www.superlutas.com.br Open in urlscan Pro
2606:4700:20::ac43:47d3 Public Scan

URL: https://www.terra.com.br/?utm_source=superlutas

URL: https://servicos.terra.com.br/?utm_source=terra&utm_medium=barra-parceiros&utm_campaign=produtos-terra&utm_content=parceiros&utm_term=barra-parceiros&cdConvenio=CVTR00002060
Title: PRODUTOS TERRA

URL: https://twitter.com/superlutas

URL: https://www.facebook.com/superlutas

URL: https://www.youtube.com/superlutastv?sub_confirmation=1

URL: https://www.instagram.com/superlutas

URL: https://www.outbrain.com/what-is/default/pt

URL: https://www.freenet.de/unterhaltung/girls/playmate-daniella-chavez-zeigt-sich-offenherzig-auf-instagram-fntdt_8187756_7000088.html?utm_source=$publisher_name$&utm_medium=referral&utm_campaign=outbrain&utm_term=009958bc651b5f7b933833a6eee022ac5c&utm_content=Playmate+Daniella+Chavez+zeigt+sich+offenherzig+auf+Instagram&obOrigUrl=true
Title: Playmate Daniella Chavez zeigt sich offenherzig auf Instagram freenet.de

URL: https://gesundmachtschlank-aktion.de/selbsttest-artikel-ob?obOrigUrl=true
Title: „Bauchfett kann mit diesem Hormon-Test gelöst werden" Apotheken Kompass

URL: https://www.trend-chaser.com/money/jugend-ruhm-schnheit-und-reichtum-diese-damen-haben-es-alle-und-ein-paar-die-sie-alle-verloren/?utm_campaign=ybf-d-de-r-0-0-210914-tc-ob-0&utm_source=ob&utm_medium=$section_id$-ob&utm_content=0088edc3ca17de942ab27108ac5f897695&utm_cpc=$cpc$&obOrigUrl=true
Title: 60 der schönsten weiblichen Milliardäre Trend Chaser

URL: https://quiz-lounge.com/Wie-du-sitzt-verraet-alles-ueber-deine-Persoenlichkeit-a57556.html?utm_source=Outbrain&utm_medium=Discovery&utm_content=Das+verr%C3%A4t+deine+Sitzposition+%C3%BCber+dich%21&utm_term=$publisher_name$_$section_name$&obOrigUrl=true
Title: Das verrät deine Sitzposition über dich! Quiz Lounge

URL: https://www.ohmymag.de/unterhaltung/sensationeller-schnappschuss-barbara-meier-zeigt-sich-ohne-filter-foto_art17656.html?utm_source=outbrain&utm_medium=cpc&utm_campaign=pmo_omd_article_desktop_desktop_rss5&obOrigUrl=true
Title: Sensationeller Schnappschuss: Barbara Meier zeigt sich ohne Filter (Foto) Die derzeit besten Videos

URL: https://goo16.com/click.php?key=wffwwc9ijqda9hsgra7z&ob_click_id=$ob_click_id$&trafficsource=00d2c15106ab9feccc8a9d9965f4269797&clickcost=$cpc$&trafficsource_name=$section_name$&siteid=$section_id$&campaign_name=ED_AMS_DE_Desktop_Young_Semi_20_1_22&obOrigUrl=true
Title: Potenzmittel online kaufen - Morgen geliefert (10€ Rabatt) Apomeds.com

URL: https://de.investing.com/magazine/purer-luxus-diese-dinge-gibt-es-nur-in-dubai/?utm_source=Outbrain&utm_medium=cpm&utm_campaign=001d9a015a60a3ef2ce36df2ca420df595&utm_content=%5BBilder%5D+35+Fotos%2C+die+den+unfassbaren+Reichtum+in+Dubai+demonstrieren&utm_term=$publisher_name$_$section_name$&origin=outbrain&outbrain_params[ad_id]=00b3a7043717d027d8d44bfedff11dd98c&outbrain_params[doc_title]=Purer+Luxus%3A+Diese+Fotos+demonstrieren+den+unglaublichen+Reichtum+in+D&outbrain_params[doc_author]=Daniel+Rosenblat&outbrain_params[doc_id]=005d2431f8e6a29d971886229ee84a4632&outbrain_params[ad_title]=%5BBilder%5D+35+Fotos%2C+die+den+unfassbaren+Reichtum+in+Dubai+demonstrieren&outbrain_params[publish_date]=20210707&outbrain_params[req_id]=$req_id$&outbrain_params[source_id]=$source_id$&outbrain_params[promoted_link_id]=00b3a7043717d027d8d44bfedff11dd98c&outbrain_params[time_stamp]=$time_stamp$&outbrain_params[campaign_id]=001d9a015a60a3ef2ce36df2ca420df595&outbrain_params[uuid]=$uuid$&outbrain_params[section_id]=$section_id$&outbrain_params[section_name]=$section_name$&outbrain_params[publisher_id]=$publisher_id$&outbrain_params[publisher_name]=$publisher_name$&outbrain_params[ob_click_id]=$ob_click_id$&outbrain_params[android_id]=$android_id$&outbrain_params[idfa]=$idfa$&outbrain_params[cpc]=$cpc$&im_dars=1x100_3x101_5x958_7x832&obOrigUrl=true
Title: [Bilder] 35 Fotos, die den unfassbaren Reichtum in Dubai demonstrieren. Investing.com - DE

URL: https://historiadordoesporte.com.br/
Title: Historiador do Esporte

URL: https://blogs.superlutas.com.br/redacao/
Title: Blog da Redação

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.superlutas.com.br/ HTTP 301
https://www.superlutas.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1523006118&utmhn=www.superlutas.com.br&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=SUPER%20LUTAS%20-%20Not%C3%ADcias%20UFC%20e%20V%C3%ADdeos%20de%20lutas&utmhid=1985017582&utmr=-&utmp=%2F&utmht=1643259277935&utmac=UA-25264013-1&utmcc=__utma%3D41317280.1685899782.1643259278.1643259278.1643259278.1%3B%2B__utmz%3D41317280.1643259278.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1911279948&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25264013-1&cid=1685899782.1643259278&jid=1911279948&_v=5.7.2&z=1523006118

Request Chain 51

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1643259278125&ns_c=UTF-8&cv=3.5&c8=SUPER%20LUTAS%20-%20Not%C3%ADcias%20UFC%20e%20V%C3%ADdeos%20de%20lutas&c7=https%3A%2F%2Fwww.superlutas.com.br%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1643259278125&ns_c=UTF-8&cv=3.5&c8=SUPER%20LUTAS%20-%20Not%C3%ADcias%20UFC%20e%20V%C3%ADdeos%20de%20lutas&c7=https%3A%2F%2Fwww.superlutas.com.br%2F&c9=

Request Chain 99

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICUtLqawiMYu9TZi-EBlJU&google_cver=1

Request Chain 100

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfIljyx7NsIcKfpPEJg8wQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXTiSA1vEw1ZDZLsOm9izk&google_cver=1

Request Chain 101

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEELSMGpcuIp2uAtxftB_-9I&google_cver=1

Request Chain 102

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYxNTUyMDE4NjAxNDg4NDY0OA%3D%3D

Request Chain 152

https://d.agkn.com/pixel/2175/?google_gid=CAESENiU3ulndCiwROAo9TaqMBk&google_cver=1&google_push=AYg5qPKUY-Usp4f21jy-YvS8Lj9NFhOlKrqRFT0O_4GUUzKYPOGhfCsS6g4OnPX26Eb-3RnReusnLMhB6KLohOW_5FeN17QCiA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKUY-Usp4f21jy-YvS8Lj9NFhOlKrqRFT0O_4GUUzKYPOGhfCsS6g4OnPX26Eb-3RnReusnLMhB6KLohOW_5FeN17QCiA&google_hm=Q0FFU0VOaVUzdWxuZENpd1JPQW85VGFxTUJr

Request Chain 155

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEL0NgKoxfFc9hBCM9MPmpq0&google_cver=1&google_push=AYg5qPJUeBZdWAW4tY5vA1QMAi5swllqzozHqYgJYAmiAYWfK21BcP5KqM65Ppud0PAAUoEGNte4oIEzDCDZmWpBM4RN-Gnt-7A HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEL0NgKoxfFc9hBCM9MPmpq0&google_cver=1&google_push=AYg5qPJUeBZdWAW4tY5vA1QMAi5swllqzozHqYgJYAmiAYWfK21BcP5KqM65Ppud0PAAUoEGNte4oIEzDCDZmWpBM4RN-Gnt-7A&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GLtwrVIJTRCiRud7zsM-pw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJUeBZdWAW4tY5vA1QMAi5swllqzozHqYgJYAmiAYWfK21BcP5KqM65Ppud0PAAUoEGNte4oIEzDCDZmWpBM4RN-Gnt-7A

Request Chain 156

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGuWG16cJdU5U8hWcSdldx4&google_cver=1&google_push=AYg5qPKHR2VoKQoIXVCfJdw8U_blM_yD7kcq6pYrVK46pLfWOH9h3CghfB5WIR_f2E1cX-QpYt-i2ll9XZqF4uW3G1pLfysljkU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lXSTVCMVotMTctNFBGQw==&google_push=AYg5qPKHR2VoKQoIXVCfJdw8U_blM_yD7kcq6pYrVK46pLfWOH9h3CghfB5WIR_f2E1cX-QpYt-i2ll9XZqF4uW3G1pLfysljkU

Request Chain 157

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_cver=1&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYaufoGHHYML73MBVxOn02VREogghH7VYFHSuxbG0oNCgdjpbEfXc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYaufoGHHYML73MBVxOn02VREogghH7VYFHSuxbG0oNCgdjpbEfXc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYaufoGHHYML73MBVxOn02VREogghH7VYFHSuxbG0oNCgdjpbEfXc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYaufoGHHYML73MBVxOn02VREogghH7VYFHSuxbG0oNCgdjpbEfXc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYaufoGHHYML73MBVxOn02VREogghH7VYFHSuxbG0oNCgdjpbEfXc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYaufoGHHYML73MBVxOn02VREogghH7VYFHSuxbG0oNCgdjpbEfXc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYaufoGHHYML73MBVxOn02VREogghH7VYFHSuxbG0oNCgdjpbEfXc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYaufoGHHYML73MBVxOn02VREogghH7VYFHSuxbG0oNCgdjpbEfXc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYaufoGHHYML73MBVxOn02VREogghH7VYFHSuxbG0oNCgdjpbEfXc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYaufoGHHYML73MBVxOn02VREogghH7VYFHSuxbG0oNCgdjpbEfXc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYaufoGHHYML73MBVxOn02VREogghH7VYFHSuxbG0oNCgdjpbEfXc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYaufoGHHYML73MBVxOn02VREogghH7VYFHSuxbG0oNCgdjpbEfXc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYaufoGHHYML73MBVxOn02VREogghH7VYFHSuxbG0oNCgdjpbEfXc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYaufoGHHYML73MBVxOn02VREogghH7VYFHSuxbG0oNCgdjpbEfXc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYaufoGHHYML73MBVxOn02VREogghH7VYFHSuxbG0oNCgdjpbEfXc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYaufoGHHYML73MBVxOn02VREogghH7VYFHSuxbG0oNCgdjpbEfXc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYaufoGHHYML73MBVxOn02VREogghH7VYFHSuxbG0oNCgdjpbEfXc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYaufoGHHYML73MBVxOn02VREogghH7VYFHSuxbG0oNCgdjpbEfXc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYaufoGHHYML73MBVxOn02VREogghH7VYFHSuxbG0oNCgdjpbEfXc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYaufoGHHYML73MBVxOn02VREogghH7VYFHSuxbG0oNCgdjpbEfXc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYaufoGHHYML73MBVxOn02VREogghH7VYFHSuxbG0oNCgdjpbEfXc&google_cver=1

Request Chain 176

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXTiSA1vEw1ZDZLsOm9izk&google_cver=1

Request Chain 177

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfIljyx7NsIcKfpPEJg8wQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXTiSA1vEw1ZDZLsOm9izk&google_cver=1

Request Chain 178

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEeXBldVAeNzhuivrQt0Kns&google_cver=1

Request Chain 179

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYxNTUyMDE4NjAxNDg4NDY0OA%3D%3D

Request Chain 183

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPcYtCrA_xE7AclwIAPEmJs&google_cver=1

Request Chain 185

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEC7kvrOrYdunf_-INevO7D0&google_cver=1

Request Chain 214

https://pbjs.e-planning.net/pbjs/1/480f9/1/www.superlutas.com.br/ROS?rnd=0.3812345957429779&e=728x90_0%3A728x90%2C970x90&ur=https%3A%2F%2Fwww.superlutas.com.br%2F&pbv=5.20.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.superlutas.com.br%2F HTTP 302
https://pbjs.e-planning.net/hb/1/480f9/1/www.superlutas.com.br/ROS?ct=1&r=pbjs&rnd=0.3812345957429779&e=728x90_0%3A728x90%2C970x90&ur=https%3A%2F%2Fwww.superlutas.com.br%2F&pbv=5.20.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.superlutas.com.br%2F

Request Chain 222

https://sender.clevernt.com/transporter/20672.php?ppuc=1&ppu=0&id=344077&ref=aHR0cHM6Ly93d3cuc3VwZXJsdXRhcy5jb20uYnIv&ruri=&r=173350387&tok=950762180122267059&iv=-1&ctr=DE&sz=1200&wn=VxUhXbGs&res=1600x1200&landing=1&hei=360&ts=0.461 HTTP 302
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00976624

Request Chain 229

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEE2Tnv4-xtnXoOxrMY_wal4&google_cver=1&google_push=AYg5qPJbEqcH7gG8gxfkq0uThQXBa9lk7RFDLQuFDqPC5r2yoCrEn4ikm0zLjnTQ2gimsAKet-cS1TrtLyN2-nGagyqyb3MdkO7kaw HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJbEqcH7gG8gxfkq0uThQXBa9lk7RFDLQuFDqPC5r2yoCrEn4ikm0zLjnTQ2gimsAKet-cS1TrtLyN2-nGagyqyb3MdkO7kaw&google_hm=s_HDzQxZc3Wu5PLgSJm-gw

Request Chain 230

https://d.agkn.com/pixel/2175/?google_gid=CAESEGCO05SPlKfOtQ9-BcAo97c&google_cver=1&google_push=AYg5qPJYQkSQ8TWSHxvNfMHyjDv3RRToCm3D0jbnmcnmms-rmVRebNUy-0Au30IBMXh2aKCabQ2rY1O6P6SxHNoM1TsoXu-YmG8e HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJYQkSQ8TWSHxvNfMHyjDv3RRToCm3D0jbnmcnmms-rmVRebNUy-0Au30IBMXh2aKCabQ2rY1O6P6SxHNoM1TsoXu-YmG8e&google_hm=Q0FFU0VHQ08wNVNQbEtmT3RROS1CY0FvOTdj

Request Chain 232

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEI5BajGtKum_2MzPNvk2fMM&google_cver=1&google_push=AYg5qPKa0sSIAoTCX-Ghhxp3mAPj_OEcsv-yzGUUjGixbcfHZKla15rX_Lzzx51RGtecC3D6BqoH2NyQwAKM6mk-jLNpohcXo6oANQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GLtwrVIJTRCiRud7zsM-pw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKa0sSIAoTCX-Ghhxp3mAPj_OEcsv-yzGUUjGixbcfHZKla15rX_Lzzx51RGtecC3D6BqoH2NyQwAKM6mk-jLNpohcXo6oANQ

Request Chain 233

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOx8iZrA3rEa--aKeZocFas&google_cver=1&google_push=AYg5qPJjuD_30Tt3Gn1lDCB_RedFfV2ANObBWHEZKDDkJa6wUAEmZNIBakw6hv9JosdWnZRgZuv4wyaHtbiaMtut36JV93Ch2tdDJA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lXSTVCRDgtMjQtMktJTw==&google_push=AYg5qPJjuD_30Tt3Gn1lDCB_RedFfV2ANObBWHEZKDDkJa6wUAEmZNIBakw6hv9JosdWnZRgZuv4wyaHtbiaMtut36JV93Ch2tdDJA

Request Chain 234

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQHmm1jshMVREbqWPORbYslQfN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQHmm1jshMVREbqWPORbYslQfN&google_gid=CAESEKCFKH5XurrECYwvGH_WWww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQHmm1jshMVREbqWPORbYslQfN&google_gid=CAESEKCFKH5XurrECYwvGH_WWww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQHmm1jshMVREbqWPORbYslQfN&google_gid=CAESEKCFKH5XurrECYwvGH_WWww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQHmm1jshMVREbqWPORbYslQfN&google_gid=CAESEKCFKH5XurrECYwvGH_WWww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQHmm1jshMVREbqWPORbYslQfN&google_gid=CAESEKCFKH5XurrECYwvGH_WWww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQHmm1jshMVREbqWPORbYslQfN&google_gid=CAESEKCFKH5XurrECYwvGH_WWww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQHmm1jshMVREbqWPORbYslQfN&google_gid=CAESEKCFKH5XurrECYwvGH_WWww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQHmm1jshMVREbqWPORbYslQfN&google_gid=CAESEKCFKH5XurrECYwvGH_WWww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQHmm1jshMVREbqWPORbYslQfN&google_gid=CAESEKCFKH5XurrECYwvGH_WWww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQHmm1jshMVREbqWPORbYslQfN&google_gid=CAESEKCFKH5XurrECYwvGH_WWww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQHmm1jshMVREbqWPORbYslQfN&google_gid=CAESEKCFKH5XurrECYwvGH_WWww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQHmm1jshMVREbqWPORbYslQfN&google_gid=CAESEKCFKH5XurrECYwvGH_WWww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQHmm1jshMVREbqWPORbYslQfN&google_gid=CAESEKCFKH5XurrECYwvGH_WWww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQHmm1jshMVREbqWPORbYslQfN&google_gid=CAESEKCFKH5XurrECYwvGH_WWww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQHmm1jshMVREbqWPORbYslQfN&google_gid=CAESEKCFKH5XurrECYwvGH_WWww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQHmm1jshMVREbqWPORbYslQfN&google_gid=CAESEKCFKH5XurrECYwvGH_WWww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQHmm1jshMVREbqWPORbYslQfN&google_gid=CAESEKCFKH5XurrECYwvGH_WWww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQHmm1jshMVREbqWPORbYslQfN&google_gid=CAESEKCFKH5XurrECYwvGH_WWww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQHmm1jshMVREbqWPORbYslQfN&google_gid=CAESEKCFKH5XurrECYwvGH_WWww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQHmm1jshMVREbqWPORbYslQfN&google_gid=CAESEKCFKH5XurrECYwvGH_WWww

Request Chain 235

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEO0VhqjfFJEl3vVY5f5Rzm8&google_cver=1&google_push=AYg5qPLYfWA1pRWq8c3N4Bsw2-j-VmcOaL9gekHiLxME_ggusoK_XT7P6mP7Q3E9pX5BLVWNr4_3DixQynW0Xndr5yeJt5_038GbhOI HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLYfWA1pRWq8c3N4Bsw2-j-VmcOaL9gekHiLxME_ggusoK_XT7P6mP7Q3E9pX5BLVWNr4_3DixQynW0Xndr5yeJt5_038GbhOI&google_hm=

Request Chain 244

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEE2Tnv4-xtnXoOxrMY_wal4&google_cver=1&google_push=AYg5qPJMpeNQr9Lt0SN6Rq_2xhXTcr1PIrOscXNBDNV1mGzhbL7cE4V8RYe-C5F0Y7umw0VgaM3vh1UH8kXh7RM8Ni_irwoHWL8e HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJMpeNQr9Lt0SN6Rq_2xhXTcr1PIrOscXNBDNV1mGzhbL7cE4V8RYe-C5F0Y7umw0VgaM3vh1UH8kXh7RM8Ni_irwoHWL8e&google_hm=s_HDzQxZc3Wu5PLgSJm-gw

Request Chain 245

https://d.agkn.com/pixel/2175/?google_gid=CAESEGCO05SPlKfOtQ9-BcAo97c&google_cver=1&google_push=AYg5qPLkScrhf8RL-_ZsY0Nztktu28o2wCEVCGhKYE9Rg3t3XzO6HUYJSP5WhVFEJmWGU4VR-Z57P1vTos1GvPLMPlqDOQJOrHT5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLkScrhf8RL-_ZsY0Nztktu28o2wCEVCGhKYE9Rg3t3XzO6HUYJSP5WhVFEJmWGU4VR-Z57P1vTos1GvPLMPlqDOQJOrHT5&google_hm=Q0FFU0VHQ08wNVNQbEtmT3RROS1CY0FvOTdj

Request Chain 246

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKqdAAwfi_kK2OYEm-FD2mcXgAcCVYqtffm1SDXdwRWVPdzkToSfrk1z3xDz1MvMScLtsJEyNqvXN-FFOWssS5QaDMU4bvI&google_gid=CAESEHjxlSsyAUTCewVKnsuGWok&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKqdAAwfi_kK2OYEm-FD2mcXgAcCVYqtffm1SDXdwRWVPdzkToSfrk1z3xDz1MvMScLtsJEyNqvXN-FFOWssS5QaDMU4bvI&google_gid=CAESEHjxlSsyAUTCewVKnsuGWok&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAxMjcwNDU0NDAwMDAxNjUwMDU1OTE1Nw%3D%3D&google_push=AYg5qPKqdAAwfi_kK2OYEm-FD2mcXgAcCVYqtffm1SDXdwRWVPdzkToSfrk1z3xDz1MvMScLtsJEyNqvXN-FFOWssS5QaDMU4bvI

Request Chain 248

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEI5BajGtKum_2MzPNvk2fMM&google_cver=1&google_push=AYg5qPKmbXuuyzgya0YR2bXIYd9zMwe8S22H2Umid2ViNWmDPWdAMbTO3524eD3GCOpinyi4Qv7FUOd_3Twf0zG6CcuL89VU4mz9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GLtwrVIJTRCiRud7zsM-pw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKmbXuuyzgya0YR2bXIYd9zMwe8S22H2Umid2ViNWmDPWdAMbTO3524eD3GCOpinyi4Qv7FUOd_3Twf0zG6CcuL89VU4mz9

Request Chain 249

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOx8iZrA3rEa--aKeZocFas&google_cver=1&google_push=AYg5qPKRVaxa_k9q5_b1CIoDqN538xNM2c3YmZQMauHsjHTmhdirkKXSX51Mi3wJao8BozPV255hchicoWKJzJtNeoHBLFcj71sY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lXSTVCRVYtMVgtS1FZVA==&google_push=AYg5qPKRVaxa_k9q5_b1CIoDqN538xNM2c3YmZQMauHsjHTmhdirkKXSX51Mi3wJao8BozPV255hchicoWKJzJtNeoHBLFcj71sY

Request Chain 250

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePBEgGzH1mpYABrNM49oFBA85-GdaJ-6bfq8bIWxYybE_f0bPm6MzBt1eG7Bn0P2VD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePBEgGzH1mpYABrNM49oFBA85-GdaJ-6bfq8bIWxYybE_f0bPm6MzBt1eG7Bn0P2VD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePBEgGzH1mpYABrNM49oFBA85-GdaJ-6bfq8bIWxYybE_f0bPm6MzBt1eG7Bn0P2VD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePBEgGzH1mpYABrNM49oFBA85-GdaJ-6bfq8bIWxYybE_f0bPm6MzBt1eG7Bn0P2VD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePBEgGzH1mpYABrNM49oFBA85-GdaJ-6bfq8bIWxYybE_f0bPm6MzBt1eG7Bn0P2VD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePBEgGzH1mpYABrNM49oFBA85-GdaJ-6bfq8bIWxYybE_f0bPm6MzBt1eG7Bn0P2VD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePBEgGzH1mpYABrNM49oFBA85-GdaJ-6bfq8bIWxYybE_f0bPm6MzBt1eG7Bn0P2VD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePBEgGzH1mpYABrNM49oFBA85-GdaJ-6bfq8bIWxYybE_f0bPm6MzBt1eG7Bn0P2VD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePBEgGzH1mpYABrNM49oFBA85-GdaJ-6bfq8bIWxYybE_f0bPm6MzBt1eG7Bn0P2VD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePBEgGzH1mpYABrNM49oFBA85-GdaJ-6bfq8bIWxYybE_f0bPm6MzBt1eG7Bn0P2VD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePBEgGzH1mpYABrNM49oFBA85-GdaJ-6bfq8bIWxYybE_f0bPm6MzBt1eG7Bn0P2VD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePBEgGzH1mpYABrNM49oFBA85-GdaJ-6bfq8bIWxYybE_f0bPm6MzBt1eG7Bn0P2VD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePBEgGzH1mpYABrNM49oFBA85-GdaJ-6bfq8bIWxYybE_f0bPm6MzBt1eG7Bn0P2VD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePBEgGzH1mpYABrNM49oFBA85-GdaJ-6bfq8bIWxYybE_f0bPm6MzBt1eG7Bn0P2VD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePBEgGzH1mpYABrNM49oFBA85-GdaJ-6bfq8bIWxYybE_f0bPm6MzBt1eG7Bn0P2VD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePBEgGzH1mpYABrNM49oFBA85-GdaJ-6bfq8bIWxYybE_f0bPm6MzBt1eG7Bn0P2VD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePBEgGzH1mpYABrNM49oFBA85-GdaJ-6bfq8bIWxYybE_f0bPm6MzBt1eG7Bn0P2VD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePBEgGzH1mpYABrNM49oFBA85-GdaJ-6bfq8bIWxYybE_f0bPm6MzBt1eG7Bn0P2VD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePBEgGzH1mpYABrNM49oFBA85-GdaJ-6bfq8bIWxYybE_f0bPm6MzBt1eG7Bn0P2VD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePBEgGzH1mpYABrNM49oFBA85-GdaJ-6bfq8bIWxYybE_f0bPm6MzBt1eG7Bn0P2VD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePBEgGzH1mpYABrNM49oFBA85-GdaJ-6bfq8bIWxYybE_f0bPm6MzBt1eG7Bn0P2VD

Request Chain 317

https://eu.sportradarserving.com/content/tvZKo2HLEvz_K9_lEeo-e-hgWp8dZUhlQdg1tSs-dmoyM7IgnDo363iR8AVFN9S-5yvgD5UPlSTeXZeOBSNu75Y-MDGUvHw_4K6k5RM4jqzbvGzSqfgLFYtGhqAAz7MFIrC72PW_gRHGx8mRtdP-954sMwhLgdFlIjy88b-9p5jMqK-no4JB39CwFrNOsEeUgQubtuGpjn3DugEpNy1Sj_xJm6Vu8pT0lKD1j-kVMXi7Knp_3ZGbMZ_1jZr6E2XDHVe4pXK2RqXhhSyiDI2JGiOChr2k65HdoLpSQmLVpgtMqwH0EULw8xrV6RQXbXB_DzQvJp-6dXFYEfZb_fzKLAMTiqPCJzsVvDroqsaUktrPT1D_qDTsS5NbU90ZfnfPTBMbAkcUmplQqcWowHJ1rK0BDSG-ifcHp9NXxEfd0wtpeV7i2EPDrHhmUdRbpOhcYOjIF11N8-PoEZsN8C-yiTGnnUEaBS-Jn-AZxlL613tMIJQx-mYxYUD-W5RQSe8nxXt1Al6ptWhEjZBw7-1hSZrqUpwlSqpvu-hYeA2VFfPt1M8zoyyJYXURH4jeK4Tw6dRFcIS_0yHZk_iNF8g3Slo2KuBom8PuLwYV1e8jdhH8QOjjSumYBVF6HrHAoZHya1OnnNzDdTh0A2P5uxK0ikLVh5N6Rt0UEnCiKRq_TB1jfcrPoeyWcXqqwlmOYUdp0NTkW6q30fQStWUGASzw65OEM3mFj4dEeBJVURB0eOBxCogRwZOOtWHMQaFcGW7w-PVhHIsFrnbKRdl1ZbmSz526q8h1ql2oN69j5_OoC-yMjyTDgGXlOaKgM4KX3Jku-B41gZ64pVx0bXadZAfxQjhGkTByW6MToDx3uc2jmjf-UlCVRG6SJ7kXVT6011h8GcPvycUkd6-PW-bGlo3hsTRimWVwbyh2Rr_gFgSPVcdMXVcZFjs/https%3A%2F%2Fprod-m-node-3113.ssp.advertising.com%2Fadmax%2FadClick.do%3Fdcn%3D8a96983d017575db4b3edb9ac0dc0015%26n%3DYahoo%2BSSP%26id%3Dbbbcbdec287c463099f36c06246877f4%26tid%3D8a96987f017474d53b44d5932547006a%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a96983d017575db4b3edb9d8d750019%26grp%3D%253F%253F%253F%26type%3D0%26nl%3D1643259280216%26rts%3D1643259280143%26ari%3D73b43720f1244b12ac0bbe4c57882b9d%26b%3DMTMyODM7Ozs7Ozs7Mjk4NjI3OTM7Ozs7Ozs7Ozs.%26a%3Dd91a704c28c64d0582eb588719794971%26rdm%3D1%26rd%3D HTTP 302
https://eu.sportradarserving.com/ul_cb/content/tvZKo2HLEvz_K9_lEeo-e-hgWp8dZUhlQdg1tSs-dmoyM7IgnDo363iR8AVFN9S-5yvgD5UPlSTeXZeOBSNu75Y-MDGUvHw_4K6k5RM4jqzbvGzSqfgLFYtGhqAAz7MFIrC72PW_gRHGx8mRtdP-954sMwhLgdFlIjy88b-9p5jMqK-no4JB39CwFrNOsEeUgQubtuGpjn3DugEpNy1Sj_xJm6Vu8pT0lKD1j-kVMXi7Knp_3ZGbMZ_1jZr6E2XDHVe4pXK2RqXhhSyiDI2JGiOChr2k65HdoLpSQmLVpgtMqwH0EULw8xrV6RQXbXB_DzQvJp-6dXFYEfZb_fzKLAMTiqPCJzsVvDroqsaUktrPT1D_qDTsS5NbU90ZfnfPTBMbAkcUmplQqcWowHJ1rK0BDSG-ifcHp9NXxEfd0wtpeV7i2EPDrHhmUdRbpOhcYOjIF11N8-PoEZsN8C-yiTGnnUEaBS-Jn-AZxlL613tMIJQx-mYxYUD-W5RQSe8nxXt1Al6ptWhEjZBw7-1hSZrqUpwlSqpvu-hYeA2VFfPt1M8zoyyJYXURH4jeK4Tw6dRFcIS_0yHZk_iNF8g3Slo2KuBom8PuLwYV1e8jdhH8QOjjSumYBVF6HrHAoZHya1OnnNzDdTh0A2P5uxK0ikLVh5N6Rt0UEnCiKRq_TB1jfcrPoeyWcXqqwlmOYUdp0NTkW6q30fQStWUGASzw65OEM3mFj4dEeBJVURB0eOBxCogRwZOOtWHMQaFcGW7w-PVhHIsFrnbKRdl1ZbmSz526q8h1ql2oN69j5_OoC-yMjyTDgGXlOaKgM4KX3Jku-B41gZ64pVx0bXadZAfxQjhGkTByW6MToDx3uc2jmjf-UlCVRG6SJ7kXVT6011h8GcPvycUkd6-PW-bGlo3hsTRimWVwbyh2Rr_gFgSPVcdMXVcZFjs/https%3A%2F%2Fprod-m-node-3113.ssp.advertising.com%2Fadmax%2FadClick.do%3Fdcn%3D8a96983d017575db4b3edb9ac0dc0015%26n%3DYahoo%2BSSP%26id%3Dbbbcbdec287c463099f36c06246877f4%26tid%3D8a96987f017474d53b44d5932547006a%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a96983d017575db4b3edb9d8d750019%26grp%3D%253F%253F%253F%26type%3D0%26nl%3D1643259280216%26rts%3D1643259280143%26ari%3D73b43720f1244b12ac0bbe4c57882b9d%26b%3DMTMyODM7Ozs7Ozs7Mjk4NjI3OTM7Ozs7Ozs7Ozs.%26a%3Dd91a704c28c64d0582eb588719794971%26rdm%3D1%26rd%3D

Request Chain 328

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=b770fd19-5f45-48f4-8fef-c80d1714da2f HTTP 302
https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=5c506a63-342b-4ada-8352-20ad499a8e94&expires=30

Request Chain 329

https://eb2.3lift.com/xuid?mid=7963&xuid=b770fd19-5f45-48f4-8fef-c80d1714da2f&dongle=3oy7 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7963&xuid=b770fd19-5f45-48f4-8fef-c80d1714da2f&dongle=3oy7&gdpr=1&cmp_cs=&us_privacy=

Request Chain 415

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dca36a3f4-ab18-498a-7f12-9b02bba4c742%26reqId%3D5c4ef559-67ca-4666-78c9-b3e5cbd15584%26zdid%3D1361 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dca36a3f4-ab18-498a-7f12-9b02bba4c742%26reqId%3D5c4ef559-67ca-4666-78c9-b3e5cbd15584%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=61190d7e-293b-46c3-82ba-8cff8564263a&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361

Request Chain 417

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dca36a3f4-ab18-498a-7f12-9b02bba4c742%26reqId%3D5c4ef559-67ca-4666-78c9-b3e5cbd15584%26zdid%3D1361 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dca36a3f4-ab18-498a-7f12-9b02bba4c742%26reqId%3D5c4ef559-67ca-4666-78c9-b3e5cbd15584%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=e109480c-1578-441e-bdf4-86c3c48fb9da&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361

Request Chain 421

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361&s_h=1 HTTP 302
https://mwzeom.zeotap.com/mw?cid=41152c12-cafb-4e7a-a32c-d865bd437c94&zpartnerid=317&gdpr=1&gdpr_consent=

Request Chain 422

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=ca36a3f4-ab18-498a-7f12-9b02bba4c742&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dca36a3f4-ab18-498a-7f12-9b02bba4c742%26reqId%3D5c4ef559-67ca-4666-78c9-b3e5cbd15584%26zdid%3D1361 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=ca36a3f4-ab18-498a-7f12-9b02bba4c742&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dca36a3f4-ab18-498a-7f12-9b02bba4c742%26reqId%3D5c4ef559-67ca-4666-78c9-b3e5cbd15584%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=03098865546276556283380246960718046729&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361

Request Chain 424

https://bn01.er.bemail.it/zeotap.php?_bid=ca36a3f4-ab18-498a-7f12-9b02bba4c742&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=BE1-2022012705-73016-0.238219001643259285-b639bae00ed797e5e272a9433655678f&zdid=533&env=mWeb

Request Chain 425

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dca36a3f4-ab18-498a-7f12-9b02bba4c742%26reqId%3D5c4ef559-67ca-4666-78c9-b3e5cbd15584%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=7057744883630274714&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361

Request Chain 426

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=ca36a3f4-ab18-498a-7f12-9b02bba4c742 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=ca36a3f4-ab18-498a-7f12-9b02bba4c742

Request Chain 427

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=ca36a3f4-ab18-498a-7f12-9b02bba4c742&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dca36a3f4-ab18-498a-7f12-9b02bba4c742%26reqId%3D5c4ef559-67ca-4666-78c9-b3e5cbd15584%26zdid%3D1361 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=ca36a3f4-ab18-498a-7f12-9b02bba4c742&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dca36a3f4-ab18-498a-7f12-9b02bba4c742%26reqId%3D5c4ef559-67ca-4666-78c9-b3e5cbd15584%26zdid%3D1361&bounce=1&random=4212798228 HTTP 302
https://mwzeom.zeotap.com/mw?webouuid=hd124n9C0kw4H0mdqRDvIe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361

Request Chain 429

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=ca36a3f4-ab18-498a-7f12-9b02bba4c742?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=ca36a3f4-ab18-498a-7f12-9b02bba4c742?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?pid=6ab363a347e5f58010347d2297af5711&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361

Request Chain 430

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
https://mwzeom.zeotap.com/mw?cid=y-WFfqHgFE2opfs8K1B7EuZNZXlS5Y1HnFYg--~A&zpartnerid=570&env=mWeb

Request Chain 431

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=Yy2MPw3zl0zHY2WMoplqVWaN9GckQo8d%2BS41iYitP1U%3D

Request Chain 435

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dca36a3f4-ab18-498a-7f12-9b02bba4c742%26reqId%3D5c4ef559-67ca-4666-78c9-b3e5cbd15584%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YfIllAABnN9bhABB&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361

Request Chain 436

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dca36a3f4-ab18-498a-7f12-9b02bba4c742%26reqId%3D5c4ef559-67ca-4666-78c9-b3e5cbd15584%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=8f6761f2-2594-4200-bca9-4f731221a2ce&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361

Request Chain 437

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361

Request Chain 438

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=ca36a3f4-ab18-498a-7f12-9b02bba4c742&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=ca36a3f4-ab18-498a-7f12-9b02bba4c742&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361&dcc=t

Request Chain 440

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dca36a3f4-ab18-498a-7f12-9b02bba4c742%26reqId%3D5c4ef559-67ca-4666-78c9-b3e5cbd15584%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361

Request Chain 442

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWNkNGQyNGRmZjI5MWViMWQzYzc3NDBjZTc2YzZlZWVlOTFlZTQ5NA

Request Chain 443

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YfIllAABnN9bhABB HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfIllAABnN9bhABB&_test=YfIllAABnN9bhABB

Request Chain 444

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lXSTVCU1ctVC05TkRG

Request Chain 445

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYWI5BSW-T-9NDF&sigv=1&esig=2~48acf00b9e259a7843fe6655555a9c53529eb7d5

Request Chain 446

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=8f6761f2-2594-4200-bca9-4f731221a2ce

Request Chain 449

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/5hvc01C7ApVyKVCKd5Ajbg?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4619165362298983510

439 HTTP transactions
18 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.superlutas.com.br/
Redirect Chain

http://www.superlutas.com.br/
https://www.superlutas.com.br/

65 KB
16 KB

590ms
547ms

Document
text/html

2606:4700:20::ac43:47d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d50be545e504ede91823cd34334b772e0760ac365682ba351d7c6cd1a514a72

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 27 Jan 2022 04:54:37 GMT
content-type: text/html; charset=UTF-8
cf-ray: 6d3f625209e0927d-FRA
cache-control: max-age=300
last-modified: Thu, 27 Jan 2022 03:49:29 GMT
link: <https://www.superlutas.com.br/wp-json/>; rel="https://api.w.org/", <https://www.superlutas.com.br/wp-json/wp/v2/pages/134874>; rel="alternate"; type="application/json", <https://www.superlutas.com.br/>; rel=shortlink
vary: Accept-Encoding
cf-cache-status: HIT
cf-apo-via: tcache
cf-edge-cache: cache,platform=wordpress
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qY394CjkBDkMCCW3XiJEV9%2Fvy5TBRg4GNPX57j2FGQtAhmROy51eXKZRGJuJ3i2%2BBG1uMWA%2BxjiHOyDmHuDSnluic1O7Rf3Pm5pzeuc6IxdeLQlhLpGQZH5UUvVxmBGLBhM4vifnBAk8PLHKvmAdeyF7%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br

Redirect headers

Date: Thu, 27 Jan 2022 04:54:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.superlutas.com.br/
CF-Ray: 6d3f624c5d789250-FRA
Cache-Control: max-age=3600
Expires: Thu, 27 Jan 2022 05:41:38 GMT
CF-Cache-Status: BYPASS
cf-apo-via: origin,no-cache
cf-edge-cache: cache,platform=wordpress
X-Redirect-By: WordPress
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wIL9YLFXLG7LGY0P5OB7rGejSDFG%2BhNo1lz3MUBci51xRSP2Z6muNMJQ1Ww3%2Ftoz3aAAnYR6ywEuo2U2NCE2Eh%2FoZyu8VL1PU3QC2jNwaMZJjaA58z0K%2BVbkYoN35JSnNgPLdv77JtoPifBwowVJsT3a%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare

GET
H2 200 style.css
www.superlutas.com.br/wp-content/themes/SUPER-LUTAS/ 424 KB
425 KB 27ms
25ms Stylesheet
text/css 2606:4700:20::ac43:47d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.superlutas.com.br/wp-content/themes/SUPER-LUTAS/style.css?v=2.0
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5f6687ab91ee7e7cba84119f995cd00eff17a925ad5529bacb9d2f70ec4e7fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3426
cf-polished: origSize=541454
cf-bgj: minify
last-modified: Fri, 19 Nov 2021 16:33:16 GMT
server: cloudflare
etag: W/"6197d1cc-8430e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQap4EtSdw9SVNadsfWOpb3jygP0HwOdRiaYl%2FT%2FQdWN7W20TMrwMtPKIazKaiJU4WkhMxNA%2FQ0CBklB0Xg%2FjciB3hJ7%2B4J6mFfWcEWbWikk2fJkqr7954ucCM%2F4hiJvKcvFKJYWl%2FX8ApKxi6MWFo%2FHlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, no-transform
cf-ray: 6d3f62558f19927d-FRA
expires: Sat, 26 Feb 2022 03:33:48 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 68ms
23ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4783
date: Thu, 27 Jan 2022 03:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 27 Jan 2022 05:34:54 GMT

GET
H2 200 style.min.css
c0.wp.com/c/5.8.3/wp-includes/css/dist/block-library/ 79 KB
10 KB 63ms
19ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.3/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Thu, 27 Jan 2022 04:54:37 GMT
content-encoding: br
last-modified: Wed, 01 Sep 2021 04:05:58 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 27 Jan 2023 04:54:37 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
c0.wp.com/c/5.8.3/wp-includes/js/mediaelement/ 11 KB
2 KB 66ms
22ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.3/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Thu, 27 Jan 2022 04:54:37 GMT
content-encoding: br
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 27 Jan 2023 04:54:37 GMT

GET
H2 200 wp-mediaelement.min.css
c0.wp.com/c/5.8.3/wp-includes/js/mediaelement/ 4 KB
1 KB 67ms
23ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.3/wp-includes/js/mediaelement/wp-mediaelement.min.css

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Thu, 27 Jan 2022 04:54:37 GMT
content-encoding: br
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 27 Jan 2023 04:54:37 GMT

GET
H2 200 styles.css
www.superlutas.com.br/wp-content/plugins/contact-form-7/includes/css/ 2 KB
3 KB 48ms
47ms Stylesheet
text/css 2606:4700:20::ac43:47d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.superlutas.com.br/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.2
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb12708d973e6b9354f367a6780e5a166b0da7d2721d856da7f9d57130883eaa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3427
cf-polished: origSize=2731
cf-bgj: minify
last-modified: Wed, 27 Oct 2021 10:06:14 GMT
server: cloudflare
etag: W/"61792496-aab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CN3g3Z65n6BiPUsMnJ9Gs%2BZL%2FBbv%2F76FFm2ttAVWPUNcyfNWbxUhsNozC5fh0QCBZbOWaQHGMJ2V8ipBs3sIkimmgm7XVSNvnk%2FX2fFGsl4bKy87f%2Bu9eIuH8PGW6ElG96xTn%2BWJEVAfw6YE9IvTmqz3gw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, no-transform
cf-ray: 6d3f62558f1d927d-FRA
expires: Sat, 26 Feb 2022 03:33:48 GMT

GET
H2 200 widget-options.css
www.superlutas.com.br/wp-content/plugins/widget-options/assets/css/ 1 KB
1 KB 48ms
47ms Stylesheet
text/css 2606:4700:20::ac43:47d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.superlutas.com.br/wp-content/plugins/widget-options/assets/css/widget-options.css
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8704f607741a4e0a4d82cf024d026c9e7c1d65241250c2223f31dca29a07dc15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3426
cf-polished: origSize=1047
cf-bgj: minify
last-modified: Wed, 27 Oct 2021 10:07:06 GMT
server: cloudflare
etag: W/"617924ca-417"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q55pHevnPEa6jwSfsnS41V%2FKPteeIIahzxYp%2B9KmZQLcRNr7TsI77VjbYRYlwmwJj%2BR319Bi5VLePz2uIgFyj75%2FDC0tuyitye%2FgerzRwzcQsLiyCjBID1Tb3%2FGDMtyS0Nnmg4qWOnxEhdZRkyyQz%2BrklQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, no-transform
cf-ray: 6d3f62558f1f927d-FRA
expires: Sat, 26 Feb 2022 03:33:48 GMT

GET
H2 200 twitter-feed.css
www.superlutas.com.br/wp-content/plugins/wp-to-twitter/css/ 1 KB
2 KB 47ms
46ms Stylesheet
text/css 2606:4700:20::ac43:47d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.superlutas.com.br/wp-content/plugins/wp-to-twitter/css/twitter-feed.css?ver=5.8.3
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a53bc33c39273359690f66fe69169c7f21746854db5a1541fb76bd1313e2122

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3426
cf-polished: origSize=1742
cf-bgj: minify
last-modified: Wed, 27 Oct 2021 10:07:21 GMT
server: cloudflare
etag: W/"617924d9-6ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AEYxp%2Bjvi1FhHQyXSaWYZipdRPblgyoBXTaNhJOYVZ%2B5b626bfXTxmSEhPj6kRYxFK5wpHN2eznrqpihfyVxffu%2Bmel0uwb%2BVgRTXGkm46cvnoAEixQ0roLJEpRXpfJ1stSTOAnvHrrmLbuaOV8k7p9w%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, no-transform
cf-ray: 6d3f62558f21927d-FRA
expires: Sat, 26 Feb 2022 03:33:48 GMT

GET
H2 200 pagenavi-css.css
www.superlutas.com.br/wp-content/plugins/wp-pagenavi/ 237 B
582 B 48ms
47ms Stylesheet
text/css 2606:4700:20::ac43:47d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.superlutas.com.br/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac653be90fb56d873b635506f8b8415893d82e0d60c2eec2f911b2ba15bf374e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3426
cf-polished: origSize=374
cf-bgj: minify
last-modified: Wed, 07 Jul 2021 00:13:53 GMT
server: cloudflare
etag: W/"60e4f1c1-176"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qGVh8tC7OSBxOBPZURk%2BwhKBQ2Zug3o2yjzBaSp5iOCMrG%2BDEtvkHMP0SWQiOCjLmY403oGbJS%2BrNwzLCZtLc5w%2FlJHxmnEpjQ6cgb5ZBq%2BxdgCxsKugAmz7Uz1WsgfaEKk%2BieWHcbrSgLw6MrZlD2lGsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, no-transform
cf-ray: 6d3f62558f24927d-FRA
expires: Sat, 26 Feb 2022 03:33:48 GMT

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/10.2.1/css/ 85 KB
16 KB 66ms
23ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/10.2.1/css/jetpack.css

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

41b60d2262cffca90f6cd644983a2d813336dc959558bdd6ae54b35ef06dd9fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Thu, 27 Jan 2022 04:54:37 GMT
content-encoding: br
last-modified: Tue, 19 Oct 2021 15:50:40 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 27 Jan 2023 04:54:37 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 93ms
49ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3913508766075927

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0b415f24d1f921366b08460962bb172be109898b899f496f410baa1f46d27c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.superlutas.com.br/
Origin: https://www.superlutas.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51938
x-xss-protection: 0
server: cafe
etag: 4411547152030926670
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 27 Jan 2022 04:54:37 GMT

GET
H2 200 metrics.js Show response
www.terra.com.br/globalSTATIC/fe/zaz-app-t360-navbar-partner/_js/ 7 KB
2 KB 519ms
40ms Script
application/x-javascript 2a02:26f0:ab00::b819:3290
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.terra.com.br/globalSTATIC/fe/zaz-app-t360-navbar-partner/_js/metrics.js

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::b819:3290 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4d7c41c21c7d77c53b8a9e92cf7f30fbbf145e382914814f2e9baf155188c857

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-mt-cache: HIT
strict-transport-security: max-age=15552000
content-encoding: gzip
x-content-type-options: nosniff
x-cdnterra-cache-status: HIT
content-length: 2122
last-modified: Fri, 15 Oct 2021 15:07:02 GMT
date: Thu, 27 Jan 2022 04:54:38 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: content-type, x-cache
cache-control: max-age=3600, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type

GET
H2 200 script Show response
www.terra.com.br/api/igniter/ 2 KB
1 KB 679ms
48ms Script
text/javascript 2a02:26f0:ab00::b819:3290
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.terra.com.br/api/igniter/script?s=t360.navbar.partners&p=static&async=true

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::b819:3290 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

66361f1248dade7dc2d25dd6b33a49022fb5abe742870fc529054c87a08c2cbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-mt-cache: HIT
strict-transport-security: max-age=15552000
x-http-reason: OK
x-igniter-uuid: 436b5c28-82ff-4590-b9ab-9c5edf55daa2
x-xact-uuid: 08b95dea-8bdc-48b5-8f66-f1364759c9f0
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
x-xact-montador-time: 1643259264
cache-control: max-age=30, stale-while-revalidate=60, stale-if-error=864000
date: Thu, 27 Jan 2022 04:54:38 GMT
content-encoding: br
content-length: 863

GET
H2 200 logo-1.png
www.superlutas.com.br/wp-content/uploads/2021/01/ 2 KB
3 KB 44ms
41ms Image
image/webp 2606:4700:20::ac43:47d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.superlutas.com.br/wp-content/uploads/2021/01/logo-1.png
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08e301b211d138364f27411566def4d6d53d0d61369ac1935f0013a86a1e89b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 586
cf-polished: origFmt=png, origSize=4201
content-disposition: inline; filename="logo-1.webp"
content-length: 2130
last-modified: Wed, 07 Jul 2021 00:14:53 GMT
server: cloudflare
etag: "60e4f1fd-1069"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uPPi74C9U5X6BKM4dx6fE%2Fwcoqlnydz46MieDDH5yKkIU31ZozIp8gjE22grwdWGeQUob7Uuzinuih2FO0aXmDeCyNEyc6LBtNNpsB4msJgLbqXi3BPiRgfbDPnKfzOfpkAhDjTZY2JcPV4lAY2%2BX9UvKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Sat, 26 Feb 2022 03:53:02 GMT
cache-control: public, max-age=2592000, no-transform
accept-ranges: bytes
cf-ray: 6d3f625698e8927d-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 82ms
54ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

defd4ee95d5d0a9a529ae51b233030b445319c070575dce0ed7f991bdb6cd77f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52525
x-xss-protection: 0
server: cafe
etag: 11499166081368866153
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 27 Jan 2022 04:54:37 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 195 KB
68 KB 128ms
25ms Script
application/x-javascript 2.21.142.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.142.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-142-172.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 620c437e3104733f97d8385ea7b85b7a2d2dcaf73f485cc75b6fdc68d3e15337

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:37 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 08:58:46 GMT
etag: "32-JTptxijzmHyT4io6IuDphgPxLrw"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah-stg
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: 92bb67bff2bf12952811ed83646f6f05
timing-allow-origin: *, *
content-length: 68854

GET
H2 200 regenerator-runtime.min.js Show response
c0.wp.com/c/5.8.3/wp-includes/js/dist/vendor/ 6 KB
2 KB 17ms
16ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.3/wp-includes/js/dist/vendor/regenerator-runtime.min.js

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Thu, 27 Jan 2022 04:54:37 GMT
content-encoding: br
last-modified: Wed, 23 Jun 2021 00:06:13 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 27 Jan 2023 04:54:37 GMT

GET
H2 200 wp-polyfill.min.js Show response
c0.wp.com/c/5.8.3/wp-includes/js/dist/vendor/ 16 KB
6 KB 18ms
15ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.3/wp-includes/js/dist/vendor/wp-polyfill.min.js

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Thu, 27 Jan 2022 04:54:37 GMT
content-encoding: br
last-modified: Mon, 14 Jun 2021 23:18:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 27 Jan 2023 04:54:37 GMT

