df9462e4d4897401f7da3424e53216edeebda383
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024
5d69ff4665e0f752198eaf19b1385789539f11fd46cd069335f90082cfd58042
5f2778667ce7da721e201618eac589ac1a32af6b43c246675826a8d728eb902b
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f3ee861acfa489ed75dce1bb758fe833aee4e268284ab63ba64778dff5f461
624131598e832c386746d7c95eb44b87aa91abdcc9c3868201cc753b03e4c335
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0
62de9da5a2ba071c5b0d8bd3d3e9163099da2b088e402a4cc1867b0d36362cb4
65a1459160b99d548b8239afbdf7a41ca91fe1e3ba247d1d565df31bea0d6533
6771b47b18b9d6c3c553adfa4a75dab513047880500fb37d9814252e8b11c950
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6aedbd5800ac3f78832844813990b17d15abcbc14e740e390aba7e50271ba250
6b4f8e0237a7bb7453744e9bab1eebfe7f70c88c6243735aff0adf3e275419ac
6b52450a51eb0ff7ca3a47d71c81fe11ae9bb2defd351861dc135fcc68d48736
6d0cae948ba7b2ae4cf6123744dc1be2c19692879aa527a13c771b432aa18e2c
6d16d12a90867ed71e37a43f1c13e71a327fcca58f42df4776f1def56f8031ba
6d44d02afbb548f22926b7382566b1ebb3dc908f95b9ba06e7657ec36361fed6
6d724b5900757c907e3c9e088a83c3a4d76fb5da7293323fba6540c4b45d6592
6df0e79bf174f517cea1f243496e6a4e577650894430e419f398d393cda9db9f
6e0cedb145ed1fe551a1f7cd45a70be4bc5921932e15625df937a9ee3553b315
6e5f1317cc82513c64ed99253fb671fcc6d6b8c5078776a38d7f89da22e75d2d
6f5884155aa9570de0a6f43f119a642904d6bd9f412f8f798bc666b99051f895
7025e11b403e9e1415114aff1413e251c7002800c610e8bf02ff400a8f67a50e
77b9686b0dd2fbbae8f144b9abdcba52367687c53e2ace4654f713a4fcd6f2e9
7ae3c0ea26abff44f257ccf63f104e48caf74616ba9c6ba3ab9be3c8a76db96a
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
7fea1533939a83fdd3078a70cd1e3de934f9f06652c5fcb1bf1846b3ef53056c
82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
838b7351ffd6539bc4fd81958e31810222038748b89faa4de0bd00e8b2494da6
83d3afbcbb951df99c98213246727083063e4735e16562379ba8bcc083113dca
83ff1c1e9e3c36cb6e8443300fce33e7069d7c5e8f35d1cae932a7293caad34f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
85974d7c5ae1b1a0f07bdcb88ff37a2893533248a12af5c40c0c6fcccbed06db
8832feec5afafe3117d1fb90217f8fe7a16c03eb515f83582e043ee421d89fab
8847cc60ae38e9ee058fe1c1ead1cd834995c605c5d940437078419e622ce933
8a3a9d32ad0cd9399475182d83800839c53c3a0945c24a1db0a8955522b16547
8a3be5c42a100f7deea011d1d5d80652f5f8bc26ba5fdbc12cb470f4ce69bd23
8b35f09e010fba16592b2dde884f40ee679b0f9a7458ed03c1f1917ec45a675d
8d111500bf25634f687194ff4d0d56fdbf0408efbf5d3b7fbb5698a5427bda0d
8f6dda8cd0c0dcc0d8ed29e7e2e1fb751c589de1e92192b86e617a3793a86672
8fdb95c7336e5213640983d708ca78e8dd544ef73137bcb0d7f813adf8f0b007
90ab255dd831f5c019c791dc30f6c03be753cc6ad95534ca92bada2837a66618
915434fa63637faeed4ce9db4624f9d3a2e507f1c37b110e848c283c407cf33e
922d6b0274c900d518e815e45bf3e5a646f45ca92fdb3de5ac99aa0d02054b5a
954fd4d2ed05350823d3b43782f7e4476fb25689819e4b5d5c5c790e38d9e1ca
975ac5c49a920a7877668499bf696c9e8f26470a7d9493205a824b83f57f8042
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a082bfd96630ab857ec08e4e0055175aae987aea275d450f048ec3fee5de5383
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e1e44b76ba8f6db13cf9970178e2ee24d6bd6a0435220a2bb66239c5d3393b
a17468d71dba20ea2c2dc495fe2ac92cc27d72d57fbbd46b81f2df5451880794
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ec4e6bcbe16aa5d5528b53498c024d8e56c5040ad418906cbdd2a0bf37ab69
a217093482f8f267d7b2687f71cb07e0d1d54f2006e6895e78b94e3b390721bb
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a442b080c731f6b7d20e4935475c6de21cd18a8826fc4348a1ae306a502e66a1
a49c6db45854a11786964a1d1df051ccdf021097f05b242720cfea23782b2682
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4a8e9886c01a5f3d4174d6ed6eaf8d429059f0a5bd9a64f3796d445ee312c7d
a52289797d7a998d98bf08962013ddb03c44e590ef423075542f1e729626839f