GET
H2 200 index.js Show response
www.superlutas.com.br/wp-content/plugins/contact-form-7/includes/js/ 12 KB
4 KB 32ms
27ms Script
application/javascript 2606:4700:20::ac43:47d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.superlutas.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.2
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0ba7e2275cddbdf3d2473a60565d950efb8474ba7bda393cc64f56ff39d85ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 27 Oct 2021 10:06:14 GMT
server: cloudflare
age: 3426
etag: W/"61792496-2e56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6jZlr196FAXhBzFMDnsSSHKw3x4kVXKiQ4Gqx4X%2FIijXrNn5098M8VjeS2CDWUzgfSwnFeNJPlKSc1H9lnZc3VqF6pQbWQ%2FORZSmfU%2BbBh0SU4XfiMVxDexAzaSzX4F%2BZLxBEpG%2FqXM%2FD21v%2F9ZooSP7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2592000, no-transform
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d3f625688b5927d-FRA
expires: Sat, 26 Feb 2022 03:33:48 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/ 248 KB
67 KB 71ms
19ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js?ver=5.8.3

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:52:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 547316
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67948
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Jan 2023 20:52:41 GMT

GET
H2 200 selectivizr-min.js Show response
www.superlutas.com.br/wp-content/themes/SUPER-LUTAS/js/ 5 KB
3 KB 35ms
31ms Script
application/javascript 2606:4700:20::ac43:47d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.superlutas.com.br/wp-content/themes/SUPER-LUTAS/js/selectivizr-min.js?ver=5.8.3
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1f17fea7cee4a9ae74981b2930b10a3aafd713f4564080def24e5fb8342a338

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 11 Jul 2021 01:36:28 GMT
server: cloudflare
age: 3426
etag: W/"60ea4b1c-12e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BcsDGf8Y1arkfATxzPdpPUCssxB4eXv%2Bv3kXZh%2BpwY6vp%2FRvm8kjjETYHJfWGBNWtb9ocJ%2BiinPNkL8Kct5QYm4VEGwc1vUh9v2tGJHYUJSrnbybOMtwnh08qU1a0HTiCY18qQXsfzkFclqDdljOaeXz%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2592000, no-transform
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d3f625688b8927d-FRA
expires: Sat, 26 Feb 2022 03:33:48 GMT

GET
H2 200 bootstrap.min.js Show response
www.superlutas.com.br/wp-content/themes/SUPER-LUTAS/js/ 62 KB
15 KB 35ms
30ms Script
application/javascript 2606:4700:20::ac43:47d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.superlutas.com.br/wp-content/themes/SUPER-LUTAS/js/bootstrap.min.js?ver=5.8.3
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 11 Jul 2021 01:36:21 GMT
server: cloudflare
age: 3426
etag: W/"60ea4b15-f708"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RbAXmMxJBsOqCT3aXHEOsMH8SwaweM%2B%2Br0S%2B6r%2BdKFKsANgAcV4wP62xiXIe%2BS5izDwfs38GoCqmKzuOyPi11AaNeiEIvDgcmtGJ2RFyEfpeRRotT97rdXwKiy5qXsCXFjylYQFPMqGc5PMMQvCcbkbpAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2592000, no-transform
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d3f625688bc927d-FRA
expires: Sat, 26 Feb 2022 03:33:48 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
www.superlutas.com.br/wp-content/themes/SUPER-LUTAS/js/ 82 KB
22 KB 33ms
28ms Script
application/javascript 2606:4700:20::ac43:47d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.superlutas.com.br/wp-content/themes/SUPER-LUTAS/js/bootstrap.bundle.min.js?ver=5.8.3
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 11 Jul 2021 01:36:20 GMT
server: cloudflare
age: 3426
etag: W/"60ea4b14-148b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1ouMowv3AvJYFVhqCAdQ9CehkIIG8TpCf9mcr%2F1yZPpWSNEXKm4%2Fg5P2blZt9Yw8x1yCb%2FmuJT3THDhJ%2B1tdi8HJHXEsJIz2gvPiQnzrA9iugK05Dh%2BOFU26uU%2FoKHe55SXPej62QVSnRhuBjYd8B7WkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2592000, no-transform
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d3f625688be927d-FRA
expires: Sat, 26 Feb 2022 03:33:48 GMT

GET
H2 200 unitegallery.min.js Show response
www.superlutas.com.br/wp-content/themes/SUPER-LUTAS/js/ 246 KB
66 KB 38ms
34ms Script
application/javascript 2606:4700:20::ac43:47d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.superlutas.com.br/wp-content/themes/SUPER-LUTAS/js/unitegallery.min.js?ver=5.8.3
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 008c7214948b806fd353deeb13537318d2842e8fa226ead52ca429dca5de3555

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 11 Jul 2021 01:36:31 GMT
server: cloudflare
age: 3426
etag: W/"60ea4b1f-3d6a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v823PdXWD3IoWbAKoakIr1D%2BKF2zutqx0Szo8Ax81SPEpQkYjKk9b%2BC%2F%2FpANSyXkShmGDa8%2F1atIDGL85FXcgcFtn5JOQi%2Fw1zR1C4lMq070iYqVV1qVlOScY79qF8hE%2Fy1%2BECutthNAZ1ecmNo0gIs0hQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2592000, no-transform
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d3f625688c0927d-FRA
expires: Sat, 26 Feb 2022 03:33:48 GMT

GET
H2 200 ug-theme-video.js Show response
www.superlutas.com.br/wp-content/themes/SUPER-LUTAS/js/ 10 KB
3 KB 35ms
31ms Script
application/javascript 2606:4700:20::ac43:47d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.superlutas.com.br/wp-content/themes/SUPER-LUTAS/js/ug-theme-video.js?ver=5.8.3
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb64d27112cc6d848c4c24a2648c94aaa77f6d9ad5e6cf2b4cf2159cddb18cdf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 11 Jul 2021 01:36:29 GMT
server: cloudflare
age: 11078
etag: W/"60ea4b1d-281a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tzf9DB2TqrLmcU4RUn%2Bqetrm%2FmETDfDo58XFyt6ZBR0vEf8%2F1ah7Mz0ymXABTQn7xy8vk%2FAnm5QxkGpkZN02w45tsiUGp1YIfWfD07ZQUPZ9VoQYNwcgtaIVRlMYNITrh0%2FjGr0Z7u5Kvtmvd02rsCjCuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2592000, no-transform
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d3f625688c3927d-FRA
expires: Sat, 26 Feb 2022 01:33:38 GMT

GET
H2 200 readmore.min.js Show response
www.superlutas.com.br/wp-content/themes/SUPER-LUTAS/js/ 4 KB
2 KB 36ms
32ms Script
application/javascript 2606:4700:20::ac43:47d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.superlutas.com.br/wp-content/themes/SUPER-LUTAS/js/readmore.min.js?ver=5.8.3
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca0cfb44f264240f4632457fd572a22b91847de9d739d9048f6ca18bc2d18a95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 11 Jul 2021 01:36:25 GMT
server: cloudflare
age: 3426
etag: W/"60ea4b19-1155"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hR94LjDCLlzb%2BEGFnrpsF0T1eD6FkI7OWMIGSxeWnQJZSpsHFoVeFmayMXbkM%2B9qlMxp9dlFDsnQvCW13v9KsLe8rWE3o4VbBW8eDQiMS3%2FGtoewjopVEj6T7Z5pCKz5ZZeAmASG9P9rrFXNS0hw8DqZxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2592000, no-transform
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d3f625688c7927d-FRA
expires: Sat, 26 Feb 2022 03:33:48 GMT

GET
H2 200 actions.js Show response
www.superlutas.com.br/wp-content/themes/SUPER-LUTAS/js/ 2 KB
876 B 43ms
39ms Script
application/javascript 2606:4700:20::ac43:47d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.superlutas.com.br/wp-content/themes/SUPER-LUTAS/js/actions.js?v2&ver=5.8.3
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad583ca6d24fbe531f8175f180a9872aa879b28679d758dad2d618c0f787aacf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 11 Jul 2021 01:36:19 GMT
server: cloudflare
age: 3426
etag: W/"60ea4b13-633"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1SmTxAeXgvOrL936fk4P2w%2BHghXPSa43gOSlEjiOu3I%2Bcp%2FnHVS2fDClaRu6I%2FCIlaM1O3S4qzyD4RWbswguMPq7CURqF9vrBmTZTGq5UCacVNsQKghD%2F%2FSageXl2BCknEKrWt843j0E2a%2BNmqae2xpHKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2592000, no-transform
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d3f625688c9927d-FRA
expires: Sat, 26 Feb 2022 03:33:48 GMT

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/5.8.3/wp-includes/js/jquery/ 87 KB
30 KB 22ms
18ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.3/wp-includes/js/jquery/jquery.min.js

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Thu, 27 Jan 2022 04:54:37 GMT
content-encoding: br
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 27 Jan 2023 04:54:37 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/5.8.3/wp-includes/js/jquery/ 11 KB
4 KB 22ms
18ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.3/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Thu, 27 Jan 2022 04:54:37 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 27 Jan 2023 04:54:37 GMT

GET
H2 200 q2w3-fixed-widget.min.js Show response
www.superlutas.com.br/wp-content/plugins/q2w3-fixed-widget/js/ 4 KB
2 KB 42ms
39ms Script
application/javascript 2606:4700:20::ac43:47d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.superlutas.com.br/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js?ver=5.3.0
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 07 Jul 2021 00:13:32 GMT
server: cloudflare
age: 3426
etag: W/"60e4f1ac-1108"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=geh6az9SMqlzLkCcLbcp%2FeVVH%2FeMCkPN5NZfmKKsQTVojJbKc6MV5%2BMryNfSAgL7YHg5UwIGG6SSyXBQ5UXMH21ApzheOBXjv5rhxi1ymHCWAS6yjeQMX9hY7dUsvlsa5OKb7Bw4z3iNNzui2OP8OjCGIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2592000, no-transform
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d3f625688cb927d-FRA
expires: Sat, 26 Feb 2022 03:33:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 143 KB
54 KB 85ms
35ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R6QBCLMJ93

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f9ff479dd8525223655c68a64fe32099c6ac004886a9cc01d8d1a973ac3e387

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:37 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54803
x-xss-protection: 0
expires: Thu, 27 Jan 2022 04:54:37 GMT

GET
H2 200 wp-embed.min.js Show response
c0.wp.com/c/5.8.3/wp-includes/js/ 1 KB
719 B 22ms
19ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.3/wp-includes/js/wp-embed.min.js

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Thu, 27 Jan 2022 04:54:37 GMT
content-encoding: br
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Fri, 27 Jan 2023 04:54:37 GMT

GET
H2 200 wpajans_dedect.css
www.superlutas.com.br/wp-content/plugins/wp-adblock-dedect/css/ 2 KB
2 KB 43ms
40ms Stylesheet
text/css 2606:4700:20::ac43:47d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.superlutas.com.br/wp-content/plugins/wp-adblock-dedect/css/wpajans_dedect.css?ver=5.8.3
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 014e62a72f3e21df1782d14747fa543155313b14ff56ebf9151286a5d2077ba0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3426
cf-polished: origSize=2463
cf-bgj: minify
last-modified: Wed, 07 Jul 2021 00:13:50 GMT
server: cloudflare
etag: W/"60e4f1be-99f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o8%2FHaEmiI7PMKPXqe%2BYlp205UcGeFvOc9B5VV9DDdn5BhBLER4%2F05lw1Y9YCLX0zZ2NgWLF7CCsGOyU2vSUkuDWVenrtq7AOPMKUB60nsvHnxTjlffw9yMAQhjPRydzZ3I3fcKszotniYYn5Hv5kGtRG1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, no-transform
cf-ray: 6d3f625688cc927d-FRA
expires: Sat, 26 Feb 2022 03:33:48 GMT

GET
H2 200 dedect.js Show response
www.superlutas.com.br/wp-content/plugins/wp-adblock-dedect/js/ 7 KB
2 KB 45ms
42ms Script
application/javascript 2606:4700:20::ac43:47d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.superlutas.com.br/wp-content/plugins/wp-adblock-dedect/js/dedect.js?ver=5.8.3
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65acd116fab8d8d54d31dad36101083b89a6ac3871f37fd99dc702cf8b4a5b6f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 07 Jul 2021 00:13:50 GMT
server: cloudflare
age: 3426
etag: W/"60e4f1be-1b00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bCS93YAd6xZhfYHksp5eLkq3LYpiixxrkNfNaYkdX0vG7iCegELx%2BJ2m1dJw41x1T3UxHr48XhwSIz4sLAkTUcguFyRUb%2BDkV3UYu8AB1H2ByLwHgf6iOse7bhqfbc%2F%2Bqc1stwWIp13YltSEaXnRjQN7WA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2592000, no-transform
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d3f625698e6927d-FRA
expires: Sat, 26 Feb 2022 03:33:48 GMT

GET
H2 200 e-202204.js Show response
stats.wp.com/ 9 KB
3 KB 65ms
16ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202204.js
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn
date: Thu, 27 Jan 2022 04:54:37 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 16 Jan 2023 08:44:13 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
213 B 26ms
25ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.superlutas.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.superlutas.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/ 283 KB
102 KB 72ms
45ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3913508766075927&plah=www.superlutas.com.br&bust=31064215

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3913508766075927

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6974544070497258e45880177f11d31d833b349329ebf03114571e6db397252

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104322
x-xss-protection: 0
server: cafe
etag: 16820847751438374874
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 27 Jan 2022 04:54:37 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220125/r20190131/ Frame 97AF 10 KB
5 KB 69ms
17ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220125/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3913508766075927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Wed, 26 Jan 2022 15:59:58 GMT
expires: Wed, 09 Feb 2022 15:59:58 GMT
cache-control: public, max-age=1209600
age: 46479
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 78ms
18ms Script
text/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6397
date: Thu, 27 Jan 2022 03:08:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Thu, 27 Jan 2022 05:08:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 75ms
26ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0db6b915c628d73cfa3255b3c95a54b40275300d29d273dc2932e7c925d7062f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27062
x-xss-protection: 0
server: sffe
etag: "1114 / 220 of 1000 / last-modified: 1643238406"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 27 Jan 2022 04:54:37 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/superlutas/ 337 KB
30 KB 166ms
117ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/superlutas/loader.js
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c50679eb79d83bbaeeadfb94382e681e2f7e93f0b3cdbd44a39a49c4c16d4aac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: PFLeg1XEYRZkhRwP5gQ3ZvWmfsrKQ_2O
content-encoding: gzip
etag: "81623ddbf16066388a19da95aa116a10"
age: 0
x-cache: HIT
content-length: 30166
x-amz-id-2: Pz0tGLjCKv/RhcAJ1SUyXAUulvUiQxrlb0q7uYm5hw7/PX+/ObFMM3guS06KA1s/z3qgr8Y0Cx8=
x-served-by: cache-hhn4029-HHN
last-modified: Mon, 03 Jan 2022 14:04:47 GMT
server: AmazonS3
x-timer: S1643259278.892183,VS0,VE100
date: Thu, 27 Jan 2022 04:54:37 GMT
vary: Accept-Encoding
x-amz-request-id: 76YARDQDXF8SXQZA
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 87
x-cache-hits: 1

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
443 B 83ms
26ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-25264013-1&cid=1685899782.1643259278&jid=585822583&gjid=1211935288&_gid=1703033427.1643259278&_u=IEBAAEAAAAAAAC~&z=856178099

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.superlutas.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 27 Jan 2022 04:54:37 GMT
content-type: text/plain
access-control-allow-origin: https://www.superlutas.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1523006118&utmhn=www.superlutas.com.br&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmd...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25264013-1&cid=1685899782.1643259278&jid=1911279948&_v=5.7.2&z=1523006118

35 B
55 B

55ms
27ms

Image
image/gif

2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25264013-1&cid=1685899782.1643259278&jid=1911279948&_v=5.7.2&z=1523006118

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 27 Jan 2022 04:54:38 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:37 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25264013-1&cid=1685899782.1643259278&jid=1911279948&_v=5.7.2&z=1523006118
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 371
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2022011002.js Show response
securepubads.g.doubleclick.net/gpt/ 352 KB
119 KB 61ms
17ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064551

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 23:09:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107091
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121009
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 21:10:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 25 Jan 2023 23:09:47 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 150 B
749 B 68ms
25ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.superlutas.com.br

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df551d5219d4406ab53860a50d3dd7b2bb978dde2a736226ee6c8c3e0b357d66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 04:54:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
expires: Thu, 27 Jan 2022 04:54:38 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 221 B
649 B 85ms
26ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.superlutas.com.br&callback=_gfp_s_&client=ca-pub-3913508766075927

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3913508766075927&plah=www.superlutas.com.br&bust=31064215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b736bc88c93ef02de75b6e72c2db8db041d9975e75c6c520d0be00c1e7896a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.se/adsid/ 107 B
792 B 78ms
26ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.se/adsid/integrator.js?domain=www.superlutas.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 04:54:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 157ms
56ms Script
application/javascript 2a00:1450:400f:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.superlutas.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 04:54:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0BFD 0
19 B 84ms
58ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3913508766075927&output=html&adk=1812271804&adf=3025194257&lmt=1643255369&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.superlutas.com.br%2F&ea=0&flash=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643259277821&bpp=15&bdt=154&idt=145&shv=r20220125&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6199537260655&frm=20&pv=2&ga_vid=1685899782.1643259278&ga_sid=1643259278&ga_hid=1985017582&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C31064215&oid=2&pvsid=3594616189647203&pem=920&tmod=1335782952&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=162

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 27 Jan 2022 04:54:38 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 27 Jan 2022 04:54:38 GMT
cache-control: private

GET
H2 200 impl.20220103-6-RELEASE.js Show response
cdn.taboola.com/libtrc/ 615 KB
127 KB 18ms
18ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20220103-6-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/superlutas/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: b7e60765170d79386af8e4026af96c85aa6557d170f75eb3d5fe093100dce112

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: 6cEd0gvmEbC1otvkHoqG4r6kKtaMdyhr
content-encoding: br
etag: "c87312d445162a4a233c8f0b8f733ef7"
age: 14012
x-cache: HIT
content-length: 129647
x-amz-id-2: +NnQvNiubCHkdzQ093MuMj4xoNDJIsCwKdmrNLpZt9xcx++J2TaI6CeTZdk/AlJGyEe+xSgnYvk=
x-served-by: cache-hhn4029-HHN
last-modified: Tue, 04 Jan 2022 09:36:19 GMT
server: AmazonS3-br
x-timer: S1643259278.031845,VS0,VE1
date: Thu, 27 Jan 2022 04:54:38 GMT
vary: Accept-Encoding
x-amz-request-id: TWXFW30QW7QYJVX9
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 23
x-cache-hits: 1

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 56ms
18ms Script
application/javascript 13.32.99.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/superlutas/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:29:57 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 1483
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: Aaoi6jlVsa_6vXlhczmPVFWFPzcbgNXWk_CTqZB5QghvhBDiZublZw==

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1643259278125&ns_c=UTF-8&cv=3.5&c8=SUPER%20LUTAS%20-%20Not%C3%ADcias%20UFC%20e%20V%C3%ADdeos%20de%20lutas&c7=https%3A%2F%2Fwww.superlu...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1643259278125&ns_c=UTF-8&cv=3.5&c8=SUPER%20LUTAS%20-%20Not%C3%ADcias%20UFC%20e%20V%C3%ADdeos%20de%20lutas&c7=https%3A%2F%2Fwww.superl...

0
224 B

21ms
21ms

Image
text/plain

13.32.99.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1643259278125&ns_c=UTF-8&cv=3.5&c8=SUPER%20LUTAS%20-%20Not%C3%ADcias%20UFC%20e%20V%C3%ADdeos%20de%20lutas&c7=https%3A%2F%2Fwww.superlutas.com.br%2F&c9=
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Server: 13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-21.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:38 GMT
via: 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: R9qOKjgoKwLC_F-EPhXG1h_0y9ScShmwXu2czgDeO-JfYU0nu0B0hw==
x-cache: Miss from cloudfront

Redirect headers

date: Thu, 27 Jan 2022 04:54:38 GMT
via: 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1643259278125&ns_c=UTF-8&cv=3.5&c8=SUPER%20LUTAS%20-%20Not%C3%ADcias%20UFC%20e%20V%C3%ADdeos%20de%20lutas&c7=https%3A%2F%2Fwww.superlutas.com.br%2F&c9=
content-length: 237
x-amz-cf-id: dsVQpkAFKlUvhDAmcyRZf-mYyHGhLuURGa_olnczAs5tRrWCFCvFrQ==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 36ms
36ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1985017582&t=pageview&_s=1&dl=https%3A%2F%2Fwww.superlutas.com.br%2F&ul=en-us&de=UTF-8&dt=SUPER%20LUTAS%20-%20Not%C3%ADcias%20UFC%20e%20V%C3%ADdeos%20de%20lutas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=41317280.1685899782.1643259278.1643259278.1643259278.1&_utmz=41317280.1643259278.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1643259278359&_u=KEDCAEABAAAAAC~&jid=942828848&gjid=1306275289&cid=1685899782.1643259278&tid=UA-54936151-1&_gid=1703033427.1643259278&_r=1&_slc=1&cd1=esportes&cd2=lutas&cd3=superlutas&cd5=esportes.lutas&cd4=contenido_digital&cd9=alianza&z=1913731547

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.superlutas.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.superlutas.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 t3m.js Show response
tags.t.tailtarget.com/ 264 KB
265 KB 97ms
23ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.t.tailtarget.com/t3m.js?i=TT-10969-0/CT-411
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/globalSTATIC/fe/zaz-app-t360-navbar-partner/_js/metrics.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: nginx/1.8.1 /
Resource Hash: e37e2637209d6fbeffaa4543dd884d6368b5638da12cf5948f724661dc53d400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:06:31 GMT
via: 1.1 google
age: 6487
x-guploader-uploadid: ADPycdv3wK2s964R9aFnKH4H50U6wzNMwSj43AqG4WqyxPgIy8aMzEzeMFYD4akaNYLFZRVE9YisstTE6we4VzjvCVY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Wed, 15 Dec 2021 17:35:31 GMT
server: nginx/1.8.1
vary: Accept-Encoding, Accept-Encoding
x-goog-hash: md5=61rFHIZhiiUa+QwlGZUtUQ==
content-type: application/javascript
x-goog-generation: 1639589731165739
cache-control: max-age=7200,public
x-goog-stored-content-length: 23302
expires: Thu, 27 Jan 2022 05:06:31 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
336 B 39ms
38ms Image
text/plain 13.32.99.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=3000033&ns__t=1643259278366&ns_c=UTF-8&cv=3.5&c8=SUPER%20LUTAS%20-%20Not%C3%ADcias%20UFC%20e%20V%C3%ADdeos%20de%20lutas&c7=https%3A%2F%2Fwww.superlutas.com.br%2F&c9=
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-21.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:38 GMT
via: 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: c6PjImaPOV1HeulHcA56VLmFQPMtfh2NXlBYGFkhxlUcWSvCyFXAkQ==
x-cache: Miss from cloudfront

GET
H2 200 terra-logo.svg
www.terra.com.br/globalSTATIC/fe/zaz-mod-t360-icons/svg/essential/ 8 KB
4 KB 38ms
37ms Image
image/svg+xml 2a02:26f0:ab00::b819:3290
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.terra.com.br/globalSTATIC/fe/zaz-mod-t360-icons/svg/essential/terra-logo.svg

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::b819:3290 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c9897a7a0ca7d44382cb151300968ac12f1030f7dd680085076593d8f3fe8f62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-mt-cache: HIT
strict-transport-security: max-age=15552000
content-encoding: br
x-content-type-options: nosniff
x-cdnterra-cache-status: EXPIRED
content-length: 3614
last-modified: Fri, 15 Oct 2021 15:07:17 GMT
date: Thu, 27 Jan 2022 04:54:38 GMT
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-type, x-cache
cache-control: max-age=3600, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type

GET
H2 200 all.js Show response
connect.facebook.net/pt_BR/ 3 KB
2 KB 84ms
22ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/all.js

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2ed2a8e9ead6f775c6f9330592b5c08152d34ae5cf4b2f445ef20ccec7e18508

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: lPQkxc61bnTyrepYHiABzw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: f38u/w63HATHhsdYR+CGU0LV3uGEoYKAnGsUI1IoBpjypKkCgpCIk9fBaVQ08BmHa2g9HaM1H17F9eisDtPLuQ==
x-fb-trip-id: 917726464
x-fb-content-md5: b9a81092d9b2eeff36cd5c1555318504
x-frame-options: DENY
date: Thu, 27 Jan 2022 04:54:38 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "86cfda67f48743eefccfe4bc16d878b7"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 27 Jan 2022 04:59:06 GMT

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v15/ 33 KB
34 KB 83ms
22ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/wp-content/themes/SUPER-LUTAS/style.css?v=2.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.superlutas.com.br/
Origin: https://www.superlutas.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:14:45 GMT
x-content-type-options: nosniff
age: 149993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34260
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:02:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 11:14:45 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 132ms
66ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.superlutas.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 04:54:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 165ms
104ms Script
application/javascript 2a00:1450:400f:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.superlutas.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064551

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 04:54:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 474 KB
80 KB 657ms
617ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3594616189647203&correlator=4045067316041048&output=ldjh&impl=fifs&eid=31064551&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220127&iu_parts=66958784%2Cbackground%2C300x250_TOP%2C300x250_meio%2CTopo%2Cvideo%2C468x60%2C468x60_meio_home%2C300x600_home%2CSL_Home_970x90%2CSL_Int_300x600%2CSL_Int_970x90%2CRodape-Mobile%2CVidoomy%2Cbanner-live-arena%2CSL-970x90%2CBanner-dentro-Texto%2Csuperlutas_pushdown%2CMid-Texto%2Cwallpaper&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13%2C%2F0%2F14%2C%2F0%2F15%2C%2F0%2F16%2C%2F0%2F17%2C%2F0%2F18%2C%2F0%2F19&prev_iu_szs=300x250%2C300x250%2C300x250%2C728x90%7C300x250%7C320x50%7C300x50%7C970x90%7C970x250%2C1x1%2C300x250%2C300x250%2C300x600%2C728x90%7C970x90%7C970x250%2C300x250%7C300x600%2C970x90%7C970x250%2C320x50%2C1x1%2C320x50%7C336x280%7C970x90%7C728x90%2C728x90%7C300x100%7C320x50%7C970x250%7C300x250%7C970x90%7C250x250%7C200x200%2C234x60%7C200x200%7C300x250%2C1x1%2C300x100%7C300x50%7C300x250%7C320x50%7C250x250%7C300x75%7C200x200%2C1920x1080&cookie=ID%3Da49ee685f60fba00-226c83622dcd00bc%3AT%3D1643259278%3ART%3D1643259278%3AS%3DALNI_MbOnI5dCyjvMJI2cnPWEkSobZZKfg&bc=31&abxe=1&dt=1643259278444&lmt=1643255369&dlt=1643259277667&idt=402&frm=20&biw=1600&bih=1200&oid=2&adxs=-9%2C-9%2C-9%2C-9%2C0%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-160&adys=-9%2C-9%2C-9%2C-9%2C39%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C0&adks=3880845288%2C2334716527%2C1347105487%2C380858702%2C3626379645%2C3061201903%2C2406660454%2C3147967561%2C2801143821%2C1647148541%2C3120193492%2C2621848297%2C516473737%2C3532065451%2C516205488%2C3734944136%2C330619748%2C3742752762%2C3364697951&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.superlutas.com.br%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C1600x40%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1920x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C1x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1920x-1&ga_vid=1685899782.1643259278&ga_sid=1643259278&ga_hid=1985017582&ga_fc=true&fws=2%2C2%2C2%2C2%2C4%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C516&ohw=0%2C0%2C0%2C0%2C1600%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1600&btvi=-1%7C-1%7C-1%7C-1%7C0%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064551

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b12efedd4fe2e150653cb1abf463513827d0efa6c8246a1195942858b7ab5b48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82338
x-xss-protection: 0
google-lineitem-id: 5894368697,5893814338,-1,4943189512,5365278475,-1,-1,-1,-1,-1,-1,5246455188,-2,-1,-1,-1,5785480303,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138379127128,138378629531,-1,138362915663,138310867916,-1,-1,-1,-1,-1,-1,138366091566,-2,-1,-1,-1,138362924630,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.superlutas.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C20E 6 KB
4 KB 329ms
60ms Document
text/html 2a00:1450:400f:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 27 Jan 2022 04:54:38 GMT
expires: Fri, 27 Jan 2023 04:54:38 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ 28 KB
28 KB 104ms
66ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/wp-content/themes/SUPER-LUTAS/style.css?v=2.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.superlutas.com.br/
Origin: https://www.superlutas.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 17:57:27 GMT
x-content-type-options: nosniff
age: 125831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28968
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:03:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 17:57:27 GMT

GET
H2 200 fa-brands-400.woff2
www.superlutas.com.br/wp-content/themes/SUPER-LUTAS/fonts/ 77 KB
77 KB 35ms
33ms Font
application/octet-stream 2606:4700:20::ac43:47d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.superlutas.com.br/wp-content/themes/SUPER-LUTAS/fonts/fa-brands-400.woff2
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/wp-content/themes/SUPER-LUTAS/style.css?v=2.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba

Request headers

Referer: https://www.superlutas.com.br/wp-content/themes/SUPER-LUTAS/style.css?v=2.0
Origin: https://www.superlutas.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3427
content-length: 78460
last-modified: Sun, 11 Jul 2021 01:37:34 GMT
server: cloudflare
etag: "60ea4b5e-1327c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pnuuCLKIfmvMfLmQY4OL5%2FGEh8fes%2F0dxKSkmMqcvI5NEC5G4re9vtsdbKftS8%2B0POLkQAeeOxgGHyStzLK005N6WPlKoEzRro0jvwVA1UttjqcLdk7h%2BtNH6poO97piIEOHQ1OCVPatf47PUiSbsm28Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6d3f625a7f1d927d-FRA
expires: Thu, 03 Feb 2022 03:33:49 GMT

GET
H2 200 fa-solid-900.woff2
www.superlutas.com.br/wp-content/themes/SUPER-LUTAS/fonts/ 78 KB
79 KB 44ms
41ms Font
application/octet-stream 2606:4700:20::ac43:47d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.superlutas.com.br/wp-content/themes/SUPER-LUTAS/fonts/fa-solid-900.woff2
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/wp-content/themes/SUPER-LUTAS/style.css?v=2.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Request headers

Referer: https://www.superlutas.com.br/wp-content/themes/SUPER-LUTAS/style.css?v=2.0
Origin: https://www.superlutas.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3427
content-length: 80300
last-modified: Sun, 11 Jul 2021 01:37:58 GMT
server: cloudflare
etag: "60ea4b76-139ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1kzPhhN97OFtFi15zDH%2FqMd%2BI5lBi8MRCzEbstq5lNE8Z6iIpi9mhUDBw3KoiAtfiYTpNQI7oPZdgGmxDGd8ar60wCimW4m9uQXSXpM%2BpoRHIoEaGK%2BkNNSIbYpgetwGBsgcQmSS6sEbUeVrpvzXKyG9kA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6d3f625a7f1e927d-FRA
expires: Thu, 03 Feb 2022 03:33:49 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 50ms
48ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-54936151-1&cid=1685899782.1643259278&jid=942828848&gjid=1306275289&_gid=1703033427.1643259278&_u=KEDCAEABAAAAAC~&z=560522921

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

08f3d7de7aea50ee4f77098ffd4ecce4d803a35b21285f45e6b72e3a497d7122

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.superlutas.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 27 Jan 2022 04:54:38 GMT
content-type: text/plain
access-control-allow-origin: https://www.superlutas.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bg-transparent.png
www.superlutas.com.br/wp-content/themes/SUPER-LUTAS/images/ 34 B
474 B 66ms
61ms Image
image/webp 2606:4700:20::ac43:47d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.superlutas.com.br/wp-content/themes/SUPER-LUTAS/images/bg-transparent.png
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/wp-content/themes/SUPER-LUTAS/style.css?v=2.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/wp-content/themes/SUPER-LUTAS/style.css?v=2.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 588
cf-polished: origFmt=png, origSize=95
content-disposition: inline; filename="bg-transparent.webp"
content-length: 34
last-modified: Sun, 11 Jul 2021 01:36:09 GMT
server: cloudflare
etag: "60ea4b09-5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=93zcvVTi%2F%2BFoqdhow7h3Fc%2FmDop60XsxkVIrP1lnZhZP4GxHjhy2La7ioIA9zbBHX%2BxzkoXU712hXQ7NzONrnmyussJ87dC98CkQw8UVatNpd0rNbeqqph%2FQ9wHZ8xaP78RwfiLCKzqmMf7cFlgvqGnnng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Sat, 26 Feb 2022 03:56:56 GMT
cache-control: public, max-age=2592000, no-transform
accept-ranges: bytes
cf-ray: 6d3f625aaf5f927d-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 4iCv6KVjbNBYlgoCjC3jsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ 29 KB
29 KB 61ms
56ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCjC3jsGyN.woff2

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/wp-content/themes/SUPER-LUTAS/style.css?v=2.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97d812da07c2319e0e64c4137b33a5d3ccfb4c06fa5ab4444f522959e27a9ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.superlutas.com.br/
Origin: https://www.superlutas.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 20:31:10 GMT
x-content-type-options: nosniff
age: 116608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29864
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:02:34 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 20:31:10 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4A7E 17 KB
9 KB 473ms
472ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3913508766075927&output=html&h=250&slotname=8344921166&adk=743887373&adf=1370063109&pi=t.ma~as.8344921166&w=300&lmt=1643255369&psa=0&format=300x250&url=https%3A%2F%2Fwww.superlutas.com.br%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643259278493&bpp=15&bdt=826&idt=15&shv=r20220125&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da49ee685f60fba00-226c83622dcd00bc%3AT%3D1643259278%3ART%3D1643259278%3AS%3DALNI_MbOnI5dCyjvMJI2cnPWEkSobZZKfg&prev_fmts=0x0&nras=1&correlator=6199537260655&frm=20&pv=1&ga_vid=1685899782.1643259278&ga_sid=1643259278&ga_hid=1985017582&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=683&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C31064215&oid=2&pvsid=3594616189647203&pem=920&tmod=2007326495&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=21&uci=a!l&fsb=1&xpc=VMJHWiljT5&p=https%3A//www.superlutas.com.br&dtd=23

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff400ae85be1ac1b45580c5d980f33c2c4040f5bf671c03b55837c356427bba1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 27 Jan 2022 04:54:38 GMT
server: cafe
content-length: 9593
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 27 Jan 2022 04:54:38 GMT
cache-control: private

GET
H2 200 sl.jpg
www.superlutas.com.br/wp-content/uploads/2021/12/ 111 KB
112 KB 708ms
708ms Image
image/jpeg 2606:4700:20::ac43:47d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.superlutas.com.br/wp-content/uploads/2021/12/sl.jpg
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a94c55f56cc809e40a9b82dd042c923a69c7f56e31449f0aa3e0289856c25a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=120318, status=webp_bigger
content-length: 114025
last-modified: Wed, 08 Dec 2021 17:11:02 GMT
server: cloudflare
etag: "61b0e726-1d5fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2om%2BamvyA%2BvBfAzTVqrWMNsfLXaattea5dUZYvV04AdN03xfAdJWDqFw9b7ddCA57JyTRJFmY9%2Bds5oN81VDgSnmDmCSY8T1qCpWH8blF48hsVAd2yEnaSSwt655hJrGpgqEXH7nJbYQKGx6LjucKKdH9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 26 Feb 2022 03:38:44 GMT
cache-control: public, max-age=2592000, no-transform
accept-ranges: bytes
cf-ray: 6d3f625acfa6927d-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 Do-Bronx-x-Gaethje-se-enfrentam-no-UFC-274-e1643229424343.jpg
www.superlutas.com.br/wp-content/uploads/2022/01/ 116 KB
117 KB 482ms
478ms Image
image/jpeg 2606:4700:20::ac43:47d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.superlutas.com.br/wp-content/uploads/2022/01/Do-Bronx-x-Gaethje-se-enfrentam-no-UFC-274-e1643229424343.jpg
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a5e656cac73742e946a489a07599ffd3d1ff84ae6a8c4053db515eb2de67e45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=122939, status=webp_bigger
content-length: 118604
last-modified: Wed, 26 Jan 2022 20:37:04 GMT
server: cloudflare
etag: "61f1b0f0-1e03b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bPeHmvUw5W5O2tOfwloITsbZrQELjd%2FVneMBFbaovv2khQV10W3wZVSm5wTYb59EvnojndKIAyqpkf4SRb7Op4PcsGDMRMNK3mRTBluDQ1LjHOEcoQOhC247AM18lRUGnPH1mP65MHtQtovqZi%2FqwcB0Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 26 Feb 2022 03:34:11 GMT
cache-control: public, max-age=2592000, no-transform
accept-ranges: bytes
cf-ray: 6d3f625aefce927d-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 kamaru-usman-5.jpg
www.superlutas.com.br/wp-content/uploads/2021/04/ 253 KB
253 KB 655ms
650ms Image
image/webp 2606:4700:20::ac43:47d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.superlutas.com.br/wp-content/uploads/2021/04/kamaru-usman-5.jpg
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 570b3cca6105e9c4501b5ae9108d70d3d5a14e1cde1e0fae0b29848c00affb73

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=jpeg, origSize=468956
content-disposition: inline; filename="kamaru-usman-5.webp"
content-length: 258782
last-modified: Wed, 07 Jul 2021 00:16:34 GMT
server: cloudflare
etag: "60e4f262-727dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iya%2BTpZaFvZeOGs%2BnCrLJBjDZ4Ic5cMqbzGbdiZH%2BJZjwnPTi8p1fs3ImANQ6j6dFpJwsOK3WcydsHVEMYk%2BXZKZLQlavhoPVo95K8Nml7Jy%2FuA9w017tshKtINGaErXZOKxkS5rBwUK3BxqFOf9%2BrDEvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Sat, 26 Feb 2022 02:30:56 GMT
cache-control: public, max-age=2592000, no-transform
accept-ranges: bytes
cf-ray: 6d3f625aefd1927d-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 francis-ngannou.jpg
www.superlutas.com.br/wp-content/uploads/2022/01/ 292 KB
293 KB 634ms
629ms Image
image/webp 2606:4700:20::ac43:47d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.superlutas.com.br/wp-content/uploads/2022/01/francis-ngannou.jpg
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6291775e6ea83111eae6017cd3301f4a700db8be9f186ed079a66ac0a511603f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=jpeg, origSize=483801
content-disposition: inline; filename="francis-ngannou.webp"
content-length: 299218
last-modified: Sun, 23 Jan 2022 06:15:01 GMT
server: cloudflare
etag: "61ecf265-761d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CVehNQHeQd1K%2F3%2FSPZPjh5QMp1uoN6A%2Bubfp5iDQMgFW%2BbYIZARdpKg6Aumbd4Z90O0PGaLmRYQAXOEw1swKcFdfScncqw99Q6HkYNqGZmq%2BuKZX1CTeC60i5Hb2Pfc9yGk9JSnBz3lwai%2BEcvkTchy4Jw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Sat, 26 Feb 2022 03:39:08 GMT
cache-control: public, max-age=2592000, no-transform
accept-ranges: bytes
cf-ray: 6d3f625aefd3927d-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 Luque-Muhammad-UFC-300x200.jpg
www.superlutas.com.br/wp-content/uploads/2022/01/ 10 KB
10 KB 533ms
528ms Image
image/jpeg 2606:4700:20::ac43:47d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.superlutas.com.br/wp-content/uploads/2022/01/Luque-Muhammad-UFC-300x200.jpg
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c391460d6ca753a9146a01649330540f0f003e96ce41cb0484df95d43a4c85a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=34175, status=webp_bigger
content-length: 9755
last-modified: Wed, 26 Jan 2022 13:50:04 GMT
server: cloudflare
etag: "61f1518c-857f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Tbl9PjvBCIytWmJeDa9w247GEZ360lCS4akSxLnVAuCnTctmU5wtuAaxJBfin2tKy4Wgk6lCzaJocA8S0K7vJIP7eEmz2N31j7GerCw4tb7qsPvgftkOCcTEXFZFTIdThZWqafizbOTWB4AoQyyYLFf2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 26 Feb 2022 03:36:34 GMT
cache-control: public, max-age=2592000, no-transform
accept-ranges: bytes
cf-ray: 6d3f625aefd4927d-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 Sonnen-300x200.jpg
www.superlutas.com.br/wp-content/uploads/2021/06/ 9 KB
10 KB 532ms
527ms Image
image/jpeg 2606:4700:20::ac43:47d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.superlutas.com.br/wp-content/uploads/2021/06/Sonnen-300x200.jpg
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95f7cf9bb216f8b91bcf576a394aee714d80e4a1b90589d451649b43949ff39f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=9677, status=webp_bigger
content-length: 9545
last-modified: Wed, 07 Jul 2021 00:17:57 GMT
server: cloudflare
etag: "60e4f2b5-25cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DaburFKVk6tfjm90lr74fq7%2BCzhOf80rnw4hcL6xn7kWa87ig5ZJew5X47hTlw12DLX3rEwO2xn21CQ8AXz5rhYCDYTJ57laYTfdZ5v8BOYuW78eAuHgWMN136Ta0%2BySJkJN4o1WrKzLnrhfavWqv8Jcbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 26 Feb 2022 03:38:49 GMT
cache-control: public, max-age=2592000, no-transform
accept-ranges: bytes
cf-ray: 6d3f625aefd5927d-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 deiveson-figueiredo-300x200.jpg
www.superlutas.com.br/wp-content/uploads/2022/01/ 14 KB
14 KB 533ms
529ms Image
image/jpeg 2606:4700:20::ac43:47d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.superlutas.com.br/wp-content/uploads/2022/01/deiveson-figueiredo-300x200.jpg
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18156963d6d3545312aba2c04ab9cd082fed2df55f284395507db02ba46515d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=14177, status=webp_bigger
content-length: 13850
last-modified: Fri, 21 Jan 2022 18:19:14 GMT
server: cloudflare
etag: "61eaf922-3761"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W04dzeNMYtDhw%2BcOdtLBgjFOl5m3nfDti4cg4mQXdU0UnkUIEC4mGXF23JF3H%2FAxGMk3M4qYDIkFEPgjVvmoVOkezsO4VEbgWG9zxtWkLhU95pfHR0W2AcBTf%2F%2FwARU8CVtxw6O0b%2FUa0%2BJMfb4LMR0PCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 26 Feb 2022 03:34:55 GMT
cache-control: public, max-age=2592000, no-transform
accept-ranges: bytes
cf-ray: 6d3f625aefd8927d-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 Usman-x-Covington-2-300x200.jpg
www.superlutas.com.br/wp-content/uploads/2021/11/ 15 KB
16 KB 539ms
535ms Image
image/jpeg 2606:4700:20::ac43:47d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.superlutas.com.br/wp-content/uploads/2021/11/Usman-x-Covington-2-300x200.jpg
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b680a5c033d053795318c3f3f1605b8d61295736901f8c58a8bcd26a738c071

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=16093, status=webp_bigger
content-length: 15747
last-modified: Sun, 07 Nov 2021 05:22:52 GMT
server: cloudflare
etag: "618762ac-3edd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0CcJK5L%2FQ%2BKK%2BG0JoaEOFDC9rmpr7cf9oemnL7Tp8hQWvuJ1uXV1bPjPLsgb6zK%2Bd129FpnN9oRNBWP27bu%2FMlg5Km%2BGR6aou6Im8dHsEsTvqjXO0m2hduqEGT2YZxQHarpLLI5mymP8TYcTZBMF%2FA1hXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 26 Feb 2022 03:36:54 GMT
cache-control: public, max-age=2592000, no-transform
accept-ranges: bytes
cf-ray: 6d3f625aefda927d-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 Patricky-Pitbull-Belator-270-300x200.png
www.superlutas.com.br/wp-content/uploads/2021/11/ 48 KB
49 KB 663ms
660ms Image
image/webp 2606:4700:20::ac43:47d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.superlutas.com.br/wp-content/uploads/2021/11/Patricky-Pitbull-Belator-270-300x200.png
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9798bf0aef4a1aab65b268afa025cf23cdd374caa2e57d327cab763eed551500

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=76030
content-disposition: inline; filename="Patricky-Pitbull-Belator-270-300x200.webp"
content-length: 49238
last-modified: Sat, 06 Nov 2021 00:42:39 GMT
server: cloudflare
etag: "6185cf7f-128fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WNqKK%2FcqK7e7InILocunUHwByBS%2B30RpRoiw43pUa7NHUIaBRwfdmxYoaXHPVfTMHBHkwh0E2uggNTgPJg0Xb6kCwm01tIlqVq9UMlf3MXgK0cq0m7sl3uDa%2FYynq%2Fa5OqjEqRY9yQ1q14h3fVQwAojraw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Sat, 26 Feb 2022 04:06:36 GMT
cache-control: public, max-age=2592000, no-transform
accept-ranges: bytes
cf-ray: 6d3f625aefde927d-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 ngannou-jackass-300x200.jpg
www.superlutas.com.br/wp-content/uploads/2022/01/ 15 KB
15 KB 72ms
69ms Image
image/jpeg 2606:4700:20::ac43:47d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.superlutas.com.br/wp-content/uploads/2022/01/ngannou-jackass-300x200.jpg
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71f1f70d21e169724ddc8c9443cfce2e69b8ba39bf52bc08277cbbb066390f51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6730
cf-polished: origSize=15788, status=webp_bigger
content-length: 15059
last-modified: Mon, 10 Jan 2022 21:47:00 GMT
server: cloudflare
etag: "61dca954-3dac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FeyWJ2PyFij9GFegIwmOqdM8NwDwA7wWSRTwMHkDXT8OUfhzpPsImrWXZKpFBj74uVpVILDMHSIYwQuIWigAWvrPYul7HR6XHAj2yFW6OWzOLSYNVv%2BZ4HCkJ49dFW32ictRcrCECa0XykOoxmb1cGB9ww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 26 Feb 2022 01:33:40 GMT
cache-control: public, max-age=2592000, no-transform
accept-ranges: bytes
cf-ray: 6d3f625b081b927d-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 1492783390410579-300x200.jpg
www.superlutas.com.br/wp-content/uploads/2017/04/ 15 KB
16 KB 579ms
576ms Image
image/jpeg 2606:4700:20::ac43:47d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.superlutas.com.br/wp-content/uploads/2017/04/1492783390410579-300x200.jpg
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30c24c66e90fecb057f27df7d5f20c26a74edc02d76fa109cb2deea0ae3efc18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=16743, status=webp_bigger
content-length: 15732
last-modified: Wed, 07 Jul 2021 00:47:19 GMT
server: cloudflare
etag: "60e4f997-4167"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7BnjLFqN1f9s7ApUIZR7XJ5NwOs1aOrT%2BgECrs8%2BCsaxOaulGEcTokcgeBXiDR7dzj5QuqC6QvyCV8rd0xNUQ9GN7Af9s%2BZdyIwaNPTAzfCfuiF6yjrXCGOM6GVnnHIODK4QkiWCxlI4Z%2B6jVwXPtyUUQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 26 Feb 2022 03:37:44 GMT
cache-control: public, max-age=2592000, no-transform
accept-ranges: bytes
cf-ray: 6d3f625b081d927d-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 adesanya-whittaker-e1636640783179-300x200.jpg
www.superlutas.com.br/wp-content/uploads/2019/10/ 10 KB
11 KB 536ms
534ms Image
image/jpeg 2606:4700:20::ac43:47d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.superlutas.com.br/wp-content/uploads/2019/10/adesanya-whittaker-e1636640783179-300x200.jpg
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeb18b987859d56b999b7c10e0a003ebdc1a25d7ea818a975e49be7a29f2b845

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=10816, status=webp_bigger
content-length: 10595
last-modified: Thu, 11 Nov 2021 14:26:24 GMT
server: cloudflare
etag: "618d2810-2a40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1%2BGOKZYIKJcKjyozlIOXNyE6Qc2A3KNuLmwWevE%2F08qXYP%2Fg79M46rrxLkSKrF8pQMyEhyFmRXPriqnljot7F2XoCLkzoZxiL2QpJX50LKPZhKOnemOiKdxY1VwL2lfuRZRur7TIJkhgDmAxC7TwLHE%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 26 Feb 2022 03:39:08 GMT
cache-control: public, max-age=2592000, no-transform
accept-ranges: bytes
cf-ray: 6d3f625b081e927d-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 R.-Dos-Anjos-e-R.-Fiziev-se-enfrentam-no-dia-19-de-fevereiro-300x200.jpg
www.superlutas.com.br/wp-content/uploads/2022/01/ 13 KB
13 KB 546ms
544ms Image
image/jpeg 2606:4700:20::ac43:47d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.superlutas.com.br/wp-content/uploads/2022/01/R.-Dos-Anjos-e-R.-Fiziev-se-enfrentam-no-dia-19-de-fevereiro-300x200.jpg
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee9f7e43632948744201753ae62f3abf35f9ca8ce7d34ac3012fedd5d9202daa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=13643, status=webp_bigger
content-length: 13138
last-modified: Fri, 07 Jan 2022 19:31:56 GMT
server: cloudflare
etag: "61d8952c-354b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=btXsOj2qKBBs3exQTg0dLNiK%2B93ZVNACpFa9%2B8pticTcZCeBM%2BhgmckP1c8OVZEQyKIULMibtcBRUvXyD%2FR9%2B7%2F%2F7PB7O%2B3lcodPyy2CTQsSUEd2%2FBpCJfDjnfvmQTbgArbM7zFUBfu1bS6uSqUOTP64dg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 26 Feb 2022 03:43:34 GMT
cache-control: public, max-age=2592000, no-transform
accept-ranges: bytes
cf-ray: 6d3f625b0820927d-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 all.js Show response
connect.facebook.net/pt_BR/ 290 KB
82 KB 80ms
38ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/all.js?hash=369929d3ef17150ee9980bf838bcd26e

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c3aa4799aaecda3d1692f28b02188087924758c0659b1d1793cbd44c50ef6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.superlutas.com.br/
Origin: https://www.superlutas.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 67oidmaT25dZHQUYfzlg5A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 83530
x-fb-rlafr: 0
x-fb-debug: +L//lJMYB/GalWw01N2XVcQ8LjxKuqp+uu465XCPhBLxB9WR3lZj5K5PFLxaqSwTMWiHO0utzx3tike4UF8Gug==
x-fb-content-md5: b0f9b0ef1a9bff5ab6826042782f738b
x-frame-options: DENY
date: Thu, 27 Jan 2022 04:54:38 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "45091c4acbbd15ff91a1a88272aeb3be"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 27 Jan 2023 01:53:24 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 111ms
30ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-54936151-1&cid=1685899782.1643259278&jid=942828848&_u=KEDCAEABAAAAAC~&z=794932359

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.se/ads/ 42 B
501 B 112ms
31ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-54936151-1&cid=1685899782.1643259278&jid=942828848&_u=KEDCAEABAAAAAC~&z=794932359

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fightcircus-2021-300x150.jpg
www.superlutas.com.br/wp-content/uploads/2021/11/ 11 KB
12 KB 172ms
170ms Image
image/jpeg 2606:4700:20::ac43:47d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.superlutas.com.br/wp-content/uploads/2021/11/fightcircus-2021-300x150.jpg
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87b1f94fdf8ebae45121710def9c527eec968e05f756cd3cb02ace607e28833a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=11621, status=webp_bigger
content-length: 11390
last-modified: Tue, 09 Nov 2021 17:32:12 GMT
server: cloudflare
etag: "618ab09c-2d65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HyPmS50sb7RmIi4oXlxD%2B5BfSAQV5etTpqWAgw1OONf1TIzzEHnRoeCsAS6kWYp4Il%2Fx87L6roU6HA1ESsbi7ibUfrih9gEcJS2ULAFAYbaNpe%2BcMr0hJdqR8fh7IX2q8Z9Gu2qGt0FfgCSYzk9BYsx37g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 26 Feb 2022 03:39:24 GMT
cache-control: public, max-age=2592000, no-transform
accept-ranges: bytes
cf-ray: 6d3f625b283a927d-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 gane-deiveson-300x150.jpg
www.superlutas.com.br/wp-content/uploads/2022/01/ 10 KB
11 KB 190ms
189ms Image
image/jpeg 2606:4700:20::ac43:47d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.superlutas.com.br/wp-content/uploads/2022/01/gane-deiveson-300x150.jpg
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11c9c80778879d79cdf1c9c2c2287d688ece6ccb59dc34bf4be4ba3d029b8117

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=10598, status=webp_bigger
content-length: 10335
last-modified: Wed, 19 Jan 2022 15:46:51 GMT
server: cloudflare
etag: "61e8326b-2966"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1MIR%2Fk%2FdZVQ09zmc8Q96p6F%2B8j4dZSx%2BWGI%2BVHugW9W0nQs28XpMU3WXyBGZN3raeiimnr92HYUIJG5nLexilchZ5CqS5bmrFVtBkAdCKd8hbdbykjI3yzuAvkiet4x3ucgw73JrL4ipvjBM%2F8wQLWRqoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 26 Feb 2022 03:38:36 GMT
cache-control: public, max-age=2592000, no-transform
accept-ranges: bytes
cf-ray: 6d3f625b283b927d-FRA
cf-bgj: imgq:100,h2pri

GET
H/1.1 200
OK d3d3LnN1cGVybHV0YXMuY29tLmJy Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
464 B 118ms
29ms XHR
application/json 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LnN1cGVybHV0YXMuY29tLmJy
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 04:54:38 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=25820
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: cf6dbc21248f691e4b458f112770d95d
Content-Length: 16
Expires: Thu, 27 Jan 2022 12:04:58 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 114ms
29ms Image
image/gif 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=0.8107416810539962
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:38 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Sat, 26 Feb 2022 04:54:38 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
116 B 24ms
19ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.2.1&blog=166435340&post=134874&tz=-3&srv=www.superlutas.com.br&host=www.superlutas.com.br&ref=&fcp=2284&rand=0.3749230504464587
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 27 Jan 2022 04:54:38 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 25ms
25ms Ping
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-R6QBCLMJ93&gtm=2oe1o0&_p=1985017582&sr=1600x1200&gdid=dZTNiMT&ul=en-us&cid=1685899782.1643259278&_s=1&dl=https%3A%2F%2Fwww.superlutas.com.br%2F&dt=SUPER%20LUTAS%20-%20Not%C3%ADcias%20UFC%20e%20V%C3%ADdeos%20de%20lutas&sid=1643259278&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R6QBCLMJ93
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.superlutas.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.superlutas.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 get Show response
odb.outbrain.com/utils/ 27 KB
11 KB 513ms
372ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.superlutas.com.br&srcUrl=https%3A%2F%2Fwww.superlutas.com.br%2Ffeed%2F&idx=0&rand=90006&key=NANOWDGT01&widgetJSId=AR_1&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=310&py=2478&vpd=1278&cw=980&activeTab=true&darkMode=false&settings=true&recs=true&version=2000578&sig=VxUhXbGs&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b2cd8b280c5b24f1509f038a446274cf3b730bfe01a678a46e0c865e05513be0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:39 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1643259279.070735,VS0,VE341
accept-ranges: bytes
x-served-by: cache-lga13620-LGA, cache-hhn4053-HHN
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 65eadca27d2522f1c09157a4fbf1872a
content-encoding: gzip
content-length: 10438
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4A7E 42 B
63 B 46ms
46ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CFslAVV8e1dsOysVbKrWvAR6fe_WRnkdWWvyB57KUl4PQ__EvJYyMFiXFO_z-V8JZdgvYyS2_CAqbq0PrsqmFQnjgw0M-Hlzu9mkArVpb-FfEisvs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3913508766075927&output=html&h=250&slotname=8344921166&adk=743887373&adf=1370063109&pi=t.ma~as.8344921166&w=300&lmt=1643255369&psa=0&format=300x250&url=https%3A%2F%2Fwww.superlutas.com.br%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643259278493&bpp=15&bdt=826&idt=15&shv=r20220125&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da49ee685f60fba00-226c83622dcd00bc%3AT%3D1643259278%3ART%3D1643259278%3AS%3DALNI_MbOnI5dCyjvMJI2cnPWEkSobZZKfg&prev_fmts=0x0&nras=1&correlator=6199537260655&frm=20&pv=1&ga_vid=1685899782.1643259278&ga_sid=1643259278&ga_hid=1985017582&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=683&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C31064215&oid=2&pvsid=3594616189647203&pem=920&tmod=2007326495&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=21&uci=a!l&fsb=1&xpc=VMJHWiljT5&p=https%3A//www.superlutas.com.br&dtd=23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame 4A7E 2 KB
1 KB 102ms
37ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:12:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Feb 2022 04:12:41 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4A7E 123 KB
37 KB 70ms
43ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Jan 2022 04:54:39 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame 4A7E 14 KB
6 KB 98ms
34ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fa7f49e3a869a02c248c7c730f895951b3fc2f811e504d3ab30f72c1f74913c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:42:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4322
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 1875255482418879373
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Feb 2022 03:42:37 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4A7E 0
0 86ms
40ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ9GS1RN8AMwbDWdzNHXSGb53YnEdGvJUBttRxQ8dEuQQRrbikIxUH4je1aqxxrWC6H3WvqPPGAJ21DMOpLDoDZYVMGiA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3913508766075927&output=html&h=250&slotname=8344921166&adk=743887373&adf=1370063109&pi=t.ma~as.8344921166&w=300&lmt=1643255369&psa=0&format=300x250&url=https%3A%2F%2Fwww.superlutas.com.br%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643259278493&bpp=15&bdt=826&idt=15&shv=r20220125&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da49ee685f60fba00-226c83622dcd00bc%3AT%3D1643259278%3ART%3D1643259278%3AS%3DALNI_MbOnI5dCyjvMJI2cnPWEkSobZZKfg&prev_fmts=0x0&nras=1&correlator=6199537260655&frm=20&pv=1&ga_vid=1685899782.1643259278&ga_sid=1643259278&ga_hid=1985017582&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=683&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C31064215&oid=2&pvsid=3594616189647203&pem=920&tmod=2007326495&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=21&uci=a!l&fsb=1&xpc=VMJHWiljT5&p=https%3A//www.superlutas.com.br&dtd=23
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9E28 624 B
297 B 44ms
43ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi6_qO-ATAB&v=APEucNXXY87b616nU4snRO85ieqbKnJm3i_KtwiIlZ7VoTh5KI5dJ-t0LQAg4PzoaK8qmJB2fOZzG2yUOPmB7HK_Pc4mbbPJ0ZKvH0pWjqgM0Vgi1tQAQ2_wOjkVQij073JkHLqngju-WgbNqyddJJBQBM1N08fd707gSSJEOYfjFZ78aPcds7M

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3913508766075927&output=html&h=250&slotname=8344921166&adk=743887373&adf=1370063109&pi=t.ma~as.8344921166&w=300&lmt=1643255369&psa=0&format=300x250&url=https%3A%2F%2Fwww.superlutas.com.br%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643259278493&bpp=15&bdt=826&idt=15&shv=r20220125&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da49ee685f60fba00-226c83622dcd00bc%3AT%3D1643259278%3ART%3D1643259278%3AS%3DALNI_MbOnI5dCyjvMJI2cnPWEkSobZZKfg&prev_fmts=0x0&nras=1&correlator=6199537260655&frm=20&pv=1&ga_vid=1685899782.1643259278&ga_sid=1643259278&ga_hid=1985017582&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=683&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C31064215&oid=2&pvsid=3594616189647203&pem=920&tmod=2007326495&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=21&uci=a!l&fsb=1&xpc=VMJHWiljT5&p=https%3A//www.superlutas.com.br&dtd=23

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 27 Jan 2022 04:54:39 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4A7E 75 KB
31 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CJBTund4EmUvXc34xRCXMOri_-imMoDTWp7YuPS17VvYflSp_zl1ePCX2NkP-ZNHLkRvzb5a_Dr8GBoARv1kQAOMTmMEfE0W7pkijhcMmIgoDfqdyxoVIei2poBWmWGXpvsQ0PmzO2JN3ccthJYhiLjEDDEA&dbm_d=AKAmf-AmcjU58iCP-Q6JONiwwOzjGPlb5c1XxD4JLqrvbIQJSGmsDbSJfWALSwr446HarB9xS_luxZna91FrI81k26TzZ0qqnuREHLANuKyrmRF2GYYeU1gLBvLol62mQ1qLDlMT6etpqGXPo6Ljfs7Ie-2fq58-H6wwLUsZ3y8-NAdCIaja431DNh3AKNt9TRSChHdV45poUy3tg1m-TiePP1PovwsNklITF9tptk4xkMti-nyPEbFd1HLY_n0Ltc8tye7TzrRDJd7BdlAGBjbGwZ9CTbhQSGR75vL1OFK-zSWwL728R53yJfm5pcF-zDxHuzTn3GjT9Npo9PpiItIghkyZh38Vlvb6uq-yJmKCEtdX8ouyFB4WBd4B5P0oDBwkrGpuu9tC33ZB-_G12botg2A5EIfL7ELPiCNRW2JQglqhRxMbNcothO2hLcBGnuv8J7_h6IcH0ZPidK2ZnEn-pJR8WcAnphXrJ7E8bSxqjvL7futzifbeamAL1CeRWIAPpvQrakkByV1TVFDu6TY1mTiDleYVBbcmANSUiONyaKCm1qpe6KDNTIpdOOd_HTJSECxBharRX2gFLHxCFVguXlkWB2nQUvxp6Ie2DzVJEOaoLk16K5WwfnUX-sjh_31Jcex7BqtylyuU3PyaY3vHWiBXC7RQZXsqHlkZRQWVlvswciooLwlPp3ZLKvDfjiUnJb3gOs4jsGdvulgAy6mH7fN6yOumJaFpz_a9mrBODvZwDRQZ6UoTaFmXeS5snz-BdsfuxbBFbwcdWLv05W5QgjhnK8ouft-AQrHXoX0L7LTbr2tHnHuAikQwDu-s7NcV1deQySVVMw9w7Y-Ismqhahhzzy1JEnaMeGmNQDLRgZ8jpMVJWUi2neYL8UxAnpjZ_R9uAQ4zAQhRT4PlHiXaGCbw87WmYezKe8dtvk-mT75JIWxAXDnLolhfhHy_EEb6uuWHeZHv4O690RrTiifqXarf8xRZosP69OloVYoxAjzAOzj7lQ7BXR3Uq31MjGhp0YRmyU1N1KLlDjDnTJ9_YrC_WkHIIwJnVT0EnemRkhTprqVIn5Riio350IDWA90SHRJCFn3ys4O1c2ZB6C5T0m_PjrlEPkIy8E3bWOZH6-XCzZShpV0BGYgaCbdWsNK5qK2d2XCY6IkrUDaaz-xiTHo8Q-X_w0BJ4XUIlxhQwxupBDM-n9fsXGqQPJBKnj8FWGD7tRoKuRnqpQ6XS83XhtEuDwm5G2xxUceCKoXU82w5JYiWKmQ8UGfD6rJRZCFeybB4MaX5ibleNMEmO9ChoXYGrGdrtijAqKcDiFPEVA92TQ2XTQpgALGHRGyVtxV55Nsi1qSVrdyCIypQgzVwm-FBRZdYp4DQv_HCBNN2OiFp_-CFEn5U4urjIR2HWvhc4rDRAUhwDkJmVbEx2WaPUx-XuSX_6Fo8F98sX0tkanUs9bmwchhkRgO-IByvirtgC2sH546SF2-tFH0ZUbbNTgIpOpN-S5xzCiVfchJr-SVXK1OEzwMuQ9nJG9QOJBiSqZ_0t5h38d7SDVaotjjGmJGaNg4eeF23FDOw8FDtYbFYSt1AJREcb0ZiLst8jBaKeHOnmNUOPbzbDt26S80sdQ_-NK0G91ijoOiEx2IZwo9Iyim153515OJvwiYhNOwQ2GftuOmBihv2m6MMjPVAsjlHhfpnm4CYMwZtIrqECUQOIiuQGScZi4I-h-anOj7RdTYNsQU0FZboX9RxUcejpacR1RvccVV3Zt2HIoJUJs31BZhCX6fDQBIX2rfoQpOASNpxS5AXscqbhGdlfRFPtOtu3tpbJE5Yj_pS4B4gtTzr_CzDUlOgRGFKgW7-CdRyfcNMNTtGMnUivOLcAuW6QNZTs4nP8BaZoGKF7cm8WjUJ8xjmfCPyP9fIWwAzCoMv8k4WvVa2LFQFBSxwhRnmwEuQRgNjN-FrWzve8IlmAm8ZyDNrwsG8Z3mBjlftcY99U7RkmBNpTEbbo4cdPI9-5dcCdLGsEh-Y-BymB_ApGUp2EkbaPr14QI0dPBGSOprP48HDQ4PcC7MLDPBhxAOIKCgwb7VgGuT1AQPcyzrOCRQZUHITs0Ch5EB0XN4Ay-DCUDZyStkKQYBVJfCf4xevFPsKCWUa5sBAC-8flGalzu4h4u3kilOoddsRk9jZ32EFHr9NJIr87olNTJsDt2Z36IKPJuXGtQDXdioT_-TejA-Krx_luZ4FjoOj5jo_Mf4vXN25da-QdZr_eBfGv1wTqcbUEHFlOgV_-1zs8Veu5MdAG-ko7MlyZ_hKnjDyQK9QTpCrLjluRWbnz3Q2RJV72ziWcMX10xCpyI137LXMiEp4cN7dMe7dDNQpdkFhZCt-u7C56mGLk0mQQNvWCJ1KUvSRMYtyXIhJGQ78PULgit7lPLyIR6WR2RVE_dbqMl_jtnu9bBSkUxo6RMeb-g2QKTUqjG-CGK04tRdw2uSLro_WOhTGEdOUN_8Eo4Qrdrew654t5FsewcjLW0XV7zhBjfErmhOt2ddJJpILx_6IvUTbF1RN-Ts6lU0yg0ggSpMQtlxi1WnwSlswAANU96jUrhWJq9Pdq3c4e5By6VuamAMlDi5-c4n-yWXxKTtnfF3Rt9qz8EY0cFvQzt9YbEj83oMir_CcFBwchJXT-gZyRrFEf--uVhLYnsQ3AIxR4UujMhBZdoKZ7EKPvWH281gLA46mLKf016utP8SaGk6x-YlrX1Q-CfCGt98L0ecqXLUq0cV-aIcPSRpuiyb65hWOv-4PlTR3JMOxhMPAV3uYhp6lNsx48zMXXHFmmC7qrV11Xu6K46-eMEup-byiOorRfYwD3fB6qxxdGN9KsDzPE9JdC2smG5E-nbXGJtUgvQFgRKDvbyd_S-aqrzgwkz1S1YNBFhZd5oHpraXpZaa4k-VFxYWjpgVu1Azh0aW57_4g5MT6r_c49Px3V0xCJ4izLaYqP9ZjaIYoIop4RFTsyPS_HRQcADouzzdFtguxaRQQ_2iSVkananMDcvaNhx5kP1hzF-pzEP7YZP60cp1_yrM1pEOZ7SE&cid=CAASEuRoLhj-jhTIY0POAqwrU1N_oA&rfl=1%2Chttps%253A%252F%252Fwww.superlutas.com.br%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c33fadf53c55c2f56b9c5b6b3c63d6de983b728a62d3fe6233eccc3df3180a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3913508766075927&output=html&h=250&slotname=8344921166&adk=743887373&adf=1370063109&pi=t.ma~as.8344921166&w=300&lmt=1643255369&psa=0&format=300x250&url=https%3A%2F%2Fwww.superlutas.com.br%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643259278493&bpp=15&bdt=826&idt=15&shv=r20220125&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da49ee685f60fba00-226c83622dcd00bc%3AT%3D1643259278%3ART%3D1643259278%3AS%3DALNI_MbOnI5dCyjvMJI2cnPWEkSobZZKfg&prev_fmts=0x0&nras=1&correlator=6199537260655&frm=20&pv=1&ga_vid=1685899782.1643259278&ga_sid=1643259278&ga_hid=1985017582&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=683&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C31064215&oid=2&pvsid=3594616189647203&pem=920&tmod=2007326495&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=21&uci=a!l&fsb=1&xpc=VMJHWiljT5&p=https%3A//www.superlutas.com.br&dtd=23
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9E28
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICUtLqawiMYu9TZi-EBlJU&google_cver=1

43 B
1014 B

84ms
23ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICUtLqawiMYu9TZi-EBlJU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi6_qO-ATAB&v=APEucNXXY87b616nU4snRO85ieqbKnJm3i_KtwiIlZ7VoTh5KI5dJ-t0LQAg4PzoaK8qmJB2fOZzG2yUOPmB7HK_Pc4mbbPJ0ZKvH0pWjqgM0Vgi1tQAQ2_wOjkVQij073JkHLqngju-WgbNqyddJJBQBM1N08fd707gSSJEOYfjFZ78aPcds7M
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 04:54:39 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 27 Jan 2022 04:54:39 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEICUtLqawiMYu9TZi-EBlJU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9E28
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfIljyx7NsIcKfpPEJg8wQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXTiSA1vEw1ZDZLsOm9izk&google_cver=1

43 B
894 B

25ms
25ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXTiSA1vEw1ZDZLsOm9izk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi6_qO-ATAB&v=APEucNXXY87b616nU4snRO85ieqbKnJm3i_KtwiIlZ7VoTh5KI5dJ-t0LQAg4PzoaK8qmJB2fOZzG2yUOPmB7HK_Pc4mbbPJ0ZKvH0pWjqgM0Vgi1tQAQ2_wOjkVQij073JkHLqngju-WgbNqyddJJBQBM1N08fd707gSSJEOYfjFZ78aPcds7M
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 04:54:39 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 27 Jan 2022 04:54:39 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXTiSA1vEw1ZDZLsOm9izk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 9E28
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEELSMGpcuIp2uAtxftB_-9I&google_cver=1

43 B
1008 B

132ms
62ms

Image
image/gif

185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEELSMGpcuIp2uAtxftB_-9I&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi6_qO-ATAB&v=APEucNXXY87b616nU4snRO85ieqbKnJm3i_KtwiIlZ7VoTh5KI5dJ-t0LQAg4PzoaK8qmJB2fOZzG2yUOPmB7HK_Pc4mbbPJ0ZKvH0pWjqgM0Vgi1tQAQ2_wOjkVQij073JkHLqngju-WgbNqyddJJBQBM1N08fd707gSSJEOYfjFZ78aPcds7M

Protocol

HTTP/1.1

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 04:54:39 GMT
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 45217790-0c84-40e3-859a-ba77adb8cda6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEELSMGpcuIp2uAtxftB_-9I&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9E28
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYxNTUyMDE4NjAxNDg4NDY0OA%3D%3D

170 B
188 B

94ms
66ms

Image
image/png

142.250.74.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYxNTUyMDE4NjAxNDg4NDY0OA%3D%3D

Requested by

Protocol

Server

142.250.74.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 04:54:39 GMT
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 13f1143f-5739-4391-8efe-c83a1e6f34cc
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYxNTUyMDE4NjAxNDg4NDY0OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 4A7E 169 KB
59 KB 131ms
36ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:59:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35690
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jan 2022 18:59:49 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220125/r20110914/elements/html/ Frame 4A7E 8 KB
3 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220125/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CJBTund4EmUvXc34xRCXMOri_-imMoDTWp7YuPS17VvYflSp_zl1ePCX2NkP-ZNHLkRvzb5a_Dr8GBoARv1kQAOMTmMEfE0W7pkijhcMmIgoDfqdyxoVIei2poBWmWGXpvsQ0PmzO2JN3ccthJYhiLjEDDEA&dbm_d=AKAmf-AmcjU58iCP-Q6JONiwwOzjGPlb5c1XxD4JLqrvbIQJSGmsDbSJfWALSwr446HarB9xS_luxZna91FrI81k26TzZ0qqnuREHLANuKyrmRF2GYYeU1gLBvLol62mQ1qLDlMT6etpqGXPo6Ljfs7Ie-2fq58-H6wwLUsZ3y8-NAdCIaja431DNh3AKNt9TRSChHdV45poUy3tg1m-TiePP1PovwsNklITF9tptk4xkMti-nyPEbFd1HLY_n0Ltc8tye7TzrRDJd7BdlAGBjbGwZ9CTbhQSGR75vL1OFK-zSWwL728R53yJfm5pcF-zDxHuzTn3GjT9Npo9PpiItIghkyZh38Vlvb6uq-yJmKCEtdX8ouyFB4WBd4B5P0oDBwkrGpuu9tC33ZB-_G12botg2A5EIfL7ELPiCNRW2JQglqhRxMbNcothO2hLcBGnuv8J7_h6IcH0ZPidK2ZnEn-pJR8WcAnphXrJ7E8bSxqjvL7futzifbeamAL1CeRWIAPpvQrakkByV1TVFDu6TY1mTiDleYVBbcmANSUiONyaKCm1qpe6KDNTIpdOOd_HTJSECxBharRX2gFLHxCFVguXlkWB2nQUvxp6Ie2DzVJEOaoLk16K5WwfnUX-sjh_31Jcex7BqtylyuU3PyaY3vHWiBXC7RQZXsqHlkZRQWVlvswciooLwlPp3ZLKvDfjiUnJb3gOs4jsGdvulgAy6mH7fN6yOumJaFpz_a9mrBODvZwDRQZ6UoTaFmXeS5snz-BdsfuxbBFbwcdWLv05W5QgjhnK8ouft-AQrHXoX0L7LTbr2tHnHuAikQwDu-s7NcV1deQySVVMw9w7Y-Ismqhahhzzy1JEnaMeGmNQDLRgZ8jpMVJWUi2neYL8UxAnpjZ_R9uAQ4zAQhRT4PlHiXaGCbw87WmYezKe8dtvk-mT75JIWxAXDnLolhfhHy_EEb6uuWHeZHv4O690RrTiifqXarf8xRZosP69OloVYoxAjzAOzj7lQ7BXR3Uq31MjGhp0YRmyU1N1KLlDjDnTJ9_YrC_WkHIIwJnVT0EnemRkhTprqVIn5Riio350IDWA90SHRJCFn3ys4O1c2ZB6C5T0m_PjrlEPkIy8E3bWOZH6-XCzZShpV0BGYgaCbdWsNK5qK2d2XCY6IkrUDaaz-xiTHo8Q-X_w0BJ4XUIlxhQwxupBDM-n9fsXGqQPJBKnj8FWGD7tRoKuRnqpQ6XS83XhtEuDwm5G2xxUceCKoXU82w5JYiWKmQ8UGfD6rJRZCFeybB4MaX5ibleNMEmO9ChoXYGrGdrtijAqKcDiFPEVA92TQ2XTQpgALGHRGyVtxV55Nsi1qSVrdyCIypQgzVwm-FBRZdYp4DQv_HCBNN2OiFp_-CFEn5U4urjIR2HWvhc4rDRAUhwDkJmVbEx2WaPUx-XuSX_6Fo8F98sX0tkanUs9bmwchhkRgO-IByvirtgC2sH546SF2-tFH0ZUbbNTgIpOpN-S5xzCiVfchJr-SVXK1OEzwMuQ9nJG9QOJBiSqZ_0t5h38d7SDVaotjjGmJGaNg4eeF23FDOw8FDtYbFYSt1AJREcb0ZiLst8jBaKeHOnmNUOPbzbDt26S80sdQ_-NK0G91ijoOiEx2IZwo9Iyim153515OJvwiYhNOwQ2GftuOmBihv2m6MMjPVAsjlHhfpnm4CYMwZtIrqECUQOIiuQGScZi4I-h-anOj7RdTYNsQU0FZboX9RxUcejpacR1RvccVV3Zt2HIoJUJs31BZhCX6fDQBIX2rfoQpOASNpxS5AXscqbhGdlfRFPtOtu3tpbJE5Yj_pS4B4gtTzr_CzDUlOgRGFKgW7-CdRyfcNMNTtGMnUivOLcAuW6QNZTs4nP8BaZoGKF7cm8WjUJ8xjmfCPyP9fIWwAzCoMv8k4WvVa2LFQFBSxwhRnmwEuQRgNjN-FrWzve8IlmAm8ZyDNrwsG8Z3mBjlftcY99U7RkmBNpTEbbo4cdPI9-5dcCdLGsEh-Y-BymB_ApGUp2EkbaPr14QI0dPBGSOprP48HDQ4PcC7MLDPBhxAOIKCgwb7VgGuT1AQPcyzrOCRQZUHITs0Ch5EB0XN4Ay-DCUDZyStkKQYBVJfCf4xevFPsKCWUa5sBAC-8flGalzu4h4u3kilOoddsRk9jZ32EFHr9NJIr87olNTJsDt2Z36IKPJuXGtQDXdioT_-TejA-Krx_luZ4FjoOj5jo_Mf4vXN25da-QdZr_eBfGv1wTqcbUEHFlOgV_-1zs8Veu5MdAG-ko7MlyZ_hKnjDyQK9QTpCrLjluRWbnz3Q2RJV72ziWcMX10xCpyI137LXMiEp4cN7dMe7dDNQpdkFhZCt-u7C56mGLk0mQQNvWCJ1KUvSRMYtyXIhJGQ78PULgit7lPLyIR6WR2RVE_dbqMl_jtnu9bBSkUxo6RMeb-g2QKTUqjG-CGK04tRdw2uSLro_WOhTGEdOUN_8Eo4Qrdrew654t5FsewcjLW0XV7zhBjfErmhOt2ddJJpILx_6IvUTbF1RN-Ts6lU0yg0ggSpMQtlxi1WnwSlswAANU96jUrhWJq9Pdq3c4e5By6VuamAMlDi5-c4n-yWXxKTtnfF3Rt9qz8EY0cFvQzt9YbEj83oMir_CcFBwchJXT-gZyRrFEf--uVhLYnsQ3AIxR4UujMhBZdoKZ7EKPvWH281gLA46mLKf016utP8SaGk6x-YlrX1Q-CfCGt98L0ecqXLUq0cV-aIcPSRpuiyb65hWOv-4PlTR3JMOxhMPAV3uYhp6lNsx48zMXXHFmmC7qrV11Xu6K46-eMEup-byiOorRfYwD3fB6qxxdGN9KsDzPE9JdC2smG5E-nbXGJtUgvQFgRKDvbyd_S-aqrzgwkz1S1YNBFhZd5oHpraXpZaa4k-VFxYWjpgVu1Azh0aW57_4g5MT6r_c49Px3V0xCJ4izLaYqP9ZjaIYoIop4RFTsyPS_HRQcADouzzdFtguxaRQQ_2iSVkananMDcvaNhx5kP1hzF-pzEP7YZP60cp1_yrM1pEOZ7SE&cid=CAASEuRoLhj-jhTIY0POAqwrU1N_oA&rfl=1%2Chttps%253A%252F%252Fwww.superlutas.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:49:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Feb 2022 04:49:34 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220125/r20110914/ Frame 4A7E 23 KB
9 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220125/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

afa00dedbe6d549e60e8d88516d437069d74af91f302b9c8f1f825d6bad511a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:47:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 18268840599439890861
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Feb 2022 04:47:54 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 876B 0
0 37ms
37ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfHfmymvK-zvtDSBEzrdmi2prU5mLfFhzzLIf393X4kg3dTMVMBUZRCK_u1EpQiI9tPy0vPwgUN9T3sIEwGoPUt8wPRHqbx116GmoOj_DjOrx5HXSZfhpdVj9r6SshuT4k1P1IyOxWtpQA0TfEKkPEW1R5AkBYuA3T3k0R97ttk0mWkmsY-nbdm21GqJ6Js9Dsr8CPVTbX3VBwTErc8RVC8IOx-PKQJ_q3kaH5mdQC3MSsUKG5JS484NvgNGCmqAH5qe197rIVexBFfpmv4wquRWMbR3bTDPy3UWn0AyDDSlrwStfjH5s&sig=Cg0ArKJSzFTexUBN_ThTEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 04:54:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/ Frame 876B 18 KB
7 KB 69ms
28ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064551

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7548dbf6ff83ed583dfb6d62a87364a673eb18403686b425248fdb4ffc00e753

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:51:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7601
x-xss-protection: 0
server: cafe
etag: 4205405063411256933
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Feb 2022 04:51:28 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame 876B 2 KB
1 KB 68ms
28ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064551

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:12:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Feb 2022 04:12:41 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 876B 123 KB
37 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064551

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Jan 2022 04:54:39 GMT

GET
H3 200 971514285338702182
tpc.googlesyndication.com/simgad/ Frame 876B 36 KB
36 KB 79ms
39ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/971514285338702182

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064551

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1beb0cff4cceeb578e8289c24bf6666bb376cbbdee97f3e7b37168494a3b311b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 02:04:58 GMT
x-content-type-options: nosniff
age: 528581
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36597
x-xss-protection: 0
last-modified: Sat, 11 Sep 2021 01:02:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 21 Jan 2023 02:04:58 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BC9F 0
0 37ms
36ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvGFbi0aOtEJg69BKy5rL8zD0XhWqut8Aj9Pzug9yKgFR_NnfE5vA46jezw70Hap5tDAkzo6oEbHmIOnyzSHu-EmwOOwGsjMwaTb9LBfdn-wFGF1ZxkBtpxM2qPHkZBGcFuWxlMU318xEQwjLPNNrUaitESTVr-Ur5umTZPuBrE1-DLv0RYA8a_Ff2Rhq9gjhT2aNqyOaidoDEDQOBezCgcVogup_d6aRPuUqrKJ80lHEiael7ghHqBKnMkxspJn_OUFwdC3qfoR_vgjs-nzy5_XxVDzPVK8iX8INKLOQB9vFuCPNoltMv4cGD&sig=Cg0ArKJSzFLJBgNCe_0iEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 04:54:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 ads Show response
des.smartclip.net/ Frame BC9F 5 KB
2 KB 127ms
21ms Script
application/javascript 35.186.194.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://des.smartclip.net/ads?type=dyn&sz=400x320&plc=96585&sc_sitName=superlutas&elementId=&cat=&ref=https%3A%2F%2Fwww.superlutas.com.br%2F&rnd=49353680
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 101.194.186.35.bc.googleusercontent.com
Software: openresty/1.19.9.1 /
Resource Hash: 0d2b1c3379f1b30557f0b4929e661857d7ebe6b6345e7ea3a62623dacdb92533

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:39 GMT
content-encoding: gzip
sc-supply-network: 999999
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
via: 1.1 google
sc-uuid: 56f8b34c-8f25-f261-1e24-8f2727055604
access-control-allow-credentials: true
sc-device-type: PC
content-type: application/javascript; charset=utf-8
alt-svc: clear
server: openresty/1.19.9.1

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BC9F 123 KB
37 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064551

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Jan 2022 04:54:39 GMT

GET
H3 200 container.html Show response
b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6C30 6 KB
3 KB 122ms
52ms Document
text/html 2a00:1450:400f:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064551

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Jan 2022 04:54:38 GMT
expires: Fri, 27 Jan 2023 04:54:38 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 54A1 0
0 41ms
40ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulPcWQDGxB0rIlJQIoU1dwH2xT1wZjKdzFfCAyqDanfPVZSCytDO89gN6gO1qSPBgA8Q-otmxbSHP2KPCduP4Kv6dGuiW7oWU8IUtL_CRDO7iWB9781deM-AFct1zlBzyTnKQyY4ryMsEKhkDRuLWsqkGrwzuskp5YtiZXo6iQQM3UwKZtrXhAHF4d6YIfBI_wP0_MqiWhnN0T2lw9LW_ITMI3Bc1gAJq4bDt0RL2R2oAg3R4rJDX7JW_JSFWywZPQ7b4sfglE7P-gRSHtCpU0iryV1uzvxt4VCC2Uk6Yp-f2tM8PidtpjGG4kBg&sig=Cg0ArKJSzBaHu2D2XKLBEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 04:54:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 prebid.js Show response
tags.denakop.com/ 279 KB
83 KB 129ms
36ms Script
application/javascript 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.denakop.com/prebid.js
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cbd0db8a560e9f9a31aba536d913ac14e2a172ba3ca1027bb4f167d1381a63b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 513
cf-polished: origSize=286016
cf-ray: 6d3f625fde8291fb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 13 Dec 2021 21:17:47 GMT
server: cloudflare
etag: W/"61b7b87b-45d40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, must-revalidate, max-age=3600
timing-allow-origin: *
cf-bgj: minify

GET
H2 200 superlutas.com.br.js Show response
tags.denakop.com/10093/ 121 KB
26 KB 224ms
132ms Script
application/javascript 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.denakop.com/10093/superlutas.com.br.js
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eb787db508b456cd3d2bc130b31bc28272021c2ee983ed158b26fe9df1800d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 04:54:39 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 26 Jan 2022 18:37:29 GMT
server: cloudflare
etag: W/"61f194e9-1e4e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, must-revalidate, max-age=3600
cf-ray: 6d3f625fde8391fb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 54A1 123 KB
37 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064551

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Jan 2022 04:54:39 GMT

GET
H3 200 container.html Show response
b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C8A8 6 KB
3 KB 117ms
57ms Document
text/html 2a00:1450:400f:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064551

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Jan 2022 04:54:38 GMT
expires: Fri, 27 Jan 2023 04:54:38 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6963 0
0 41ms
41ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCurAHBxQLZA5no-3MDheMdekSsclnpazkDUyoBPZqJmODuCyjXUffkzsTrw2RcCf5CYDJyqDBdnhasIWHsPi4WR5qqvrNM8z67z1TAR_Mlio-I8Pzx5kC3YKv-VFVoud0dYUEqw2SR6wsb_VA_1YWcMa3Yu5EuGioNa2BD6astAfywGEvrCQS6MKwMkhE7lHaXjBzjvZA_H4IOV2XDH3OczaQIPVhMci3GrqOW0ZrAdDzew7yEKsWxLIUypNcKleQPmvCRCviB4Obg-FJNt-ZczDfT1oo__Rb-qI_rbCB3uyZMzp53hYcnqibP3RLnnzu0attSzNbtbp6x8K4WBUcIvrC&sig=Cg0ArKJSzBJ2uesDbqJbEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 04:54:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 50564230764f1b32efb66b531b19b744.min.js Show response
clevernt.com/scripts/ 121 KB
51 KB 189ms
96ms Script
text/javascript 2606:4700:20::ac43:485f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clevernt.com/scripts/50564230764f1b32efb66b531b19b744.min.js?20171027=1643259279246
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:485f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9b8b2a492fd97a8fe51c8cc21dcaae1d4965f83d9cc417379397173d99e8730

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:39 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Q7V9T53ZAN372HYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: B2mgei5sqFiHdaFEMAYkOUxigsSwy0rOIdgI+bOnZdoE2taEd7datbwspPoW9DK7AcV4kpqqcs0=
last-modified: Tue, 18 Jan 2022 17:33:06 GMT
server: cloudflare
etag: W/"5f8dc5aee39cb9948f20d505a126a0af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2FNrXABz8kdkE2g8rCPbER1XzxzM8LCca4EKTsBOwlsNh9pbDKUXpJla%2B0ScLaazYxEC1vUdn9Qx779FijGNuxQQK0gzC1TMJmMGahHJGoP3%2FRL%2Fi7UMEoXSwReihooPPBgTL%2BsTdPSsLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1800
cf-ray: 6d3f625feb939271-FRA

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6963 123 KB
37 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064551

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Jan 2022 04:54:39 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4A7E 41 KB
15 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 15:54:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46837
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Jan 2023 15:54:02 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FB46 1 KB
749 B 30ms
28ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Wed, 26 Jan 2022 13:26:12 GMT
expires: Thu, 27 Jan 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 55707
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 4A7E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3c83b2109e50dfdf80bb341ec04ab0ccef1741519a5952c3aab223ad65a7307

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 300x250.html Show response
s0.2mdn.net/sadbundle/10522523362926788608/ Frame 8415 41 KB
10 KB 74ms
33ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10522523362926788608/300x250.html?e=69&leftOffset=0&topOffset=0&c=VWF0xoEz4r&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7f3690179ff32ddd206d9120ee23213f371b8f93b9bf79218382a9e03f08361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
date: Thu, 27 Jan 2022 04:54:39 GMT
expires: Fri, 27 Jan 2023 04:54:39 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 11 Jun 2021 18:35:02 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4A7E 0
571 B 127ms
37ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstid5MGKQtlpwz0wJcnKEHxrSFjR8aFy6GGkRL-jOgNe0BI3zd72VzevI_9ilDak38dfZMd_NDQGcgr5Y39facNdplOGWF3BA0-FddiUli3fkyTYZKkUcCkbubj--VgDP_L48VTAFZXXvbhIBVNGKA7MQ-_5C2PhGE5J2FnJybkTGwpYahYP3l4VuwNmhhGUTFBHPentVAP6nX0wvIUFecJ_WsnWIzKMNT6rDbtQUVOwFCBKEmzsKbCfcF8sRN0_D47OugWzkuxyOC5hHVILOzhMsXFYuDZntjvl-M49TJSzjH2KX7MDIzX0wFoG-dp1zCj2HEOcL8lB8_sewfkwUbCdPZ8KeF35YyHlkdWYrS2B2FianIQiwUdAshEw2RJLQ9WYjWr2bXyAdKhGKVm1gHeUaEbqT2u6CZ5trlAqykQ_5h9xiucI4JTkBk4u3affoY1NqBsI8G9eGD2sdmU_iNGSmc7rY6XDDMSis3O-ftjgPlOJH7QQS5o0OoVZQZu0F6ZngPDyrzxj-2PYyB7OZ3BYHsx9J668kPNYXYL27RMOyWXH_3L6-3pDYRGQJKSlxAzS7dz7aHJ_u3nNC8R04MJZGZ3u3vRzqoYj9ACUzO1JbjqbFDxXehRd0jLIpEBJmpIB21cvlNJ_6w7VA_sbkAY8qK7GpJAUrIvqB2Pdj23D1nXsA8luk6nKn5Oam-BWIzPmasVTcKIYbFFkPV0SKZGhmXhzEBv584AOP09dhqxTE0FzN9Pw1SxP-FBKXySsU_Yi71-tJ2BNMctT1Hy64x6TOLUOefPOZnPxwxqnm-GxDA_FC12O-L07KqjiidZi0gs7RdKzBK6_hQCKjLxNZHQ38fFOE25YP23UjslqU-HKKLGe5oY-3rsWANZ3QUTHY_Ny2KO73HrUW_cLHlmtCz_dB3Nadu3m-Ts5RP76N5UsI1REWP5gQ9P0icNyDbKxMybBKtBfqiIxgwcphLs5RmQNW1l4X4VzXhGpSxHimlTIqcxZ3sL5oYwBX9jFSF8qGLb8qBrMhQyPw7C9rMQMHLd5VEzc1uvrk9w0ws_R0t72Gw3utzO8ASZ9me35WEwefSw5u-fUuyNfDcL5tU9wvqs0gSQ8vgXEa54D5jJN5gi53qbNngnoG-oQBndott_7y4B9Kjx0ymshDR6-4ENDzNazutGeXqLUJJYtYQK10NkOWTdJWF7RQqJl-AK_zUqsBAae5orCDNn8dxwuw&sai=AMfl-YTm7V5ONrT_FOfYt094jR8hkghp6xi16MEMWBvPfSI3ajq6PEbtEFiXbt5og-Gvkh47DinWfBCUQEysEIGiGhEgUNmE3xKiiwNZS3n9iN1n9IlMKfcVWLr9I4x_CLatbK2Qi4_jetHRqs98OuaYVrjpNjJJrw&sig=Cg0ArKJSzFX8Ykfk5D7_EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=227&cbvp=1&cstd=219&cisv=r20220125.46713&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 27 Jan 2022 04:54:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 876B 0
0 79ms
34ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst72i3GWCA-272kaW6ExQ09qcAohX5ldUwKnvaooV0pZEldF628uuB9qhlXUOBUKlKdE7e7gBwglrXl5d9XrBI0eSZIUz0mzICVcXzy5YkX-gQkjtEqGcNS5pE04XpsUQvh01rHSsr6wSAcTeNFExeqsxo6Y2ViPPZ9PaJTTSVoHQZ0dHC2bTCwhQ0pXm_pZlaXlVYNMj4v186-F5ypQPl2s5q6DnF0-nqRXcjKiaKj4MEZB5R28P2daR-Xeg1VopbiAQTnRT_6BSXEBQbhh6tdMORYW0TVWz6AJSvyvbnx7RRxAnULtHRWjA&sig=Cg0ArKJSzLWaTVVh13CuEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 04:54:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 27 Jan 2022 04:54:39 GMT

GET
DATA 200
OK truncated
/ Frame 876B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 64b07dfdbb89ca4465041194b587bf75315605814721c65ce8f340d043192ede

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame BC9F 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7cc99ab96ff6c641073845112f8c912c811046afa5eaa676c3e37ba3309bae44

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 54A1 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6033709ede54af9458f0bb95e83baf28ba52ae96e9470558b1eb1a29c86613b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 54A1 0
0 48ms
33ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6PENmev1oqyONN3-sWQ8ENLh8Zn5Rg_6o8z2gYD3rv5K4u6QzPVE0nwKlIvBW-zFO6ZyqheJyajwzEe1rk8IJ4r0K1p5QJpiaZl8T7B9JoqDj7FmBu97MsJ-ZOAnIyiYnHnbnOOSGPPwtm7D-2kXpfMQgFOrSI0r-FAC3oe9g2eZXSg4ctiNRLFyosnwJ7GGVrzIrz0AdRSLLP3EUdsZXB2gPlwd0r_a4EO5FBD1fc4vWRnX0wevW4CCYN36QQ_lzz9mNTD1ki3kikZSkhCymfXmdLFl2-IQrs0yz8J5FBeAVk51vH_QrVXh1v8a4&sig=Cg0ArKJSzIloeRuYXwmbEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 04:54:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 27 Jan 2022 04:54:39 GMT

GET
DATA 200
OK truncated
/ Frame 6963 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc738b5911c7d9c4f435f1ea1350496a2784cdf76ce496c0c27259780e8a577d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6963 0
0 36ms
36ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsujV_l2bHkayv_npRdwjg44pcGdVpHnkDRzsGXMWbIQX56iYtgL-1MsBKfbQFGAP44hMjCAV6lIEQMiBoLdQpzO41skxwVXlAOFS_qAPNJTj-jz8JKS7l9SvQ8d0otn-pwzIt8ZlhF9zARXTSO35Q8nMgtDc5ojXCzA2aUp561jzr7UPUaOdFO6vctQHeXNXW5jrTRTEN72WbkG57xhKa51Q0JCwKXKtXFkn5Ozv5GArcmttrIKtnin2H-iwgKHhfTzo0anLOInBfi8cdp8dqEv-_g1J2RQFihtW7K4oH9hDnyUi9Wz5ZjgYg30WhYS6UKlBaHRokXt&sig=Cg0ArKJSzFMbOAlnGq4-EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 04:54:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 27 Jan 2022 04:54:39 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F7EE 22 KB
8 KB 26ms
23ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Jan 2022 11:10:53 GMT
expires: Thu, 26 Jan 2023 11:10:53 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 63826
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK ava.js Show response
cdn.smartclip-services.com/v1/Storage-a482323/smartclip-services/ava/ Frame BC9F 447 KB
127 KB 135ms
43ms Script
application/javascript 130.61.96.156
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.smartclip-services.com/v1/Storage-a482323/smartclip-services/ava/ava.js
Requested by: Host: des.smartclip.net
URL: https://des.smartclip.net/ads?type=dyn&sz=400x320&plc=96585&sc_sitName=superlutas&elementId=&cat=&ref=https%3A%2F%2Fwww.superlutas.com.br%2F&rnd=49353680
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.96.156 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 7ad1341e98c073b108d5de9130564e0e2881d48350ee712802384a872914e3dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Thu, 27 Jan 2022 04:54:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Jan 2022 10:18:55 GMT
ETag: W/"61e7e58f-6faa1"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=259200, public
Connection: keep-alive
Expires: Sun, 30 Jan 2022 04:54:39 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3E82 624 B
297 B 43ms
31ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQyMWlhgMYqPeZvQEwAQ&v=APEucNVx3vCAR89KjmHWndBeOnsICOhdOJKuCW9tkaLgPVTbNQCddalBf6fjkLBB_Oo6wMennk0HMcQ36apTvtyArAZImNQwyvu3yNYvcQnGPGyzK--rOtJR2sVmWp001c4tUkD1awA-328xkTi8hWYVV337w05oKfIw9b2DIhfaZ6MNi2D7Bto

Requested by

Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 27 Jan 2022 04:54:39 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6C30 77 KB
31 KB 108ms
104ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5zfU7yw_9qX78HaWQJyqnDPQOKZHOHmFHQpUk9bBrHqyWWegIF7thEiytebJ7BLmevhvpLkZlfKOx2ndvs2ubV-dbL9MQNaNieu9YW65tYX0GzkDdpYlxFehJNKhqXYpnmNv7W5koiskZXmH3S2p8g3SX9Q&dbm_d=AKAmf-Cekts104N7xxjyfEDEX4lcPjw2wRJmZIxHq2gWgBRz5lBtdk0DY8y2lzMZkvy7lQOdztu18iA6uITLzTOAZxq8oHM44JUL72uzYMrTVB_4H03v_MGurVKIipw2z3_A6vxZTb5ahe1_V2qXdsm8GTHUkqIpyE36_vBjYbsUApyEf327Wd-KrlzO_3M2rJ8OpyPJzc1qZhHI0WMu1lRBYPsEmIoh1OtELbihpKJ1KfH7utEbMAfq97NLKrmlXao2v6At4SkfUhmh_xe_yo4qOsVSsZd_XM4awlaDLl_n_32TfNvSqiwmyeA3UJdLYpSii1ygIMZmz_x06Qn6Eb_HNLUwt4aqDlfe8YhNBaUuEFlE2XkCWzVcnHTgLAYZ-qqXL8j32HEHizkp0eASC89po4KxkOjCm78lxb8OvrDubAtefCcx1Sadq5HdvtJ208ZtBgWIOtbKxDKtGDF-dONVchCPyZwKQTIjrL5kdq9LfX64WZXpfb0pzcf6VcMwC7cM85o5JARD84lR3ydMEbBn74PpHHYLqtg7nVPZn2u2tXASaUseZF-vHIs3il3yK7ZvP2Q10r9IHZqN8YYtORh-yORB4Ag_7Yg6MzQmQyQVZxK3toHdvsxgXFgVbVaAfjIyb57WhfCgGcXTKm74ovK7sbfHQTCBI7KWD9X1K0hdledWW5C32NRgs3F5SSGUwD4IHWy1QXyZ9ETy2DxAOCcfVebXx1TJuCnLwGPWXE5PpIHMah5PZcuZfR9n-H-FWSYAfmSSFbuaa_KNHfXxlplO3ghzczwUu0LX8qCuFbu_zr6MQiNpBMPOqFWXynXlJrBPIJyYNlzZ3HwQ20sId6MOwGnj0_KGTNSjLCATIMoLmrEpfZaa6oaP2_nqUF-uyIINiQ8kfpza1lT8CmVytCmjbu39dxeKNJm7VPJHXGCrR7-G7KDqwM8U2SnufaDNbtLtEjkVeeoCNbEIlxA4n0f2iyZNPGWORPBFvrxO0N-cX61XxewMP-oYmSKmYvsEpe1qN12q7mM1j59U9i8tuSmMS-Ge7BrRrWgKuAD7xZt9aZxKpXKtZNb5QToTii_cLWCaqGLFkgXol-HJjq4rEUPw-ajc6o7C-AeZgKCoYVHV-YOFBRArV6QJ7nysWG4NRjNdmauOindjD2rDGbHwklqgI9oNXnSsBTZ-GRAfV8523fqRNY1JdAy1UlOPE0bHMEoCMKSD1VOVxiL41U8N1PMbxY4A8GVKrKjGU7NbF0Y3c8gmO7_qmSA5NrhGS22pr3Icj3h966l8hFPSTXwefYckIdnjZO3DEnRIYDwJrTivdmKS9DJ-YlTP_ebV9GPZ9Hp039nl33ujQbCAjwuLjS-_H_Ec4SHxfiABdr0jNekobjnNeD-rjyHycpy8pwH9xVfdMbuTRgPas6UipmsAEQ8nQpPsSttqNHWFqqER0kzinT0QfcMeXoDJhTc0nE-Fe6od6QdwEXYHgPvr1R_4nDoB3Q9KyJOraqSHzQm0cXaTFoMxFHi_qAumdr_Hdse_SPrsnAO8MtBXqDGDKqh24oEUouWR1BPUS-7S8g9SnXevaoRj-vl5zY5tZlWyoxm1uaGBulruYXY19g_RipQC0fUx8ud3r9P5MKRcKYw6gpYLo5mgm709Rv6g-5poKVZXPVmPYYOYx6UHHTac7bJi1Td5rhAwJqDvm41lmND63hKPuklm8H24I2Zy0Pwlpfv8rD4gaAIUar5IrCZYyZqUoVtofBKAzWEG5f_QudhY6COHPAEAdE-1L2hMuQOMdMu82wz0ij5X7t5Jn3PiRxJLbltTMIlNfYEPJ4TfL9mK-aKs3bOQpqQAvD1T6w8WQUDRFv4Fn2WOX_avjMOrG648rSNVqVopEHfInyC-OPELlZ_kKh8WpgQ2h7SH2MMNbXZxFRPHbiEqVMmkPyUzJk1_esf-jGY-S2CCF0njoZBDCap7Ifk5hckSbE1BHBwcBfmSsGtO-pwiTmoTQCkE2a3twqROynEmN7MZens-Dt2LT8LrsPSqKjNXRIy_CO13w8E-z6-y3HFv18YwfISdWPpxhEmXYaDTH-olJx8kCRwS2Ph8abZPGdXUed2hXPmE7mDusFjYzoqBHMwO6DmBEppzEZO6gFEVLSixQ5EqqqDEJKSOnffklOmun7yy2dKm5Dl0UtlibhZbeLtvnzwGjN9wXTAkIExPisZJ3jjPNUXqM3GZh8nhFC6jqgKxEy7BsV-S-BVQ1C1m1-uq5WsxGFg4BMtXFxawwkcRjXXWV7Vpap9uecjoVizgjyvWGs3ILDcA5v-Tdmty_nm3knnFLVoDcjbzxi60qDpzDDVkH4Sze2aSH8iDh5WpXmytKdcpCjHIbkXmsDAqx_SCToCOmbDQ1IsjmXyY3a_Yq7aRBxBO1vHYCEP5vilPW354zPz6fguzsp7PKc85MXfrebLy7D76Ke1OD-jaqkWWEqnHNh2FneKBECf7uibbR4SVwmuCswT5Zy0I7BeCCCg7LNuKQwcfN1ys3sx_OG5Vn9zzSA-r0J3WKU0S5EMnPMpqWUvya77JoDXDV_iJshC48gm4s24RemTaawZAJR2zh-HQSFa12tnC8VcjP80Fcgy9CGxu1vNOUa8VpdHl0_t21zVix6ErmRHVKtLmLUWMM-5dziSkU_koEJSIHfLO73YCG-iiJRcTLUcvOgbFw_i6hhmCoVMThxbt3IdKIsT9t61sDi1vIcpuGIb5UX8Da6rz3aDwPyhJ-D9oampxAWGpzWshNylxbqv2KEByX_90dVcrRq7_YpOAbbKfrT6-I2a5hDL9Ngx6MALcY-Zu-L3lWgy2aBFWnGOq5gFRGlpY_u6nUDgTyd3Dwc5EKlIrvK94uXB0bwsV2OeI2-wjGmUpglZCosdLgmsdCc4fJL2vTLdBNflqMUONBfPG3ybHAOdpYcnt1GKe1o3K0oAXcRqqUj7Kz7ErPCK0XH0gi2BG2PQs0wWCrWP9jVT15xRS0LchS06IK0Lv1txuqnEUl-gfWDm6bZxWIHfYM5mn4nTuypblqknatEeL-Kcdm4fADHfNZInY67jeIQEG-5BWMDC2akOvjW4Qoh6u6WqdjeUoNg&cid=CAASEuRofubtqGwnkZOrN0kw3SbOOw&rfl=1%2Chttps%253A%252F%252Fwww.superlutas.com.br%252F%240