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201
ab6c2d2f7f2b318e51cbf51913cbc0f30a226a4df15eac7e1f8241a559930e0c
ac57ea06a2a3f57ffa1b52b3cb23bf406f09d43ea8facecf11c3c46a3af420a5
afa6b81f1bf984f4a5ea2e070bb58207b870de0001a8ca07d3f66be20be25f3c
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b048e01655cdf47f739c288fc4195c26de3883db4ebc4368242fa38b0ca0062d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16a912d69dab19b2d1e21e13606ff7396983ab7f6337ddcda7c11059091b196
b2303d8d7c4b54c60d39d1993f00736c924667edd9f5438842b4f955f539e027
b7a55018234eb38eb68a2bb7c8a5625ad96c29e5681e5344a464a8c328b33ba6
baea5caffda9109fe3fe251376d60a25ea43c846fa7bb8dc4b15da44a78c6760
bb4e5a43c400ad8b5ed7a07da8897663f590de7f60065d5e828792179ba1b958
bc0c653fc6616c9a804051df24255ac47ebdb98a5d32a1973844165dc0bcdc4f
bd1a6ed773a5ffd85d292aaf7c25c593686b1dc20baadaf69cb993e4b2ba6725
bd50219667293fd4ee2c24ca0ab2140a609854fc6b1facb507cbf1d5d1a5effd
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be5efae6930f6ddbf7d7c112ca85838d02bf367a2a1d5c53202250c1e1476962
c3728dcae7f124057d95b29a59cc6b580e9dc78a45f5b76bee1f62f345bfeb69
c4589b945bd8de0e3f875dd97acd2bcb6f05c735ce512747e5f0117fa563b7cf
c6eba37f3825056552db1ce605bbde19f590bc7cbeb091191bc428b1ac2ccc87
c7606d2ad370439c7b03b3b8f4aed04c8861de171b0380be7fbc1c15ceadc129
c92420cfb439508b1c4df21f2d911a9ea8097d83953c07ba38dbe5759681f63e
ca4d47df5f2bd23ed98af5a718234733be65fad15a188097a63a9cc4c1357cec
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccc519a71f76661cdeb01cb054c91a540510c14b29f3973a5da6d3a2655f583c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfebcfcdc234c34c83c38c822c20fe2a85b4d929232ebe5e16b29927754be98d
d0bb2cfbc0632201ddefe3bb3cf02bdd82a1f1ce28d82ca2441022068638380c
d0e5550c8c17c38bdd48c0a38b02ded60e683dcfa9f5da0966c204be47bb7239
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d59040ad1ec39e643a31d375c395e40e427d7af21000be2fbdd9eac9dcd47b56
d8d4852661013ae82b0514554117f5e18111f594a20124fbb417cdeb6c4bdfc5
db8afdb483035e4336145db36463bdbf70bbfd8ed572e886a69a510d73d674ac
dc0ddd462a72d52805274508b2477314ba9df0c2eebd6a477a121ac681fcb831
dc1de07fa34f5a152c80eefde3566285b0aa80328478cb72dff5b67d7c18a07e
dc930abe14ab06c49001c1ea8ad294e2d2e1145dedda720dfac54f8288640f56
de17bd4924cf4f37df1890d004e4d972fa7fce83bb13cbf4dfc7a456d67fe958
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de5c5c45f923ca17962270b7c4205f25d317d8024dfb123c9e6ad329b4016f51
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e235dfd21a3870110546f9be94ef0a05928c5cc62b73d356db1879abd2e8cfab
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e454c728482f2ddb3feabc93952a28ccd255a6074c92343736342394c75f5bb9
e4589e9be8fb2fe056439ef9a65adf444c3ca964227299f2753ddd1db3242023
e5be30616d437d2baf9041a6648598542ae30fed30d261b002266e5d58969685
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e7ebb311a1415b8c006a9d92a2fae996bad78989ba002091919fdaf15dee05bc
e811e414f4376d969d84db459974e258fbea5cb9aaa9fc90049c18946eb2a6e7
e86edc1e75e885c59b0df44e8e10757847487c8ffd9d98b5ae79d04aa4570cc5
ebcf864a2018b4b0f21659ad83c84be23ede2c89453cf7baa9d3865a5d4b9382
ee210c77ed7557695e2e2e30d3b6dd67ef4b87e04f47f2fadf2adb88641f2870
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11884de40899d47234c1cf86074c4e1daf2adf2b83ecff07996dba83044fa47
f2fa75fb3b2cdc2fbdd29c43a3010acd04e4af6be218651b9f151dbc44756edc
f36816c7dc5d5f46afaae8b35ccf2e20123f75a38ce319ca0293cd7b5e955c4c
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f731ff13de53f2bc7fd6c0fa5b530649db506b5544da9c5687b245c82217738f
f8223c715d6927d3966caef0d8ee78e4ee5be665e2c26c8d7226d68ea052445f
f93264606087b4c1dd4e0bb8bf2ed92549c53fe8b5f095d214c4e72a765f5482
fb1e80d37bd348157da29701377633ef2b99781853f872d7ddd6886fae82c6e0