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4d5e88fb788361e77b7ae2597ac9be10e241821851b3a908cff4f44dbdc8a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31737
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C30 42 B
63 B 50ms
32ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AJ_jwKDt7oQbpPTF8v8GvjRG5R2UE8emwjDoy0X5X41g77-YzPZIKX1qkbxTBwF-5QP1ENskQtL_fodhPhSrYLUHFDLkzfRI1LQMgc-hn9-euTxls

Requested by

Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 6C30 47 KB
14 KB 256ms
93ms Script
application/javascript 54.194.39.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=818504392&campId=15571779515&pubId=1&placementId=396786600&adsafe_par&bundleId=&dealId=&bidurl=https://www.superlutas.com.br/
Requested by: Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.39.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-39-62.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7e6a26c09f5030a77e13d7f0be0dddb8f08b4a3845076040c2ecdd2bb2bf9783

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:39 GMT
content-encoding: gzip
x-server-name: app01.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame 6C30 2 KB
1 KB 38ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/window_focus_fy2019.js

Requested by

Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:12:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Feb 2022 04:12:41 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6C30 123 KB
37 KB 64ms
45ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Jan 2022 04:54:39 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame 6C30 14 KB
6 KB 37ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fa7f49e3a869a02c248c7c730f895951b3fc2f811e504d3ab30f72c1f74913c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:42:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4322
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 1875255482418879373
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Feb 2022 03:42:37 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6C30 0
0 53ms
34ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSd0jq6TCLCSb_ibOICpsB8xf-RvbzQ8yvKDwiOGi79yeI0jwbNvKe7hFNaIcF7iQ2t_j71jiPy69lkFXqkHT0EcK9Dsg
Requested by: Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2F9D 640 B
316 B 60ms
43ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ46TvAhjhyPC8ATAB&v=APEucNWUh0neKD84Kb3gMZ1gEqjgRZtI6K4Q-zAhFwjWdhI1QGdL8V0GcJNAR4Su4lj373KSqTKaofoDJWv1HfC1XNjcxE4ybVxZeIWEMgwjI7OPxMBzCwwpRGk-67WYEzYmdC9P4lEQoxmdS-0ZawVc1LdRALrbEwrvTvN900mkzvfEPhNH19Y

Requested by

Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 27 Jan 2022 04:54:39 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C8A8 72 KB
30 KB 104ms
89ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bvtr0z6kazjhfv9fUgpqok0yMaFUtVIsyGwruVm0DXeWZ-5et2XIP9WevH8yN8PFAHDH0QyfAZR9MuxXiNsHdN63CwPANGsGEAM3-wlDHnopS4MobVcqdQ5yROZSwefHtKHYC2kmQsETlhlTBXrO1niy0-Kg&dbm_d=AKAmf-CkQ1BZpZrRYfQ-aY68RNMmPqPPjpllifYG8_pG8iOOYdQVJBTWjy_e0J7eB98_gkfyyBoLnsiRPPS_UbtGfODU4oW9ASw4bQMSitJUWtkWtEl3aSZY6PUuNetDCuwoXXU_oznXvZxvxZv6Ls4poa4r-TO9taP6qAeLgVOhciyfMQqngfRr_5eo1nYUnsdUSC93b8evOXVlLCrMCA-GhkDpxRdlkWTchsvwseAb-IyLT75plscgpXS0-MGXHcUDw7OpeB6A1JnASLZqo6E_YDgnLIsyiGl-TUBnktTR0QGTSX_DHHfX2XFJAStHBFtebzsOiBh8KDqX_JiDi81x2MmR_CZwLDbjrfRdDoHAC_K9HfEU1ICzlbzUjxxigudaM8jNCuLvJtaNFYXjoUIQah_bGu-MViOVQbgXNsj5cPylcHqC5Si68Buu8CWxJoXU0NwoHASA1jsQnnHDhiIkOxqalO1QKfbvnEb2aqoBLCOz8w9JNecUVyROvWYq6fTh7e9i4lv6VWJxV6g1Xp04vHWT2nkWVifQzlEfbaQlmqfg4VOEk_zjoVHlpcyR799hvZ134cmC-IZ-qrVVJK2deDX2HIMO7SD0fdkILr5GhH0CCjt6BtYACLkOF-adNW22XS3ThUdi3S5jXE4FyrGfVvSVK4iljCrgiqXPWyBHPu1jD3UYzeY7C6R9j8i-WhfD9xprLk4cnhAzOV_N24s1RcxUGXuYkGpBHqRimcG7IrW81WmrJ50gyGvxuXJnfHaXVTO-lZzruYpGRqN-3q2-NYYZz6kzXDH2UZbIhjUAoDhEo4YzlBqD030O7cL9ZW0g2kT3PUEyQ5MdzKG8x_J6cpfOBH2GLTQA0k1-8gp1NpSPvwh9-CQiqq9sEmkDH3Oigt06V21WAEuj1Cp2uZSLJyGCBqeomItQDssDA2ON7SnTYLL4jIpXcGszZSCaSZetr7V1-EgnqKodbL7tahVscGdHyYZvuEaWzulsVMqKz95O-s5UOSvt9UEDL9leeDF0gnTx3hghuv6J3KfsiEIRAFbpb92-RUStw2NVkyD6nY4rwvFi-B1P6gyFQaNv1vD2SP-I3uoK8zkMVXkWxOOE6-eUaac_uxzPJ8ZjiagyMN7r_eBl-IMR0ptzeLQm3GdJxUCBloDL8J8OpvP3RAzyRBuoCvZXk867t4zhX1KCjQI3ahyyRBv-HLWTBpfiQ5IAismR7jWx5Sd1TgO8bjIETDtIrQGGBQHJn92i-DGwGdtfdDvKtK2BN1CVUR5LPIFpRLix8WHSqlJjceofmbBb2agMXGSC-6C0f0jnpopVQDNXDbwnMv4h1RKtU9KwQMUEHf-NPFTU81kRjR0CS0liuJC7ZStSdvpdUdOxdptrlOyh-hzPayP-Bd0Z3NjRfzW51aGRiW9e9kApsfB43GK_R_dKhiWA4G_TFsISyR4BtkYAR9kVLE7Ro5wAapL8p1PiLXddEA9JBukYFgl-Qyt3G4whPtYgTyVmIUKnzr5kRtvRBnmC1LHLw4yh4ghs_RZ1RqixBsdVxa-aUjpoIAE-067dn1DLEwcUeRjYP3CZqxlwVrYRkQ6Gf92ZkZ7WNv2mkmHf6HPwYX9HZwjTY8RjTc3_0bqgYG3_2_FqFB3Hhlx4-vWPw6BXuLddGDXp1jexogyr_Y1HHmtx4seqVqApdk32ti3ELHDBur4vKySFbRV_2g7IaU55i6KYzyMo1ykNed0JbvmJUlyZaHQ2zhU-Nxda5jlqIydkPwAW75oC5sDlI3BtaaiFfAjLoDJhVfN7a21i1JkST4Gyz7BBrBbTui5cGpFsjL2XLh-_TFeqAkyA0h4ZZkQzgTr7OTeEnlWxIS8pmR-iB-vmtaOZaYXt2vpzfYs6pB_-C-4GI7xWPAKzPon7XI7scvQHdyhN98-dBf5Zlhp7eu804gRlln0j30s1TE4Znknh-_2oBV66jNviJ9DarMeE4Ta4SBzFFQG4tST3rCJWCmkcp5e3nXKHnsWh4NQsED_z21lHOO16RdtCjEq7sfggDq5IaMQQEl2qpZFSkIUJUQ8g6sOU8QH_cV8iri-_vN9Iucqz7fm1bUyhh8fN8cYuKEitG1FOdW0TE4nhavgjXl4ZOtHXDE1EHdRyGfGdYmRWyoqeW5VChBX5n7d4E0yTzMuqMj9wcon1bV511_cJl21nutk-0XYJL2sOeoro9GDxNayb3Tzj8bHiFCXcqGfs6oX5-3latpL5NC9nzasKrx_rtkR6JxtVTDG9TmdasIh1odgo5qTYFmFrNzGV4JM0AbEqi_jSXU_x94bpczJ9eEe-fcWLmk3smoBSiO1ufPYGrWd3_L4eUY7twy7I4AzJkqCBs-xG9paK0juf6E5LAI-QCelMObhre-AqSPXrtaoeBrctJ6DT2otY6HJHoklbQoBklQw01eNQyhrC28Bs_2nP_OtpWJ7XblaG1heRISaYOJAMbhnoxvp-veDS3EHUQLIxqV-bqlVrIA5OnERV3INFDADYl99SOe0i9umGcnx3bjt5q3QnDKjEwebKlRWZaO2rcrjnsUbpGzFpnD_xUJyR8pAWKNOPuvH35RykLbmvKHOkcgrX-UBzB6mLPEbUO86n-Yp3ovVuCdvZI1frUGKevCB4Xv6ayVXFduVAlYW2GOYeNBfDjqJkeJdfxBRJWKD59wZRn1_rEM8BzEVHJ_BOPOU2vW-wUXLWDKhoWKTbdWET0hcvL7JcKRK28_grPzn4izWb0bwt-Uz24Vm0sqqfpVLqROLkXWWmhoiErx3ghdbIN0yocsJSZZ0R8glT2ZPTf8xrs8jGzpX00Tt8GiPBiGF_H1HAdFoQbajPOeKLjkJuRRnMtMfm5BfeG5IrMkS6u40yKNWy-gCrCaftHa6U4xsJ5hHfOUdB9ulab7YnMY5p4g1Hxm677kfDqZ6WCVyL3gpuenuf8PkLTOUiP756fY2XbvrqcVymJOcvBRWZh8mmcZIjN9heu5iLE7NlF4A4rgzzWVTpejVUiAkOFURcgJLZW-i_bzZ2_pd_oDeUeFt8AtN_o_7z1dEC5Cw&cid=CAASEuRou5bYDauOs-ODC2hePj9MIA&rfl=1%2Chttps%253A%252F%252Fwww.superlutas.com.br%252F%240

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f2a810bd41c81e8f9da2b303466596cc4ce115b5c6736a5e71716e224a1f2a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30419
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C8A8 42 B
63 B 47ms
43ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AdJ4h-ytTLVQJ4c1K9b4_xW8JY-Wq1noU2u2oZASvC5sw6FDRr2HP725SIZbp4u7njU9mnjD_VeC5CaTnt4gOpCvkH8q7YqxV3VlImHAaegNf__pw

Requested by

Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame C8A8 2 KB
1 KB 24ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/window_focus_fy2019.js

Requested by

Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:12:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Feb 2022 04:12:41 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C8A8 123 KB
37 KB 64ms
60ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Jan 2022 04:54:39 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame C8A8 14 KB
6 KB 24ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fa7f49e3a869a02c248c7c730f895951b3fc2f811e504d3ab30f72c1f74913c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:42:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4322
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 1875255482418879373
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Feb 2022 03:42:37 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame FB46 35 B
464 B 116ms
20ms Image
image/gif 2620:116:800d:21:3175:5196:e3fd:8c1d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMKgt3nckvS07LHouwihd5k&google_cver=1&google_push=AYg5qPKGTrn1gTgEX25lQdEy4tlF5BKnU1vueaEHayFbG1sdeWNSOkCJ4xz9MxPSWGx7AvCJscZLFtQABsS5obM3cMtqFeUcGBY

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:3175:5196:e3fd:8c1d , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:39 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FB46
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESENiU3ulndCiwROAo9TaqMBk&google_cver=1&google_push=AYg5qPKUY-Usp4f21jy-YvS8Lj9NFhOlKrqRFT0O_4GUUzKYPOGhfCsS6g4OnPX26Eb-3RnReusnLMhB6KLohOW_5FeN17QCiA
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKUY-Usp4f21jy-YvS8Lj9NFhOlKrqRFT0O_4GUUzKYPOGhfCsS6g4OnPX26Eb-3RnReusnLMhB6KLohOW_5FeN17QCiA&google_hm=Q0FFU0VOaVUzdWxuZENpd1J...

170 B
188 B

63ms
63ms

Image
image/png

142.250.74.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKUY-Usp4f21jy-YvS8Lj9NFhOlKrqRFT0O_4GUUzKYPOGhfCsS6g4OnPX26Eb-3RnReusnLMhB6KLohOW_5FeN17QCiA&google_hm=Q0FFU0VOaVUzdWxuZENpd1JPQW85VGFxTUJr

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Server

142.250.74.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 04:54:39 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKUY-Usp4f21jy-YvS8Lj9NFhOlKrqRFT0O_4GUUzKYPOGhfCsS6g4OnPX26Eb-3RnReusnLMhB6KLohOW_5FeN17QCiA&google_hm=Q0FFU0VOaVUzdWxuZENpd1JPQW85VGFxTUJr
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame FB46 43 B
324 B 101ms
35ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEBm5y37lajPeJKaTYC4TnLg&google_push=AYg5qPKuebYXWd0hHEhC7UlKGjAaumWivKQ8jDJX6h_1Cx2kGIQgAcLtpNs00IKdy7NM3f0pHS00DZSm6VaVUGOcq8w7cNsuPzQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3913508766075927&output=html&h=250&slotname=8344921166&adk=743887373&adf=1370063109&pi=t.ma~as.8344921166&w=300&lmt=1643255369&psa=0&format=300x250&url=https%3A%2F%2Fwww.superlutas.com.br%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643259278493&bpp=15&bdt=826&idt=15&shv=r20220125&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da49ee685f60fba00-226c83622dcd00bc%3AT%3D1643259278%3ART%3D1643259278%3AS%3DALNI_MbOnI5dCyjvMJI2cnPWEkSobZZKfg&prev_fmts=0x0&nras=1&correlator=6199537260655&frm=20&pv=1&ga_vid=1685899782.1643259278&ga_sid=1643259278&ga_hid=1985017582&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=683&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C31064215&oid=2&pvsid=3594616189647203&pem=920&tmod=2007326495&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=21&uci=a!l&fsb=1&xpc=VMJHWiljT5&p=https%3A//www.superlutas.com.br&dtd=23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:39 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame FB46 43 B
352 B 132ms
29ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEONVeuHeJ0Y1DJLRNL5R1hY&google_cver=1&google_push=AYg5qPKhNaJEFoLh55-yuk8ItLRigCauX7NnJILvxVJ_odzD_udg9KHuvTgkcVgktlN6e7UyIm-HkNIRBuQLjyUrJJs-VVLTqaI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3913508766075927&output=html&h=250&slotname=8344921166&adk=743887373&adf=1370063109&pi=t.ma~as.8344921166&w=300&lmt=1643255369&psa=0&format=300x250&url=https%3A%2F%2Fwww.superlutas.com.br%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643259278493&bpp=15&bdt=826&idt=15&shv=r20220125&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da49ee685f60fba00-226c83622dcd00bc%3AT%3D1643259278%3ART%3D1643259278%3AS%3DALNI_MbOnI5dCyjvMJI2cnPWEkSobZZKfg&prev_fmts=0x0&nras=1&correlator=6199537260655&frm=20&pv=1&ga_vid=1685899782.1643259278&ga_sid=1643259278&ga_hid=1985017582&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=683&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C31064215&oid=2&pvsid=3594616189647203&pem=920&tmod=2007326495&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=21&uci=a!l&fsb=1&xpc=VMJHWiljT5&p=https%3A//www.superlutas.com.br&dtd=23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:38 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: b50pd55jqeqkqo961328gvp595mfv75k

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FB46
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GLtwrVIJTRCiRud7zsM-pw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

62ms
61ms

Image
image/png

142.250.74.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GLtwrVIJTRCiRud7zsM-pw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJUeBZdWAW4tY5vA1QMAi5swllqzozHqYgJYAmiAYWfK21BcP5KqM65Ppud0PAAUoEGNte4oIEzDCDZmWpBM4RN-Gnt-7A

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Server

142.250.74.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GLtwrVIJTRCiRud7zsM-pw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJUeBZdWAW4tY5vA1QMAi5swllqzozHqYgJYAmiAYWfK21BcP5KqM65Ppud0PAAUoEGNte4oIEzDCDZmWpBM4RN-Gnt-7A
date: Thu, 27 Jan 2022 04:54:39 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FB46
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGuWG16cJdU5U8hWcSdldx4&google_cver=1&google_push=AYg5qPKHR2VoKQoIXVCfJdw8U_blM_yD7kcq6pYrVK46pLfWOH9h3CghfB5WIR_f2E1cX-QpYt-...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lXSTVCMVotMTctNFBGQw==&google_push=AYg5qPKHR2VoKQoIXVCfJdw8U_blM_yD7kcq6pYrVK46pLfWOH9h3CghfB5WIR_f2E1cX-QpYt-i2ll9XZqF4uW3G1pLfysljkU

170 B
188 B

63ms
63ms

Image
image/png

142.250.74.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lXSTVCMVotMTctNFBGQw==&google_push=AYg5qPKHR2VoKQoIXVCfJdw8U_blM_yD7kcq6pYrVK46pLfWOH9h3CghfB5WIR_f2E1cX-QpYt-i2ll9XZqF4uW3G1pLfysljkU

Requested by

Protocol

Server

142.250.74.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lXSTVCMVotMTctNFBGQw==&google_push=AYg5qPKHR2VoKQoIXVCfJdw8U_blM_yD7kcq6pYrVK46pLfWOH9h3CghfB5WIR_f2E1cX-QpYt-i2ll9XZqF4uW3G1pLfysljkU
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame FB46
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYauf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYauf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYauf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYauf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYauf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYauf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYauf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYauf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYauf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYauf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYauf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYauf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYauf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYauf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYauf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYauf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYauf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYauf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYauf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKC4x6xDirjPphiWmLze-UI&google_push=AYg5qPKanXOfnpcH78bV-UtH8TZ5w3A9rswKGDE6Z4VCsodYauf...

0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame FB46 0
12 B 79ms
76ms Image
text/html 142.250.74.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JQaSb0rGXBWnrGGLG19PA_W34E2xYf-FlRotiQbHHiMIHUZoe0kUnO6kPNSf-DD10SDarG

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

host-109.clevernetwork.pt

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:39 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enabler_01_245.js Show response
s0.2mdn.net/879366/ Frame 8415 110 KB
38 KB 32ms
27ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10522523362926788608/300x250.html?e=69&leftOffset=0&topOffset=0&c=VWF0xoEz4r&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10522523362926788608/300x250.html?e=69&leftOffset=0&topOffset=0&c=VWF0xoEz4r&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:59:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35690
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jan 2022 18:59:49 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 8415 60 KB
24 KB 61ms
58ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10522523362926788608/300x250.html?e=69&leftOffset=0&topOffset=0&c=VWF0xoEz4r&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10522523362926788608/300x250.html?e=69&leftOffset=0&topOffset=0&c=VWF0xoEz4r&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jan 2022 04:54:39 GMT

GET
H2 200 ob_smartFeedLogo.min.svg
widgets.outbrain.com/images/widgetIcons/ 7 KB
7 KB 33ms
33ms Image
image/svg+xml 2.21.142.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_smartFeedLogo.min.svg
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.142.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-142-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:39 GMT
last-modified: Mon, 20 Dec 2021 10:37:08 GMT
server: AkamaiNetStorage
etag: "f370d19306add072a726e7f4ade8dc57:1639997232.317797"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 7090
expires: Sat, 26 Feb 2022 04:54:39 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 37ms
36ms Image
image/svg+xml 2.21.142.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.142.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-142-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:39 GMT
last-modified: Mon, 20 Dec 2021 10:37:08 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1639997209.278109"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Sat, 26 Feb 2022 04:54:39 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 432ms
103ms Fetch
text/plain 64.202.112.127
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=7f3094d8e20027975e24d0d852592201_167967_1643259279357&tm=937&eT=0&widgetWidth=980&widgetHeight=263&widgetX=310&widgetY=2683&wRV=2000578&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=620&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Thu, 27 Jan 2022 04:54:39 GMT
content-encoding: gzip
X-TraceId: 512f6e7e3fd07608d58a9eb9779d54b1
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/2000578/module/ 37 KB
13 KB 38ms
38ms Script
application/x-javascript 2.21.142.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000578/module/streamFeed.js?e=2
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.142.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-142-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7259c33e592138eafd89bc88b87dc7949b41f3bf8f998195ae8a377a89a56875

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:39 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 08:57:21 GMT
server: AkamaiNetStorage
etag: "a3c37ed087852d6c6ac851b9ecc8b36b:1643199184.273304"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 13413
expires: Thu, 27 Jan 2022 08:54:39 GMT

GET
H2 200 docallbackinfo6127032f580547fb80c6a26514a6e80d.js Show response
ui.clevernt.com/ 695 B
766 B 220ms
63ms Script
text/javascript 148.69.64.109
VODAFONE-PT Vodaf...

General

Check archive.org

Show headers Download Go to

Full URL

https://ui.clevernt.com/docallbackinfo6127032f580547fb80c6a26514a6e80d.js?id=20672

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.69.64.109 Rio Tinto, Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),

Reverse DNS

Software

nginx /

Resource Hash

2d1e575839c9b25eba31b65eeb267ba7c6a8c8f8973e68d4c7d07391a7306e2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: cache
date: Thu, 27 Jan 2022 04:54:39 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
strict-transport-security: max-age=15768000
expires: Thu, 27 Jan 2022 05:54:39 GMT

GET
H3 200 api.gif
tags.denakop.com/ 0
410 B 169ms
142ms Image
image/gif 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10093&d=desktop&b=Chrome&o=Windows&v=4.10.11&sw=1600&sh=1200&ac=p&p=https%3A%2F%2Fwww.superlutas.com.br%2F&t=1643259279604&cb=0.8476885614926379

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-authenticated: 0
date: Thu, 27 Jan 2022 04:54:39 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: image/gif
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 6d3f6261dd0c9259-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3 200 api.gif
tags.denakop.com/ 0
344 B 143ms
117ms Image
image/gif 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10093&d=desktop&b=Chrome&o=Windows&v=4.10.11&sw=1600&sh=1200&ac=e&p=https%3A%2F%2Fwww.superlutas.com.br%2F&t=1643259279606&cb=0.7408368253002862&aa=under&m=Single%20placement%20container%20not%20found

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-authenticated: 0
date: Thu, 27 Jan 2022 04:54:39 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: image/gif
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 6d3f6261dd0d9259-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 eyJpdSI6IjQ5YjRiOGI0M2NkOTc2OWUxMDkxYmM5NDQzNzA4YjczZWJhZmUwM2FmYzQzZjQyMzY1MmU1NDE2NWEwODM0ZTgiLCJ3IjozNjAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 19 KB
19 KB 206ms
19ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjQ5YjRiOGI0M2NkOTc2OWUxMDkxYmM5NDQzNzA4YjczZWJhZmUwM2FmYzQzZjQyMzY1MmU1NDE2NWEwODM0ZTgiLCJ3IjozNjAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e1742a2f72c5219483904e9053047323ab098321cd10016c15ba80952c2d669e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:39 GMT
cache-control: max-age=2127181
last-modified: Tue, 28 Dec 2021 15:00:38 GMT
x-traceid: 3502632ae7ca97a06a4cb2c63a899669
timing-allow-origin: *
content-length: 19512
content-type: image/webp

GET
H2 200 eyJpdSI6ImYwYWRkYWMzMjMxMjdmYzNjZTZkZDY4YzM4MDkzYzg1MzBhNGI5MTVmNWQ2OTA0ODk1ZDNiN2Q1OTczN2MwZTQiLCJ3IjozNjAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 17 KB
17 KB 223ms
37ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImYwYWRkYWMzMjMxMjdmYzNjZTZkZDY4YzM4MDkzYzg1MzBhNGI5MTVmNWQ2OTA0ODk1ZDNiN2Q1OTczN2MwZTQiLCJ3IjozNjAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f5e7acac3c18bd7a2070b13c569a20250110e9aaf12d3964805c8bc0fa1d54d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:39 GMT
cache-control: max-age=1983303
last-modified: Fri, 21 Jan 2022 08:45:45 GMT
x-traceid: ef11a7106572567af4b6550525d455a6
timing-allow-origin: *
content-length: 17556
content-type: image/webp

GET
H2 200 eyJpdSI6ImM5MDIyMjY0MDI4ZTIxYWZmNjE4YjcyMTM5NjcxNWE3ZDgzNDE5YzhhOGM2OTU0MDZmOTk4Y2JmMmRhZjQyYTkiLCJ3IjozNjAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 19 KB
19 KB 228ms
42ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImM5MDIyMjY0MDI4ZTIxYWZmNjE4YjcyMTM5NjcxNWE3ZDgzNDE5YzhhOGM2OTU0MDZmOTk4Y2JmMmRhZjQyYTkiLCJ3IjozNjAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: de4a260d59728f414965b7dbf0dcf04fa6c3ad02afd0e5a5dca5005a49584f11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:39 GMT
cache-control: max-age=2059469
last-modified: Tue, 14 Sep 2021 14:43:23 GMT
x-traceid: b791cca2f4068ffc1b1c8e109e926b38
timing-allow-origin: *
content-length: 19212
content-type: image/webp

GET
H2 200 eyJpdSI6IjVhYjc2YjAwOTMzMjc4ZmE3Y2ZhNDM3MmY4Mjg0NzE3YzFkNDA2ZWJjOWY4OTA1NWM1ZjI5MDE5Nzg4NjNkNDEiLCJ3IjozNjAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 21 KB
21 KB 227ms
40ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjVhYjc2YjAwOTMzMjc4ZmE3Y2ZhNDM3MmY4Mjg0NzE3YzFkNDA2ZWJjOWY4OTA1NWM1ZjI5MDE5Nzg4NjNkNDEiLCJ3IjozNjAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ee803df2efd86dfb77d2efc12881f0e2a4892bf6c8340e520c510c2a7b790669

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:39 GMT
cache-control: max-age=385138
last-modified: Sat, 05 Jun 2021 15:57:29 GMT
x-traceid: 390560a425c3b0cb467d1210246cd589
timing-allow-origin: *
content-length: 21712
content-type: image/webp

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4A7E 0
23 B 62ms
35ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstid5MGKQtlpwz0wJcnKEHxrSFjR8aFy6GGkRL-jOgNe0BI3zd72VzevI_9ilDak38dfZMd_NDQGcgr5Y39facNdplOGWF3BA0-FddiUli3fkyTYZKkUcCkbubj--VgDP_L48VTAFZXXvbhIBVNGKA7MQ-_5C2PhGE5J2FnJybkTGwpYahYP3l4VuwNmhhGUTFBHPentVAP6nX0wvIUFecJ_WsnWIzKMNT6rDbtQUVOwFCBKEmzsKbCfcF8sRN0_D47OugWzkuxyOC5hHVILOzhMsXFYuDZntjvl-M49TJSzjH2KX7MDIzX0wFoG-dp1zCj2HEOcL8lB8_sewfkwUbCdPZ8KeF35YyHlkdWYrS2B2FianIQiwUdAshEw2RJLQ9WYjWr2bXyAdKhGKVm1gHeUaEbqT2u6CZ5trlAqykQ_5h9xiucI4JTkBk4u3affoY1NqBsI8G9eGD2sdmU_iNGSmc7rY6XDDMSis3O-ftjgPlOJH7QQS5o0OoVZQZu0F6ZngPDyrzxj-2PYyB7OZ3BYHsx9J668kPNYXYL27RMOyWXH_3L6-3pDYRGQJKSlxAzS7dz7aHJ_u3nNC8R04MJZGZ3u3vRzqoYj9ACUzO1JbjqbFDxXehRd0jLIpEBJmpIB21cvlNJ_6w7VA_sbkAY8qK7GpJAUrIvqB2Pdj23D1nXsA8luk6nKn5Oam-BWIzPmasVTcKIYbFFkPV0SKZGhmXhzEBv584AOP09dhqxTE0FzN9Pw1SxP-FBKXySsU_Yi71-tJ2BNMctT1Hy64x6TOLUOefPOZnPxwxqnm-GxDA_FC12O-L07KqjiidZi0gs7RdKzBK6_hQCKjLxNZHQ38fFOE25YP23UjslqU-HKKLGe5oY-3rsWANZ3QUTHY_Ny2KO73HrUW_cLHlmtCz_dB3Nadu3m-Ts5RP76N5UsI1REWP5gQ9P0icNyDbKxMybBKtBfqiIxgwcphLs5RmQNW1l4X4VzXhGpSxHimlTIqcxZ3sL5oYwBX9jFSF8qGLb8qBrMhQyPw7C9rMQMHLd5VEzc1uvrk9w0ws_R0t72Gw3utzO8ASZ9me35WEwefSw5u-fUuyNfDcL5tU9wvqs0gSQ8vgXEa54D5jJN5gi53qbNngnoG-oQBndott_7y4B9Kjx0ymshDR6-4ENDzNazutGeXqLUJJYtYQK10NkOWTdJWF7RQqJl-AK_zUqsBAae5orCDNn8dxwuw&sai=AMfl-YTm7V5ONrT_FOfYt094jR8hkghp6xi16MEMWBvPfSI3ajq6PEbtEFiXbt5og-Gvkh47DinWfBCUQEysEIGiGhEgUNmE3xKiiwNZS3n9iN1n9IlMKfcVWLr9I4x_CLatbK2Qi4_jetHRqs98OuaYVrjpNjJJrw&sig=Cg0ArKJSzFX8Ykfk5D7_EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=547&vt=11&dtpt=320&dett=3&cstd=219&cisv=r20220125.46713&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 04:54:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 6C30 169 KB
59 KB 60ms
30ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
Origin: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:59:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35690
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jan 2022 18:59:49 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220125/r20110914/elements/html/ Frame 6C30 8 KB
3 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220125/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5zfU7yw_9qX78HaWQJyqnDPQOKZHOHmFHQpUk9bBrHqyWWegIF7thEiytebJ7BLmevhvpLkZlfKOx2ndvs2ubV-dbL9MQNaNieu9YW65tYX0GzkDdpYlxFehJNKhqXYpnmNv7W5koiskZXmH3S2p8g3SX9Q&dbm_d=AKAmf-Cekts104N7xxjyfEDEX4lcPjw2wRJmZIxHq2gWgBRz5lBtdk0DY8y2lzMZkvy7lQOdztu18iA6uITLzTOAZxq8oHM44JUL72uzYMrTVB_4H03v_MGurVKIipw2z3_A6vxZTb5ahe1_V2qXdsm8GTHUkqIpyE36_vBjYbsUApyEf327Wd-KrlzO_3M2rJ8OpyPJzc1qZhHI0WMu1lRBYPsEmIoh1OtELbihpKJ1KfH7utEbMAfq97NLKrmlXao2v6At4SkfUhmh_xe_yo4qOsVSsZd_XM4awlaDLl_n_32TfNvSqiwmyeA3UJdLYpSii1ygIMZmz_x06Qn6Eb_HNLUwt4aqDlfe8YhNBaUuEFlE2XkCWzVcnHTgLAYZ-qqXL8j32HEHizkp0eASC89po4KxkOjCm78lxb8OvrDubAtefCcx1Sadq5HdvtJ208ZtBgWIOtbKxDKtGDF-dONVchCPyZwKQTIjrL5kdq9LfX64WZXpfb0pzcf6VcMwC7cM85o5JARD84lR3ydMEbBn74PpHHYLqtg7nVPZn2u2tXASaUseZF-vHIs3il3yK7ZvP2Q10r9IHZqN8YYtORh-yORB4Ag_7Yg6MzQmQyQVZxK3toHdvsxgXFgVbVaAfjIyb57WhfCgGcXTKm74ovK7sbfHQTCBI7KWD9X1K0hdledWW5C32NRgs3F5SSGUwD4IHWy1QXyZ9ETy2DxAOCcfVebXx1TJuCnLwGPWXE5PpIHMah5PZcuZfR9n-H-FWSYAfmSSFbuaa_KNHfXxlplO3ghzczwUu0LX8qCuFbu_zr6MQiNpBMPOqFWXynXlJrBPIJyYNlzZ3HwQ20sId6MOwGnj0_KGTNSjLCATIMoLmrEpfZaa6oaP2_nqUF-uyIINiQ8kfpza1lT8CmVytCmjbu39dxeKNJm7VPJHXGCrR7-G7KDqwM8U2SnufaDNbtLtEjkVeeoCNbEIlxA4n0f2iyZNPGWORPBFvrxO0N-cX61XxewMP-oYmSKmYvsEpe1qN12q7mM1j59U9i8tuSmMS-Ge7BrRrWgKuAD7xZt9aZxKpXKtZNb5QToTii_cLWCaqGLFkgXol-HJjq4rEUPw-ajc6o7C-AeZgKCoYVHV-YOFBRArV6QJ7nysWG4NRjNdmauOindjD2rDGbHwklqgI9oNXnSsBTZ-GRAfV8523fqRNY1JdAy1UlOPE0bHMEoCMKSD1VOVxiL41U8N1PMbxY4A8GVKrKjGU7NbF0Y3c8gmO7_qmSA5NrhGS22pr3Icj3h966l8hFPSTXwefYckIdnjZO3DEnRIYDwJrTivdmKS9DJ-YlTP_ebV9GPZ9Hp039nl33ujQbCAjwuLjS-_H_Ec4SHxfiABdr0jNekobjnNeD-rjyHycpy8pwH9xVfdMbuTRgPas6UipmsAEQ8nQpPsSttqNHWFqqER0kzinT0QfcMeXoDJhTc0nE-Fe6od6QdwEXYHgPvr1R_4nDoB3Q9KyJOraqSHzQm0cXaTFoMxFHi_qAumdr_Hdse_SPrsnAO8MtBXqDGDKqh24oEUouWR1BPUS-7S8g9SnXevaoRj-vl5zY5tZlWyoxm1uaGBulruYXY19g_RipQC0fUx8ud3r9P5MKRcKYw6gpYLo5mgm709Rv6g-5poKVZXPVmPYYOYx6UHHTac7bJi1Td5rhAwJqDvm41lmND63hKPuklm8H24I2Zy0Pwlpfv8rD4gaAIUar5IrCZYyZqUoVtofBKAzWEG5f_QudhY6COHPAEAdE-1L2hMuQOMdMu82wz0ij5X7t5Jn3PiRxJLbltTMIlNfYEPJ4TfL9mK-aKs3bOQpqQAvD1T6w8WQUDRFv4Fn2WOX_avjMOrG648rSNVqVopEHfInyC-OPELlZ_kKh8WpgQ2h7SH2MMNbXZxFRPHbiEqVMmkPyUzJk1_esf-jGY-S2CCF0njoZBDCap7Ifk5hckSbE1BHBwcBfmSsGtO-pwiTmoTQCkE2a3twqROynEmN7MZens-Dt2LT8LrsPSqKjNXRIy_CO13w8E-z6-y3HFv18YwfISdWPpxhEmXYaDTH-olJx8kCRwS2Ph8abZPGdXUed2hXPmE7mDusFjYzoqBHMwO6DmBEppzEZO6gFEVLSixQ5EqqqDEJKSOnffklOmun7yy2dKm5Dl0UtlibhZbeLtvnzwGjN9wXTAkIExPisZJ3jjPNUXqM3GZh8nhFC6jqgKxEy7BsV-S-BVQ1C1m1-uq5WsxGFg4BMtXFxawwkcRjXXWV7Vpap9uecjoVizgjyvWGs3ILDcA5v-Tdmty_nm3knnFLVoDcjbzxi60qDpzDDVkH4Sze2aSH8iDh5WpXmytKdcpCjHIbkXmsDAqx_SCToCOmbDQ1IsjmXyY3a_Yq7aRBxBO1vHYCEP5vilPW354zPz6fguzsp7PKc85MXfrebLy7D76Ke1OD-jaqkWWEqnHNh2FneKBECf7uibbR4SVwmuCswT5Zy0I7BeCCCg7LNuKQwcfN1ys3sx_OG5Vn9zzSA-r0J3WKU0S5EMnPMpqWUvya77JoDXDV_iJshC48gm4s24RemTaawZAJR2zh-HQSFa12tnC8VcjP80Fcgy9CGxu1vNOUa8VpdHl0_t21zVix6ErmRHVKtLmLUWMM-5dziSkU_koEJSIHfLO73YCG-iiJRcTLUcvOgbFw_i6hhmCoVMThxbt3IdKIsT9t61sDi1vIcpuGIb5UX8Da6rz3aDwPyhJ-D9oampxAWGpzWshNylxbqv2KEByX_90dVcrRq7_YpOAbbKfrT6-I2a5hDL9Ngx6MALcY-Zu-L3lWgy2aBFWnGOq5gFRGlpY_u6nUDgTyd3Dwc5EKlIrvK94uXB0bwsV2OeI2-wjGmUpglZCosdLgmsdCc4fJL2vTLdBNflqMUONBfPG3ybHAOdpYcnt1GKe1o3K0oAXcRqqUj7Kz7ErPCK0XH0gi2BG2PQs0wWCrWP9jVT15xRS0LchS06IK0Lv1txuqnEUl-gfWDm6bZxWIHfYM5mn4nTuypblqknatEeL-Kcdm4fADHfNZInY67jeIQEG-5BWMDC2akOvjW4Qoh6u6WqdjeUoNg&cid=CAASEuRofubtqGwnkZOrN0kw3SbOOw&rfl=1%2Chttps%253A%252F%252Fwww.superlutas.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:49:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Feb 2022 04:49:34 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220125/r20110914/ Frame 6C30 23 KB
9 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220125/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

afa00dedbe6d549e60e8d88516d437069d74af91f302b9c8f1f825d6bad511a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:47:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 18268840599439890861
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Feb 2022 04:47:54 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3E82
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXTiSA1vEw1ZDZLsOm9izk&google_cver=1

43 B
894 B

27ms
26ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXTiSA1vEw1ZDZLsOm9izk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQyMWlhgMYqPeZvQEwAQ&v=APEucNVx3vCAR89KjmHWndBeOnsICOhdOJKuCW9tkaLgPVTbNQCddalBf6fjkLBB_Oo6wMennk0HMcQ36apTvtyArAZImNQwyvu3yNYvcQnGPGyzK--rOtJR2sVmWp001c4tUkD1awA-328xkTi8hWYVV337w05oKfIw9b2DIhfaZ6MNi2D7Bto
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 04:54:39 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 27 Jan 2022 04:54:39 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXTiSA1vEw1ZDZLsOm9izk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3E82
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfIljyx7NsIcKfpPEJg8wQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXTiSA1vEw1ZDZLsOm9izk&google_cver=1

43 B
894 B

25ms
24ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXTiSA1vEw1ZDZLsOm9izk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQyMWlhgMYqPeZvQEwAQ&v=APEucNVx3vCAR89KjmHWndBeOnsICOhdOJKuCW9tkaLgPVTbNQCddalBf6fjkLBB_Oo6wMennk0HMcQ36apTvtyArAZImNQwyvu3yNYvcQnGPGyzK--rOtJR2sVmWp001c4tUkD1awA-328xkTi8hWYVV337w05oKfIw9b2DIhfaZ6MNi2D7Bto
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 04:54:39 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 27 Jan 2022 04:54:39 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXTiSA1vEw1ZDZLsOm9izk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 3E82
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEeXBldVAeNzhuivrQt0Kns&google_cver=1

43 B
1008 B

30ms
29ms

Image
image/gif

185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEeXBldVAeNzhuivrQt0Kns&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQyMWlhgMYqPeZvQEwAQ&v=APEucNVx3vCAR89KjmHWndBeOnsICOhdOJKuCW9tkaLgPVTbNQCddalBf6fjkLBB_Oo6wMennk0HMcQ36apTvtyArAZImNQwyvu3yNYvcQnGPGyzK--rOtJR2sVmWp001c4tUkD1awA-328xkTi8hWYVV337w05oKfIw9b2DIhfaZ6MNi2D7Bto

Protocol

HTTP/1.1

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 04:54:39 GMT
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 2b425887-88f2-442b-8dc4-a320b7e1530f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEeXBldVAeNzhuivrQt0Kns&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3E82
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYxNTUyMDE4NjAxNDg4NDY0OA%3D%3D

170 B
188 B

68ms
65ms

Image
image/png

142.250.74.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYxNTUyMDE4NjAxNDg4NDY0OA%3D%3D

Requested by

Protocol

Server

142.250.74.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 04:54:39 GMT
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 558e1f8d-4c1d-4f00-810f-8689c77eec6c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYxNTUyMDE4NjAxNDg4NDY0OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame C8A8 106 KB
37 KB 41ms
19ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
Origin: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35691
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jan 2022 18:59:48 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220125/r20110914/elements/html/ Frame C8A8 8 KB
3 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220125/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bvtr0z6kazjhfv9fUgpqok0yMaFUtVIsyGwruVm0DXeWZ-5et2XIP9WevH8yN8PFAHDH0QyfAZR9MuxXiNsHdN63CwPANGsGEAM3-wlDHnopS4MobVcqdQ5yROZSwefHtKHYC2kmQsETlhlTBXrO1niy0-Kg&dbm_d=AKAmf-CkQ1BZpZrRYfQ-aY68RNMmPqPPjpllifYG8_pG8iOOYdQVJBTWjy_e0J7eB98_gkfyyBoLnsiRPPS_UbtGfODU4oW9ASw4bQMSitJUWtkWtEl3aSZY6PUuNetDCuwoXXU_oznXvZxvxZv6Ls4poa4r-TO9taP6qAeLgVOhciyfMQqngfRr_5eo1nYUnsdUSC93b8evOXVlLCrMCA-GhkDpxRdlkWTchsvwseAb-IyLT75plscgpXS0-MGXHcUDw7OpeB6A1JnASLZqo6E_YDgnLIsyiGl-TUBnktTR0QGTSX_DHHfX2XFJAStHBFtebzsOiBh8KDqX_JiDi81x2MmR_CZwLDbjrfRdDoHAC_K9HfEU1ICzlbzUjxxigudaM8jNCuLvJtaNFYXjoUIQah_bGu-MViOVQbgXNsj5cPylcHqC5Si68Buu8CWxJoXU0NwoHASA1jsQnnHDhiIkOxqalO1QKfbvnEb2aqoBLCOz8w9JNecUVyROvWYq6fTh7e9i4lv6VWJxV6g1Xp04vHWT2nkWVifQzlEfbaQlmqfg4VOEk_zjoVHlpcyR799hvZ134cmC-IZ-qrVVJK2deDX2HIMO7SD0fdkILr5GhH0CCjt6BtYACLkOF-adNW22XS3ThUdi3S5jXE4FyrGfVvSVK4iljCrgiqXPWyBHPu1jD3UYzeY7C6R9j8i-WhfD9xprLk4cnhAzOV_N24s1RcxUGXuYkGpBHqRimcG7IrW81WmrJ50gyGvxuXJnfHaXVTO-lZzruYpGRqN-3q2-NYYZz6kzXDH2UZbIhjUAoDhEo4YzlBqD030O7cL9ZW0g2kT3PUEyQ5MdzKG8x_J6cpfOBH2GLTQA0k1-8gp1NpSPvwh9-CQiqq9sEmkDH3Oigt06V21WAEuj1Cp2uZSLJyGCBqeomItQDssDA2ON7SnTYLL4jIpXcGszZSCaSZetr7V1-EgnqKodbL7tahVscGdHyYZvuEaWzulsVMqKz95O-s5UOSvt9UEDL9leeDF0gnTx3hghuv6J3KfsiEIRAFbpb92-RUStw2NVkyD6nY4rwvFi-B1P6gyFQaNv1vD2SP-I3uoK8zkMVXkWxOOE6-eUaac_uxzPJ8ZjiagyMN7r_eBl-IMR0ptzeLQm3GdJxUCBloDL8J8OpvP3RAzyRBuoCvZXk867t4zhX1KCjQI3ahyyRBv-HLWTBpfiQ5IAismR7jWx5Sd1TgO8bjIETDtIrQGGBQHJn92i-DGwGdtfdDvKtK2BN1CVUR5LPIFpRLix8WHSqlJjceofmbBb2agMXGSC-6C0f0jnpopVQDNXDbwnMv4h1RKtU9KwQMUEHf-NPFTU81kRjR0CS0liuJC7ZStSdvpdUdOxdptrlOyh-hzPayP-Bd0Z3NjRfzW51aGRiW9e9kApsfB43GK_R_dKhiWA4G_TFsISyR4BtkYAR9kVLE7Ro5wAapL8p1PiLXddEA9JBukYFgl-Qyt3G4whPtYgTyVmIUKnzr5kRtvRBnmC1LHLw4yh4ghs_RZ1RqixBsdVxa-aUjpoIAE-067dn1DLEwcUeRjYP3CZqxlwVrYRkQ6Gf92ZkZ7WNv2mkmHf6HPwYX9HZwjTY8RjTc3_0bqgYG3_2_FqFB3Hhlx4-vWPw6BXuLddGDXp1jexogyr_Y1HHmtx4seqVqApdk32ti3ELHDBur4vKySFbRV_2g7IaU55i6KYzyMo1ykNed0JbvmJUlyZaHQ2zhU-Nxda5jlqIydkPwAW75oC5sDlI3BtaaiFfAjLoDJhVfN7a21i1JkST4Gyz7BBrBbTui5cGpFsjL2XLh-_TFeqAkyA0h4ZZkQzgTr7OTeEnlWxIS8pmR-iB-vmtaOZaYXt2vpzfYs6pB_-C-4GI7xWPAKzPon7XI7scvQHdyhN98-dBf5Zlhp7eu804gRlln0j30s1TE4Znknh-_2oBV66jNviJ9DarMeE4Ta4SBzFFQG4tST3rCJWCmkcp5e3nXKHnsWh4NQsED_z21lHOO16RdtCjEq7sfggDq5IaMQQEl2qpZFSkIUJUQ8g6sOU8QH_cV8iri-_vN9Iucqz7fm1bUyhh8fN8cYuKEitG1FOdW0TE4nhavgjXl4ZOtHXDE1EHdRyGfGdYmRWyoqeW5VChBX5n7d4E0yTzMuqMj9wcon1bV511_cJl21nutk-0XYJL2sOeoro9GDxNayb3Tzj8bHiFCXcqGfs6oX5-3latpL5NC9nzasKrx_rtkR6JxtVTDG9TmdasIh1odgo5qTYFmFrNzGV4JM0AbEqi_jSXU_x94bpczJ9eEe-fcWLmk3smoBSiO1ufPYGrWd3_L4eUY7twy7I4AzJkqCBs-xG9paK0juf6E5LAI-QCelMObhre-AqSPXrtaoeBrctJ6DT2otY6HJHoklbQoBklQw01eNQyhrC28Bs_2nP_OtpWJ7XblaG1heRISaYOJAMbhnoxvp-veDS3EHUQLIxqV-bqlVrIA5OnERV3INFDADYl99SOe0i9umGcnx3bjt5q3QnDKjEwebKlRWZaO2rcrjnsUbpGzFpnD_xUJyR8pAWKNOPuvH35RykLbmvKHOkcgrX-UBzB6mLPEbUO86n-Yp3ovVuCdvZI1frUGKevCB4Xv6ayVXFduVAlYW2GOYeNBfDjqJkeJdfxBRJWKD59wZRn1_rEM8BzEVHJ_BOPOU2vW-wUXLWDKhoWKTbdWET0hcvL7JcKRK28_grPzn4izWb0bwt-Uz24Vm0sqqfpVLqROLkXWWmhoiErx3ghdbIN0yocsJSZZ0R8glT2ZPTf8xrs8jGzpX00Tt8GiPBiGF_H1HAdFoQbajPOeKLjkJuRRnMtMfm5BfeG5IrMkS6u40yKNWy-gCrCaftHa6U4xsJ5hHfOUdB9ulab7YnMY5p4g1Hxm677kfDqZ6WCVyL3gpuenuf8PkLTOUiP756fY2XbvrqcVymJOcvBRWZh8mmcZIjN9heu5iLE7NlF4A4rgzzWVTpejVUiAkOFURcgJLZW-i_bzZ2_pd_oDeUeFt8AtN_o_7z1dEC5Cw&cid=CAASEuRou5bYDauOs-ODC2hePj9MIA&rfl=1%2Chttps%253A%252F%252Fwww.superlutas.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:49:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Feb 2022 04:49:34 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220125/r20110914/ Frame C8A8 23 KB
9 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220125/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

afa00dedbe6d549e60e8d88516d437069d74af91f302b9c8f1f825d6bad511a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:47:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 18268840599439890861
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Feb 2022 04:47:54 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 2F9D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPcYtCrA_xE7AclwIAPEmJs&google_cver=1

43 B
61 B

52ms
32ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPcYtCrA_xE7AclwIAPEmJs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ46TvAhjhyPC8ATAB&v=APEucNWUh0neKD84Kb3gMZ1gEqjgRZtI6K4Q-zAhFwjWdhI1QGdL8V0GcJNAR4Su4lj373KSqTKaofoDJWv1HfC1XNjcxE4ybVxZeIWEMgwjI7OPxMBzCwwpRGk-67WYEzYmdC9P4lEQoxmdS-0ZawVc1LdRALrbEwrvTvN900mkzvfEPhNH19Y
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:39 GMT
via: 1.1 google
server: OXGW/17.1.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPcYtCrA_xE7AclwIAPEmJs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 2F9D 43 B
305 B 81ms
31ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ46TvAhjhyPC8ATAB&v=APEucNWUh0neKD84Kb3gMZ1gEqjgRZtI6K4Q-zAhFwjWdhI1QGdL8V0GcJNAR4Su4lj373KSqTKaofoDJWv1HfC1XNjcxE4ybVxZeIWEMgwjI7OPxMBzCwwpRGk-67WYEzYmdC9P4lEQoxmdS-0ZawVc1LdRALrbEwrvTvN900mkzvfEPhNH19Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:39 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 2F9D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEC7kvrOrYdunf_-INevO7D0&google_cver=1

23 B
172 B

119ms
119ms

Image
image/gif

104.90.104.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEC7kvrOrYdunf_-INevO7D0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ46TvAhjhyPC8ATAB&v=APEucNWUh0neKD84Kb3gMZ1gEqjgRZtI6K4Q-zAhFwjWdhI1QGdL8V0GcJNAR4Su4lj373KSqTKaofoDJWv1HfC1XNjcxE4ybVxZeIWEMgwjI7OPxMBzCwwpRGk-67WYEzYmdC9P4lEQoxmdS-0ZawVc1LdRALrbEwrvTvN900mkzvfEPhNH19Y
Protocol: H2
Server: 104.90.104.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-104-248.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:39 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 27 Jan 2022 04:54:39 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEC7kvrOrYdunf_-INevO7D0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 2F9D 23 B
172 B 133ms
46ms Image
image/gif 104.90.104.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ46TvAhjhyPC8ATAB&v=APEucNWUh0neKD84Kb3gMZ1gEqjgRZtI6K4Q-zAhFwjWdhI1QGdL8V0GcJNAR4Su4lj373KSqTKaofoDJWv1HfC1XNjcxE4ybVxZeIWEMgwjI7OPxMBzCwwpRGk-67WYEzYmdC9P4lEQoxmdS-0ZawVc1LdRALrbEwrvTvN900mkzvfEPhNH19Y
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.104.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-104-248.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:39 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 27 Jan 2022 04:54:39 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 25 KB
9 KB 270ms
242ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.superlutas.com.br&settings=true&recs=true&widgetJSId=AR_1&key=NANOWDGT01&version=2000578&apv=true&sig=VxUhXbGs&format=html&rand=78809&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&srcUrl=https%3A%2F%2Fwww.superlutas.com.br%2Ffeed%2F&scrW=1600&scrH=1200&t=N2YzMDk0ZDhlMjAwMjc5NzVlMjRkMGQ4NTI1OTIyMDE=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=0&lastCardIdx=0&fAB=no_abtest&dpr=1&cw=980&darkMode=false&activeTab=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000578/module/streamFeed.js?e=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d6c56315a27a6e9d288558216d17508cd903c29b935bf433d0ff203fb229a9ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:39 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1643259280.744220,VS0,VE222
accept-ranges: bytes
x-served-by: cache-lga21952-LGA, cache-hhn4053-HHN
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 7894537a7705ae8a6f82989b860a962f
content-encoding: gzip
content-length: 9173
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ Frame BC9F 85 KB
30 KB 52ms
23ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: cdn.smartclip-services.com
URL: https://cdn.smartclip-services.com/v1/Storage-a482323/smartclip-services/ava/ava.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 12:12:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60100
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Jan 2023 12:12:59 GMT

GET
H/1.1 200
OK br_superlutas.js Show response
cdn.smartclip-services.com/v1/Storage-a482323/smartclip-services/ava/config/ Frame BC9F 2 KB
3 KB 20ms
20ms Script
application/javascript 130.61.96.156
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.smartclip-services.com/v1/Storage-a482323/smartclip-services/ava/config/br_superlutas.js
Requested by: Host: cdn.smartclip-services.com
URL: https://cdn.smartclip-services.com/v1/Storage-a482323/smartclip-services/ava/ava.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.96.156 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 9a988a31213a7696c3057c17ac49867927a441fbcbf230e01e984a773b87df1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 04:54:39 GMT
Last-Modified: Mon, 25 Oct 2021 14:50:24 GMT
ETag: "6176c430-980"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 2432
Expires: Fri, 28 Jan 2022 04:54:39 GMT

GET
H3 200 mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js Show response
pagead2.googlesyndication.com/bg/ Frame F7EE 35 KB
13 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 15:38:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13575
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 15:38:08 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6C30 41 KB
15 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 15:54:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46837
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Jan 2023 15:54:02 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C8A8 41 KB
15 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 15:54:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46837
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Jan 2023 15:54:02 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 60BF 1 KB
749 B 25ms
22ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Wed, 26 Jan 2022 13:26:12 GMT
expires: Thu, 27 Jan 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 55707
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame C8A8 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2788d6f39b8f7dfce01318c84bd5358046d4449aaaa7f095a7cd207bc33fc50

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/54777102561443840/ Frame 6145 304 KB
41 KB 22ms
20ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/54777102561443840/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac2e5643ece4365864f342b3750d5d788c95de5c0041c44bbefe52868e24241d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Fri, 21 Jan 2022 15:53:51 GMT
expires: Sat, 21 Jan 2023 15:53:51 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 21 Jan 2022 08:50:40 GMT
content-type: text/html
content-length: 41648
age: 478848
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C8A8 0
24 B 38ms
38ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvifZyx-ML9Codf8vfHO0bCZXOItxpA6gCuqBV-P-cr-IJQUx_shhXLc0bIE4URuNghqijzhpbdEhPMr4tsOlQIudoLU9XwDHGWtP4i5N8pMM9F5ux8Z9ONCihnZfuogaisLAWNiAHO1Ck5c6QzIUxDgVwT1qD0eOdUB8xhfp8uz2Bd9sWS8Neb6r498CrvcjPVFP6PLMSF1vCB5X-GlKI3p7XqsK4BKcd9QF2D8zgXa13a2Hu1j-NVPnl0SFoPzE20lAjT8_9wVWq-d7ovASJAtf2Fxoa8YFY77zv4tuoRD18cDopuhWy2nK-XxcGs8mkesVtSXUtdl1EQ0cqChnWW67C9lOhw_lzxJztKZ5l2bzoHcuSLowgvNOk2NJ0lI367BgsQuWTfqgie6Ae6vpLHCnOGfaakQwgmv_5tZe7FurjfvaoheBEX_BCejsVX6jIdsQYNM-Y4sjvwyQEQTBRi1PnzHMTSC_OWjTqrWxUIU6mvbA9CIJo07EVvVkV7alevmgVE0NRFZOYhv2t9hH0zGsywBxbvZogrjWedLEHSQMYbWaBl_cedG-fkIvD_cwis_aJz1mvPxw2jL61FI5MltwGgMlUD3jV8a05Z8LggZAl47o5M7whJtkSAB9EQtLwW54PLwuikVr-3aW05G75RuykY7ux2iPs4tPHXG6SeLrkeo136P_gb_k8kEhlSbtjzNMAPRRSjIIboeaNtLNiyTWRD_gwznL7w13qms-SxugdnvicMLG7iUzRkBvPf0A3LmNHaSS_qUoN2bDNPvhiDM-L2WtIfunx1BjqZh4o8Nb2np2GvQv-YLHrr7cbq3dWHGI6kRgHuu5t5yN5VVPOLCbUnrg1UerSymmyl8_42QPBy0Nfl4D5bFckfmld-T957ip8Z8C4vLoP3dYxtlSSHLFhAmrz8DpEYUSK0rn6NL7ViwIxqkXz7xTKBv0iuERYwHUAKd91QXP9-9r00wvQDATCSKoI-TPkMJ6hZSlQlBkN6IWtkObO2sesfag1RZniO-_3SLu2RgT2QJTlcPyd1z-bv6eHZOKk83KFGFM_jwTB0c1WioqvPvIausGUouoAdcy8eOuoqiLJFNOlQ6aQ6Fo6I_H01qXwaIul20cjLCZAaNRANVm8mXaAAm90bs_QcDdKHsEuXpjBKDXMoPzt5ikwBDXS-B2L_92aqlhXX9u8GfDnFlDlqneMsRkRKYW1Ztj1rszet2O6Z0Rylw5d5LA&sai=AMfl-YTvAsi4lP2FNivHhRmjYuTgo_t7UgmBjVirEIsXHySOv20O0G_MdxxhOzbiKXtZL-TDQqUTtCmECD1YTBH3Mmz1qGLz-OJ8eu3-Pmj9loTsGg2rgf0HlFIm2lNzIKK-Dz3U_u81VdCXtbDw-8gZiXgFPq7mMQ&sig=Cg0ArKJSzCAw8XGV7ph4EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=98&cbvp=1&cstd=95&cisv=r20220125.01305&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 27 Jan 2022 04:54:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6AD7 22 KB
8 KB 18ms
18ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Jan 2022 11:10:53 GMT
expires: Thu, 26 Jan 2023 11:10:53 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 63826
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 8415 47 KB
47 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10522523362926788608/300x250.html?e=69&leftOffset=0&topOffset=0&c=VWF0xoEz4r&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:45:04 GMT
x-content-type-options: nosniff
age: 575
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jan 2022 05:00:04 GMT

GET
H3 200 OnAir-Regular.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 8415 47 KB
47 KB 27ms
27ms Font
font/woff2 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Regular.woff2

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10522523362926788608/300x250.html?e=69&leftOffset=0&topOffset=0&c=VWF0xoEz4r&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:49:05 GMT
x-content-type-options: nosniff
age: 334
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jan 2022 05:04:05 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8415 6 KB
5 KB 67ms
30ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acea81669d0e4a77c5dde04a929d1ae7ccde341697d83551406d546e797ce0b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 04:54:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4739
x-xss-protection: 0

GET
H3 200 60005582_20220110062024247_300x250_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 8415 30 KB
30 KB 34ms
33ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220110062024247_300x250_LOOK-01.png

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d4b90e4e60a6ed6be197b23d4c0537a6275b49094c65dccbe25c9111c1cc814

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10522523362926788608/300x250.html?e=69&leftOffset=0&topOffset=0&c=VWF0xoEz4r&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 15:30:16 GMT
x-content-type-options: nosniff
age: 48263
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30234
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 14:20:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jan 2022 15:30:16 GMT

GET
H3 200 60005582_20220110062043468_AP_STOERER.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 8415 2 KB
2 KB 33ms
31ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220110062043468_AP_STOERER.png

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6327d0b794774d3a36cb33f6429a7953aabe47163551e0601fcf659f60e0b18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10522523362926788608/300x250.html?e=69&leftOffset=0&topOffset=0&c=VWF0xoEz4r&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 15:29:51 GMT
x-content-type-options: nosniff
age: 48288
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2058
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 14:20:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jan 2022 15:29:51 GMT

GET
H3 200 60005582_20220110061648609_iPhone13-mini_ASSET.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 8415 27 KB
27 KB 38ms
37ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220110061648609_iPhone13-mini_ASSET.png

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457b152b254e49d6a6ea519ad175661bd62a2dfd1106ca54195d4c1388377920

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10522523362926788608/300x250.html?e=69&leftOffset=0&topOffset=0&c=VWF0xoEz4r&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 15:30:10 GMT
x-content-type-options: nosniff
age: 48269
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27687
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 14:16:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jan 2022 15:30:10 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame 8415 43 B
609 B 106ms
24ms Image
image/gif 82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=27008872_4307561_324251499_145975850_-0&ref=27008872_4307561_324251499_145975850_-0
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.132 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.o2online.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 04:54:39 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5528 22 KB
8 KB 30ms
29ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Jan 2022 11:10:53 GMT
expires: Thu, 26 Jan 2023 11:10:53 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 63826
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17516561811023965382/ Frame 8FFF 1 KB
615 B 28ms
28ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17516561811023965382/index.html?e=69&leftOffset=0&topOffset=0&c=ttRpYxwgwv&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e0150efcdd1386f5187d98b1d7503b9f557f10f1e5e3ce3daea0ec012784b83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 587
date: Thu, 27 Jan 2022 04:54:39 GMT
expires: Fri, 27 Jan 2023 04:54:39 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 20 Jan 2022 10:48:26 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6C30 0
24 B 37ms
36ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssGl8iUYtxTTjOGjucT97mngaW2CFCbeycs0VL0UCdNU-8HNDccaNmOHct29Kfuczx_Rznf7bZGQ3fze7M8BBUm8gDyPp4fLcdsB68tUqa2nRMMOO2g0r6l-oIl_3mFVdfKGr5TjAHwp9GbGAlzgFBTIHWdaqDdia7b3xFoPS0-wxidGJwsbrq8rY2SRCs9V8ATlZXSkc8RI3Zg3FQcQ6xIfUDkdU7aLgYnwCHkTPZjn3mKVpw9ppeViUn9zYepWd3S7KtQN8T-BO_GDvqqlu1Qrz_n7a1CbskUl-k0fqXFWsmgRmildv8DwgBMobekeid6t17Xj4RmCMRS1N7qh0FWZIFHy1TQI4pt2j4PHRkEdxLDjOl02xy4XzARnBpInTt0m9O3SxIWMGuLnn6TV0mcS6XRMGep5wtkUPhK7bPXRcPI-3XxXNnpp5-n7Uo67sex5EF8ZopUHY2nEN3Zt8Ir8wH3aUKkZBPsGwpGKP7gAeTO9f-GORUuPOk1Z-EIwLSrf_u2rPSdsw7SNR6i23SoM2jE3pP-1LTbbVWfPKxLarB9NUEd39YTv5-3PT55rR3xgoFNEAe81bBIWl8nmOpkP45Ps4OBRUxF5-P9P2Ca1ucSRV01WPh1xFKUIcO2Hgo1lM_CdE-wqJ3PWbogRh0jddjG2rIL1_clTk5V0w-cg5EMjc9ZmNN85DQIx2MI8FFZ6-OiLNUFDN2YhQU6uSTggUKvAEZMUpHPbe9AqaU3lMQIXZg2IXeX2Z0fOdwwk6MCBsziD7s9JhZN5QyHJuX-hmOkzS_8tse02yJvmmZPDVdVJPT7QB6KzcfZduhaACLa6r9XAMd8p-V_Z94Olzpkma7DZQqWGv6dtZfWmFMLs5ZXYZU-wEDOdFEJtwfCVG-C2PPO0TbDXp1CeyZtnu41tbzEQ6eBUaPHd24TnAXmq8KD1gLAh9kqokVcb3E0fx4Z_ue0cE1poZRjzAwBH0Y2EJaG4JBm0ajxUG_264F09Hdvx4ch_qZ05FBZgN0ixv_odDLYKIK3HKdIfRjKpn7nDpdEUNOYQAgxC30ADYZiXCmmsyE0gvWisTbJ1OG5InSm1rXot0x8V01e4nkdlra2xzMc6k1My01EFbg9IVXABqbo5RoM2vSqbyXJb8vgt2GCGD-HhCIuT_K-foRRIND0tJG8pnAYcS-yEeLSslpITvI31bL42O2E2ARh1rRVZBWfVIOJDNsyWXP8FagEG6NzJDSKm6mkL4-U7XoJBw&sai=AMfl-YQwWJY_biup9T3OyFJ8NYzaUGkil3JqofOYwOU4P1qdQse44v_iw5EoukexHWuPy0GLSoXmyYJhJEq2FHoqveeXzI99V90-BOyTio2rKF0HFsKD1I5eKyGyjpChCvwkMtU3GXwLt-QCZ_xDBxg0kWTaABpzMg&sig=Cg0ArKJSzLCpS-6Cc0OeEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=228&cbvp=1&cstd=224&cisv=r20220125.97854&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 27 Jan 2022 04:54:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 6C30 43 B
1 KB 140ms
30ms Image
image/gif 85.14.248.91
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_se&extLi=26911004&extCr=162733354&extPm=322751186&gdpr_consent=&gdpr=

Requested by

Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.91 Wuppertal, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Do, 27 Jan 2022 04:54:39 GMT
Server: Microsoft-IIS/8.5
Date: Thu, 27 Jan 2022 04:54:39 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1636
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 main.gr.19.8.284.js Show response
static.adsafeprotected.com/ Frame 6C30 189 KB
60 KB 104ms
22ms Script
application/javascript 2600:9000:223f:e200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.284.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=818504392&campId=15571779515&pubId=1&placementId=396786600&adsafe_par&bundleId=&dealId=&bidurl=https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eff9611cedbd4005f4e14141b36370a67bffe1e50b1082cb32a84ee835c27a21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:07:13 GMT
content-encoding: gzip
age: 42447
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 26 Jan 2022 16:52:12 GMT
server: AmazonS3
etag: W/"fb9b2792c3db887dfff0ad3cd668ef5a"
vary: Accept-Encoding
x-amz-version-id: dmAY6a2.PaweZS3llbmldpNvP5GdhzI6
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: wqbnjcQBefAtXiMdVDF27C16gJ7pjwjlIW9pQo0zedIB7gAMknAxiw==

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 22EF 1 KB
749 B 22ms
20ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Wed, 26 Jan 2022 13:26:12 GMT
expires: Thu, 27 Jan 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 55707
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 6C30 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5cc7a9d7597344b5022a962ee939223b48a0bdf75b30d8a819f9277989693380

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 7 KB
7 KB 271ms
96ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96983d017575db4b3edb9ac0dc0015&pos=8a96983d017575db4b3edb9d8d750019&cmd=bid&secure=1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: cb0adab2239f03df1a9676df3bf5bea5ee9d4cc01fe8ecbd974a67b430b9d721

Request headers

Referer: https://www.superlutas.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 27 Jan 2022 04:54:40 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.superlutas.com.br
access-control-allow-credentials: true
content-length: 6712

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
1 KB 911ms
329ms XHR
application/json 2602:803:c001::200:195
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=401834&zone_id=2250872&size_id=2&alt_size_ids=55&rf=https%3A%2F%2Fwww.superlutas.com.br%2F&tk_flint=pbjs_lite_v5.20.0&x_source.tid=72b48cc6-591f-425d-bdf6-30dc7f443978&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7619033091881195
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c001::200:195 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: b7f19dfaa910e6e3cf76d38fe9376ba1ec6a172174ff5ccac6aaf314811f2355

Request headers

Referer: https://www.superlutas.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 04:54:40 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.superlutas.com.br
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/480f9/1/www.superlutas.com.br/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/480f9/1/www.superlutas.com.br/ROS?rnd=0.3812345957429779&e=728x90_0%3A728x90%2C970x90&ur=https%3A%2F%2Fwww.superlutas.com.br%2F&pbv=5.20.0&ncb=1&vs=F&crs=UTF-8&fr...
https://pbjs.e-planning.net/hb/1/480f9/1/www.superlutas.com.br/ROS?ct=1&r=pbjs&rnd=0.3812345957429779&e=728x90_0%3A728x90%2C970x90&ur=https%3A%2F%2Fwww.superlutas.com.br%2F&pbv=5.20.0&ncb=1&vs=F&cr...

515 B
935 B

29ms
27ms

XHR
application/json

46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/480f9/1/www.superlutas.com.br/ROS?ct=1&r=pbjs&rnd=0.3812345957429779&e=728x90_0%3A728x90%2C970x90&ur=https%3A%2F%2Fwww.superlutas.com.br%2F&pbv=5.20.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.superlutas.com.br%2F
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Server: 46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 2bd984989dcd68b588abd62777adb1ac0e6cedcd3fca9c47889dfac1c3fa4968

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:40 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://www.superlutas.com.br
expires: Thu, 27 Jan 2022 04:54:40 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 515
x-sid: AMS-745

Redirect headers

date: Thu, 27 Jan 2022 04:54:40 GMT
server: openresty
access-control-allow-origin: https://www.superlutas.com.br
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/480f9/1/www.superlutas.com.br/ROS?ct=1&r=pbjs&rnd=0.3812345957429779&e=728x90_0%3A728x90%2C970x90&ur=https%3A%2F%2Fwww.superlutas.com.br%2F&pbv=5.20.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.superlutas.com.br%2F
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-745

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ 0
183 B 367ms
107ms XHR
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.superlutas.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.superlutas.com.br
date: Thu, 27 Jan 2022 04:54:40 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 30ms
30ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

6e9f7944d6905a1fb4ad65185fd2ec55a053b07e450c7f89308ebcfddc823b72

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.superlutas.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 04:54:39 GMT
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 54f1f670-269c-417a-91b8-e2f654a11473
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.superlutas.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
368 B 75ms
24ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.superlutas.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.superlutas.com.br
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 29ms
29ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

8a2e1829b92b6b9dc646bc6d57c7115a75131b7c81b77ea893eff03a91391fa3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.superlutas.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 04:54:39 GMT
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c6393113-ae55-4652-af65-5b6027c33358
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.superlutas.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
343 B 425ms
29ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.superlutas.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:40 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.superlutas.com.br
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8415 17 KB
6 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Jan 2022 04:54:40 GMT

GET
H2 200 / Show response
dco.smartclip.net/ Frame BC9F 356 KB
109 KB 131ms
28ms Script
application/x-javascript 2600:9000:223c:d400:9:e42d:cc80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dco.smartclip.net/?plc=
Requested by: Host: cdn.smartclip-services.com
URL: https://cdn.smartclip-services.com/v1/Storage-a482323/smartclip-services/ava/ava.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:d400:9:e42d:cc80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / PHP/8.0.13
Resource Hash: 6d24e671e159300fcf2dd3fc36ade4f15a553a2964d484ddb0ef7c98f8871823

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:07:52 GMT
content-encoding: gzip
age: 46008
x-powered-by: PHP/8.0.13
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
x-request-start: t=1643213272.358
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P2
x-ingress-controller: true
x-amz-cf-id: xvuxcS3g7LpPaTYaCa6spY7ffXOZIHvjGquUyopkLbIonCE6mTuQ8Q==

GET
H2

200

/ Show response
lp.cleverwebserver.com/bet365/de/sports/grp1/ Frame 9C5A
Redirect Chain

https://sender.clevernt.com/transporter/20672.php?ppuc=1&ppu=0&id=344077&ref=aHR0cHM6Ly93d3cuc3VwZXJsdXRhcy5jb20uYnIv&ruri=&r=173350387&tok=950762180122267059&iv=-1&ctr=DE&sz=1200&wn=VxUhXbGs&res=1...
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00976624

4 KB
1 KB

111ms
58ms

Document
text/html

2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00976624
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 838282d5aa18a44426544f5c03f0b69517ba3d17808155d8c4be4be704c4da00

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/

Response headers

date: Thu, 27 Jan 2022 04:54:40 GMT
content-type: text/html
x-amz-id-2: auGXMybnneWnnurEomNfTihqwVfH0txWv3PrwK/PoFHDBvNsZ2kHa1ky3GIFdN8njhrfBRXH12k=
x-amz-request-id: 5G8AKZ4905RSYP1P
last-modified: Wed, 26 Jan 2022 17:08:16 GMT
cf-cache-status: MISS
expires: Thu, 27 Jan 2022 05:24:40 GMT
cache-control: public, max-age=1800
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6d3f62661d1890c4-FRA
content-encoding: br

Redirect headers

server: nginx
date: Thu, 27 Jan 2022 04:54:40 GMT
content-type: text/html; charset=UTF-8
location: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00976624
expires: Fri, 27 Jun 1986 23:00:00 GMT
last-modified: Thu, 27 Jan 2022 04:54:40 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
pragma: no-cache

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 8FFF 118 KB
40 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17516561811023965382/index.html?e=69&leftOffset=0&topOffset=0&c=ttRpYxwgwv&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17516561811023965382/index.html?e=69&leftOffset=0&topOffset=0&c=ttRpYxwgwv&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35692
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jan 2022 18:59:48 GMT

GET
H3 200 preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 8FFF 64 KB
16 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17516561811023965382/index.html?e=69&leftOffset=0&topOffset=0&c=ttRpYxwgwv&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

659aba74af795768d9d8d2ed688e49cd5f47d9425d5a1630329a845759b4591d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17516561811023965382/index.html?e=69&leftOffset=0&topOffset=0&c=ttRpYxwgwv&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16579
x-xss-protection: 0
last-modified: Mon, 12 Feb 2018 18:09:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jan 2022 04:54:40 GMT

GET
H3 200 tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 8FFF 112 KB
38 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17516561811023965382/index.html?e=69&leftOffset=0&topOffset=0&c=ttRpYxwgwv&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17516561811023965382/index.html?e=69&leftOffset=0&topOffset=0&c=ttRpYxwgwv&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38407
x-xss-protection: 0
last-modified: Wed, 04 Oct 2017 18:33:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jan 2022 04:54:40 GMT

GET
H3 200 sv_SE_polite.js Show response
s0.2mdn.net/creatives/assets/2377528/ Frame 8FFF 88 KB
27 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/2377528/sv_SE_polite.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17516561811023965382/index.html?e=69&leftOffset=0&topOffset=0&c=ttRpYxwgwv&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f2075250883a7a173b79f3b56c983ab03a96becf207fccbea045f0960fc4cc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17516561811023965382/index.html?e=69&leftOffset=0&topOffset=0&c=ttRpYxwgwv&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:41:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 793
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28037
x-xss-protection: 0
last-modified: Fri, 03 Dec 2021 15:59:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jan 2022 04:56:27 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 60BF
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEE2Tnv4-xtnXoOxrMY_wal4&google_cver=1&google_push=AYg5qPJbEqcH7gG8gxfkq0uThQXBa9lk7RFDLQuFDqPC5r2yoCrEn4ikm0...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJbEqcH7gG8gxfkq0uThQXBa9lk7RFDLQuFDqPC5r2yoCrEn4ikm0zLjnTQ2gimsAKet-cS1TrtLyN2-nGagyqyb3MdkO7kaw&google_hm=s_HD...

170 B
188 B

64ms
61ms

Image
image/png

142.250.74.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJbEqcH7gG8gxfkq0uThQXBa9lk7RFDLQuFDqPC5r2yoCrEn4ikm0zLjnTQ2gimsAKet-cS1TrtLyN2-nGagyqyb3MdkO7kaw&google_hm=s_HDzQxZc3Wu5PLgSJm-gw

Requested by

Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.74.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJbEqcH7gG8gxfkq0uThQXBa9lk7RFDLQuFDqPC5r2yoCrEn4ikm0zLjnTQ2gimsAKet-cS1TrtLyN2-nGagyqyb3MdkO7kaw&google_hm=s_HDzQxZc3Wu5PLgSJm-gw
pragma: no-cache
date: Thu, 27 Jan 2022 04:54:40 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 60BF
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEGCO05SPlKfOtQ9-BcAo97c&google_cver=1&google_push=AYg5qPJYQkSQ8TWSHxvNfMHyjDv3RRToCm3D0jbnmcnmms-rmVRebNUy-0Au30IBMXh2aKCabQ2rY1O6P6SxHNoM1TsoXu-YmG8e
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJYQkSQ8TWSHxvNfMHyjDv3RRToCm3D0jbnmcnmms-rmVRebNUy-0Au30IBMXh2aKCabQ2rY1O6P6SxHNoM1TsoXu-YmG8e&google_hm=Q0FFU0VHQ08wNVNQbEtmT...

170 B
188 B

66ms
63ms

Image
image/png

142.250.74.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJYQkSQ8TWSHxvNfMHyjDv3RRToCm3D0jbnmcnmms-rmVRebNUy-0Au30IBMXh2aKCabQ2rY1O6P6SxHNoM1TsoXu-YmG8e&google_hm=Q0FFU0VHQ08wNVNQbEtmT3RROS1CY0FvOTdj

Requested by

Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.74.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 04:54:40 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJYQkSQ8TWSHxvNfMHyjDv3RRToCm3D0jbnmcnmms-rmVRebNUy-0Au30IBMXh2aKCabQ2rY1O6P6SxHNoM1TsoXu-YmG8e&google_hm=Q0FFU0VHQ08wNVNQbEtmT3RROS1CY0FvOTdj
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 60BF 43 B
64 B 59ms
32ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESECVTtQYIbZABf2ech2fb_hY&google_cver=1&google_push=AYg5qPJ0RAvL2qRp5wgu-IejQdaF-shxoU1E3kb2ZrLThwuZ2vzm1RWTgOG-MeleYSVGDeALYWPktE75HMcaOV4D4sj1Z604FOAEIw
Requested by: Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:39 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 7v8c5o1r1o0c1raaoeieg9km6o7fp6lf

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 60BF
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GLtwrVIJTRCiRud7zsM-pw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

61ms
61ms

Image
image/png

142.250.74.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GLtwrVIJTRCiRud7zsM-pw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKa0sSIAoTCX-Ghhxp3mAPj_OEcsv-yzGUUjGixbcfHZKla15rX_Lzzx51RGtecC3D6BqoH2NyQwAKM6mk-jLNpohcXo6oANQ

Requested by

Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.74.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GLtwrVIJTRCiRud7zsM-pw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKa0sSIAoTCX-Ghhxp3mAPj_OEcsv-yzGUUjGixbcfHZKla15rX_Lzzx51RGtecC3D6BqoH2NyQwAKM6mk-jLNpohcXo6oANQ
date: Thu, 27 Jan 2022 04:54:38 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 60BF
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOx8iZrA3rEa--aKeZocFas&google_cver=1&google_push=AYg5qPJjuD_30Tt3Gn1lDCB_RedFfV2ANObBWHEZKDDkJa6wUAEmZNIBakw6hv9JosdWnZRgZuv...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lXSTVCRDgtMjQtMktJTw==&google_push=AYg5qPJjuD_30Tt3Gn1lDCB_RedFfV2ANObBWHEZKDDkJa6wUAEmZNIBakw6hv9JosdWnZRgZuv4wyaHtbiaMtut36JV93Ch2tdDJA

170 B
188 B

67ms
63ms

Image
image/png

142.250.74.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lXSTVCRDgtMjQtMktJTw==&google_push=AYg5qPJjuD_30Tt3Gn1lDCB_RedFfV2ANObBWHEZKDDkJa6wUAEmZNIBakw6hv9JosdWnZRgZuv4wyaHtbiaMtut36JV93Ch2tdDJA

Requested by

Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.74.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lXSTVCRDgtMjQtMktJTw==&google_push=AYg5qPJjuD_30Tt3Gn1lDCB_RedFfV2ANObBWHEZKDDkJa6wUAEmZNIBakw6hv9JosdWnZRgZuv4wyaHtbiaMtut36JV93Ch2tdDJA
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 60BF
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_cver=1&google_push=AYg5qPJErZFxRSOcfGZTyxs1aHf3EOvzBfcfwps_4j1r9SVUpKcmMbQcLVh0rORMKi9HYc0XsdKQ...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 60BF
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEO0VhqjfFJEl3vVY5f5Rzm8&google_cver=1&google_push=AYg5qPLYfWA1pRWq8c3N4Bsw...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLYfWA1pRWq8c3N4Bsw2-j-VmcOaL9gekHiLxME_ggusoK_XT7P6mP7Q3E9pX5BLVWNr4_3DixQynW0Xndr5yeJt5_038GbhOI&google_hm=

170 B
188 B

61ms
61ms

Image
image/png

142.250.74.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLYfWA1pRWq8c3N4Bsw2-j-VmcOaL9gekHiLxME_ggusoK_XT7P6mP7Q3E9pX5BLVWNr4_3DixQynW0Xndr5yeJt5_038GbhOI&google_hm=

Requested by

Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.74.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:40 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLYfWA1pRWq8c3N4Bsw2-j-VmcOaL9gekHiLxME_ggusoK_XT7P6mP7Q3E9pX5BLVWNr4_3DixQynW0Xndr5yeJt5_038GbhOI&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Wed, 26 Jan 2022 04:54:40 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 60BF 0
12 B 61ms
60ms Image
text/html 142.250.74.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JmMub_7PlWB17UEWgTq9xLiUVYgYenrJF7pCO7R8WoFQmvqTvODYXoPqNJTsx1H7P7m2dFMg

Requested by

Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:40 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 singleAnimationOnFeed.js Show response
widgets.outbrain.com/nanoWidget/2000578/module/ 503 B
665 B 32ms
31ms Script
application/x-javascript 2.21.142.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000578/module/singleAnimationOnFeed.js?e=2
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.142.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-142-172.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1d661f3b72d049926bc5051b0a8da33aa8aa4401df898fbb8e8a9682c21c3adc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:40 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 08:57:21 GMT
server: AkamaiNetStorage
etag: "9d2c71d75066d27e2bbacfe43d653403:1643199182.412681"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 337
expires: Thu, 27 Jan 2022 08:54:40 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 101ms
100ms Fetch
text/plain 64.202.112.127
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=272b54ab04db0ab91c6968b4eae0d45f_167967_1643259279911&tm=1470&eT=0&widgetWidth=980&widgetHeight=274&widgetX=310&widgetY=2947&wRV=2000578&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=375&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Thu, 27 Jan 2022 04:54:40 GMT
content-encoding: gzip
X-TraceId: 8db141d1e2ff5c47e87bde273952e609
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 6145 29 KB
10 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/54777102561443840/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/54777102561443840/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 12:53:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57687
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jan 2022 12:53:13 GMT

GET
H2 200 eyJpdSI6ImViNjBjMmFjNjBmNTE2YmZjMjFmYjY3YTczMTIxZDQ1ZjE1NGE5NGU2MDdlN2RhMWVhZTUyYWQzOGE1NWVmMWQiLCJ3IjoyMTAsImgiOjE0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 9 KB
9 KB 19ms
19ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImViNjBjMmFjNjBmNTE2YmZjMjFmYjY3YTczMTIxZDQ1ZjE1NGE5NGU2MDdlN2RhMWVhZTUyYWQzOGE1NWVmMWQiLCJ3IjoyMTAsImgiOjE0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fdc50a1016c7096b6b895a1fcb7f658de87184abc38ecaf810dc4450d062e302

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:40 GMT
cache-control: max-age=1191540
last-modified: Fri, 19 Nov 2021 11:29:08 GMT
x-traceid: 757e1a0e1fca5ddfca70cf0a97e90d0d
timing-allow-origin: *
content-length: 9458
content-type: image/webp

GET
H2 200 eyJpdSI6IjRiZGQzNWEzNjM1MTcxZDc0NjczY2FlZjQ3Y2JiNDBkNjBlNDE4MzExYjk5NzFjNDM5NGYyY2VhNDNhMmMxMGYiLCJ3IjoyMTAsImgiOjE0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 19 KB
20 KB 20ms
20ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjRiZGQzNWEzNjM1MTcxZDc0NjczY2FlZjQ3Y2JiNDBkNjBlNDE4MzExYjk5NzFjNDM5NGYyY2VhNDNhMmMxMGYiLCJ3IjoyMTAsImgiOjE0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0be24cf304cc7806eed86de175381284bd2dccf4889e68697876e8f5afbc3876

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:40 GMT
cache-control: max-age=1810757
last-modified: Thu, 08 Apr 2021 17:46:00 GMT
x-traceid: f4949f42347ad62fddba9ad5d1af9aaf
timing-allow-origin: *
content-length: 19874
content-type: image/webp

GET
H2 200 eyJpdSI6IjBiZGNhZDAxMjQwZTE0MDEzNjVmMjFiZmMxNmExNDU5ZDk4NjAwNWE0MmVhM2JhMDNmYWRjNDMxN2U5MGQ2NGIiLCJ3IjoyMTAsImgiOjE0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 17 KB
17 KB 22ms
22ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjBiZGNhZDAxMjQwZTE0MDEzNjVmMjFiZmMxNmExNDU5ZDk4NjAwNWE0MmVhM2JhMDNmYWRjNDMxN2U5MGQ2NGIiLCJ3IjoyMTAsImgiOjE0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ba7fa183bc672553729a13c966f5c98fb283ddd315a2d9a3f0479b2bc0d97b48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:40 GMT
cache-control: max-age=1245527
last-modified: Tue, 31 Aug 2021 09:04:01 GMT
x-traceid: ea0b95c488e3a60b8f797e32ec819363
timing-allow-origin: *
content-length: 17558
content-type: image/webp

GET
H3 200 mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js Show response
pagead2.googlesyndication.com/bg/ Frame 6AD7 35 KB
13 KB 34ms
31ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 15:38:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13575
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 15:38:08 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 22EF
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEE2Tnv4-xtnXoOxrMY_wal4&google_cver=1&google_push=AYg5qPJMpeNQr9Lt0SN6Rq_2xhXTcr1PIrOscXNBDNV1mGzhbL7cE4V8RY...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJMpeNQr9Lt0SN6Rq_2xhXTcr1PIrOscXNBDNV1mGzhbL7cE4V8RYe-C5F0Y7umw0VgaM3vh1UH8kXh7RM8Ni_irwoHWL8e&google_hm=s_HDzQ...

170 B
188 B

64ms
63ms

Image
image/png

142.250.74.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJMpeNQr9Lt0SN6Rq_2xhXTcr1PIrOscXNBDNV1mGzhbL7cE4V8RYe-C5F0Y7umw0VgaM3vh1UH8kXh7RM8Ni_irwoHWL8e&google_hm=s_HDzQxZc3Wu5PLgSJm-gw

Requested by

Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.74.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJMpeNQr9Lt0SN6Rq_2xhXTcr1PIrOscXNBDNV1mGzhbL7cE4V8RYe-C5F0Y7umw0VgaM3vh1UH8kXh7RM8Ni_irwoHWL8e&google_hm=s_HDzQxZc3Wu5PLgSJm-gw
pragma: no-cache
date: Thu, 27 Jan 2022 04:54:40 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 22EF
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEGCO05SPlKfOtQ9-BcAo97c&google_cver=1&google_push=AYg5qPLkScrhf8RL-_ZsY0Nztktu28o2wCEVCGhKYE9Rg3t3XzO6HUYJSP5WhVFEJmWGU4VR-Z57P1vTos1GvPLMPlqDOQJOrHT5
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLkScrhf8RL-_ZsY0Nztktu28o2wCEVCGhKYE9Rg3t3XzO6HUYJSP5WhVFEJmWGU4VR-Z57P1vTos1GvPLMPlqDOQJOrHT5&google_hm=Q0FFU0VHQ08wNVNQbEtmT...

170 B
188 B

60ms
60ms

Image
image/png

142.250.74.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLkScrhf8RL-_ZsY0Nztktu28o2wCEVCGhKYE9Rg3t3XzO6HUYJSP5WhVFEJmWGU4VR-Z57P1vTos1GvPLMPlqDOQJOrHT5&google_hm=Q0FFU0VHQ08wNVNQbEtmT3RROS1CY0FvOTdj

Requested by

Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.74.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 04:54:40 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLkScrhf8RL-_ZsY0Nztktu28o2wCEVCGhKYE9Rg3t3XzO6HUYJSP5WhVFEJmWGU4VR-Z57P1vTos1GvPLMPlqDOQJOrHT5&google_hm=Q0FFU0VHQ08wNVNQbEtmT3RROS1CY0FvOTdj
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 22EF
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKqdAAw...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKqdAAw...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAxMjcwNDU0NDAwMDAxNjUwMDU1OTE1Nw%3D%3D&google_push=AYg5qPKqdAAwfi_kK2OYEm-FD2mcXgAcCVYqtffm1SDXdwRWVPdzkToSfrk1z3xDz1MvMS...

170 B
188 B

81ms
80ms

Image
image/png

142.250.74.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAxMjcwNDU0NDAwMDAxNjUwMDU1OTE1Nw%3D%3D&google_push=AYg5qPKqdAAwfi_kK2OYEm-FD2mcXgAcCVYqtffm1SDXdwRWVPdzkToSfrk1z3xDz1MvMScLtsJEyNqvXN-FFOWssS5QaDMU4bvI

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Server

142.250.74.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAxMjcwNDU0NDAwMDAxNjUwMDU1OTE1Nw%3D%3D&google_push=AYg5qPKqdAAwfi_kK2OYEm-FD2mcXgAcCVYqtffm1SDXdwRWVPdzkToSfrk1z3xDz1MvMScLtsJEyNqvXN-FFOWssS5QaDMU4bvI
pragma: no-cache
date: Thu, 27 Jan 2022 04:54:40 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Thu, 27 Jan 2022 04:54:40 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 22EF 43 B
64 B 35ms
34ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESECVTtQYIbZABf2ech2fb_hY&google_cver=1&google_push=AYg5qPIiJ_MYHKaakgAygKPl0wayiQP9E_6lA6onR28rCcACYbxB9ECFnAYTIkpHhY0pT9JLgKlk-l8pJ4zPES0QBEFERfOE4q0q
Requested by: Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:40 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: jtudbsbjqsbgb7gdhem5mu1vdeo1r4gf

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 22EF
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GLtwrVIJTRCiRud7zsM-pw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

61ms
60ms

Image
image/png

142.250.74.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GLtwrVIJTRCiRud7zsM-pw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKmbXuuyzgya0YR2bXIYd9zMwe8S22H2Umid2ViNWmDPWdAMbTO3524eD3GCOpinyi4Qv7FUOd_3Twf0zG6CcuL89VU4mz9

Requested by

Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.74.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GLtwrVIJTRCiRud7zsM-pw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKmbXuuyzgya0YR2bXIYd9zMwe8S22H2Umid2ViNWmDPWdAMbTO3524eD3GCOpinyi4Qv7FUOd_3Twf0zG6CcuL89VU4mz9
date: Thu, 27 Jan 2022 04:54:40 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 22EF
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOx8iZrA3rEa--aKeZocFas&google_cver=1&google_push=AYg5qPKRVaxa_k9q5_b1CIoDqN538xNM2c3YmZQMauHsjHTmhdirkKXSX51Mi3wJao8BozPV255...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lXSTVCRVYtMVgtS1FZVA==&google_push=AYg5qPKRVaxa_k9q5_b1CIoDqN538xNM2c3YmZQMauHsjHTmhdirkKXSX51Mi3wJao8BozPV255hchicoWKJzJtNeoHBLFcj71sY

170 B
188 B

61ms
59ms

Image
image/png

142.250.74.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lXSTVCRVYtMVgtS1FZVA==&google_push=AYg5qPKRVaxa_k9q5_b1CIoDqN538xNM2c3YmZQMauHsjHTmhdirkKXSX51Mi3wJao8BozPV255hchicoWKJzJtNeoHBLFcj71sY

Requested by

Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.74.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lXSTVCRVYtMVgtS1FZVA==&google_push=AYg5qPKRVaxa_k9q5_b1CIoDqN538xNM2c3YmZQMauHsjHTmhdirkKXSX51Mi3wJao8BozPV255hchicoWKJzJtNeoHBLFcj71sY
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 22EF
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfIljyx7NsIcKfpPEJg8wQAABGEAAAIB&google_gid=CAESEKCFKH5XurrECYwvGH_WWww&google_cver=1&google_push=AYg5qPI4obiiym5vuRksUazYnx5pWQQEYLePB...

0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 22EF 0
12 B 61ms
59ms Image
text/html 142.250.74.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KwZPmgj8RQ7BOxcu_6n-2FQuOECSTr-EqULkDI97pZR30dY-swvU8aordA4ndCA7Tal9jJ

Requested by

Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:40 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js Show response
pagead2.googlesyndication.com/bg/ Frame 651E 35 KB
13 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 15:38:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13575
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 15:38:08 GMT

GET
H3 200 mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js Show response
pagead2.googlesyndication.com/bg/ Frame 5528 35 KB
13 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 15:38:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13575
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 15:38:08 GMT

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame E895 80 KB
21 KB 23ms
22ms Script
application/javascript 2600:9000:223f:e200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 08:08:31 GMT
content-encoding: gzip
age: 10183570
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: oNciK-qe7_9DFSy8TwUN3k7zF3lDl5ErktC8mqohR3fSI2L_sjfMsA==

GET
H2 200 mon
pixel.adsafeprotected.com/ Frame 6C30 43 B
215 B 50ms
50ms Image
image/gif 54.194.39.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=925113&advId=818504392&campId=15571779515&pubId=1&placementId=396786600&adsafe_par&bundleId=&dealId=&bidurl=https://www.superlutas.com.br/&adsafe_url=https%3A%2F%2Fwww.superlutas.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fb5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fb5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:e5c36130-6a9f-36a8-a50a-7b06f33a4d72,c:2tdQGJ,sl:na,em:true,fr:false,thd:1,mn:app01ie,rg:ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:244,fm:sVGQtnY+11%7C12%7C13%7C141%7C142%7C1431%7C1441%7C15%7C16%7C17*.925113%7C171%7C172%7C173%7C174%7C18%7C191%7C192%7C193%7C194%7C1a%7C1b,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:304,oid:3be85409-7f2d-11ec-83f0-06d8cca89c2a,v:19.8.284,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.39.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-39-62.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:40 GMT
x-server-name: app02.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 6C30 43 B
215 B 365ms
124ms Image
image/gif 52.45.96.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=e5c36130-6a9f-36a8-a50a-7b06f33a4d72&tv=%7Bc:2tdQHw,pingTime:-3,time:352,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:303%7D,%7Bpiv:0,vs:o,r:l,t:352%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:353,n:352,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:303,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B105~1,0~0%5D,as:%5B105~300.250%5D%7D%7D,%7Bsl:o,t:352,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:sVGQtnY+11%7C12%7C13%7C141%7C142%7C1431%7C1441%7C15%7C16%7C17*.925113%7C171%7C172%7C173%7C174%7C18%7C191%7C192%7C193%7C194%7C1a%7C1b,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by: Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.96.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-96-92.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:40 GMT
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 6C30 43 B
215 B 362ms
125ms Image
image/gif 52.45.96.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=e5c36130-6a9f-36a8-a50a-7b06f33a4d72&tv=%7Bc:2tdQHy,pingTime:-6,time:354,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:354,n:352,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:303,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B105~1,0~0%5D,as:%5B105~300.250%5D%7D%7D,%7Bsl:o,t:352,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:sVGQtnY+11%7C12%7C13%7C141%7C142%7C1431%7C1441%7C15%7C16%7C17*.925113%7C171%7C172%7C173%7C174%7C18%7C191%7C192%7C193%7C194%7C1a%7C1b,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&tpiLookup=ao:www.superlutas.com.br*&br=c
Requested by: Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.96.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-96-92.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:40 GMT
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 VolvoNovum-Medium.woff2
s0.2mdn.net/sadbundle/54777102561443840/ Frame 6145 38 KB
38 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/54777102561443840/VolvoNovum-Medium.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/54777102561443840/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2675ab1d1852f1aa30e272d7c2b1b9616e1f4771a94860e0d92bc7fca6c3c48a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/54777102561443840/index.html
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 15:53:51 GMT
x-content-type-options: nosniff
age: 478849
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39068
x-xss-protection: 0
last-modified: Fri, 21 Jan 2022 08:50:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 21 Jan 2023 15:53:51 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6C30 0
23 B 29ms
28ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssGl8iUYtxTTjOGjucT97mngaW2CFCbeycs0VL0UCdNU-8HNDccaNmOHct29Kfuczx_Rznf7bZGQ3fze7M8BBUm8gDyPp4fLcdsB68tUqa2nRMMOO2g0r6l-oIl_3mFVdfKGr5TjAHwp9GbGAlzgFBTIHWdaqDdia7b3xFoPS0-wxidGJwsbrq8rY2SRCs9V8ATlZXSkc8RI3Zg3FQcQ6xIfUDkdU7aLgYnwCHkTPZjn3mKVpw9ppeViUn9zYepWd3S7KtQN8T-BO_GDvqqlu1Qrz_n7a1CbskUl-k0fqXFWsmgRmildv8DwgBMobekeid6t17Xj4RmCMRS1N7qh0FWZIFHy1TQI4pt2j4PHRkEdxLDjOl02xy4XzARnBpInTt0m9O3SxIWMGuLnn6TV0mcS6XRMGep5wtkUPhK7bPXRcPI-3XxXNnpp5-n7Uo67sex5EF8ZopUHY2nEN3Zt8Ir8wH3aUKkZBPsGwpGKP7gAeTO9f-GORUuPOk1Z-EIwLSrf_u2rPSdsw7SNR6i23SoM2jE3pP-1LTbbVWfPKxLarB9NUEd39YTv5-3PT55rR3xgoFNEAe81bBIWl8nmOpkP45Ps4OBRUxF5-P9P2Ca1ucSRV01WPh1xFKUIcO2Hgo1lM_CdE-wqJ3PWbogRh0jddjG2rIL1_clTk5V0w-cg5EMjc9ZmNN85DQIx2MI8FFZ6-OiLNUFDN2YhQU6uSTggUKvAEZMUpHPbe9AqaU3lMQIXZg2IXeX2Z0fOdwwk6MCBsziD7s9JhZN5QyHJuX-hmOkzS_8tse02yJvmmZPDVdVJPT7QB6KzcfZduhaACLa6r9XAMd8p-V_Z94Olzpkma7DZQqWGv6dtZfWmFMLs5ZXYZU-wEDOdFEJtwfCVG-C2PPO0TbDXp1CeyZtnu41tbzEQ6eBUaPHd24TnAXmq8KD1gLAh9kqokVcb3E0fx4Z_ue0cE1poZRjzAwBH0Y2EJaG4JBm0ajxUG_264F09Hdvx4ch_qZ05FBZgN0ixv_odDLYKIK3HKdIfRjKpn7nDpdEUNOYQAgxC30ADYZiXCmmsyE0gvWisTbJ1OG5InSm1rXot0x8V01e4nkdlra2xzMc6k1My01EFbg9IVXABqbo5RoM2vSqbyXJb8vgt2GCGD-HhCIuT_K-foRRIND0tJG8pnAYcS-yEeLSslpITvI31bL42O2E2ARh1rRVZBWfVIOJDNsyWXP8FagEG6NzJDSKm6mkL4-U7XoJBw&sai=AMfl-YQwWJY_biup9T3OyFJ8NYzaUGkil3JqofOYwOU4P1qdQse44v_iw5EoukexHWuPy0GLSoXmyYJhJEq2FHoqveeXzI99V90-BOyTio2rKF0HFsKD1I5eKyGyjpChCvwkMtU3GXwLt-QCZ_xDBxg0kWTaABpzMg&sig=Cg0ArKJSzLCpS-6Cc0OeEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=598&vt=11&dtpt=370&dett=3&cstd=224&cisv=r20220125.97854&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 04:54:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 6C30 43 B
216 B 328ms
124ms Image
image/gif 52.45.96.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=e5c36130-6a9f-36a8-a50a-7b06f33a4d72&tv=%7Bc:2tdQI6,pingTime:-2,time:388,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:676,beZ:677,mfA:919,cmA:921,inA:921,inZ:925,prA:925,prZ:932,si:980,poA:980,poZ:993,cmZ:993,mfZ:993,loA:1029,loZ:1032,ltA:1064,ltZ:1064%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:303%7D,%7Bpiv:0,vs:o,r:l,t:352%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:388,n:352,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:303,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B105~1,0~0%5D,as:%5B105~300.250%5D%7D%7D,%7Bsl:o,t:352,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B37~0%5D,as:%5B37~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:sVGQtnY+11%7C12%7C13%7C141%7C142%7C1431%7C1441%7C15%7C16%7C17*.925113%7C171%7C172%7C173%7C174%7C18%7C191%7C192%7C193%7C194%7C1a%7C1b,idMap:17*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:83,readyFired:true%7D&br=c
Requested by: Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.96.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-96-92.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:40 GMT
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
DATA 200
OK truncated
/ Frame 3B2F 10 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08b3d2cb0ce50558fa5981857bf280e3e590f7853d3ae33e5f6b76597f2a58bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: text/css

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C8A8 0
23 B 31ms
30ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvifZyx-ML9Codf8vfHO0bCZXOItxpA6gCuqBV-P-cr-IJQUx_shhXLc0bIE4URuNghqijzhpbdEhPMr4tsOlQIudoLU9XwDHGWtP4i5N8pMM9F5ux8Z9ONCihnZfuogaisLAWNiAHO1Ck5c6QzIUxDgVwT1qD0eOdUB8xhfp8uz2Bd9sWS8Neb6r498CrvcjPVFP6PLMSF1vCB5X-GlKI3p7XqsK4BKcd9QF2D8zgXa13a2Hu1j-NVPnl0SFoPzE20lAjT8_9wVWq-d7ovASJAtf2Fxoa8YFY77zv4tuoRD18cDopuhWy2nK-XxcGs8mkesVtSXUtdl1EQ0cqChnWW67C9lOhw_lzxJztKZ5l2bzoHcuSLowgvNOk2NJ0lI367BgsQuWTfqgie6Ae6vpLHCnOGfaakQwgmv_5tZe7FurjfvaoheBEX_BCejsVX6jIdsQYNM-Y4sjvwyQEQTBRi1PnzHMTSC_OWjTqrWxUIU6mvbA9CIJo07EVvVkV7alevmgVE0NRFZOYhv2t9hH0zGsywBxbvZogrjWedLEHSQMYbWaBl_cedG-fkIvD_cwis_aJz1mvPxw2jL61FI5MltwGgMlUD3jV8a05Z8LggZAl47o5M7whJtkSAB9EQtLwW54PLwuikVr-3aW05G75RuykY7ux2iPs4tPHXG6SeLrkeo136P_gb_k8kEhlSbtjzNMAPRRSjIIboeaNtLNiyTWRD_gwznL7w13qms-SxugdnvicMLG7iUzRkBvPf0A3LmNHaSS_qUoN2bDNPvhiDM-L2WtIfunx1BjqZh4o8Nb2np2GvQv-YLHrr7cbq3dWHGI6kRgHuu5t5yN5VVPOLCbUnrg1UerSymmyl8_42QPBy0Nfl4D5bFckfmld-T957ip8Z8C4vLoP3dYxtlSSHLFhAmrz8DpEYUSK0rn6NL7ViwIxqkXz7xTKBv0iuERYwHUAKd91QXP9-9r00wvQDATCSKoI-TPkMJ6hZSlQlBkN6IWtkObO2sesfag1RZniO-_3SLu2RgT2QJTlcPyd1z-bv6eHZOKk83KFGFM_jwTB0c1WioqvPvIausGUouoAdcy8eOuoqiLJFNOlQ6aQ6Fo6I_H01qXwaIul20cjLCZAaNRANVm8mXaAAm90bs_QcDdKHsEuXpjBKDXMoPzt5ikwBDXS-B2L_92aqlhXX9u8GfDnFlDlqneMsRkRKYW1Ztj1rszet2O6Z0Rylw5d5LA&sai=AMfl-YTvAsi4lP2FNivHhRmjYuTgo_t7UgmBjVirEIsXHySOv20O0G_MdxxhOzbiKXtZL-TDQqUTtCmECD1YTBH3Mmz1qGLz-OJ8eu3-Pmj9loTsGg2rgf0HlFIm2lNzIKK-Dz3U_u81VdCXtbDw-8gZiXgFPq7mMQ&sig=Cg0ArKJSzCAw8XGV7ph4EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=705&vt=11&dtpt=607&dett=3&cstd=95&cisv=r20220125.01305&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 04:54:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 3B2F 2 KB
2 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 61838ede2ff5fa241c7c466384c9a3d5e227d9f98c1671a8525955be67fc4b89

Request headers

Referer
Origin: https://www.superlutas.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8FFF 6 KB
5 KB 41ms
40ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/sv_SE_polite.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9db5c7cc1a10a58ca5e2b2b9484c7488922a8af4f195f2a0415930ad82c30b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 04:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4613
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BC9F 0
0 29ms
29ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstdU2c39YCfyrRaHq7G_AS8B4fyr_hl6HCE-DimcBIGSJddYxuNoHa_FHK73AhuOULOEHFUOBYnF-qhzqF25HY6EncqgbS6t6Hqi6qQyGcLA7jLf5xRkFmFy1bcMt98agf91sr6tGrN6CaY95JBAlHacVfuQ0RhnK4Ok0EclDwv6_ClX0ApTDWBYQd2NbTLO84uHkypcwyZSLPqYSou82qJ9fedp2rynWA4ikQ1yRtiw0ISWAvEOjCbFhOmLrqTuqbycCAYdfXXiJDu3xAQJWR2fRKFHEPgfcpULEE6yB1NwSa6Mvw3VEnNfwTg9Ps&sig=Cg0ArKJSzL4Mn8W-pYFLEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 04:54:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 27 Jan 2022 04:54:40 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 876B 42 B
64 B 27ms
27ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss2mRKEMsG6tUpEcq-_fAqSQwfYHF2eSjDbjM6rC-bS-EWfrknzxnI9bfk3CHCc1VOWy8CgEW2P1RdmUjcqrVnntus8xgv9pc6eFTYafyzVpu6C4tgk&sig=Cg0ArKJSzFzvyNc_I_7aEAE&id=lidar2&mcvt=1099&p=133,436,223,1164&mtos=1099,1099,1099,1099,1099&tos=1099,0,0,0,0&v=20220126&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=380858702&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643259279211&rpt=147&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F7EE 0
20 B 34ms
34ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BwbUIjyXyYYvzAZbx3gP8jZnIBwAAAAA4AeAEAg&bg=!DA-lD0vNAAY6OBv_Ojg7ACkAdvg8WilPerNKpfGJlvvXvpjTHZn1WsQ3RbJe2wu_z9xwnSp17uIsDwIAAAISUgAAAAhoAQcKAA4z-Q8skdf7ALZal9Ebp5kC9nFu1jQ7lRkBu121o7V-dLG85QrdrucbUZDFxMKKqp5w7tkuqO3_MF-HH9DSw64bagrcfsY2faFTkBWRoL-aUPteE9pbCe2hVDkqeYIrsnHDz9RyxTUEUGrS00Lt4tP2K3Le56NzhGra2ZystPhIZTdya-fgnNsj0z904bftmb4tK_2fBlr1S-_O8LmZ275MbDv_3I2k5nerI_PHVd3QI5bD41jlhXAHttGQA7U6RhIGOPPtGqqKpwSxeEaxyaRiOfg3W63boI3pnNAC6MaTD0laA8CX6DxkBZDifoPyYiwOOi3lug5H00eXLyjAye1MmiPhFwgaQ-7KHErAYCCQafpCeFpN_yDKQpKNp-U37nSGqh1njDE6SVqx92qqXw4qU7uQxObP8HKCRORXfzTyY7gZ9TTnBZUMRBwoGb6AyzjZLFSN9b3UikpXS4qpyGJkFwmPujm64gzfvTh4WNg9wdgSatDQiYQ5z6T-uc_wsmfbuQcXldW9NQhRcBQ4FvJ60LCDBrXUv4XjzWx4W-sLUFex-r3qc6MYcgRa1pAJVu3qPiK6lHAW7Rq-xH6WLc6f4Iz8ZyvST2tZf5gXBPI1pDe0KK5gubStav3VRiZrcSEROBFLcb_jgnUYhG-UbSmaGY0r-7E7s6mVr3Ao5ompVT3BawjEKOtr04j9x5cR4iMAq8p14UqAuwLyvMjXO60UVkxym6LwFqoYS87bCgnAV_pFA_1JCPa7tnpg36m38he06FfKaEKdUWsgnR_i5HODcBXvqPiu_ixcIJpE44OwA8Ev3eguSKfb0BQuxvL5qzbAF9pkZfDUEF904LWz7oCk70XgnwMwDeV0VlzFQu__VSMAbiP7vJuDn6VQCnX49VgwRqcz5IdyuoPzAxvFZtkZSLtQFLLmyp2hbGRPGVQCoxagstsMVXt7mhe79kcywElnZ7iQUPB9nK5EXdAHc0rbPsZm5HD0JUzKyzWbrrSTkS39wMXtq8Pmn5xJuin1d5xucoHK8_zz

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Volvo_Black.png
s0.2mdn.net/sadbundle/54777102561443840/ Frame 6145 5 KB
5 KB 20ms
20ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/54777102561443840/Volvo_Black.png

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5be30616d437d2baf9041a6648598542ae30fed30d261b002266e5d58969685

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/54777102561443840/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 15:53:51 GMT
x-content-type-options: nosniff
age: 478849
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4824
x-xss-protection: 0
last-modified: Fri, 21 Jan 2022 08:50:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 21 Jan 2023 15:53:51 GMT

GET
H3 200 Flash.png
s0.2mdn.net/sadbundle/54777102561443840/ Frame 6145 3 KB
3 KB 22ms
21ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/54777102561443840/Flash.png

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baea5caffda9109fe3fe251376d60a25ea43c846fa7bb8dc4b15da44a78c6760

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/54777102561443840/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 15:53:51 GMT
x-content-type-options: nosniff
age: 478849
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3431
x-xss-protection: 0
last-modified: Fri, 21 Jan 2022 08:50:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 21 Jan 2023 15:53:51 GMT

GET
H3 200 Floor_extend2.png
s0.2mdn.net/sadbundle/54777102561443840/ Frame 6145 56 KB
56 KB 22ms
22ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/54777102561443840/Floor_extend2.png

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f93264606087b4c1dd4e0bb8bf2ed92549c53fe8b5f095d214c4e72a765f5482

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/54777102561443840/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 15:53:51 GMT
x-content-type-options: nosniff
age: 478849
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57259
x-xss-protection: 0
last-modified: Fri, 21 Jan 2022 08:50:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 21 Jan 2023 15:53:51 GMT

GET
H3 200 Spritesheet_XC40_MY23_4.jpg
s0.2mdn.net/sadbundle/54777102561443840/ Frame 6145 783 KB
783 KB 27ms
27ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/54777102561443840/Spritesheet_XC40_MY23_4.jpg

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a082bfd96630ab857ec08e4e0055175aae987aea275d450f048ec3fee5de5383

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/54777102561443840/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 15:53:51 GMT
x-content-type-options: nosniff
age: 478849
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 801309
x-xss-protection: 0
last-modified: Fri, 21 Jan 2022 08:50:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 21 Jan 2023 15:53:51 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8FFF 17 KB
6 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Jan 2022 04:54:40 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6963 42 B
64 B 31ms
31ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssLQK4jTOP6AWwnnWdN4s9er1xmbfScbdrS_npSdsuOMm-yYby668FWtknqqUJ8_Jceiw5PSvGm7FsHisHHZSTbbVMrGRdxvIPTIEvGqRnzvh2rX_Zn&sig=Cg0ArKJSzCo0JAajqSVeEAE&id=lidar2&mcvt=1026&p=112,0,113,1&mtos=1026,1026,1026,1026,1026&tos=1026,0,0,0,0&v=20220126&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=330619748&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643259279243&rpt=200&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 style.css
lp.cleverwebserver.com/bet365/de/sports/grp1/ Frame 9C5A 11 KB
2 KB 50ms
49ms Stylesheet
text/css 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=1
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00976624
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58387ca9397ec3cb0e0d8e163e3aaf616b33db0a023c16b7824519a834ca6001

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00976624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:40 GMT
content-encoding: br
cf-cache-status: HIT
age: 1213
cf-polished: origSize=11955
last-modified: Tue, 25 Jan 2022 00:04:10 GMT
x-amz-request-id: TYEVXHKX3G90GD9W
x-amz-id-2: DUYH72o+qM6bm/4gvSMccCex9NX9BoY/5NtAsiQknnorXq/IQOrllRBADaROlH9/BxXu+SuI9Nw=
cf-bgj: minify
server: cloudflare
etag: W/"0b1a0f0066ac8ef5a3b0a38c0858a9b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=1800
cf-ray: 6d3f62674e1f90c4-FRA
expires: Thu, 27 Jan 2022 05:24:40 GMT

GET
H2 200 anzeige.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 9C5A 1 KB
901 B 34ms
34ms Image
image/svg+xml 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/anzeige.svg?v=1
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00976624
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98af5e2d044165db4fe04e7a288c125ad78d50bd9e212ca6e520e5a55140e869

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00976624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Jan 2022 00:04:52 GMT
server: cloudflare
age: 1061
etag: W/"3e9d1a10a1056de77db1bab72b55ef1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6d3f62674e2290c4-FRA
x-amz-request-id: TYEZW87DXRPRMV0M
x-amz-id-2: lw2+6BGPBR5CrhW/q0QBJ8/mhNA4gGr1kIsuaFtRQErCnmQUZWmQDTw+mWIei3NDNi6ucL0m1bg=
expires: Thu, 27 Jan 2022 05:24:40 GMT

GET
H2 200 logo.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 9C5A 2 KB
1 KB 48ms
44ms Image
image/svg+xml 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/logo.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00976624
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df3876c55c0fe527bea47b37cfe3479040325194f3df7d2b077794ef6d584470

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00976624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Jan 2022 00:04:52 GMT
server: cloudflare
age: 1061
etag: W/"89cc1efb4630095200908a2c0e01275c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6d3f62676e3e90c4-FRA
x-amz-request-id: TYEYGEB962FA9Z1P
x-amz-id-2: hYcvIcpE2TCcgf9FlvWP0bViJ1M3932Qm7mRcvylELfL/F6b36L5nhAGSSC2L89CTMZ+nmp7EIQ=
expires: Thu, 27 Jan 2022 05:24:40 GMT

GET
H2 200 copy_pushmobile.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 9C5A 12 KB
4 KB 59ms
54ms Image
image/svg+xml 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy_pushmobile.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00976624
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85cc4c652afbaa94b1444817fe16c3c4f84c9f1ad8615044fc20337d8f3c3b36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00976624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Jan 2022 00:04:10 GMT
server: cloudflare
age: 1070
etag: W/"48521ed69677855391819664023f03a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6d3f62676e4490c4-FRA
x-amz-request-id: TYEPF3KWDZHPK30T
x-amz-id-2: 2vOouLAJDhs4PpK3PF0VGw21NvhkLrvcC3zqbkoe6c2TavSbIkekUljAAej8Ce1rWKJry6e8V3k=
expires: Thu, 27 Jan 2022 05:24:40 GMT

GET
H2 200 copy_pushdown.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 9C5A 12 KB
4 KB 52ms
47ms Image
image/svg+xml 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy_pushdown.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00976624
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc593e8aef8bec3076d8f4d76e66461b61d8b0c5cf5a52ef51d6c904d7d5a385

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00976624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Jan 2022 00:04:52 GMT
server: cloudflare
age: 1070
etag: W/"b021ae3bd30deb5a02a9d0476e269ae5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6d3f62676e4690c4-FRA
x-amz-request-id: TYEJBM6VT1FBPHFX
x-amz-id-2: cKnHG3v/AkP92Tkc08v6DN8wo/71CqIS5Ik+1BC7uPDglgKsfyNd62yW3O7CDI4txOyHPGlou5I=
expires: Thu, 27 Jan 2022 05:24:40 GMT

GET
H2 200 copy.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 9C5A 12 KB
4 KB 56ms
52ms Image
image/svg+xml 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00976624
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63bc5373259840156ae93ba26b9df0dd2f97ce98ebb3fdb970699cd718a23230

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00976624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Jan 2022 00:04:10 GMT
server: cloudflare
age: 1156
etag: W/"6a14ab0d467b44cc536dff1c855843d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6d3f62676e4890c4-FRA
x-amz-request-id: TYENM477FMVDHAR0
x-amz-id-2: BMy9ma5U6bgnxvWh2P+jvil/iLQBjgdd5zG5/s79Bbfi1ejeobWkUXWr5vL/WZo6Tczv0FaB7HI=
expires: Thu, 27 Jan 2022 05:24:40 GMT

GET
H2 200 copy2_pushmobile.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 9C5A 5 KB
2 KB 57ms
53ms Image
image/svg+xml 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy2_pushmobile.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00976624
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3361e91435c8d8a10b7ba8e447fdb9e8cf94681182d2ce70a59dd3fb56dfca5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00976624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Jan 2022 00:04:52 GMT
server: cloudflare
age: 1061
etag: W/"beb4ce05eda61995a0eba82cbef0fb8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6d3f62677e4a90c4-FRA
x-amz-request-id: TYERGQX72114PSMS
x-amz-id-2: 1z6jApOINmAc58rE+AuczW9lIISvV6J6FeyrRBKbcgtzBal1u/faK2K/u4TCaPWrIp4m2nVaSaE=
expires: Thu, 27 Jan 2022 05:24:40 GMT

GET
H2 200 copy2_pushdown.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 9C5A 5 KB
2 KB 58ms
54ms Image
image/svg+xml 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy2_pushdown.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00976624
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cda9e405d476907b07df5ba2daf29f6d9f802bc7df20e3c9a1295c601e210406

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00976624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Jan 2022 00:04:10 GMT
server: cloudflare
age: 1131
etag: W/"5dafc545e73be5464256dd78dc118a9c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6d3f62677e4b90c4-FRA
x-amz-request-id: TYEHHGRM2YPA3J1R
x-amz-id-2: 5p/9QcqBLFntM+Co7UfuYd5XaHxFU/Q0UBByVWF/zgFUF4pmCwOFQ66BIFMqXZgMSB5HcaJVtzM=
expires: Thu, 27 Jan 2022 05:24:40 GMT

GET
H2 200 copy2.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 9C5A 5 KB
2 KB 59ms
55ms Image
image/svg+xml 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy2.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00976624
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7fa07dc1641fa98687abb1cac64ca10ef98f69568be378d612397460b7ca24b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00976624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Jan 2022 00:04:10 GMT
server: cloudflare
age: 1060
etag: W/"dc43a4e11b82fa41efb8bdc2acd73425"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6d3f62677e4d90c4-FRA
x-amz-request-id: TYEQY3CRVYXVY20G
x-amz-id-2: rb3QnF0T4Bw30lgeKTV2Kbga+HacmSYchWCnYOjwL86K5wOivRgZ7tPPlDMzUM8n22QX3czH5Cw=
expires: Thu, 27 Jan 2022 05:24:40 GMT

GET
H2 200 copy3.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 9C5A 6 KB
2 KB 59ms
55ms Image
image/svg+xml 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy3.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00976624
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 150431c4e70ae805fba43a94f1b154417be47c26d7f3ca60a7e1a0ab7b50ba80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00976624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Jan 2022 00:04:52 GMT
server: cloudflare
age: 1070
etag: W/"9048820dc635dbe10d09725e919ba54f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6d3f62677e4f90c4-FRA
x-amz-request-id: TYEKB8HX1B81QN0T
x-amz-id-2: TJDx6udijxTRebpW5b8Jp7QRG0esjzMUKkhMwv89dXxjXTNXd8vQ5dATR/fyb6nPl4O/H9pDiyI=
expires: Thu, 27 Jan 2022 05:24:40 GMT

GET
H2 200 cta.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 9C5A 3 KB
1 KB 59ms
55ms Image
image/svg+xml 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/cta.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00976624
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56828800a4a575d3b1940a854640ad25c3c93a7d3933ab96150ef48788d637d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00976624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Jan 2022 00:04:52 GMT
server: cloudflare
age: 1060
etag: W/"b26d0f732978180e7c2480406f97e7f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6d3f62677e5090c4-FRA
x-amz-request-id: TYEVZ4WDJBAWEHCV
x-amz-id-2: 8TPcBBd9E/EwEN4ysbmF+HW52VrnDOVFLvz6GWhiiawRHTnE5f1RwhCLmtpTnpcqFukfPGjruZ4=
expires: Thu, 27 Jan 2022 05:24:40 GMT

GET
H2 200 legal2_pushmobile.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 9C5A 12 KB
4 KB 55ms
52ms Image
image/svg+xml 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/legal2_pushmobile.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00976624
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 757a9daa63650138fd902f15b33dfa3ae7ea0a4c2c8aadd405c7c09f5c6af7df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00976624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Jan 2022 00:04:10 GMT
server: cloudflare
age: 1070
etag: W/"22316355cfe04cd150c2b810a54167a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6d3f62677e5390c4-FRA
x-amz-request-id: TYEY3GZ6GMHFF5P3
x-amz-id-2: HgcPpOrxlaBme74qYC91fhwyPZQ04qVIsXfUKlMr1Ic9w1kolKWlDAuPvlRQ7AP/dVzf3cOoVw4=
expires: Thu, 27 Jan 2022 05:24:40 GMT

GET
H2 200 legal2_pushdown.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 9C5A 33 KB
6 KB 88ms
85ms Image
image/svg+xml 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/legal2_pushdown.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00976624
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 869c671beb0b128c008179a0e3fcddbfa62cfe83351672d1142b1d734858bc33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00976624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Jan 2022 00:04:52 GMT
server: cloudflare
age: 1060
etag: W/"19cfc2171558b226e44590caa30ac756"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6d3f6267ae7890c4-FRA
x-amz-request-id: TYEPJMJFRKHQNSW0
x-amz-id-2: vh3cDP45AJBFPL3c+p6yC9p8znEgpe2KXCnEBkfA80IuTQc25SrXS/L2b5qmwIbhdVhqUt/sr1A=
expires: Thu, 27 Jan 2022 05:24:40 GMT

GET
H2 200 legal2.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 9C5A 33 KB
6 KB 85ms
82ms Image
image/svg+xml 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/legal2.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00976624
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dac0f22f981a1e8828e9516833b3ac6fe985cf1852033b0f153c9cb8694d3a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00976624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Jan 2022 09:42:59 GMT
server: cloudflare
age: 1723
etag: W/"a33282a0f66d9e18e14ed6c9fa761dd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6d3f6267ae7b90c4-FRA
x-amz-request-id: V4GB1JB480A74RGN
x-amz-id-2: S4vv1ML3YgGDU5iIkdTUu++EIh+07KCVfM/bV3qVQBtUR4tknvwtWWL139bkJbmvyt27L+FJYrM=
expires: Thu, 27 Jan 2022 05:24:40 GMT

GET
H2 200 rocket-loader.min.js Show response
lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 9C5A 12 KB
4 KB 74ms
71ms Script
application/javascript 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00976624

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00976624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Jan 2022 15:58:45 GMT
server: cloudflare
etag: W/"61e83535-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6d3f6267ae7c90c4-FRA
vary: Accept-Encoding
expires: Sat, 29 Jan 2022 04:54:40 GMT

GET
H3 200 mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js Show response
pagead2.googlesyndication.com/bg/ Frame 6611 35 KB
13 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 15:38:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13575
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 15:38:08 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9C5A 8 KB
1 KB 128ms
38ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap

Requested by

Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

af3e5cfbec7a3ad4f4f5ae7f38bd6e857fb46b79a4851ed6084f32adcd327363

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 04:20:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 27 Jan 2022 04:54:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Jan 2022 04:54:40 GMT

GET
H2 200 clever.de.min.js Show response
lp.cleverwebserver.com/bet365/js/ Frame 9C5A 9 KB
4 KB 36ms
35ms Script
application/javascript 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cleverwebserver.com/bet365/js/clever.de.min.js
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54ac31540d0cc04994470e45f7f167649c2de8874d42ae215ec5bfc9a9fa64f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_00976624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Jan 2022 14:36:56 GMT
server: cloudflare
age: 626
etag: W/"f608a5d30dd77ed8de7ceb968e854f04"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 6d3f62682eed90c4-FRA
x-amz-request-id: S6NYYQPHCXV5Z2MS
x-amz-id-2: g0PnKsE2/80rBDsLixfhta5eKP5HE1htpc3rCJhkn/nUWNvqm+GNAm1FsKEKlQScidbyFPnS5i4=
expires: Thu, 27 Jan 2022 05:24:40 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4A7E 42 B
64 B 61ms
61ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssEKAo3Q_NX1Xwv05AMSUNyfuNciwx6EjY2_CO26RK8Zk2KWSakYZ_eYpr9XOjF-AA7s-DxpBDVT1T7iJTru7rJxjfyGAKRI8hSIN_tnsVQEDeUh9heuQ&sai=AMfl-YR8ULNLeg3BC3B-Z_BdjLX1uFnB-hyr4C3i2FPU9bVX7mh1P5HTFXvSUvfnMNROc4a69Bo2DY0Cd_t92_4gt1woMJLudMIKnbZaIgMOO-ofj-24wLc6DL1qujFP&sig=Cg0ArKJSzNDXYXgbP6CYEAE&cid=CAASEuRoLhj-jhTIY0POAqwrU1N_oA&id=lidar2&mcvt=1034&p=0,0,250,300&mtos=1034,1034,1034,1034,1034&tos=1034,0,0,0,0&v=20220126&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=743887373&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643259278518&rpt=1126&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 300x250_D_NA_Car-Hood-Palm.jpg Show response
s0.2mdn.net/creatives/assets/2373736/ Frame 8FFF 25 KB
25 KB 33ms
33ms XHR
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/2373736/300x250_D_NA_Car-Hood-Palm.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/sv_SE_polite.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72d9cd78bba274c7d537dd55d86580f696b554d452810dadbedc129e6a26462a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17516561811023965382/index.html?e=69&leftOffset=0&topOffset=0&c=ttRpYxwgwv&t=1&renderingType=2
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:48:09 GMT
x-content-type-options: nosniff
age: 391
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25876
x-xss-protection: 0
last-modified: Tue, 10 Sep 2019 15:47:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jan 2022 05:03:09 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6AD7 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BznNVjyXyYf_WIMT47gOGhZXQDAAAAAA4AeAEAg&bg=!4uGl4aXNAAY6OBv_Ojg7ACkAdvg8WllgtbCM__iRJcDq8Ap8YFV9zIdIpRe1SpB1cFnL_wy8k03oaQIAAAFFUgAAAAJoAQcKAGIROuV_pYskbHFfN572kBo6EDDK5T25EnioiZEE_QrveYxAp_FSwduKALyUJwYp5WYFxNRO1oRycOjjwTt2qOvhH7lTAHLtSqXjWIF_zQYal2kKxW_JRD6Ud2oCl1l5nAKT45kDAfKx-AjsaUTehLt3UZRIae2NCSFd0FXazV460fNpLi55fKG04Oo5G8YsdjWb2vE2A8a07oeheSSs3qGSDraoVa0x4qiunudWfoVkKIoGOpCcAeZw_tH-JJM7VuSL3cXxQOVMgGATm1QKAGLxCVUXEuN0h6tDttdnSNCstfjB7fTcMCsSdy-BNXcGtJQhbvo_cL-dyw1INJl75Gd9Cx665vSYZtHK5B9F597pxDyd038KEh7CXAW6oWuZGocw6onNBRkMI26R7y_ujdCfUKS34EA4dygP5j65Jsp4xAdRce6qLxj_Ja12px_psad6tQP7Z9LKOP02exEAXqYnFKo3xxT-qm5vf7fzSzOD7Cq2-RwWNb3Ua5Gk0lcKOG48kDWx-cISFzF19n8du0vH3tANvjCJtnulJGBPcfiaVBt7oJvz2OlTFN88F8SxcoASNn3HC7SQ_J21M_8tGwU1smUY8In8Z2i_W9dQcEKv7nvhWl-o6phzYVXzB7Xz00m5K6YR5rt7FDeO4Vbuvhyw9g80b5i6GHjhDJlBugocVpsWQ9Ch0_C-W9S8XTYPmgt3qvlUVF_1DSLO86j8jsSsPZHt70Td9ANbm8wrQVtLJ7hi-rOaLcfQrvFH2iuaaspuaw-QosuocuUXWw0-BhFuDli57pmFBiOPfL4bwKKnQUBtn5JH7mtg4uSlaao2kShUUj6I15sjL5kJkvIIl0edLIkQ8TnHcbDK1LZOdBWokgZJce2e1ebZqS5bg6LQL7A2DxlbpTZ_-_GE5uiomXpGyTe-O-e6kL9_yjI4fXC6bA_wjBHAM2HbrMIBGa4s9equRnrvfKYA7aMGcRCw9NANlLCfUlNip2OSIR4IPT_qcCgke7AcRFT_Es2zu5IEFcg914WR88jY9Gos9rL7GhoKwYDhpFFsuGIQXhZmYdrE16vDunKVflNHSZWT40RbYyUBE2Kxk6OhM7YQIXHenu9dPEuBOTqhgej9HTzw0qLDLaNYyi5ycogb-QMl-rIwcrC3U_oT7gI

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 6C30 43 B
215 B 111ms
110ms Image
image/gif 52.45.96.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=e5c36130-6a9f-36a8-a50a-7b06f33a4d72&tv=%7Bc:2tdQPB,pingTime:-10,time:853,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ny4wLjQ2OTIuNzEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1643259280758%7C%7C7af91b9462910d2f9d119680c195d0d4%7C%7C8866308252d63f9bf74b74e606896148%7C%7Cc6fd0b9dfe5584d7ee0372ed0f7f27f8%7C%7C2d6e826930a179af20d0942a5a9139c2%7C%7C40f45469cdcc60a13c8a5906b4703f41%7C%7Cd048d17f0076de8ae8e22405d8a4e1f1%7C%7Ca4afd03dca9a1fb1c0021f3975a27064%7C%7C1629390669%7D
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.96.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-96-92.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:40 GMT
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 320x320_15.gif
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 9C5A 83 KB
84 KB 60ms
60ms Image
image/gif 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/320x320_15.gif?v=3
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 897a61f461e2da1c232ce838911e080848f1454071e4e1fea731055df1b03f86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:40 GMT
cf-cache-status: HIT
age: 774
cf-polished: origSize=85875, status=webp_bigger
cf-ray: 6d3f6268df7a90c4-FRA
last-modified: Tue, 25 Jan 2022 00:04:10 GMT
content-length: 85394
x-amz-id-2: 2L+eH4CenYsfd2AQPngI+koZTGLRPkaZhad62oUR5wGH+TJ3O3U676WV3AWVCD2/k//DfK0wJ10=
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "b97a40ec85baebd06758c20639f491ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 8M26DTR3W3BFC9RW
cache-control: public, max-age=1800
accept-ranges: bytes
content-type: image/gif
expires: Thu, 27 Jan 2022 05:24:40 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 9C5A 44 KB
44 KB 37ms
37ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lp.cleverwebserver.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:14:34 GMT
x-content-type-options: nosniff
age: 103206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 26 Jan 2023 00:14:34 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5528 0
20 B 29ms
28ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjUbWjyXyYZSRIpbx3gP8jZnIBwAAAAA4AeAEAg&bg=!PD-lP3vNAAY6OBv_Ojg7ACkAdvg8WpYzawwA2ahymtCp8OaV_FmXrvJqQgvd1pcKLVqqrKLWPl6m0wIAAAFSUgAAAAhoAQeZAxeSujoQ5xY0WAgirO0PhzpHuGH2jicdOy0LIsWvML3tYys1OWfXTNtqlFyKi7AT7aUadw3Iig77ag12uKJfgmWrwTM7RVakRD6Gc-bdNotfbYcjN-p_7oflXWQhHysMBpGIz6PVyb4w16EFTAefWTkS3oKmKEYqZlM3bVVob1qUxYWND-Y3Gz-3MvfJqnjptSNDIvq9-4CPDsLb7_17RjL9aDlue_PymavGo5K7V8svkE69-PB6ZKvXnRKgmNKSOK4qKakPkB0MqyIinOCCvThLob6SWpxK5k2Jg1Oxus9G5Xbc8n-JRbYpRNX_WHfUTbdB0jYykqOxUqik3ZF9L_42nYLV3988IMN1Gk63-tgbywZG1DV5QLlWTT124pal9MxVbbA5WEJqxAMvmTneaDuoTzn_d1hAv6C6ZM0EcRgltgbIfqHo9_BUmAeXS1_7vQei5YpZ4GSVVuRxc2Ib4KaSaSfpj3zVXcGI2qV2N61n9qfCu_23aA12CcssSO6CHMEFohcdWASzLkcKVs-G6siAJlCF31fP2WDYFqLvZ4gakC3KbIE9D7GCfeAYIm2SMTRmCJnpt1mpiRNrAJu0212XwqTk6G3OlYJE7eSErE5JgklFc5aYS9uN4gQz1aJyhzGXH-syyBSZHscDNUPLJZ8XX9I4fvvAO08JKBsMAghtIhqiRIG1yIu78d4sk-spyWDPH4DSQXp8spIC9FmfRkUueOqqk4dz1SllCZwai--DD_BlaDKz1oyAubpqQ2Iyf981fptUOYTmEv0Joav2ovNVMGuwl1Jrx-dhzfugD-pv3SqZKNRRVCe_joKf1m6Ax65ym_x38tZvCDFl0c1PBEqBhswoRhwp6PlP5nZGdg5wr0vewxof0qgJB2fyxn4kceopWA25otFP7zd2MvsfSjqR_TQlxOtkgRVXifKC6F8APxBsLF5tlqEAXzJcNMSeJCH5zWrEJrb4u6cQRjN6_zmZbmXSeWS2m5__MuNFaLApbJA8wUhYeLM2dPljo8oZx1lkyNv83FYUZvsqncxaft9ykkzt5AAiug

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C8A8 42 B
64 B 36ms
36ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvIIRedMFAGekm0O6MBFi1WdX2HH5oKt36Iw8NnT9DvCKhRrptevdvyDGEt9oyxI5kFDmESSKoppljmWbDKxt3PoyVfKl2TpG1r3aNw1X4QCUHRIJpD0g&sai=AMfl-YQmYypkdZ-5zu6B4xvjpkX6wbqt3asrhXF38Yn2GQPBBwv7qzk_rI-17X8UrEyLn8xJG-Q0xzMrxt3mwraCqwG4H5ZHmLLfsYPB2ayJY55dqkctdzOpw8e5AT6Q&sig=Cg0ArKJSzJyKqP_QUAQ6EAE&cid=CAASEuRou5bYDauOs-ODC2hePj9MIA&id=lidar2&mcvt=1112&p=764,436,854,1164&mtos=1112,1112,1112,1112,1112&tos=1112,0,0,0,0&v=20220126&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=516205488&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643259279241&rpt=500&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 api.gif
tags.denakop.com/ 0
308 B 389ms
389ms Image
image/gif 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10093&d=desktop&b=Chrome&o=Windows&v=4.10.11&sw=1600&sh=1200&ac=a&p=https%3A%2F%2Fwww.superlutas.com.br%2F&t=1643259280883&cb=0.27111712244626207&aa=under

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-authenticated: 0
date: Thu, 27 Jan 2022 04:54:41 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: image/gif
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 6d3f62699d049259-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 54ms
28ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.superlutas.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064551

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 04:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 58ms
58ms Script
application/javascript 2a00:1450:400f:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.superlutas.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064551

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 04:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
8 KB 272ms
271ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3594616189647203&correlator=4045067316041048&output=ldjh&impl=fifs&eid=31064551&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220127&iu_parts=21715141650%3A66958784%2Cdesktop_under&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&prev_scp=dk_refresh%3Dtrue%26index%3D1%26hostname%3Dwww.superlutas.com.br%26pathname%3D%252F%26hb_format%3Dbanner%26hb_size%3D970x90%26hb_pb%3D0.26%26hb_adid%3D1782ac7585a3262%26hb_bidder%3Donemobile&cookie=ID%3Da49ee685f60fba00%3AT%3D1643259278%3AS%3DALNI_Mass-GhI3Ur1GDd4YoVpUb2Lbnc6A&bc=31&abxe=1&dt=1643259280889&lmt=1643255369&dlt=1643259277667&idt=402&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=40&adks=2933407738&ucis=k&ifi=22&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.superlutas.com.br%2F&vis=1&scr_x=0&scr_y=0&psz=1600x3626&msz=970x-1&ga_vid=1685899782.1643259278&ga_sid=1643259278&ga_hid=1985017582&ga_fc=true&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064551

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fdf5fc27cf3acd2e8c8c30570a334197b41b9592c96c2c256dd7b1b6ee02c41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8246
x-xss-protection: 0
google-lineitem-id: 4929641214
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138257969500
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.superlutas.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bg-pushdown_2.jpg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 9C5A 26 KB
26 KB 31ms
31ms Image
image/jpeg 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/bg-pushdown_2.jpg?v=3
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a01536a4e78676d34742f3d6a8718fd8604dc9c0f4569cbc5a38c1e66d774cf5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:40 GMT
cf-cache-status: HIT
age: 1131
cf-polished: origSize=27972, status=webp_bigger
cf-ray: 6d3f6269a87690c4-FRA
last-modified: Tue, 25 Jan 2022 00:04:10 GMT
content-length: 26182
x-amz-id-2: HtPyFR1iAVLXdPr34wJ+JFr2rZ7vGSqbjp2Na+nVpYFYK41MSOCPsCpEGAznxH7obkvqj8t3MFQ=
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "badb98ee3ef98cf931012151d07083fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: XEE2BPBDYF4E53V4
cache-control: public, max-age=1800
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 27 Jan 2022 05:24:40 GMT

GET
BLOB 200
OK ee52dac6-397e-4e5b-8cbc-a29f33322098
https://s0.2mdn.net/ Frame 8FFF 25 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://s0.2mdn.net/ee52dac6-397e-4e5b-8cbc-a29f33322098
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72d9cd78bba274c7d537dd55d86580f696b554d452810dadbedc129e6a26462a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length: 25876
Content-Type: image/jpeg

GET
H/1.1 200
OK DefaultAff.aspx Show response
members.bet365.de/Members/Helpers/ Frame 7682 84 B
1 KB 219ms
157ms Document
text/html 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://members.bet365.de/Members/Helpers/DefaultAff.aspx?affiliate=365_00976624
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/js/clever.de.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 662c2c97092391ae013657013ee4e9e1ae67db8d008735ea5e03ae20fecd07ba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/

Response headers

Date: Thu, 27 Jan 2022 04:54:41 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 177
Connection: keep-alive
Cache-Control: private
Content-Encoding: gzip
Vary: Accept-Encoding
ME-Redirect: PQB
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 6d3f626a2a555bfd-FRA

GET
H3 200 sv_SE_imageanimation_D_NA_Car-Hood-Palm_300x250.js Show response
s0.2mdn.net/creatives/assets/2989746/ Frame 8FFF 40 KB
23 KB 32ms
32ms XHR
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/2989746/sv_SE_imageanimation_D_NA_Car-Hood-Palm_300x250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/sv_SE_polite.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

253cae3066c16fdfc1cf3f775429d6e26b036d8de015d75326d3eb1cfeadfc44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17516561811023965382/index.html?e=69&leftOffset=0&topOffset=0&c=ttRpYxwgwv&t=1&renderingType=2
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23730
x-xss-protection: 0
last-modified: Mon, 05 Jul 2021 12:59:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jan 2022 05:09:40 GMT

GET
H3 200 js-animation_sv_SE_imageanimation.js Show response
s0.2mdn.net/creatives/assets/3389262/ Frame 8FFF 75 KB
20 KB 20ms
19ms XHR
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3389262/js-animation_sv_SE_imageanimation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/sv_SE_polite.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ea3aa207725d58fc01db2acfddc02ac7e6c6c4804e98edbdb9e65da94b2bb7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17516561811023965382/index.html?e=69&leftOffset=0&topOffset=0&c=ttRpYxwgwv&t=1&renderingType=2
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:41:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 789
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20098
x-xss-protection: 0
last-modified: Fri, 22 Oct 2021 11:56:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jan 2022 04:56:31 GMT

GET
DATA 200
OK truncated
/ Frame 8FFF 16 KB
16 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2702e6960d44e346710ae6dfc397bbcc229ace168981b50ba2d61423fc608ab5

Request headers

Referer
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 D_NA_Car-Hood-Palm;strtype=2
ad.doubleclick.net/activity;src=11016238;pid=322751186;aid=515368561;ko=0;cid=162733354;rid=163183655;rv=2;stragg=1;&timestamp=1643259281017;str=LH/NULL/3%26%238239%3B825/amadeusBestPrice/ Frame 6C30 42 B
580 B 105ms
54ms Image
image/gif 142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;src=11016238;pid=322751186;aid=515368561;ko=0;cid=162733354;rid=163183655;rv=2;stragg=1;&timestamp=1643259281017;str=LH/NULL/3%26%238239%3B825/amadeusBestPrice/D_NA_Car-Hood-Palm;strtype=2

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 27 Jan 2022 04:54:41 GMT
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AAEB 6 KB
3 KB 47ms
46ms Document
text/html 2a00:1450:400f:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064551

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Jan 2022 04:54:38 GMT
expires: Fri, 27 Jan 2023 04:54:38 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ 262 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f266202b591aab2563e8ef52fcc7cf8d2358f48600ad7f52bc62462787dca01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame AAEB 22 KB
7 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 20:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115130
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 25 Jan 2023 20:55:51 GMT

GET
H2 200 creative.js Show response
v3.denakop.com/ Frame AAEB 26 KB
9 KB 36ms
27ms Script
application/javascript 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v3.denakop.com/creative.js
Requested by: Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86f897190f2d080cb6af47dafa3c47df3900a1d6e124191ba846d92c7d39a9d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:41 GMT
content-encoding: br
cf-cache-status: HIT
age: 69007
cf-polished: origSize=26673
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 26 Oct 2021 00:04:42 GMT
server: cloudflare
etag: W/"6177461a-6831"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, must-revalidate, max-age=86400
cf-ray: 6d3f626bd9a291fb-FRA
cf-bgj: minify

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AAEB 123 KB
37 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Jan 2022 04:54:41 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AAEB 0
0 30ms
30ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZTFjHxXNaJFsxJC5QFwWW2QcfpodPzRILbdov5OsxAQZ0y_9QVo_ZDEiAzCYuakCFw8mJ1XGbHcfZ8JH_C2Joea9_PRwuCamd5RAo55SiI3SCngMyvrjvTb4oGUjfTylIVolU45_hjf5z1q1GdViU7u_4kIHXuvTbznM8EbxxUWks2suVEy4AZjBcYSn_qyP-PUlGpdfADZqt4G1ImBFpPOXwX5BzH7bNAI_jFvFFcGfYPyCsWXLQnlqoDy3TV-7a-gFR-Rr58dLZiRT-9ICTiUjZwDYB3Qj00pP34WXRFgNuWH1yGZUpeWUdvCYIw_yOeAcsyw&sig=Cg0ArKJSzE5DgzJjjJMcEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 04:54:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

https%3A%2F%2Fprod-m-node-3113.ssp.advertising.com%2Fadmax%2FadClick.do%3Fdcn%3D8a96983d017575db4b3edb9ac0dc0015%26n%3DYahoo%2BSSP%26id%3Dbbbcbdec287c463099f36c06246877f4%26tid%3D8a96987f017474d53b... Show response
eu.sportradarserving.com/ul_cb/content/tvZKo2HLEvz_K9_lEeo-e-hgWp8dZUhlQdg1tSs-dmoyM7IgnDo363iR8AVFN9S-5yvgD5UPlSTeXZeOBSNu75Y-MDGUvHw_4K6k5RM4jqzbvGzSqfgLFYtGhqAAz7MFIrC72PW_gRHGx8mRtdP-954sMwhLgd... Frame EE34
Redirect Chain

https://eu.sportradarserving.com/content/tvZKo2HLEvz_K9_lEeo-e-hgWp8dZUhlQdg1tSs-dmoyM7IgnDo363iR8AVFN9S-5yvgD5UPlSTeXZeOBSNu75Y-MDGUvHw_4K6k5RM4jqzbvGzSqfgLFYtGhqAAz7MFIrC72PW_gRHGx8mRtdP-954sMwhL...
https://eu.sportradarserving.com/ul_cb/content/tvZKo2HLEvz_K9_lEeo-e-hgWp8dZUhlQdg1tSs-dmoyM7IgnDo363iR8AVFN9S-5yvgD5UPlSTeXZeOBSNu75Y-MDGUvHw_4K6k5RM4jqzbvGzSqfgLFYtGhqAAz7MFIrC72PW_gRHGx8mRtdP-95...

13 KB
7 KB

25ms
25ms

Document
text/html

18.184.176.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.sportradarserving.com/ul_cb/content/tvZKo2HLEvz_K9_lEeo-e-hgWp8dZUhlQdg1tSs-dmoyM7IgnDo363iR8AVFN9S-5yvgD5UPlSTeXZeOBSNu75Y-MDGUvHw_4K6k5RM4jqzbvGzSqfgLFYtGhqAAz7MFIrC72PW_gRHGx8mRtdP-954sMwhLgdFlIjy88b-9p5jMqK-no4JB39CwFrNOsEeUgQubtuGpjn3DugEpNy1Sj_xJm6Vu8pT0lKD1j-kVMXi7Knp_3ZGbMZ_1jZr6E2XDHVe4pXK2RqXhhSyiDI2JGiOChr2k65HdoLpSQmLVpgtMqwH0EULw8xrV6RQXbXB_DzQvJp-6dXFYEfZb_fzKLAMTiqPCJzsVvDroqsaUktrPT1D_qDTsS5NbU90ZfnfPTBMbAkcUmplQqcWowHJ1rK0BDSG-ifcHp9NXxEfd0wtpeV7i2EPDrHhmUdRbpOhcYOjIF11N8-PoEZsN8C-yiTGnnUEaBS-Jn-AZxlL613tMIJQx-mYxYUD-W5RQSe8nxXt1Al6ptWhEjZBw7-1hSZrqUpwlSqpvu-hYeA2VFfPt1M8zoyyJYXURH4jeK4Tw6dRFcIS_0yHZk_iNF8g3Slo2KuBom8PuLwYV1e8jdhH8QOjjSumYBVF6HrHAoZHya1OnnNzDdTh0A2P5uxK0ikLVh5N6Rt0UEnCiKRq_TB1jfcrPoeyWcXqqwlmOYUdp0NTkW6q30fQStWUGASzw65OEM3mFj4dEeBJVURB0eOBxCogRwZOOtWHMQaFcGW7w-PVhHIsFrnbKRdl1ZbmSz526q8h1ql2oN69j5_OoC-yMjyTDgGXlOaKgM4KX3Jku-B41gZ64pVx0bXadZAfxQjhGkTByW6MToDx3uc2jmjf-UlCVRG6SJ7kXVT6011h8GcPvycUkd6-PW-bGlo3hsTRimWVwbyh2Rr_gFgSPVcdMXVcZFjs/https%3A%2F%2Fprod-m-node-3113.ssp.advertising.com%2Fadmax%2FadClick.do%3Fdcn%3D8a96983d017575db4b3edb9ac0dc0015%26n%3DYahoo%2BSSP%26id%3Dbbbcbdec287c463099f36c06246877f4%26tid%3D8a96987f017474d53b44d5932547006a%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a96983d017575db4b3edb9d8d750019%26grp%3D%253F%253F%253F%26type%3D0%26nl%3D1643259280216%26rts%3D1643259280143%26ari%3D73b43720f1244b12ac0bbe4c57882b9d%26b%3DMTMyODM7Ozs7Ozs7Mjk4NjI3OTM7Ozs7Ozs7Ozs.%26a%3Dd91a704c28c64d0582eb588719794971%26rdm%3D1%26rd%3D
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.176.155 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-176-155.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 222a61f6f487c980304a1b7aa1c8466f2966532604a82cce7b0358ec86c74f99

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 27 Jan 2022 04:54:41 GMT
Content-Length: 5028
Connection: keep-alive

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Date: Thu, 27 Jan 2022 04:54:41 GMT
Location: https://eu.sportradarserving.com/ul_cb/content/tvZKo2HLEvz_K9_lEeo-e-hgWp8dZUhlQdg1tSs-dmoyM7IgnDo363iR8AVFN9S-5yvgD5UPlSTeXZeOBSNu75Y-MDGUvHw_4K6k5RM4jqzbvGzSqfgLFYtGhqAAz7MFIrC72PW_gRHGx8mRtdP-954sMwhLgdFlIjy88b-9p5jMqK-no4JB39CwFrNOsEeUgQubtuGpjn3DugEpNy1Sj_xJm6Vu8pT0lKD1j-kVMXi7Knp_3ZGbMZ_1jZr6E2XDHVe4pXK2RqXhhSyiDI2JGiOChr2k65HdoLpSQmLVpgtMqwH0EULw8xrV6RQXbXB_DzQvJp-6dXFYEfZb_fzKLAMTiqPCJzsVvDroqsaUktrPT1D_qDTsS5NbU90ZfnfPTBMbAkcUmplQqcWowHJ1rK0BDSG-ifcHp9NXxEfd0wtpeV7i2EPDrHhmUdRbpOhcYOjIF11N8-PoEZsN8C-yiTGnnUEaBS-Jn-AZxlL613tMIJQx-mYxYUD-W5RQSe8nxXt1Al6ptWhEjZBw7-1hSZrqUpwlSqpvu-hYeA2VFfPt1M8zoyyJYXURH4jeK4Tw6dRFcIS_0yHZk_iNF8g3Slo2KuBom8PuLwYV1e8jdhH8QOjjSumYBVF6HrHAoZHya1OnnNzDdTh0A2P5uxK0ikLVh5N6Rt0UEnCiKRq_TB1jfcrPoeyWcXqqwlmOYUdp0NTkW6q30fQStWUGASzw65OEM3mFj4dEeBJVURB0eOBxCogRwZOOtWHMQaFcGW7w-PVhHIsFrnbKRdl1ZbmSz526q8h1ql2oN69j5_OoC-yMjyTDgGXlOaKgM4KX3Jku-B41gZ64pVx0bXadZAfxQjhGkTByW6MToDx3uc2jmjf-UlCVRG6SJ7kXVT6011h8GcPvycUkd6-PW-bGlo3hsTRimWVwbyh2Rr_gFgSPVcdMXVcZFjs/https%3A%2F%2Fprod-m-node-3113.ssp.advertising.com%2Fadmax%2FadClick.do%3Fdcn%3D8a96983d017575db4b3edb9ac0dc0015%26n%3DYahoo%2BSSP%26id%3Dbbbcbdec287c463099f36c06246877f4%26tid%3D8a96987f017474d53b44d5932547006a%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a96983d017575db4b3edb9d8d750019%26grp%3D%253F%253F%253F%26type%3D0%26nl%3D1643259280216%26rts%3D1643259280143%26ari%3D73b43720f1244b12ac0bbe4c57882b9d%26b%3DMTMyODM7Ozs7Ozs7Mjk4NjI3OTM7Ozs7Ozs7Ozs.%26a%3Dd91a704c28c64d0582eb588719794971%26rdm%3D1%26rd%3D
Content-Length: 0
Connection: keep-alive

GET
H2 200 moatad.js Show response
z.moatads.com/iponweb503341958152/ Frame 21F6 318 KB
107 KB 54ms
16ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/iponweb503341958152/moatad.js
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ec8afe51cb3d38828f784dfdf56b128a44e66dcef3561e15a1227bb1ac87803a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:41 GMT
content-encoding: gzip
last-modified: Wed, 19 Jan 2022 15:39:51 GMT
server: AmazonS3
x-amz-request-id: CEAYM9T53FJM03FJ
etag: "fba0f3b10404bf926d90d4ff3952ebd4"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=24740
accept-ranges: bytes
content-length: 108729
x-amz-id-2: PFg/EwTNIz2sOWAEh9+7XM1UHDowBjIcZ58z9brGlby9Z/Ose0lljc2BrNYQOntgQTlawCirtuk=

GET
H2 200 talon-1.0.39.js Show response
cdn.js7k.com/ix/ Frame 21F6 69 KB
17 KB 246ms
18ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/ix/talon-1.0.39.js

Requested by

Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

901a381a532d64712970ae6d21bf80742c1a8088e7bd9f6eb551ebf8d812a390

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 02:30:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8678
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 16530
x-amz-id-2: 6FzCwdhTZigDCFrniRjb2chROp5aqCsvpjA5OT1UnbVR7NvhpQ5A4jj9pt6pBtMlR9b1WfH0p8o=
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 07 Jan 2022 22:21:14 GMT
server: ATS
etag: "a3d122d2b21ea5999c557bdb1d26ca54-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 0TBMN80DGWX5QERZ
x-xss-protection: 1; mode=block
cache-control: public,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H2 200 adEvent.do
prod-m-node-3113.ssp.advertising.com/admax/ Frame 21F6 43 B
176 B 100ms
21ms Image
image/gif 52.57.30.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-m-node-3113.ssp.advertising.com/admax/adEvent.do?tidi=770941088&dcn=8a96983d017575db4b3edb9ac0dc0015&posi=1342844&grp=%3F%3F%3F&nl=1643259280216&rts=1643259280143&pix=1&et=1&a=d91a704c28c64d0582eb588719794971&m=aXAtMTAtMjItMTA4LTEz&p=MC4wMDAyNzM4&b=MTMyODM7NDA5O2JldHdheS5kZTs7Ozs3M2I0MzcyMGYxMjQ0YjEyYWMwYmJlNGM1Nzg4MmI5ZDsyOTg2Mjc5MzsxNjQzMjI1NDAwOzswLjAwMDIxOTA0OzswOzs0MDlfMTk2Mjc7MDQ5M2UwZjc0N2IyNDEwNmNlMGZiZjM2MzgyNTY4YWMyMzdjZmU3Mzsx&xdi=Q2hyb21lIC0gV2luZG93c3xHb29nbGV8TlQgMTAuMHwxN3xEZXNrdG9w&xoi=MHxERVU.&hb=true&type=0&af=5&dety=2
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.30.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-30-26.eu-central-1.compute.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:41 GMT
last-modified: Tue, 25 Jan 2022 19:28:40 GMT
server: nginx/1.20.1
accept-ranges: bytes
content-length: 43
content-type: image/gif

GET
H2 200 /
aws-fr.bidswitch.net/imp/0.2738/BSWhttps_A_B_Beu.sportradarserving.com_Bnotify_BtvZKo2HLEvz__K9__lEeo-e-hgWp8dZUhlQdg1tSs-dmoyM7IgnDo363iR8AVFN9S-5yvgD5UPlSTeXZeOBSNu75Y-MDGUvHw__4K6k5RM4jqzbvGzSqf... Frame 21F6 43 B
520 B 99ms
43ms Image
image/gif 35.159.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aws-fr.bidswitch.net/imp/0.2738/BSWhttps_A_B_Beu.sportradarserving.com_Bnotify_BtvZKo2HLEvz__K9__lEeo-e-hgWp8dZUhlQdg1tSs-dmoyM7IgnDo363iR8AVFN9S-5yvgD5UPlSTeXZeOBSNu75Y-MDGUvHw__4K6k5RM4jqzbvGzSqfgLFYtGhqAAz7MFIrC72PW__gRHGx8mRtdP-954sMwhLgdFlIjy88b-9p5jMqK-no4JB39CwFrNOsEeUgQubtuGpjn3DugEpNy1Sj__xJm6Vu8pT0lKD1j-kVMXi7Knp__3ZGbMZ__1jZr6E2XDHVe4pXK2RqXhhSyiDI2JGiOChr2k65HdoLpSQmLVpgtMqwH0EULw8xrV6RQXbXB__DzQvJp-6dXFYEfZb__fzKLAMTiqPCJzsVvDroqsaUktrPT1D__qDTsS5NbU90ZfnfPTBMbAkcUmplQqcWowHJ1rK0BDSG-ifcHp9NXxEfd0wtpeV7i2EPDrHhmUdRbpOhcYOjIF11N8-PoEZsN8C-yiTGnnUEaBS-Jn-AZxlL613tMIJQx-mYxYUD-W5RQSe8nxXt1Al6ptWhEjZBw7-1hSZrqUpwlSqpvu-hYeA2VFfPt1M8zoyyJYXURH4jeK4Tw6dRFcIS__0yHZk__iNF8g3Slo2KuBom8PuLwYV1e8jdhH8QOjjSumYBVF6HrHAoZHya1OnnNzDdTh0A2P5uxK0ikLVh5N6Rt0UEnCiKRq__TB1jfcrPoeyWcXqqwlmOYUdp0NTkW6q30fQStWUGASzw65OEM3mFj4dEeBJVURB0eOBxCogRwZOOtWHMQaFcGW7w-PVhHIsFrnbKRdl1ZbmSz526q8h1ql2oN69j5__OoC-yMjyTDgGXlOaKgM4KX3Jku-B41gZ64pVx0bXadZAfxQjhGkTByW6MToDx3uc2jmjf-UlCVRG6SJ7kXVT6011h8GcPvycUkd6-PW-bGlo3hsTRimWVwbyh2Rr__gFgSPVcdMXVcZFjs_B_I_WAUCTION__PRICE_X_B/NL2nH7T7Z2MYHc9WmXcA7UoPQZOqjzlsJWskpo_1CHC7ty3p6Zpa8MQRky7njJO-I6DeNGngGdBX6L_WDbCvAr8u4sSlVS3Tv9da2p3o0x80NIcZZAUrWIseDiYkODtEisrZ5RaqzskQS5XYScmn9hSepVsjD7Om9pysA4gx_EYnmic7vd1hYHtSlBo4yncBUwC6qKmAAdTJpExuzRAsAaZjtnP9_vbnL9YdzA5XKufwBjoLFhuHGnYpLP20Hrn_jGcMg_kidZ3m59ufOeRMJ3HH7mNDvhtgwUmENXuOQ5qz3a0Qj0qPF-lhFHeUBIV2V5q1ARjrQF431YGWHEZGx8iL37KnQcZiqVhDVgWHPtFM7UKQ67jg6X-GT6q-pTkCSFwnMxhxZ9ZKOkZurgIIYiKgiCCl2FLHStrpA7SgIWi12dQ4-hhWn2DvZTaD9IvSrNiHbgCgssn8VuK6Jx2A1f2CLeIxlboUOGZQvgb9gpRnqm29iD1W3VvKdDQLYXFvGU9UmLON5gaur2Rlp2yPKRHVZ5Ytbib2ELGXcs6Abe9dB_ZKsqAlAi7jchvhmDKk0e1idkfLbH6mxN6x59GjPLTu5gDT9Gvz0DfDHE9I9TmqWOs4-vf-fmAfSqmkqkjkV6pOnr0-10swzIjQdCg1dG64T2fpAX734VfiIjiovh20FXKkR1NbGsW2P3iozvVKkf80aemS8057JLFVyayOaMYVeJYsvK4qf4V2G2rMhRcpbfyto9XbiJs61wE98e_Vq-RXtFPXeH12-RYXZxesuR3DZd_kGYH2-6NtEOszvtGbdKwDZ3fbhrmRizjTTCBU-Ae3sFNU9dlxHZGeg1KLPQbyxNB95oR_Rl6bLsPTqDWeqNB8/
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.159.4.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-159-4-76.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame AAEB 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b62f91fbd83e45ad2cc8d9e13066604d744130a03d531d46530637ce6366d441

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 n.js Show response
geo.moatads.com/ Frame AAEB 112 B
288 B 175ms
33ms Script
text/html 18.135.139.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=2061738155&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwKreHhxgYYW%2Bup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-Ow7GM1%2F1Kg7M0g%3D%3D&sc=1&os=1-MQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=IPONWEB1&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.superlutas.com.br&lp=https%3A%2F%2Fwww.superlutas.com.br&t=1643259281475&de=273805249504&m=0&ar=3902fe7180d-clean&iw=f916008&q=2&cb=0&ym=0&cu=1643259281475&ll=2&lm=2&ln=1&r=0&em=0&en=0&d=rmx%3Armx_57545%3Asuperlutas.com.br%3A1&zGSRC=1&gu=https%3A%2F%2Fwww.superlutas.com.br%2F&id=0&ii=3&bo=display&bd=2&zMoatOrigSlicer1=display&zMoatOrigSlicer2=2&gw=iponweb503341958152&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A220%3A220%3A0%3A216&jk=-1&jm=-1&fs=196551&na=1075103694&cs=0&ord=1643259281475&jv=671650185&callback=DOMlessLLDcallback_25340918
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/iponweb503341958152/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.135.139.107 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-135-139-107.eu-west-2.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: 996e3ef6070e7cb44a93c2d5d246ce80521e03e8f764bb8125501a0ba29ab377

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:41 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "4a388726c75d33cdcda66ff535e77bb04b77e534"
content-length: 112
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ Frame AAEB 43 B
260 B 26ms
18ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=IPONWEB1&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.superlutas.com.br&lp=https%3A%2F%2Fwww.superlutas.com.br&t=1643259281475&de=273805249504&m=0&ar=3902fe7180d-clean&iw=f916008&q=3&cb=0&ym=0&cu=1643259281475&ll=2&lm=2&ln=1&r=0&em=0&en=0&d=rmx%3Armx_57545%3Asuperlutas.com.br%3A1&zGSRC=1&gu=https%3A%2F%2Fwww.superlutas.com.br%2F&id=0&ii=3&bo=display&bd=2&zMoatOrigSlicer1=display&zMoatOrigSlicer2=2&gw=iponweb503341958152&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A220%3A220%3A0%3A216&jk=-1&jm=-1&fs=196551&na=1965129518&cs=0
Requested by: Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 27 Jan 2022 04:54:41 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BC9F 42 B
64 B 29ms
29ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstf81oyZdXVsyhAv5aLMvZC0XPixRHGbe5vZxJvypVXv3DtXB7PW_pVH0C8QKhhHn7aECwBHxIxjZqSxVMqve5MDZDA9JVjVsEpUaVUAq7iWixHEVV_&sig=Cg0ArKJSzOK7xJkH9q7HEAE&id=lidar2&mcvt=1059&p=55,0,56,1&mtos=1059,1059,1059,1059,1059&tos=1059,0,0,0,0&v=20220126&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3626379645&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643259279220&rpt=1238&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 usersyncs
tags.feedad.com/1/ Frame EE34 42 B
313 B 120ms
32ms Image
image/gif 216.239.38.21
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.feedad.com/1/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=b770fd19-5f45-48f4-8fef-c80d1714da2f
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/tvZKo2HLEvz_K9_lEeo-e-hgWp8dZUhlQdg1tSs-dmoyM7IgnDo363iR8AVFN9S-5yvgD5UPlSTeXZeOBSNu75Y-MDGUvHw_4K6k5RM4jqzbvGzSqfgLFYtGhqAAz7MFIrC72PW_gRHGx8mRtdP-954sMwhLgdFlIjy88b-9p5jMqK-no4JB39CwFrNOsEeUgQubtuGpjn3DugEpNy1Sj_xJm6Vu8pT0lKD1j-kVMXi7Knp_3ZGbMZ_1jZr6E2XDHVe4pXK2RqXhhSyiDI2JGiOChr2k65HdoLpSQmLVpgtMqwH0EULw8xrV6RQXbXB_DzQvJp-6dXFYEfZb_fzKLAMTiqPCJzsVvDroqsaUktrPT1D_qDTsS5NbU90ZfnfPTBMbAkcUmplQqcWowHJ1rK0BDSG-ifcHp9NXxEfd0wtpeV7i2EPDrHhmUdRbpOhcYOjIF11N8-PoEZsN8C-yiTGnnUEaBS-Jn-AZxlL613tMIJQx-mYxYUD-W5RQSe8nxXt1Al6ptWhEjZBw7-1hSZrqUpwlSqpvu-hYeA2VFfPt1M8zoyyJYXURH4jeK4Tw6dRFcIS_0yHZk_iNF8g3Slo2KuBom8PuLwYV1e8jdhH8QOjjSumYBVF6HrHAoZHya1OnnNzDdTh0A2P5uxK0ikLVh5N6Rt0UEnCiKRq_TB1jfcrPoeyWcXqqwlmOYUdp0NTkW6q30fQStWUGASzw65OEM3mFj4dEeBJVURB0eOBxCogRwZOOtWHMQaFcGW7w-PVhHIsFrnbKRdl1ZbmSz526q8h1ql2oN69j5_OoC-yMjyTDgGXlOaKgM4KX3Jku-B41gZ64pVx0bXadZAfxQjhGkTByW6MToDx3uc2jmjf-UlCVRG6SJ7kXVT6011h8GcPvycUkd6-PW-bGlo3hsTRimWVwbyh2Rr_gFgSPVcdMXVcZFjs/https%3A%2F%2Fprod-m-node-3113.ssp.advertising.com%2Fadmax%2FadClick.do%3Fdcn%3D8a96983d017575db4b3edb9ac0dc0015%26n%3DYahoo%2BSSP%26id%3Dbbbcbdec287c463099f36c06246877f4%26tid%3D8a96987f017474d53b44d5932547006a%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a96983d017575db4b3edb9d8d750019%26grp%3D%253F%253F%253F%26type%3D0%26nl%3D1643259280216%26rts%3D1643259280143%26ari%3D73b43720f1244b12ac0bbe4c57882b9d%26b%3DMTMyODM7Ozs7Ozs7Mjk4NjI3OTM7Ozs7Ozs7Ozs.%26a%3Dd91a704c28c64d0582eb588719794971%26rdm%3D1%26rd%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.38.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2615.1e100.net
Software: Google Frontend /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cloud-trace-context: 86031faa3814ddc5921d467f0d6218c6
cache-control: private
server: Google Frontend
content-type: image/gif
date: Thu, 27 Jan 2022 04:54:41 GMT
content-length: 42
expires: Thu, 27 Jan 2022 04:54:41 GMT

GET
H2 200 usersyncs
api.feedad.com/1.1/web/ Frame EE34 42 B
313 B 121ms
33ms Image
image/gif 216.239.38.21
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.feedad.com/1.1/web/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=b770fd19-5f45-48f4-8fef-c80d1714da2f
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/tvZKo2HLEvz_K9_lEeo-e-hgWp8dZUhlQdg1tSs-dmoyM7IgnDo363iR8AVFN9S-5yvgD5UPlSTeXZeOBSNu75Y-MDGUvHw_4K6k5RM4jqzbvGzSqfgLFYtGhqAAz7MFIrC72PW_gRHGx8mRtdP-954sMwhLgdFlIjy88b-9p5jMqK-no4JB39CwFrNOsEeUgQubtuGpjn3DugEpNy1Sj_xJm6Vu8pT0lKD1j-kVMXi7Knp_3ZGbMZ_1jZr6E2XDHVe4pXK2RqXhhSyiDI2JGiOChr2k65HdoLpSQmLVpgtMqwH0EULw8xrV6RQXbXB_DzQvJp-6dXFYEfZb_fzKLAMTiqPCJzsVvDroqsaUktrPT1D_qDTsS5NbU90ZfnfPTBMbAkcUmplQqcWowHJ1rK0BDSG-ifcHp9NXxEfd0wtpeV7i2EPDrHhmUdRbpOhcYOjIF11N8-PoEZsN8C-yiTGnnUEaBS-Jn-AZxlL613tMIJQx-mYxYUD-W5RQSe8nxXt1Al6ptWhEjZBw7-1hSZrqUpwlSqpvu-hYeA2VFfPt1M8zoyyJYXURH4jeK4Tw6dRFcIS_0yHZk_iNF8g3Slo2KuBom8PuLwYV1e8jdhH8QOjjSumYBVF6HrHAoZHya1OnnNzDdTh0A2P5uxK0ikLVh5N6Rt0UEnCiKRq_TB1jfcrPoeyWcXqqwlmOYUdp0NTkW6q30fQStWUGASzw65OEM3mFj4dEeBJVURB0eOBxCogRwZOOtWHMQaFcGW7w-PVhHIsFrnbKRdl1ZbmSz526q8h1ql2oN69j5_OoC-yMjyTDgGXlOaKgM4KX3Jku-B41gZ64pVx0bXadZAfxQjhGkTByW6MToDx3uc2jmjf-UlCVRG6SJ7kXVT6011h8GcPvycUkd6-PW-bGlo3hsTRimWVwbyh2Rr_gFgSPVcdMXVcZFjs/https%3A%2F%2Fprod-m-node-3113.ssp.advertising.com%2Fadmax%2FadClick.do%3Fdcn%3D8a96983d017575db4b3edb9ac0dc0015%26n%3DYahoo%2BSSP%26id%3Dbbbcbdec287c463099f36c06246877f4%26tid%3D8a96987f017474d53b44d5932547006a%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a96983d017575db4b3edb9d8d750019%26grp%3D%253F%253F%253F%26type%3D0%26nl%3D1643259280216%26rts%3D1643259280143%26ari%3D73b43720f1244b12ac0bbe4c57882b9d%26b%3DMTMyODM7Ozs7Ozs7Mjk4NjI3OTM7Ozs7Ozs7Ozs.%26a%3Dd91a704c28c64d0582eb588719794971%26rdm%3D1%26rd%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.38.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2615.1e100.net
Software: Google Frontend /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cloud-trace-context: ee59eecfcb5bf84b56aa005a520718fb
cache-control: private
server: Google Frontend
content-type: image/gif
date: Thu, 27 Jan 2022 04:54:41 GMT
content-length: 42
expires: Thu, 27 Jan 2022 04:54:41 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame EE34
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=b770fd19-5f45-48f4-8fef-c80d1714da2f
https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=5c506a63-342b-4ada-8352-20ad499a8e94&expires=30

0
239 B

20ms
19ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=5c506a63-342b-4ada-8352-20ad499a8e94&expires=30
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/tvZKo2HLEvz_K9_lEeo-e-hgWp8dZUhlQdg1tSs-dmoyM7IgnDo363iR8AVFN9S-5yvgD5UPlSTeXZeOBSNu75Y-MDGUvHw_4K6k5RM4jqzbvGzSqfgLFYtGhqAAz7MFIrC72PW_gRHGx8mRtdP-954sMwhLgdFlIjy88b-9p5jMqK-no4JB39CwFrNOsEeUgQubtuGpjn3DugEpNy1Sj_xJm6Vu8pT0lKD1j-kVMXi7Knp_3ZGbMZ_1jZr6E2XDHVe4pXK2RqXhhSyiDI2JGiOChr2k65HdoLpSQmLVpgtMqwH0EULw8xrV6RQXbXB_DzQvJp-6dXFYEfZb_fzKLAMTiqPCJzsVvDroqsaUktrPT1D_qDTsS5NbU90ZfnfPTBMbAkcUmplQqcWowHJ1rK0BDSG-ifcHp9NXxEfd0wtpeV7i2EPDrHhmUdRbpOhcYOjIF11N8-PoEZsN8C-yiTGnnUEaBS-Jn-AZxlL613tMIJQx-mYxYUD-W5RQSe8nxXt1Al6ptWhEjZBw7-1hSZrqUpwlSqpvu-hYeA2VFfPt1M8zoyyJYXURH4jeK4Tw6dRFcIS_0yHZk_iNF8g3Slo2KuBom8PuLwYV1e8jdhH8QOjjSumYBVF6HrHAoZHya1OnnNzDdTh0A2P5uxK0ikLVh5N6Rt0UEnCiKRq_TB1jfcrPoeyWcXqqwlmOYUdp0NTkW6q30fQStWUGASzw65OEM3mFj4dEeBJVURB0eOBxCogRwZOOtWHMQaFcGW7w-PVhHIsFrnbKRdl1ZbmSz526q8h1ql2oN69j5_OoC-yMjyTDgGXlOaKgM4KX3Jku-B41gZ64pVx0bXadZAfxQjhGkTByW6MToDx3uc2jmjf-UlCVRG6SJ7kXVT6011h8GcPvycUkd6-PW-bGlo3hsTRimWVwbyh2Rr_gFgSPVcdMXVcZFjs/https%3A%2F%2Fprod-m-node-3113.ssp.advertising.com%2Fadmax%2FadClick.do%3Fdcn%3D8a96983d017575db4b3edb9ac0dc0015%26n%3DYahoo%2BSSP%26id%3Dbbbcbdec287c463099f36c06246877f4%26tid%3D8a96987f017474d53b44d5932547006a%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a96983d017575db4b3edb9d8d750019%26grp%3D%253F%253F%253F%26type%3D0%26nl%3D1643259280216%26rts%3D1643259280143%26ari%3D73b43720f1244b12ac0bbe4c57882b9d%26b%3DMTMyODM7Ozs7Ozs7Mjk4NjI3OTM7Ozs7Ozs7Ozs.%26a%3Dd91a704c28c64d0582eb588719794971%26rdm%3D1%26rd%3D
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

Location: //pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=5c506a63-342b-4ada-8352-20ad499a8e94&expires=30
Date: Thu, 27 Jan 2022 04:54:41 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame EE34
Redirect Chain

https://eb2.3lift.com/xuid?mid=7963&xuid=b770fd19-5f45-48f4-8fef-c80d1714da2f&dongle=3oy7
https://eb2.3lift.com/xuid?ld=1&mid=7963&xuid=b770fd19-5f45-48f4-8fef-c80d1714da2f&dongle=3oy7&gdpr=1&cmp_cs=&us_privacy=

37 B
354 B

18ms
18ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7963&xuid=b770fd19-5f45-48f4-8fef-c80d1714da2f&dongle=3oy7&gdpr=1&cmp_cs=&us_privacy=
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/tvZKo2HLEvz_K9_lEeo-e-hgWp8dZUhlQdg1tSs-dmoyM7IgnDo363iR8AVFN9S-5yvgD5UPlSTeXZeOBSNu75Y-MDGUvHw_4K6k5RM4jqzbvGzSqfgLFYtGhqAAz7MFIrC72PW_gRHGx8mRtdP-954sMwhLgdFlIjy88b-9p5jMqK-no4JB39CwFrNOsEeUgQubtuGpjn3DugEpNy1Sj_xJm6Vu8pT0lKD1j-kVMXi7Knp_3ZGbMZ_1jZr6E2XDHVe4pXK2RqXhhSyiDI2JGiOChr2k65HdoLpSQmLVpgtMqwH0EULw8xrV6RQXbXB_DzQvJp-6dXFYEfZb_fzKLAMTiqPCJzsVvDroqsaUktrPT1D_qDTsS5NbU90ZfnfPTBMbAkcUmplQqcWowHJ1rK0BDSG-ifcHp9NXxEfd0wtpeV7i2EPDrHhmUdRbpOhcYOjIF11N8-PoEZsN8C-yiTGnnUEaBS-Jn-AZxlL613tMIJQx-mYxYUD-W5RQSe8nxXt1Al6ptWhEjZBw7-1hSZrqUpwlSqpvu-hYeA2VFfPt1M8zoyyJYXURH4jeK4Tw6dRFcIS_0yHZk_iNF8g3Slo2KuBom8PuLwYV1e8jdhH8QOjjSumYBVF6HrHAoZHya1OnnNzDdTh0A2P5uxK0ikLVh5N6Rt0UEnCiKRq_TB1jfcrPoeyWcXqqwlmOYUdp0NTkW6q30fQStWUGASzw65OEM3mFj4dEeBJVURB0eOBxCogRwZOOtWHMQaFcGW7w-PVhHIsFrnbKRdl1ZbmSz526q8h1ql2oN69j5_OoC-yMjyTDgGXlOaKgM4KX3Jku-B41gZ64pVx0bXadZAfxQjhGkTByW6MToDx3uc2jmjf-UlCVRG6SJ7kXVT6011h8GcPvycUkd6-PW-bGlo3hsTRimWVwbyh2Rr_gFgSPVcdMXVcZFjs/https%3A%2F%2Fprod-m-node-3113.ssp.advertising.com%2Fadmax%2FadClick.do%3Fdcn%3D8a96983d017575db4b3edb9ac0dc0015%26n%3DYahoo%2BSSP%26id%3Dbbbcbdec287c463099f36c06246877f4%26tid%3D8a96987f017474d53b44d5932547006a%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a96983d017575db4b3edb9d8d750019%26grp%3D%253F%253F%253F%26type%3D0%26nl%3D1643259280216%26rts%3D1643259280143%26ari%3D73b43720f1244b12ac0bbe4c57882b9d%26b%3DMTMyODM7Ozs7Ozs7Mjk4NjI3OTM7Ozs7Ozs7Ozs.%26a%3Dd91a704c28c64d0582eb588719794971%26rdm%3D1%26rd%3D
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7963&xuid=b770fd19-5f45-48f4-8fef-c80d1714da2f&dongle=3oy7&gdpr=1&cmp_cs=&us_privacy=
date: Thu, 27 Jan 2022 04:54:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK youronlinechoices_icon.png
eu.sportradarserving.com/ Frame EE34 1 KB
2 KB 105ms
105ms Image
image/png 18.184.176.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.sportradarserving.com/youronlinechoices_icon.png
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/tvZKo2HLEvz_K9_lEeo-e-hgWp8dZUhlQdg1tSs-dmoyM7IgnDo363iR8AVFN9S-5yvgD5UPlSTeXZeOBSNu75Y-MDGUvHw_4K6k5RM4jqzbvGzSqfgLFYtGhqAAz7MFIrC72PW_gRHGx8mRtdP-954sMwhLgdFlIjy88b-9p5jMqK-no4JB39CwFrNOsEeUgQubtuGpjn3DugEpNy1Sj_xJm6Vu8pT0lKD1j-kVMXi7Knp_3ZGbMZ_1jZr6E2XDHVe4pXK2RqXhhSyiDI2JGiOChr2k65HdoLpSQmLVpgtMqwH0EULw8xrV6RQXbXB_DzQvJp-6dXFYEfZb_fzKLAMTiqPCJzsVvDroqsaUktrPT1D_qDTsS5NbU90ZfnfPTBMbAkcUmplQqcWowHJ1rK0BDSG-ifcHp9NXxEfd0wtpeV7i2EPDrHhmUdRbpOhcYOjIF11N8-PoEZsN8C-yiTGnnUEaBS-Jn-AZxlL613tMIJQx-mYxYUD-W5RQSe8nxXt1Al6ptWhEjZBw7-1hSZrqUpwlSqpvu-hYeA2VFfPt1M8zoyyJYXURH4jeK4Tw6dRFcIS_0yHZk_iNF8g3Slo2KuBom8PuLwYV1e8jdhH8QOjjSumYBVF6HrHAoZHya1OnnNzDdTh0A2P5uxK0ikLVh5N6Rt0UEnCiKRq_TB1jfcrPoeyWcXqqwlmOYUdp0NTkW6q30fQStWUGASzw65OEM3mFj4dEeBJVURB0eOBxCogRwZOOtWHMQaFcGW7w-PVhHIsFrnbKRdl1ZbmSz526q8h1ql2oN69j5_OoC-yMjyTDgGXlOaKgM4KX3Jku-B41gZ64pVx0bXadZAfxQjhGkTByW6MToDx3uc2jmjf-UlCVRG6SJ7kXVT6011h8GcPvycUkd6-PW-bGlo3hsTRimWVwbyh2Rr_gFgSPVcdMXVcZFjs/https%3A%2F%2Fprod-m-node-3113.ssp.advertising.com%2Fadmax%2FadClick.do%3Fdcn%3D8a96983d017575db4b3edb9ac0dc0015%26n%3DYahoo%2BSSP%26id%3Dbbbcbdec287c463099f36c06246877f4%26tid%3D8a96987f017474d53b44d5932547006a%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a96983d017575db4b3edb9d8d750019%26grp%3D%253F%253F%253F%26type%3D0%26nl%3D1643259280216%26rts%3D1643259280143%26ari%3D73b43720f1244b12ac0bbe4c57882b9d%26b%3DMTMyODM7Ozs7Ozs7Mjk4NjI3OTM7Ozs7Ozs7Ozs.%26a%3Dd91a704c28c64d0582eb588719794971%26rdm%3D1%26rd%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.176.155 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-176-155.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 30c065c5189582302f1fc91edd7f8c99956f6f8bd6c4b242081f41ab1c772b08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.sportradarserving.com/ul_cb/content/tvZKo2HLEvz_K9_lEeo-e-hgWp8dZUhlQdg1tSs-dmoyM7IgnDo363iR8AVFN9S-5yvgD5UPlSTeXZeOBSNu75Y-MDGUvHw_4K6k5RM4jqzbvGzSqfgLFYtGhqAAz7MFIrC72PW_gRHGx8mRtdP-954sMwhLgdFlIjy88b-9p5jMqK-no4JB39CwFrNOsEeUgQubtuGpjn3DugEpNy1Sj_xJm6Vu8pT0lKD1j-kVMXi7Knp_3ZGbMZ_1jZr6E2XDHVe4pXK2RqXhhSyiDI2JGiOChr2k65HdoLpSQmLVpgtMqwH0EULw8xrV6RQXbXB_DzQvJp-6dXFYEfZb_fzKLAMTiqPCJzsVvDroqsaUktrPT1D_qDTsS5NbU90ZfnfPTBMbAkcUmplQqcWowHJ1rK0BDSG-ifcHp9NXxEfd0wtpeV7i2EPDrHhmUdRbpOhcYOjIF11N8-PoEZsN8C-yiTGnnUEaBS-Jn-AZxlL613tMIJQx-mYxYUD-W5RQSe8nxXt1Al6ptWhEjZBw7-1hSZrqUpwlSqpvu-hYeA2VFfPt1M8zoyyJYXURH4jeK4Tw6dRFcIS_0yHZk_iNF8g3Slo2KuBom8PuLwYV1e8jdhH8QOjjSumYBVF6HrHAoZHya1OnnNzDdTh0A2P5uxK0ikLVh5N6Rt0UEnCiKRq_TB1jfcrPoeyWcXqqwlmOYUdp0NTkW6q30fQStWUGASzw65OEM3mFj4dEeBJVURB0eOBxCogRwZOOtWHMQaFcGW7w-PVhHIsFrnbKRdl1ZbmSz526q8h1ql2oN69j5_OoC-yMjyTDgGXlOaKgM4KX3Jku-B41gZ64pVx0bXadZAfxQjhGkTByW6MToDx3uc2jmjf-UlCVRG6SJ7kXVT6011h8GcPvycUkd6-PW-bGlo3hsTRimWVwbyh2Rr_gFgSPVcdMXVcZFjs/https%3A%2F%2Fprod-m-node-3113.ssp.advertising.com%2Fadmax%2FadClick.do%3Fdcn%3D8a96983d017575db4b3edb9ac0dc0015%26n%3DYahoo%2BSSP%26id%3Dbbbcbdec287c463099f36c06246877f4%26tid%3D8a96987f017474d53b44d5932547006a%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a96983d017575db4b3edb9d8d750019%26grp%3D%253F%253F%253F%26type%3D0%26nl%3D1643259280216%26rts%3D1643259280143%26ari%3D73b43720f1244b12ac0bbe4c57882b9d%26b%3DMTMyODM7Ozs7Ozs7Mjk4NjI3OTM7Ozs7Ozs7Ozs.%26a%3Dd91a704c28c64d0582eb588719794971%26rdm%3D1%26rd%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 04:54:41 GMT
Cache-Control: max-age=86400
Last-Modified: Wed, 19 Jan 2022 12:29:49 GMT
Connection: keep-alive
ETag: 16425953891319
Content-Length: 1319
Content-Type: image/png

GET
H/1.1 200
OK tvZKo2HLEvz_K9_lEeo-e-hgWp8dZUhlQdg1tSs-dmoyM7IgnDo363iR8AVFN9S-5yvgD5UPlSTeXZeOBSNu75Y-MDGUvHw_4K6k5RM4jqzbvGzSqfgLFYtGhqAAz7MFIrC72PW_gRHGx8mRtdP-954sMwhLgdFlIjy88b-9p5jMqK-no4JB39CwFrNOsEeUgQubt...
eu.sportradarserving.com/mimp/ Frame EE34 43 B
220 B 58ms
21ms Image
image/gif 18.184.176.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.sportradarserving.com/mimp/tvZKo2HLEvz_K9_lEeo-e-hgWp8dZUhlQdg1tSs-dmoyM7IgnDo363iR8AVFN9S-5yvgD5UPlSTeXZeOBSNu75Y-MDGUvHw_4K6k5RM4jqzbvGzSqfgLFYtGhqAAz7MFIrC72PW_gRHGx8mRtdP-954sMwhLgdFlIjy88b-9p5jMqK-no4JB39CwFrNOsEeUgQubtuGpjn3DugEpNy1Sj_xJm6Vu8pT0lKD1j-kVMXi7Knp_3ZGbMZ_1jZr6E2XDHVe4pXK2RqXhhSyiDI2JGiOChr2k65HdoLpSQmLVpgtMqwH0EULw8xrV6RQXbXB_DzQvJp-6dXFYEfZb_fzKLAMTiqPCJzsVvDroqsaUktrPT1D_qDTsS5NbU90ZfnfPTBMbAkcUmplQqcWowHJ1rK0BDSG-ifcHp9NXxEfd0wtpeV7i2EPDrHhmUdRbpOhcYOjIF11N8-PoEZsN8C-yiTGnnUEaBS-Jn-AZxlL613tMIJQx-mYxYUD-W5RQSe8nxXt1Al6ptWhEjZBw7-1hSZrqUpwlSqpvu-hYeA2VFfPt1M8zoyyJYXURH4jeK4Tw6dRFcIS_0yHZk_iNF8g3Slo2KuBom8PuLwYV1e8jdhH8QOjjSumYBVF6HrHAoZHya1OnnNzDdTh0A2P5uxK0ikLVh5N6Rt0UEnCiKRq_TB1jfcrPoeyWcXqqwlmOYUdp0NTkW6q30fQStWUGASzw65OEM3mFj4dEeBJVURB0eOBxCogRwZOOtWHMQaFcGW7w-PVhHIsFrnbKRdl1ZbmSz526q8h1ql2oN69j5_OoC-yMjyTDgGXlOaKgM4KX3Jku-B41gZ64pVx0bXadZAfxQjhGkTByW6MToDx3uc2jmjf-UlCVRG6SJ7kXVT6011h8GcPvycUkd6-PW-bGlo3hsTRimWVwbyh2Rr_gFgSPVcdMXVcZFjs
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/tvZKo2HLEvz_K9_lEeo-e-hgWp8dZUhlQdg1tSs-dmoyM7IgnDo363iR8AVFN9S-5yvgD5UPlSTeXZeOBSNu75Y-MDGUvHw_4K6k5RM4jqzbvGzSqfgLFYtGhqAAz7MFIrC72PW_gRHGx8mRtdP-954sMwhLgdFlIjy88b-9p5jMqK-no4JB39CwFrNOsEeUgQubtuGpjn3DugEpNy1Sj_xJm6Vu8pT0lKD1j-kVMXi7Knp_3ZGbMZ_1jZr6E2XDHVe4pXK2RqXhhSyiDI2JGiOChr2k65HdoLpSQmLVpgtMqwH0EULw8xrV6RQXbXB_DzQvJp-6dXFYEfZb_fzKLAMTiqPCJzsVvDroqsaUktrPT1D_qDTsS5NbU90ZfnfPTBMbAkcUmplQqcWowHJ1rK0BDSG-ifcHp9NXxEfd0wtpeV7i2EPDrHhmUdRbpOhcYOjIF11N8-PoEZsN8C-yiTGnnUEaBS-Jn-AZxlL613tMIJQx-mYxYUD-W5RQSe8nxXt1Al6ptWhEjZBw7-1hSZrqUpwlSqpvu-hYeA2VFfPt1M8zoyyJYXURH4jeK4Tw6dRFcIS_0yHZk_iNF8g3Slo2KuBom8PuLwYV1e8jdhH8QOjjSumYBVF6HrHAoZHya1OnnNzDdTh0A2P5uxK0ikLVh5N6Rt0UEnCiKRq_TB1jfcrPoeyWcXqqwlmOYUdp0NTkW6q30fQStWUGASzw65OEM3mFj4dEeBJVURB0eOBxCogRwZOOtWHMQaFcGW7w-PVhHIsFrnbKRdl1ZbmSz526q8h1ql2oN69j5_OoC-yMjyTDgGXlOaKgM4KX3Jku-B41gZ64pVx0bXadZAfxQjhGkTByW6MToDx3uc2jmjf-UlCVRG6SJ7kXVT6011h8GcPvycUkd6-PW-bGlo3hsTRimWVwbyh2Rr_gFgSPVcdMXVcZFjs/https%3A%2F%2Fprod-m-node-3113.ssp.advertising.com%2Fadmax%2FadClick.do%3Fdcn%3D8a96983d017575db4b3edb9ac0dc0015%26n%3DYahoo%2BSSP%26id%3Dbbbcbdec287c463099f36c06246877f4%26tid%3D8a96987f017474d53b44d5932547006a%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a96983d017575db4b3edb9d8d750019%26grp%3D%253F%253F%253F%26type%3D0%26nl%3D1643259280216%26rts%3D1643259280143%26ari%3D73b43720f1244b12ac0bbe4c57882b9d%26b%3DMTMyODM7Ozs7Ozs7Mjk4NjI3OTM7Ozs7Ozs7Ozs.%26a%3Dd91a704c28c64d0582eb588719794971%26rdm%3D1%26rd%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.176.155 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-176-155.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.sportradarserving.com/ul_cb/content/tvZKo2HLEvz_K9_lEeo-e-hgWp8dZUhlQdg1tSs-dmoyM7IgnDo363iR8AVFN9S-5yvgD5UPlSTeXZeOBSNu75Y-MDGUvHw_4K6k5RM4jqzbvGzSqfgLFYtGhqAAz7MFIrC72PW_gRHGx8mRtdP-954sMwhLgdFlIjy88b-9p5jMqK-no4JB39CwFrNOsEeUgQubtuGpjn3DugEpNy1Sj_xJm6Vu8pT0lKD1j-kVMXi7Knp_3ZGbMZ_1jZr6E2XDHVe4pXK2RqXhhSyiDI2JGiOChr2k65HdoLpSQmLVpgtMqwH0EULw8xrV6RQXbXB_DzQvJp-6dXFYEfZb_fzKLAMTiqPCJzsVvDroqsaUktrPT1D_qDTsS5NbU90ZfnfPTBMbAkcUmplQqcWowHJ1rK0BDSG-ifcHp9NXxEfd0wtpeV7i2EPDrHhmUdRbpOhcYOjIF11N8-PoEZsN8C-yiTGnnUEaBS-Jn-AZxlL613tMIJQx-mYxYUD-W5RQSe8nxXt1Al6ptWhEjZBw7-1hSZrqUpwlSqpvu-hYeA2VFfPt1M8zoyyJYXURH4jeK4Tw6dRFcIS_0yHZk_iNF8g3Slo2KuBom8PuLwYV1e8jdhH8QOjjSumYBVF6HrHAoZHya1OnnNzDdTh0A2P5uxK0ikLVh5N6Rt0UEnCiKRq_TB1jfcrPoeyWcXqqwlmOYUdp0NTkW6q30fQStWUGASzw65OEM3mFj4dEeBJVURB0eOBxCogRwZOOtWHMQaFcGW7w-PVhHIsFrnbKRdl1ZbmSz526q8h1ql2oN69j5_OoC-yMjyTDgGXlOaKgM4KX3Jku-B41gZ64pVx0bXadZAfxQjhGkTByW6MToDx3uc2jmjf-UlCVRG6SJ7kXVT6011h8GcPvycUkd6-PW-bGlo3hsTRimWVwbyh2Rr_gFgSPVcdMXVcZFjs/https%3A%2F%2Fprod-m-node-3113.ssp.advertising.com%2Fadmax%2FadClick.do%3Fdcn%3D8a96983d017575db4b3edb9ac0dc0015%26n%3DYahoo%2BSSP%26id%3Dbbbcbdec287c463099f36c06246877f4%26tid%3D8a96987f017474d53b44d5932547006a%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a96983d017575db4b3edb9d8d750019%26grp%3D%253F%253F%253F%26type%3D0%26nl%3D1643259280216%26rts%3D1643259280143%26ari%3D73b43720f1244b12ac0bbe4c57882b9d%26b%3DMTMyODM7Ozs7Ozs7Mjk4NjI3OTM7Ozs7Ozs7Ozs.%26a%3Dd91a704c28c64d0582eb588719794971%26rdm%3D1%26rd%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 04:54:41 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/imp/1/152991;5601755;201;jsappend;Sportradar;DESportsFeedSportradarWhitelist970x90/ Frame EE34 2 KB
2 KB 80ms
25ms Script
text/javascript 209.197.3.19
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://servedby.flashtalking.com/imp/1/152991;5601755;201;jsappend;Sportradar;DESportsFeedSportradarWhitelist970x90/?ft_c1=&ftOBA=1&ft_domain=b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fb5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com%2F&gdpr=1&gdpr_consent=${GDPR_CONSENT_78}&us_privacy=${US_PRIVACY}&cachebuster=89898.00754408495
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/tvZKo2HLEvz_K9_lEeo-e-hgWp8dZUhlQdg1tSs-dmoyM7IgnDo363iR8AVFN9S-5yvgD5UPlSTeXZeOBSNu75Y-MDGUvHw_4K6k5RM4jqzbvGzSqfgLFYtGhqAAz7MFIrC72PW_gRHGx8mRtdP-954sMwhLgdFlIjy88b-9p5jMqK-no4JB39CwFrNOsEeUgQubtuGpjn3DugEpNy1Sj_xJm6Vu8pT0lKD1j-kVMXi7Knp_3ZGbMZ_1jZr6E2XDHVe4pXK2RqXhhSyiDI2JGiOChr2k65HdoLpSQmLVpgtMqwH0EULw8xrV6RQXbXB_DzQvJp-6dXFYEfZb_fzKLAMTiqPCJzsVvDroqsaUktrPT1D_qDTsS5NbU90ZfnfPTBMbAkcUmplQqcWowHJ1rK0BDSG-ifcHp9NXxEfd0wtpeV7i2EPDrHhmUdRbpOhcYOjIF11N8-PoEZsN8C-yiTGnnUEaBS-Jn-AZxlL613tMIJQx-mYxYUD-W5RQSe8nxXt1Al6ptWhEjZBw7-1hSZrqUpwlSqpvu-hYeA2VFfPt1M8zoyyJYXURH4jeK4Tw6dRFcIS_0yHZk_iNF8g3Slo2KuBom8PuLwYV1e8jdhH8QOjjSumYBVF6HrHAoZHya1OnnNzDdTh0A2P5uxK0ikLVh5N6Rt0UEnCiKRq_TB1jfcrPoeyWcXqqwlmOYUdp0NTkW6q30fQStWUGASzw65OEM3mFj4dEeBJVURB0eOBxCogRwZOOtWHMQaFcGW7w-PVhHIsFrnbKRdl1ZbmSz526q8h1ql2oN69j5_OoC-yMjyTDgGXlOaKgM4KX3Jku-B41gZ64pVx0bXadZAfxQjhGkTByW6MToDx3uc2jmjf-UlCVRG6SJ7kXVT6011h8GcPvycUkd6-PW-bGlo3hsTRimWVwbyh2Rr_gFgSPVcdMXVcZFjs/https%3A%2F%2Fprod-m-node-3113.ssp.advertising.com%2Fadmax%2FadClick.do%3Fdcn%3D8a96983d017575db4b3edb9ac0dc0015%26n%3DYahoo%2BSSP%26id%3Dbbbcbdec287c463099f36c06246877f4%26tid%3D8a96987f017474d53b44d5932547006a%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a96983d017575db4b3edb9d8d750019%26grp%3D%253F%253F%253F%26type%3D0%26nl%3D1643259280216%26rts%3D1643259280143%26ari%3D73b43720f1244b12ac0bbe4c57882b9d%26b%3DMTMyODM7Ozs7Ozs7Mjk4NjI3OTM7Ozs7Ozs7Ozs.%26a%3Dd91a704c28c64d0582eb588719794971%26rdm%3D1%26rd%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: vip0x013.map2.ssl.hwcdn.net
Software: prod-xre-app23.frk11 /
Resource Hash: f1019a2609eaf9ae8b815b9aba235d95b785e927d7b10544128b979d805b9cb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 04:54:41 GMT
Server: prod-xre-app23.frk11
X-HW: 1643259281.dop142.fr8.t,1643259281.cds289.fr8.shn,1643259281.dop142.fr8.t,1643259281.cds239.fr8.sc,1643259281.cds239.fr8.p
Content-Type: text/javascript
Cache-Control: no-cache, no-store
Connection: Keep-Alive
Content-Length: 1819
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK j-5601755-3638979.js Show response
cdn.flashtalking.com/xre/560/5601755/3638979/js/ Frame EE34 94 KB
25 KB 90ms
24ms Script
text/javascript 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/xre/560/5601755/3638979/js/j-5601755-3638979.js
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/1/152991;5601755;201;jsappend;Sportradar;DESportsFeedSportradarWhitelist970x90/?ft_c1=&ftOBA=1&ft_domain=b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fb5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com%2F&gdpr=1&gdpr_consent=${GDPR_CONSENT_78}&us_privacy=${US_PRIVACY}&cachebuster=89898.00754408495
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 2ba981065b18d61d1eecc9ad9afaab429faab5c08f0dfa0715c927dcfed63f94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 04:54:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Jan 2022 13:21:51 GMT
Server: Flashtalking (AKA)
ETag: W/"25d3b37a1a120e7c8e6ec3a8d8230bc7"
Vary: Accept-Encoding
X-Varnish: 184675369
Cache-Control: max-age=896
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript; charset=utf-8
Content-Length: 24734
Expires: Thu, 27 Jan 2022 05:09:37 GMT

GET
H2 200 iframe Show response
c.bannerflow.net/scripts/ Frame 5CD5 2 KB
1 KB 95ms
42ms Document
text/html 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=off&a=6183ec4acd4b4d590927097f&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601755%3B3638979%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/560/5601755/3638979/js/j-5601755-3638979.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 977d451e80d86ce0095b2583c1bc564c61fb80b90b6b36a0b940cb114d1f1813

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://eu.sportradarserving.com/

Response headers

date: Thu, 27 Jan 2022 04:54:41 GMT
content-type: text/html
content-md5: tLVQ4AWl+s/+JGanOSwyxg==
last-modified: Tue, 30 Nov 2021 21:34:18 GMT
x-ms-request-id: 6ce40c25-101e-0023-1e39-1377e5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d3f626f8b975c3e-FRA
content-encoding: br

GET
H/1.1 200
OK score.min.js Show response
js.ad-score.com/ Frame EE34 315 KB
108 KB 100ms
21ms Script
application/javascript 2600:9000:2250:5600:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/560/5601755/3638979/js/j-5601755-3638979.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5600:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d403b864aea085ec64a59a4d8e5113c979178aaefe210360aa7af774f77cc582

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 26 Jan 2022 21:19:04 GMT
Content-Encoding: gzip
Age: 27337
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 26 Jan 2022 21:19:04 GMT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Via: 1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
X-Amz-Cf-Pop: FRA60-P2
Access-Control-Allow-Headers: Cache-Control
X-Amz-Cf-Id: llIAkvEfijpZnk4G_ha59H3SJPZ4rCSm1gnrNYcfUX3w_wM9YXomPg==
Expires: Thu, 27 Jan 2022 21:19:04 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/betwayglobalftdisplay906661272790/ Frame EE34 298 KB
101 KB 21ms
20ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/betwayglobalftdisplay906661272790/moatad.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/560/5601755/3638979/js/j-5601755-3638979.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7c5aa429e03e9cc4f5975385cb695bf7500a828182946bde58abd9127243f97d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:41 GMT
content-encoding: gzip
last-modified: Wed, 19 Jan 2022 15:35:52 GMT
server: AmazonS3
x-amz-request-id: YEQCVN3JJQ6Q58YR
etag: "bd7616cfcb4af43bfa55916ed2f725df"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=24723
accept-ranges: bytes
content-length: 102978
x-amz-id-2: X62HK8Zm0QE+YHFC6AveMmB6goQrQ0HIebdrdRZUECSHIc1dHCKYA7NDpz6EstljIK40W96TFv0=

GET
H/1.1 200
OK iconc.png
secure.flashtalking.com/oba/icon/ Frame EE34 1 KB
2 KB 94ms
19ms Image
image/png 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/tvZKo2HLEvz_K9_lEeo-e-hgWp8dZUhlQdg1tSs-dmoyM7IgnDo363iR8AVFN9S-5yvgD5UPlSTeXZeOBSNu75Y-MDGUvHw_4K6k5RM4jqzbvGzSqfgLFYtGhqAAz7MFIrC72PW_gRHGx8mRtdP-954sMwhLgdFlIjy88b-9p5jMqK-no4JB39CwFrNOsEeUgQubtuGpjn3DugEpNy1Sj_xJm6Vu8pT0lKD1j-kVMXi7Knp_3ZGbMZ_1jZr6E2XDHVe4pXK2RqXhhSyiDI2JGiOChr2k65HdoLpSQmLVpgtMqwH0EULw8xrV6RQXbXB_DzQvJp-6dXFYEfZb_fzKLAMTiqPCJzsVvDroqsaUktrPT1D_qDTsS5NbU90ZfnfPTBMbAkcUmplQqcWowHJ1rK0BDSG-ifcHp9NXxEfd0wtpeV7i2EPDrHhmUdRbpOhcYOjIF11N8-PoEZsN8C-yiTGnnUEaBS-Jn-AZxlL613tMIJQx-mYxYUD-W5RQSe8nxXt1Al6ptWhEjZBw7-1hSZrqUpwlSqpvu-hYeA2VFfPt1M8zoyyJYXURH4jeK4Tw6dRFcIS_0yHZk_iNF8g3Slo2KuBom8PuLwYV1e8jdhH8QOjjSumYBVF6HrHAoZHya1OnnNzDdTh0A2P5uxK0ikLVh5N6Rt0UEnCiKRq_TB1jfcrPoeyWcXqqwlmOYUdp0NTkW6q30fQStWUGASzw65OEM3mFj4dEeBJVURB0eOBxCogRwZOOtWHMQaFcGW7w-PVhHIsFrnbKRdl1ZbmSz526q8h1ql2oN69j5_OoC-yMjyTDgGXlOaKgM4KX3Jku-B41gZ64pVx0bXadZAfxQjhGkTByW6MToDx3uc2jmjf-UlCVRG6SJ7kXVT6011h8GcPvycUkd6-PW-bGlo3hsTRimWVwbyh2Rr_gFgSPVcdMXVcZFjs/https%3A%2F%2Fprod-m-node-3113.ssp.advertising.com%2Fadmax%2FadClick.do%3Fdcn%3D8a96983d017575db4b3edb9ac0dc0015%26n%3DYahoo%2BSSP%26id%3Dbbbcbdec287c463099f36c06246877f4%26tid%3D8a96987f017474d53b44d5932547006a%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a96983d017575db4b3edb9d8d750019%26grp%3D%253F%253F%253F%26type%3D0%26nl%3D1643259280216%26rts%3D1643259280143%26ari%3D73b43720f1244b12ac0bbe4c57882b9d%26b%3DMTMyODM7Ozs7Ozs7Mjk4NjI3OTM7Ozs7Ozs7Ozs.%26a%3Dd91a704c28c64d0582eb588719794971%26rdm%3D1%26rd%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 04:54:41 GMT
Last-Modified: Sat, 12 Apr 2014 19:14:32 GMT
Server: Flashtalking (AKA)
ETag: W/"db320ef6f3c45ab5c90887ef618de2bb"
X-Varnish: 702321130 416715210
Cache-Control: max-age=1772958
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1308
Expires: Wed, 16 Feb 2022 17:23:59 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame EE34 43 B
260 B 17ms
16ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=BETWAY_GLOBAL_FT_DISPLAY1&hp=1&ra=1&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fb5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.superlutas.com.br&t=1643259281833&de=601870697228&m=0&ar=3902fe7180d-clean&iw=5737bc0&q=2&cb=0&ym=0&cu=1643259281833&ll=2&lm=3&ln=1&em=0&en=0&d=152991%3A17602%3A5601755%3A3638979&zMoatMMStrategy=-&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.superlutas.com.br&id=0&ii=2&bo=superlutas.com.br&bd=superlutas.com.br&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=betwayglobalftdisplay906661272790&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A432%3A432%3A0%3A211&fs=196551&na=989723806&cs=0
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/tvZKo2HLEvz_K9_lEeo-e-hgWp8dZUhlQdg1tSs-dmoyM7IgnDo363iR8AVFN9S-5yvgD5UPlSTeXZeOBSNu75Y-MDGUvHw_4K6k5RM4jqzbvGzSqfgLFYtGhqAAz7MFIrC72PW_gRHGx8mRtdP-954sMwhLgdFlIjy88b-9p5jMqK-no4JB39CwFrNOsEeUgQubtuGpjn3DugEpNy1Sj_xJm6Vu8pT0lKD1j-kVMXi7Knp_3ZGbMZ_1jZr6E2XDHVe4pXK2RqXhhSyiDI2JGiOChr2k65HdoLpSQmLVpgtMqwH0EULw8xrV6RQXbXB_DzQvJp-6dXFYEfZb_fzKLAMTiqPCJzsVvDroqsaUktrPT1D_qDTsS5NbU90ZfnfPTBMbAkcUmplQqcWowHJ1rK0BDSG-ifcHp9NXxEfd0wtpeV7i2EPDrHhmUdRbpOhcYOjIF11N8-PoEZsN8C-yiTGnnUEaBS-Jn-AZxlL613tMIJQx-mYxYUD-W5RQSe8nxXt1Al6ptWhEjZBw7-1hSZrqUpwlSqpvu-hYeA2VFfPt1M8zoyyJYXURH4jeK4Tw6dRFcIS_0yHZk_iNF8g3Slo2KuBom8PuLwYV1e8jdhH8QOjjSumYBVF6HrHAoZHya1OnnNzDdTh0A2P5uxK0ikLVh5N6Rt0UEnCiKRq_TB1jfcrPoeyWcXqqwlmOYUdp0NTkW6q30fQStWUGASzw65OEM3mFj4dEeBJVURB0eOBxCogRwZOOtWHMQaFcGW7w-PVhHIsFrnbKRdl1ZbmSz526q8h1ql2oN69j5_OoC-yMjyTDgGXlOaKgM4KX3Jku-B41gZ64pVx0bXadZAfxQjhGkTByW6MToDx3uc2jmjf-UlCVRG6SJ7kXVT6011h8GcPvycUkd6-PW-bGlo3hsTRimWVwbyh2Rr_gFgSPVcdMXVcZFjs/https%3A%2F%2Fprod-m-node-3113.ssp.advertising.com%2Fadmax%2FadClick.do%3Fdcn%3D8a96983d017575db4b3edb9ac0dc0015%26n%3DYahoo%2BSSP%26id%3Dbbbcbdec287c463099f36c06246877f4%26tid%3D8a96987f017474d53b44d5932547006a%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a96983d017575db4b3edb9d8d750019%26grp%3D%253F%253F%253F%26type%3D0%26nl%3D1643259280216%26rts%3D1643259280143%26ari%3D73b43720f1244b12ac0bbe4c57882b9d%26b%3DMTMyODM7Ozs7Ozs7Mjk4NjI3OTM7Ozs7Ozs7Ozs.%26a%3Dd91a704c28c64d0582eb588719794971%26rdm%3D1%26rd%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 27 Jan 2022 04:54:41 GMT

GET
H2 200 6183ec4acd4b4d590927097f Show response
c.bannerflow.net/a/ Frame 5CD5 87 KB
29 KB 45ms
44ms Script
application/javascript 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/a/6183ec4acd4b4d590927097f?did=5dc013805badb900016a47c1&deeplink=off&a=6183ec4acd4b4d590927097f&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601755%3B3638979%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=off&a=6183ec4acd4b4d590927097f&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601755%3B3638979%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bf641e4dd9e5708942640637690a76e4c7f93d39ba1c9be9e77ac17347ac6c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=off&a=6183ec4acd4b4d590927097f&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601755%3B3638979%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cf-ray: 6d3f62701c4a5c3e-FRA
link: <https://c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/published/1374265/1590305/preload.jpg>; rel=preload; as=image
request-context: appId=cid-v1:8ccc0d93-c9cf-4965-a9de-1823f9df557e

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame EE34 88 B
643 B 496ms
127ms XHR
text/plain 130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=ZeBagfRkxqcAZtFIYKRJLdWYCsAJyIAR-FE7fPshldVrqKDkZ03zMGk/H-E0zFP89kalvmMg==&pm_ct=62d86f1cef7f008011ad94e1&pm_pl=1643259281979&pm_td=5&pid=1000791&en=1.1&callback=__pm_glbl_1ZZ04f9lvKFl4b14lJmdvTNh._gc1&tt=g&v=1f9f249
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 3839bb5c6ada602ffd33c45641590c5bb1c02e7c697871148864e4ec782bf594

Request headers

Referer: https://eu.sportradarserving.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 04:54:42 GMT
Age: 0
Access-Control-Allow-Methods: POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://eu.sportradarserving.com
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 88

GET
DATA 200
OK truncated
/ Frame FC31 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame EE34 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 preload.jpg
c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/published/1374265/1590305/ Frame 5CD5 7 KB
8 KB 28ms
28ms Image
image/jpeg 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/published/1374265/1590305/preload.jpg
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=off&a=6183ec4acd4b4d590927097f&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601755%3B3638979%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed16e1f9f8ee4b45970f8af91c65e1ef9434319912b06a0fc3471edddae3d062

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=off&a=6183ec4acd4b4d590927097f&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601755%3B3638979%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 Jan 2022 04:54:42 GMT
cf-cache-status: HIT
age: 161962
content-length: 7497
x-ms-lease-status: unlocked
last-modified: Thu, 04 Nov 2021 14:21:32 GMT
server: cloudflare
etag: 0x8D99F9E66ACCDA6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: e113b1e8-f01e-0076-54c0-11676e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6d3f62711d7b5c3e-FRA
cf-bgj: h2pri

GET
BLOB 200
OK 7ffef3ce-d5ed-431a-ade9-274e4591d052
https://eu.sportradarserving.com/ Frame EE34 720 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://eu.sportradarserving.com/7ffef3ce-d5ed-431a-ade9-274e4591d052
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/tvZKo2HLEvz_K9_lEeo-e-hgWp8dZUhlQdg1tSs-dmoyM7IgnDo363iR8AVFN9S-5yvgD5UPlSTeXZeOBSNu75Y-MDGUvHw_4K6k5RM4jqzbvGzSqfgLFYtGhqAAz7MFIrC72PW_gRHGx8mRtdP-954sMwhLgdFlIjy88b-9p5jMqK-no4JB39CwFrNOsEeUgQubtuGpjn3DugEpNy1Sj_xJm6Vu8pT0lKD1j-kVMXi7Knp_3ZGbMZ_1jZr6E2XDHVe4pXK2RqXhhSyiDI2JGiOChr2k65HdoLpSQmLVpgtMqwH0EULw8xrV6RQXbXB_DzQvJp-6dXFYEfZb_fzKLAMTiqPCJzsVvDroqsaUktrPT1D_qDTsS5NbU90ZfnfPTBMbAkcUmplQqcWowHJ1rK0BDSG-ifcHp9NXxEfd0wtpeV7i2EPDrHhmUdRbpOhcYOjIF11N8-PoEZsN8C-yiTGnnUEaBS-Jn-AZxlL613tMIJQx-mYxYUD-W5RQSe8nxXt1Al6ptWhEjZBw7-1hSZrqUpwlSqpvu-hYeA2VFfPt1M8zoyyJYXURH4jeK4Tw6dRFcIS_0yHZk_iNF8g3Slo2KuBom8PuLwYV1e8jdhH8QOjjSumYBVF6HrHAoZHya1OnnNzDdTh0A2P5uxK0ikLVh5N6Rt0UEnCiKRq_TB1jfcrPoeyWcXqqwlmOYUdp0NTkW6q30fQStWUGASzw65OEM3mFj4dEeBJVURB0eOBxCogRwZOOtWHMQaFcGW7w-PVhHIsFrnbKRdl1ZbmSz526q8h1ql2oN69j5_OoC-yMjyTDgGXlOaKgM4KX3Jku-B41gZ64pVx0bXadZAfxQjhGkTByW6MToDx3uc2jmjf-UlCVRG6SJ7kXVT6011h8GcPvycUkd6-PW-bGlo3hsTRimWVwbyh2Rr_gFgSPVcdMXVcZFjs/https%3A%2F%2Fprod-m-node-3113.ssp.advertising.com%2Fadmax%2FadClick.do%3Fdcn%3D8a96983d017575db4b3edb9ac0dc0015%26n%3DYahoo%2BSSP%26id%3Dbbbcbdec287c463099f36c06246877f4%26tid%3D8a96987f017474d53b44d5932547006a%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a96983d017575db4b3edb9d8d750019%26grp%3D%253F%253F%253F%26type%3D0%26nl%3D1643259280216%26rts%3D1643259280143%26ari%3D73b43720f1244b12ac0bbe4c57882b9d%26b%3DMTMyODM7Ozs7Ozs7Mjk4NjI3OTM7Ozs7Ozs7Ozs.%26a%3Dd91a704c28c64d0582eb588719794971%26rdm%3D1%26rd%3D
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length: 720
Content-Type: application/javascript

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame EE34 1 B
280 B 611ms
246ms XHR
text/plain 130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=ZeBagfRkxqcAZtFIYKRJLdWYCsAJyIAR-FE7fPshldVrqKDkZ03zMGk/H-E0zFP89kalvmMg==&pm_ct=62d86f1cef7f008011ad94e1&pm_pl=1643259281979&pm_td=125&pid=1000791&en=1.1&callback=__pm_glbl_1ZZ04f9lvKFl4b14lJmdvTNh._gc2&tt=g&v=1f9f249
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://eu.sportradarserving.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://eu.sportradarserving.com
Date: Thu, 27 Jan 2022 04:54:42 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
DATA 200
OK truncated
/ Frame EE34 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame EE34 6 KB
6 KB 19ms
18ms Image
image/png 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/tvZKo2HLEvz_K9_lEeo-e-hgWp8dZUhlQdg1tSs-dmoyM7IgnDo363iR8AVFN9S-5yvgD5UPlSTeXZeOBSNu75Y-MDGUvHw_4K6k5RM4jqzbvGzSqfgLFYtGhqAAz7MFIrC72PW_gRHGx8mRtdP-954sMwhLgdFlIjy88b-9p5jMqK-no4JB39CwFrNOsEeUgQubtuGpjn3DugEpNy1Sj_xJm6Vu8pT0lKD1j-kVMXi7Knp_3ZGbMZ_1jZr6E2XDHVe4pXK2RqXhhSyiDI2JGiOChr2k65HdoLpSQmLVpgtMqwH0EULw8xrV6RQXbXB_DzQvJp-6dXFYEfZb_fzKLAMTiqPCJzsVvDroqsaUktrPT1D_qDTsS5NbU90ZfnfPTBMbAkcUmplQqcWowHJ1rK0BDSG-ifcHp9NXxEfd0wtpeV7i2EPDrHhmUdRbpOhcYOjIF11N8-PoEZsN8C-yiTGnnUEaBS-Jn-AZxlL613tMIJQx-mYxYUD-W5RQSe8nxXt1Al6ptWhEjZBw7-1hSZrqUpwlSqpvu-hYeA2VFfPt1M8zoyyJYXURH4jeK4Tw6dRFcIS_0yHZk_iNF8g3Slo2KuBom8PuLwYV1e8jdhH8QOjjSumYBVF6HrHAoZHya1OnnNzDdTh0A2P5uxK0ikLVh5N6Rt0UEnCiKRq_TB1jfcrPoeyWcXqqwlmOYUdp0NTkW6q30fQStWUGASzw65OEM3mFj4dEeBJVURB0eOBxCogRwZOOtWHMQaFcGW7w-PVhHIsFrnbKRdl1ZbmSz526q8h1ql2oN69j5_OoC-yMjyTDgGXlOaKgM4KX3Jku-B41gZ64pVx0bXadZAfxQjhGkTByW6MToDx3uc2jmjf-UlCVRG6SJ7kXVT6011h8GcPvycUkd6-PW-bGlo3hsTRimWVwbyh2Rr_gFgSPVcdMXVcZFjs/https%3A%2F%2Fprod-m-node-3113.ssp.advertising.com%2Fadmax%2FadClick.do%3Fdcn%3D8a96983d017575db4b3edb9ac0dc0015%26n%3DYahoo%2BSSP%26id%3Dbbbcbdec287c463099f36c06246877f4%26tid%3D8a96987f017474d53b44d5932547006a%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a96983d017575db4b3edb9d8d750019%26grp%3D%253F%253F%253F%26type%3D0%26nl%3D1643259280216%26rts%3D1643259280143%26ari%3D73b43720f1244b12ac0bbe4c57882b9d%26b%3DMTMyODM7Ozs7Ozs7Mjk4NjI3OTM7Ozs7Ozs7Ozs.%26a%3Dd91a704c28c64d0582eb588719794971%26rdm%3D1%26rd%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 04:54:42 GMT
Last-Modified: Thu, 11 Feb 2021 15:39:51 GMT
Server: Flashtalking (AKA)
ETag: W/"d675694ab4d4d2eb56cca854c25d9c36"
X-Varnish: 341936028
Cache-Control: max-age=890
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 5953
Expires: Thu, 27 Jan 2022 05:09:32 GMT

GET
H2 200 v2 Show response
mb.moatads.com/s/ Frame AAEB 192 B
366 B 89ms
35ms Script
text/html 18.135.139.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/s/v2?url=https%3A%2F%2Fwww.superlutas.com.br%2F&pcode=iponweb503341958152&ord=1643259281475&jv=267881160&callback=BrandSafetyNadoscallback_25340918
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/iponweb503341958152/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.135.139.107 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-135-139-107.eu-west-2.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: 88b6ec3a0a63585dcb1565ba0ac294dafe6329893714ad49c55e979b2fddef75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:42 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "9c26b9cc5b381fc18fab50e71e3478eba2dce5ca"
content-length: 192
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
iponweb503341958152.s.moatpixel.com/ Frame AAEB 43 B
260 B 96ms
17ms Image
image/gif 2.21.143.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iponweb503341958152.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=201&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=superlutas.com.br&L1id=rmx&L2id=rmx_57545&L3id=superlutas.com.br&L4id=1&S1id=display&S2id=2&ord=1643259281475&r=273805249504&t=meas&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fwww.superlutas.com.br%252F&mobile=0&click=0&initW=970&initH=90&initSRE=0.04546875&zMoatImpID=1eae1362_73b43720f1244b12ac0bbe4c57882b9d&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-143-57.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:42 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 27 Jan 2022 04:54:42 GMT

GET
H2 200 pixel.gif
iponweb503341958152.s.moatpixel.com/ Frame AAEB 43 B
260 B 97ms
18ms Image
image/gif 2.21.143.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iponweb503341958152.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=201&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=superlutas.com.br&L1id=rmx&L2id=rmx_57545&L3id=superlutas.com.br&L4id=1&S1id=display&S2id=2&ord=1643259281475&r=273805249504&t=nht&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fwww.superlutas.com.br%252F&mobile=0&click=0&initW=970&initH=90&initSRE=0.04546875&zMoatImpID=1eae1362_73b43720f1244b12ac0bbe4c57882b9d&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-143-57.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:42 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 27 Jan 2022 04:54:42 GMT

GET
H2 200 pixel.gif
iponweb503341958152.s.moatpixel.com/ Frame AAEB 43 B
260 B 98ms
19ms Image
image/gif 2.21.143.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iponweb503341958152.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=201&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=superlutas.com.br&L1id=rmx&L2id=rmx_57545&L3id=superlutas.com.br&L4id=1&S1id=display&S2id=2&ord=1643259281475&r=273805249504&t=bs&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fwww.superlutas.com.br%252F&mobile=0&click=0&initW=970&initH=90&initSRE=0.04546875&zMoatImpID=1eae1362_73b43720f1244b12ac0bbe4c57882b9d&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-143-57.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:42 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 27 Jan 2022 04:54:42 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame AAEB 43 B
260 B 18ms
18ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Feu.sportradarserving.com%2Fcontent%2FtvZKo2HLEvz_K9_lEeo-e-hgWp8dZUhlQdg1tSs-dmoyM7IgnDo363iR8AVFN9S-5yvgD5UPlSTeXZeOBSNu75Y-MDGUvHw_4K6k5RM4jqzbvGzSqfgLFYtGhqAAz7MFIrC72PW_gRHGx8mRtdP-954sMwhLgdFlIjy88b-9p5jMqK-no4JB39CwFrNOsEeUgQubtuGpjn3DugEpNy1Sj_xJm6Vu8pT0lKD1j-kVMXi7Knp_3ZGbMZ_1jZr6E2XDHVe4pXK2RqXhhSyiDI2JGiOChr2k65HdoLpSQmLVpgtMqwH0EULw8xrV6RQXbXB_DzQvJp-6dXFYEfZb_fzKLAMTiqPCJzsVvDroqsaUktrPT1D_qDTsS5NbU90ZfnfPTBMbAkcUmplQqcWowHJ1rK0BDSG-ifcHp9NXxEfd0wtpeV7i2EPDrHhmUdRbpOhcYOjIF11N8-PoEZsN8C-yiTGnnUEaBS-Jn-AZxlL613tMIJQx-mYxYUD-W5RQSe8nxXt1Al6ptWhEjZBw7-1hSZrqUpwlSqpvu-hYeA2VFfPt1M8zoyyJYXURH4jeK4Tw6dRFcIS_0yHZk_iNF8g3Slo2KuBom8PuLwYV1e8jdhH8QOjjSumYBVF6HrHAoZHya1OnnNzDdTh0A2P5uxK0ikLVh5N6Rt0UEnCiKRq_TB1jfcrPoeyWcXqqwlmOYUdp0NTkW6q30fQStWUGASzw65OEM3mFj4dEeBJVURB0eOBxCogRwZOOtWHMQaFcGW7w-PVhHIsFrnbKRdl1ZbmSz526q8h1ql2oN69j5_OoC-yMjyTDgGXlOaKgM4KX3Jku-B41gZ64pVx0bXadZAfxQjhGkTByW6MToDx3uc2jmjf-UlCVRG6SJ7kXVT6011h8GcPvycUkd6-PW-bGlo3hsTRimWVwbyh2Rr_gFgSPVcdMXVcZFjs%2Fhttps%253A%252F%252Fprod-m-node-3113.ssp.advertising.com%252Fadmax%252FadClick.do%253Fdcn%253D8a96983d017575db4b3edb9ac0dc0015%2526n%253DYahoo%252BSSP%2526id%253Dbbbcbdec287c463099f36c06246877f4%2526tid%253D8a96987f017474d53b44d5932547006a&i=IPONWEB1&ol=2061738155&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwKreHhxgYYW%2Bup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-Ow7GM1%2F1Kg7M0g%3D%3D&sc=1&os=1-MQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=970&zGSRC=1&gu=https%3A%2F%2Fwww.superlutas.com.br%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.superlutas.com.br&lp=https%3A%2F%2Fwww.superlutas.com.br&t=1643259281475&de=273805249504&cu=1643259281475&m=660&ar=3902fe7180d-clean&iw=f916008&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&lf=178&lg=1&lh=17&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A220%3A220%3A0%3A216&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=201&cd=0&ah=201&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=rmx%3Armx_57545%3Asuperlutas.com.br%3A1&bo=display&bd=2&gw=iponweb503341958152&zMoatOrigSlicer1=display&zMoatOrigSlicer2=2&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&jk=3&jm=-1&tc=0&fs=196551&na=1382422226&cs=0
Requested by: Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:42 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 27 Jan 2022 04:54:42 GMT

GET
H2 200 pixel.gif
iponweb503341958152.s.moatpixel.com/ Frame AAEB 43 B
260 B 80ms
20ms Image
image/gif 2.21.143.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iponweb503341958152.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=231&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=superlutas.com.br&L1id=rmx&L2id=rmx_57545&L3id=superlutas.com.br&L4id=1&S1id=display&S2id=2&ord=1643259281475&r=273805249504&t=hdn&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fwww.superlutas.com.br%252F&mobile=0&click=0&initW=970&initH=90&initSRE=0.04546875&zMoatImpID=1eae1362_73b43720f1244b12ac0bbe4c57882b9d&bedc=1&q=4&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com
URL: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-143-57.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:42 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 27 Jan 2022 04:54:42 GMT

POST
H2 200 581701278d987c10bca61aed
c.bannerflow.net/tr/v2/pixel/ Frame 5CD5 0
74 B 40ms
40ms Ping
text/plain 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/tr/v2/pixel/581701278d987c10bca61aed
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6183ec4acd4b4d590927097f?did=5dc013805badb900016a47c1&deeplink=off&a=6183ec4acd4b4d590927097f&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601755%3B3638979%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=off&a=6183ec4acd4b4d590927097f&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601755%3B3638979%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 27 Jan 2022 04:54:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6d3f62719df75c3e-FRA
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
request-context: appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame EE34 1 B
280 B 420ms
122ms XHR
text/plain 130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=ZeBagfRkxqcAZtFIYKRJLdWYCsAJyIAR-FE7fPshldVrqKDkZ03zMGk/H-E0zFP89kalvmMg==&pm_ct=62d86f1cef7f008011ad94e1&pm_pl=1643259281979&pm_td=202&pid=1000791&en=1.1&callback=__pm_glbl_1ZZ04f9lvKFl4b14lJmdvTNh._gc3&tt=g&v=1f9f249
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://eu.sportradarserving.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://eu.sportradarserving.com
Date: Thu, 27 Jan 2022 04:54:42 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AAEB 0
0 29ms
29ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwKtrvpxzNs5971nLsOdW59cGDgh2gSL5iYVQSZVv0_6g_6gpB3aLxts3r4luNzoZAPti3PdOr-S9YflDMTdBAkVeSEcoKi6N_ykvklRWQyFbRkerfFyHUzYGDzt4ENerw_Y8RS8sDJa_029ugMxljrEoYlKSLkGvsUDI5x_Dt1zKrjGpw-fbz-ruZrFcDXcWAtBQXsMixe5biJX2g4byzrp8rGMKX9vjYAjBfGF9WKxyOtUOclBtE_FYBImUtJz_veqFjyQd1OrSRz9OQEmO3qRvRP3kpz6JkTwxk7Pz_6V2LbDp-ZsLYlz7-mGzJEI2rd_qrsktA&sig=Cg0ArKJSzHHvB3xq9adFEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 04:54:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 27 Jan 2022 04:54:42 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 30ms
30ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220125&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28af3e19974817a782bd31f2d62debddae7ade938732c928bf4e6776d10797c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 04:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8979
x-xss-protection: 0

GET
H2 200 server.html Show response
gs.trrsf.com/fe/zaz-mod-globalstorage/ Frame 0C34 7 KB
2 KB 389ms
19ms Document
text/html 2a02:26f0:ab00::b819:32bb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://gs.trrsf.com/fe/zaz-mod-globalstorage/server.html
Requested by: Host: www.terra.com.br
URL: https://www.terra.com.br/globalSTATIC/fe/zaz-app-t360-navbar-partner/_js/metrics.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ab00::b819:32bb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 04e7071a81370cfc7670a7e4d8f06627d02641c3e094759c7d2ac6f836739a06

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/

Response headers

server: cloudflare-nginx
content-type: text/html
last-modified: Fri, 15 Oct 2021 15:07:12 GMT
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
timing-allow-origin: *
access-control-expose-headers: content-type, x-cache
cache-control: max-age=3600, stale-while-revalidate=3600, stale-if-error=864000
x-cdnterra-cache-status: HIT
content-encoding: gzip
content-length: 1824
date: Thu, 27 Jan 2022 04:54:42 GMT
vary: Accept-Encoding

GET
H2 200 conversion.js Show response
d.tailtarget.com/ 15 KB
6 KB 40ms
18ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/conversion.js
Requested by: Host: www.superlutas.com.br
URL: https://www.superlutas.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:57:51 GMT
content-encoding: gzip
age: 39411
x-guploader-uploadid: ADPycdtwEGPayv9vAI56f0JCt0V2F-FeB5OXp_fLRrksPdiulM4DzCdBbyLK-agAy2sA4TL3dBttgdB6tJZJGUgajbc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6114
last-modified: Thu, 23 Sep 2021 17:37:36 GMT
server: UploadServer
etag: "c011d7eff3edda011a5511fb703d925a"
x-goog-hash: crc32c=I6Sd4w==, md5=wBHX7/Pt2gEaVRH7cD2SWg==
content-language: en
x-goog-generation: 1632418656103247
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 6114
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 27 Jan 2022 17:57:51 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Jan 2022 04:54:42 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame EE34 1 B
280 B 359ms
120ms XHR
text/plain 130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=ZeBagfRkxqcAZtFIYKRJLdWYCsAJyIAR-FE7fPshldVrqKDkZ03zMGk/H-E0zFP89kalvmMg==&pm_ct=62d86f1cef7f008011ad94e1&pm_pl=1643259281979&pm_td=302&pid=1000791&en=1.1&callback=__pm_glbl_1ZZ04f9lvKFl4b14lJmdvTNh._gc4&tt=g&v=1f9f249
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://eu.sportradarserving.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://eu.sportradarserving.com
Date: Thu, 27 Jan 2022 04:54:42 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H3 200 base.js Show response
d.tailtarget.com/ 20 KB
8 KB 43ms
18ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/base.js
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 20:27:59 GMT
content-encoding: gzip
age: 30403
x-guploader-uploadid: ADPycdti-QjCMnmzl3hh8ROTFlo0QlS_mR2C7mIQg7LXBe21jKjeaKH6vBSmMvAZaGKwwp977bTpX4HhZBE2TVTCo-a-d7wLhQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8332
last-modified: Thu, 23 Sep 2021 17:37:36 GMT
server: UploadServer
etag: "3bd196ed5cd9e1a21cd3f4a34c4baf1b"
x-goog-hash: crc32c=QnHpIw==, md5=O9GW7VzZ4aIc0/SjTEuvGw==
content-language: en
x-goog-generation: 1632418656026668
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 8332
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 27 Jan 2022 20:27:59 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5C0B 13 KB
5 KB 18ms
17ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Jan 2022 01:05:46 GMT
expires: Fri, 27 Jan 2023 01:05:46 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 13736
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 929B 783 B
536 B 69ms
68ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1bd8ee6da4c05307c21be4a4733c0a52a43191d3e88644d5a5fb9a79e2bf9f1d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KTHYIqg3g0YcZ+BYDbXPgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 27 Jan 2022 04:54:42 GMT
date: Thu, 27 Jan 2022 04:54:42 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-KTHYIqg3g0YcZ+BYDbXPgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 u Show response
b.t.tailtarget.com/ 72 B
515 B 172ms
113ms Script
application/x-javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?env=_ttqtt_terra
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 2206ebf487ba362d021f5ba1dceb74f79efdbc56d1a53bb2f91a37881eee2b0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:42 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
cache-control: private, proxy-revalidate
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js Show response
pagead2.googlesyndication.com/bg/ Frame 5C0B 35 KB
13 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 15:38:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13575
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 15:38:08 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame AAEB 43 B
260 B 17ms
16ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=IPONWEB1&ol=2061738155&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwKreHhxgYYW%2Bup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-Ow7GM1%2F1Kg7M0g%3D%3D&sc=1&os=1-MQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=970&zGSRC=1&gu=https%3A%2F%2Fwww.superlutas.com.br%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.superlutas.com.br&lp=https%3A%2F%2Fwww.superlutas.com.br&t=1643259281475&de=273805249504&cu=1643259281475&m=884&ar=3902fe7180d-clean&iw=f916008&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&lf=178&lg=1&lh=17&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A220%3A220%3A1072%3A216&aa=0&ad=101&cn=0&gk=101&gl=0&ik=101&ic=101&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=231&cd=201&ah=231&am=201&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=rmx%3Armx_57545%3Asuperlutas.com.br%3A1&bo=display&bd=2&gw=iponweb503341958152&zMoatOrigSlicer1=display&zMoatOrigSlicer2=2&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=4&jm=-1&tc=0&fs=196551&na=1770374933&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:42 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 27 Jan 2022 04:54:42 GMT

GET
H2 200 pixel.gif
iponweb503341958152.s.moatpixel.com/ Frame AAEB 43 B
260 B 18ms
17ms Image
image/gif 2.21.143.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iponweb503341958152.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=101&fi=1&apd=432&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=superlutas.com.br&L1id=rmx&L2id=rmx_57545&L3id=superlutas.com.br&L4id=1&S1id=display&S2id=2&ord=1643259281475&r=273805249504&t=fv&os=1&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fwww.superlutas.com.br%252F&mobile=0&click=0&initW=970&initH=90&initSRE=0.04546875&zMoatImpID=1eae1362_73b43720f1244b12ac0bbe4c57882b9d&bedc=1&q=5&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-143-57.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:42 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 27 Jan 2022 04:54:42 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame EE34 1 B
280 B 274ms
124ms XHR
text/plain 130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=ZeBagfRkxqcAZtFIYKRJLdWYCsAJyIAR-FE7fPshldVrqKDkZ03zMGk/H-E0zFP89kalvmMg==&pm_ct=62d86f1cef7f008011ad94e1&pm_pl=1643259281979&pm_td=419&pid=1000791&en=1.1&callback=__pm_glbl_1ZZ04f9lvKFl4b14lJmdvTNh._gc5&tt=g&v=1f9f249
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://eu.sportradarserving.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://eu.sportradarserving.com
Date: Thu, 27 Jan 2022 04:54:42 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H2 200 pixel.gif
px.moatads.com/ Frame EE34 43 B
260 B 17ms
16ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fc.bannerflow.net%2Fscripts%2Fiframe%3Fdid%3D5dc013805badb900016a47c1%26deeplink%3Doff%26a%3D6183ec4acd4b4d590927097f%26redirecturl%3Dhttp%253A%252F%252Fservedby.flashtalking.com%252Fclick%252F1%252F152991%253B5601755%253B3638979%253B211%253B0%253Furl%253Dhttps%253A%252F%252Fsports.betway.de%252Fen%252Fsports%252F%253Fs%253Dbw213892%2526a%253DDDR3259481681987463%2526utm_medium%253Ddisplay%2526utm_source%253DSportradar%2526utm_campaign%253DFeed%2526utm_content%253DAlwaysOn&i=BETWAY_GLOBAL_FT_DISPLAY1&ol=2997994851&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-WyMEUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-rBbrCERvHCbFpA%3D%3D&sc=1&os=1-pg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=970&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.superlutas.com.br&id=0&ii=2&f=1&j=https%3A%2F%2Fb5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.superlutas.com.br&t=1643259281833&de=601870697228&cu=1643259281833&m=592&ar=3902fe7180d-clean&iw=5737bc0&cb=0&ym=0&ll=2&lm=3&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A432%3A432%3A798%3A211&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=95&cd=0&ah=95&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=152991%3A17602%3A5601755%3A3638979&bo=superlutas.com.br&bd=superlutas.com.br&gw=betwayglobalftdisplay906661272790&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMMStrategy=-&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196551&na=790193645&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:42 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 27 Jan 2022 04:54:42 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 929B 0
0 43ms
43ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220125&jk=3594616189647203&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5C0B 0
9 B 17ms
17ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?zyfY7A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 28ms
28ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220125&jk=3594616189647203&bg=!d3SldDDNAAY6OBv_Ojg7ACkAdvg8Wpuku927Gltm7FWgW7TZB-IBiLp7HWCG6GdRSSgSyMkGAwLh6gIAAAB2UgAAAARoAQcKAA0t-0cVp4AF7iM_KTdYmQLJVpZBZxb1WsLgNx5V5vf2ippORhzuuUuklblqqsEDa4zzBNULS_vvGwZpnBRbOz1gP3spXBvImIdF6xtV0kP_jFIKHTOQPT_V26U8-D4K5In4tRW_Q0bN-_0V_Pfvg-_vq57_LPY9fhcevwoyV22UgLy-B2dkytQia4OTPvg-Mc84QJKHRiCpB3p1HtZUVILS18hq-m5Idj1igwx6arU5IczTu9NJ8X_tVGOkUpiXKzXZu7mkUoJfbozteAezibAFjKx7DAhzC2oGh7GEwzJ11ONSEA2AibJjGiGrEDtLzZOMq0XINjEg-A-hrLDA8wqXMDuG2C5G5CdA90eGdlFiTnjyQkShhN3N3BUnmRW_yXCnkbmUe9EG5vwwUvllyH4esuBsw0aBXbKjueSTFDp7aiir1RmwQggj3-1ZhgRwrq8Y5GAg5fYrpsVgDFdIgVgeCq8MmE78kSlR_Z2n6KbBbxZxSXEOTf3FVYEsR_PBftiL73s557iu7mRRKoGbXC-s6KF4AMXh6GJotgWGBBEbU7o0l-T2SlOeqVt6zAmPGMv-60QRTbS2V94fliaoT5r9Z5wBZJdDYybxsrf2QGjY5TE0HR1sYBjkKfCy6CHWjc5KXIluFeFh2iZJ4MA-KLC6mRkCH9GyJfTnafccinZkBJPc9cXhmL_5lE6bmQP0sVvStTWjesiD-0qWbR-noqWUKPhJehQA4-1F2Y4TOFsLsIpT4l0PPwLBM8T3SGYV55hekB97JtLfy9wg_RNyOZzoiiajb1gi98a7W2-OIkAndibptfgx4n0KCZA-dw8RMBc_amiTCNWONZEqznq1ghwokzEHD7HhTttWxYVz1NnIfwfJipHOX7LXzNaNnpDLn2ISapcjCPQxeoWvLlzUQhP9bPsswqb2POxTEN3sPwF6XIRM-bp52zyeVWaBXBmVJIg41P5FTZNYMa8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame EE34 43 B
260 B 17ms
17ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=BETWAY_GLOBAL_FT_DISPLAY1&ol=2997994851&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-WyMEUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-rBbrCERvHCbFpA%3D%3D&sc=1&os=1-pg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=970&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.superlutas.com.br&id=0&ii=2&f=1&j=https%3A%2F%2Fb5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.superlutas.com.br&t=1643259281833&de=601870697228&cu=1643259281833&m=691&ar=3902fe7180d-clean&iw=5737bc0&cb=0&ym=0&ll=2&lm=3&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A432%3A432%3A798%3A211&aa=0&ad=53&cn=0&gk=53&gl=0&ik=53&ic=53&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=95&cd=95&ah=95&am=95&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=152991%3A17602%3A5601755%3A3638979&bo=superlutas.com.br&bd=superlutas.com.br&gw=betwayglobalftdisplay906661272790&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMMStrategy=-&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196551&na=999874770&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:42 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 27 Jan 2022 04:54:42 GMT

GET
H3 200 b Show response
b.t.tailtarget.com/ 128 B
130 B 133ms
114ms Script
application/javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-10969-0&tY=1&tS=1&tU=0100007F9225F261BB06467802E99F49&tX=b.52&tZ=420395814&env=_ttqtt_terra
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 2b80d7592747e65b1e25829130071594c46f9954f9de8a86421a5e963f42c1fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:42 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK tvZKo2HLEvz_K9_lEeo-e-hgWp8dZUhlQdg1tSs-dmoyM7IgnDo363iR8AVFN9S-5yvgD5UPlSTeXZeOBSNu75Y-MDGUvHw_4K6k5RM4jqzbvGzSqfgLFYtGhqAAz7MFIrC72PW_gRHGx8mRtdP-954sMwhLgdFlIjy88b-9p5jMqK-no4JB39CwFrNOsEeUgQubt...
eu.sportradarserving.com/vimp/ Frame EE34 43 B
220 B 20ms
19ms Image
image/gif 18.184.176.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.sportradarserving.com/vimp/tvZKo2HLEvz_K9_lEeo-e-hgWp8dZUhlQdg1tSs-dmoyM7IgnDo363iR8AVFN9S-5yvgD5UPlSTeXZeOBSNu75Y-MDGUvHw_4K6k5RM4jqzbvGzSqfgLFYtGhqAAz7MFIrC72PW_gRHGx8mRtdP-954sMwhLgdFlIjy88b-9p5jMqK-no4JB39CwFrNOsEeUgQubtuGpjn3DugEpNy1Sj_xJm6Vu8pT0lKD1j-kVMXi7Knp_3ZGbMZ_1jZr6E2XDHVe4pXK2RqXhhSyiDI2JGiOChr2k65HdoLpSQmLVpgtMqwH0EULw8xrV6RQXbXB_DzQvJp-6dXFYEfZb_fzKLAMTiqPCJzsVvDroqsaUktrPT1D_qDTsS5NbU90ZfnfPTBMbAkcUmplQqcWowHJ1rK0BDSG-ifcHp9NXxEfd0wtpeV7i2EPDrHhmUdRbpOhcYOjIF11N8-PoEZsN8C-yiTGnnUEaBS-Jn-AZxlL613tMIJQx-mYxYUD-W5RQSe8nxXt1Al6ptWhEjZBw7-1hSZrqUpwlSqpvu-hYeA2VFfPt1M8zoyyJYXURH4jeK4Tw6dRFcIS_0yHZk_iNF8g3Slo2KuBom8PuLwYV1e8jdhH8QOjjSumYBVF6HrHAoZHya1OnnNzDdTh0A2P5uxK0ikLVh5N6Rt0UEnCiKRq_TB1jfcrPoeyWcXqqwlmOYUdp0NTkW6q30fQStWUGASzw65OEM3mFj4dEeBJVURB0eOBxCogRwZOOtWHMQaFcGW7w-PVhHIsFrnbKRdl1ZbmSz526q8h1ql2oN69j5_OoC-yMjyTDgGXlOaKgM4KX3Jku-B41gZ64pVx0bXadZAfxQjhGkTByW6MToDx3uc2jmjf-UlCVRG6SJ7kXVT6011h8GcPvycUkd6-PW-bGlo3hsTRimWVwbyh2Rr_gFgSPVcdMXVcZFjs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.176.155 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-176-155.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.sportradarserving.com/ul_cb/content/tvZKo2HLEvz_K9_lEeo-e-hgWp8dZUhlQdg1tSs-dmoyM7IgnDo363iR8AVFN9S-5yvgD5UPlSTeXZeOBSNu75Y-MDGUvHw_4K6k5RM4jqzbvGzSqfgLFYtGhqAAz7MFIrC72PW_gRHGx8mRtdP-954sMwhLgdFlIjy88b-9p5jMqK-no4JB39CwFrNOsEeUgQubtuGpjn3DugEpNy1Sj_xJm6Vu8pT0lKD1j-kVMXi7Knp_3ZGbMZ_1jZr6E2XDHVe4pXK2RqXhhSyiDI2JGiOChr2k65HdoLpSQmLVpgtMqwH0EULw8xrV6RQXbXB_DzQvJp-6dXFYEfZb_fzKLAMTiqPCJzsVvDroqsaUktrPT1D_qDTsS5NbU90ZfnfPTBMbAkcUmplQqcWowHJ1rK0BDSG-ifcHp9NXxEfd0wtpeV7i2EPDrHhmUdRbpOhcYOjIF11N8-PoEZsN8C-yiTGnnUEaBS-Jn-AZxlL613tMIJQx-mYxYUD-W5RQSe8nxXt1Al6ptWhEjZBw7-1hSZrqUpwlSqpvu-hYeA2VFfPt1M8zoyyJYXURH4jeK4Tw6dRFcIS_0yHZk_iNF8g3Slo2KuBom8PuLwYV1e8jdhH8QOjjSumYBVF6HrHAoZHya1OnnNzDdTh0A2P5uxK0ikLVh5N6Rt0UEnCiKRq_TB1jfcrPoeyWcXqqwlmOYUdp0NTkW6q30fQStWUGASzw65OEM3mFj4dEeBJVURB0eOBxCogRwZOOtWHMQaFcGW7w-PVhHIsFrnbKRdl1ZbmSz526q8h1ql2oN69j5_OoC-yMjyTDgGXlOaKgM4KX3Jku-B41gZ64pVx0bXadZAfxQjhGkTByW6MToDx3uc2jmjf-UlCVRG6SJ7kXVT6011h8GcPvycUkd6-PW-bGlo3hsTRimWVwbyh2Rr_gFgSPVcdMXVcZFjs/https%3A%2F%2Fprod-m-node-3113.ssp.advertising.com%2Fadmax%2FadClick.do%3Fdcn%3D8a96983d017575db4b3edb9ac0dc0015%26n%3DYahoo%2BSSP%26id%3Dbbbcbdec287c463099f36c06246877f4%26tid%3D8a96987f017474d53b44d5932547006a%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a96983d017575db4b3edb9d8d750019%26grp%3D%253F%253F%253F%26type%3D0%26nl%3D1643259280216%26rts%3D1643259280143%26ari%3D73b43720f1244b12ac0bbe4c57882b9d%26b%3DMTMyODM7Ozs7Ozs7Mjk4NjI3OTM7Ozs7Ozs7Ozs.%26a%3Dd91a704c28c64d0582eb588719794971%26rdm%3D1%26rd%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 04:54:42 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 ca Show response
tt-10969-0.seg.t.tailtarget.com/ 79 B
365 B 139ms
116ms Script
application/javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-10969-0.seg.t.tailtarget.com/ca?tZ=37796599&env=_ttqtt_terra
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 48dda502e1ccd4f9f1e7ed5a2015afd315b6aeb7a81af92a138965bb906b8bc2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:42 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
299 B 135ms
113ms Image
image/gif 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-10969-0&tE=0&tF=&tI=___de_1643259282665_3648182149&tJ=&tU=0100007F9225F261BB06467802E99F49&tX=b.52&tY=1&tZ=297413370
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:43 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame EE34 1 B
280 B 122ms
122ms XHR
text/plain 130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=ZeBagfRkxqcAZtFIYKRJLdWYCsAJyIAR-FE7fPshldVrqKDkZ03zMGk/H-E0zFP89kalvmMg==&pm_ct=62d86f1cef7f008011ad94e1&pm_pl=1643259281979&pm_td=1100&pid=1000791&en=1.1&callback=__pm_glbl_1ZZ04f9lvKFl4b14lJmdvTNh._gc6&tt=g&v=1f9f249
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://eu.sportradarserving.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://eu.sportradarserving.com
Date: Thu, 27 Jan 2022 04:54:43 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H2 200 widget.aaa4c6bdd09943feb37a.js Show response
c.bannerflow.net/scripts/ Frame 5CD5 19 KB
7 KB 25ms
24ms Script
application/javascript 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/widget.aaa4c6bdd09943feb37a.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6183ec4acd4b4d590927097f?did=5dc013805badb900016a47c1&deeplink=off&a=6183ec4acd4b4d590927097f&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601755%3B3638979%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ba8816c269bbbeea0b26e01c1f1aee04fcc90e2351153d1a19b8a548bce0f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=off&a=6183ec4acd4b4d590927097f&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601755%3B3638979%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 Jan 2022 04:54:43 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: pydwVNzjK1CwpfWkn77UTw==
age: 162009
cf-polished: origSize=19968
x-ms-lease-status: unlocked
last-modified: Thu, 28 Oct 2021 17:40:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 9c0634aa-e01e-0027-3ac0-11fae2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2009-09-19
cf-ray: 6d3f6277be3a5c3e-FRA
cf-bgj: minify

GET
H2 200 feed.064b552656054492e03c.js Show response
c.bannerflow.net/scripts/ Frame 5CD5 5 KB
2 KB 26ms
25ms Script
application/javascript 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/feed.064b552656054492e03c.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6183ec4acd4b4d590927097f?did=5dc013805badb900016a47c1&deeplink=off&a=6183ec4acd4b4d590927097f&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601755%3B3638979%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09a1035ead5512982d8e543a9f0ca11d44a49f301e105236bd0f32cf6da3e120

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=off&a=6183ec4acd4b4d590927097f&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601755%3B3638979%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 Jan 2022 04:54:43 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: EtxV7h6234xVhSXFOIhBpg==
age: 162009
cf-polished: origSize=5343
x-ms-lease-status: unlocked
last-modified: Thu, 28 Oct 2021 17:40:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1666b367-301e-0069-41c0-11d46a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2009-09-19
cf-ray: 6d3f6277be3f5c3e-FRA
cf-bgj: minify

GET
H2 200 document.4eb7c30856.js Show response
c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/published/1374265/1590305/ Frame 5CD5 98 KB
22 KB 40ms
40ms Script
application/javascript 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/published/1374265/1590305/document.4eb7c30856.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6183ec4acd4b4d590927097f?did=5dc013805badb900016a47c1&deeplink=off&a=6183ec4acd4b4d590927097f&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601755%3B3638979%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb5e1e8493286848d0690c59f7840bf2d295d68e5d9ef07a6e622622ad265ab5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=off&a=6183ec4acd4b4d590927097f&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601755%3B3638979%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 Jan 2022 04:54:43 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: TrfDCFal8J8QD6/Afj1ltg==
age: 254268
cf-polished: origSize=103343
x-ms-lease-status: unlocked
last-modified: Thu, 04 Nov 2021 14:21:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8ded4333-201e-0075-2ce9-10860a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2009-09-19
cf-ray: 6d3f6277be405c3e-FRA
cf-bgj: minify

GET
H2 200 animated-creative.45a265b852123f3a4278.js Show response
c.bannerflow.net/scripts/ Frame 5CD5 144 KB
49 KB 28ms
28ms Script
application/javascript 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/animated-creative.45a265b852123f3a4278.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6183ec4acd4b4d590927097f?did=5dc013805badb900016a47c1&deeplink=off&a=6183ec4acd4b4d590927097f&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601755%3B3638979%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e86a7318000c95db5b6c5d0e7050058ec55d51c8eaabf5228bce27626ba3f1a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=off&a=6183ec4acd4b4d590927097f&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601755%3B3638979%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 Jan 2022 04:54:43 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: x/Yy08/KoavTNdm7EwBhCA==
age: 7224686
cf-polished: origSize=147400
x-ms-lease-status: unlocked
last-modified: Thu, 04 Nov 2021 11:34:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ca11dc04-e01e-007a-3684-d1f066000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2009-09-19
cf-ray: 6d3f6277ce425c3e-FRA
cf-bgj: minify

GET
H3 200 api.gif
tags.denakop.com/ 0
308 B 129ms
129ms Image
image/gif 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10093&d=desktop&b=Chrome&o=Windows&v=4.10.11&sw=1600&sh=1200&ac=v&p=https%3A%2F%2Fwww.superlutas.com.br%2F&t=1643259283175&cb=0.6116590179335297&aa=under

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-authenticated: 0
date: Thu, 27 Jan 2022 04:54:43 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: image/gif
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 6d3f6277ecd29259-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AAEB 42 B
64 B 27ms
27ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstfXiNJX_SpxJ2O8HYrBt95li2yXYpa3eBN_W2C1dEd8nGQ2iE27vCEQOqAY7TqKAxajrMd4MHrPl2Mqa34qzD4zLG74RH9xddsUd62VG4idG4hfeBE&sig=Cg0ArKJSzD6omlxcFsyjEAE&id=lidar2&mcvt=1001&p=1110,315,1200,1285&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220126&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=2933407738&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643259281171&rpt=1069&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 5CD5 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/webp

GET
BLOB 200
OK 9c16f1a2-2919-40fb-a637-0ce8145ff321 Show response
https://c.bannerflow.net/ Frame ABD7 668 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://c.bannerflow.net/9c16f1a2-2919-40fb-a637-0ce8145ff321
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.45a265b852123f3a4278.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length: 668

GET
H2 200 60d0815c37670160b4539414.json Show response
c.bannerflow.net/sfeeds/581701278d987c10bca61aed/ Frame 5CD5 17 KB
5 KB 24ms
24ms Fetch
application/json 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/sfeeds/581701278d987c10bca61aed/60d0815c37670160b4539414.json
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/feed.064b552656054492e03c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56040fd0fececdb6bf299fd887cf98c68d3a2fce44cbfcfb1eccab186ed5df40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=off&a=6183ec4acd4b4d590927097f&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601755%3B3638979%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Jan 2022 04:51:41 GMT
server: cloudflare
age: 182
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: public, max-age=600, stale-if-error=28800, stale-while-revalidate=28800
cf-ray: 6d3f6278ef945c3e-FRA
request-context: appId=cid-v1:75ea8019-1544-4ba8-a6db-e73bdcff9d5b

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 5CD5 11 KB
11 KB 24ms
23ms Font
font/woff 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F581700858d987c12245d04b2%2F7b49bac3-4e85-4c34-b3ea-72a1852603f7.woff&t=%20%24%25%2C%2F012356ABCDEFGHIJLNOPRSTUWZkrx%C2%A3%E2%82%AC%E2%82%B9
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=off&a=6183ec4acd4b4d590927097f&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601755%3B3638979%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 961e0a304660a034a382030e147eed10a9611cd96910305449bae1c3e4dbee60

Request headers

Referer: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=off&a=6183ec4acd4b4d590927097f&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601755%3B3638979%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Origin: https://c.bannerflow.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:43 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Jan 2022 07:54:35 GMT
server: cloudflare
age: 162008
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=7b49bac3-4e85-4c34-b3ea-72a1852603f7-subset.woff
cf-ray: 6d3f62792fd35c3e-FRA
expires: Wed, 25 Jan 2023 07:54:35 GMT

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 5CD5 9 KB
9 KB 25ms
24ms Font
font/woff 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F581700858d987c12245d04b2%2F8586c66f-7c84-4e0e-881c-e8dca530b008.woff&t=%20%26%27%2B%2C.18ACEGKMSTVWabcdefghijklmnopqrstuvwy%7C%C3%A4%C3%A5%C3%A7%C3%BC%D8%A3%D8%A7%D8%A8%D8%AA%D8%AD%D8%B1%D8%B4%D8%B7%D9%82%D9%83%D9%84%D9%85%D9%88%E0%A4%82%E0%A4%94%E0%A4%97%E0%A4%A4%E0%A4%A8%E0%A4%AE%E0%A4%AF%E0%A4%B0%E0%A4%B2%E0%A4%B6%E0%A4%BE%E0%A4%BF%E0%A5%82%E0%A5%87%E0%A5%8D%E5%88%A9%E5%8F%82%E7%85%A7%E7%94%A8%E7%B4%84%E8%A6%8F
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=off&a=6183ec4acd4b4d590927097f&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601755%3B3638979%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6a82ae2dc6ce4704fba937ddf370a10f7c3dea6849f93271c99671388a23d2b

Request headers

Referer: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=off&a=6183ec4acd4b4d590927097f&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601755%3B3638979%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Origin: https://c.bannerflow.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:43 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Jan 2022 00:02:19 GMT
server: cloudflare
age: 190344
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=8586c66f-7c84-4e0e-881c-e8dca530b008-subset.woff
cf-ray: 6d3f62792fd55c3e-FRA
expires: Wed, 25 Jan 2023 00:02:19 GMT

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 5CD5 4 KB
4 KB 26ms
26ms Font
font/woff 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F581700858d987c12245d04b2%2F42eeb52d-4ab8-44ad-9b90-6a5b55a7192c.woff&t=%20%27ACDEGIJKLNOPRSTY%C3%8D%C3%96%D8%A5%D8%B6%D9%85%D9%86%E0%A4%82%E0%A4%95%E0%A4%9C%E0%A4%9F%E0%A4%B0%E0%A4%B8%E0%A4%BF%E0%A5%87%E0%A5%8D%E7%99%BB%E9%8C%B2
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=off&a=6183ec4acd4b4d590927097f&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601755%3B3638979%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd8893750cb25d515f77d7de375c86c7b1ea47bfb78ef6f06d2e1715aade1919

Request headers

Referer: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=off&a=6183ec4acd4b4d590927097f&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601755%3B3638979%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Origin: https://c.bannerflow.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:43 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Jan 2022 07:54:34 GMT
server: cloudflare
age: 162009
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=42eeb52d-4ab8-44ad-9b90-6a5b55a7192c-subset.woff
cf-ray: 6d3f62792fd75c3e-FRA
expires: Wed, 25 Jan 2023 07:54:34 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame AAEB 43 B
260 B 20ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=IPONWEB1&ol=2061738155&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwKreHhxgYYW%2Bup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-Ow7GM1%2F1Kg7M0g%3D%3D&sc=1&os=1-MQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=970&zGSRC=1&gu=https%3A%2F%2Fwww.superlutas.com.br%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.superlutas.com.br&lp=https%3A%2F%2Fwww.superlutas.com.br&t=1643259281475&de=273805249504&cu=1643259281475&m=1956&ar=3902fe7180d-clean&iw=f916008&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&lf=178&lg=1&lh=17&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A220%3A220%3A1072%3A216&aa=1&ad=1173&cn=101&gn=1&gk=1173&gl=101&ik=1173&ic=1173&ez=1&co=1173&cp=1236&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1236&cd=231&ah=1236&am=231&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=rmx%3Armx_57545%3Asuperlutas.com.br%3A1&bo=display&bd=2&gw=iponweb503341958152&zMoatOrigSlicer1=display&zMoatOrigSlicer2=2&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=5&jm=-1&tc=0&fs=196551&na=283897212&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:43 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 27 Jan 2022 04:54:43 GMT

GET
H2 200 pixel.gif
iponweb503341958152.s.moatpixel.com/ Frame AAEB 43 B
260 B 19ms
18ms Image
image/gif 2.21.143.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iponweb503341958152.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1236&tet=1173&fi=1&apd=1504&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=superlutas.com.br&L1id=rmx&L2id=rmx_57545&L3id=superlutas.com.br&L4id=1&S1id=display&S2id=2&ord=1643259281475&r=273805249504&t=iv&os=1&fi2=0&div1=1&ait=0&url=https%253A%252F%252Fwww.superlutas.com.br%252F&mobile=0&click=0&initW=970&initH=90&initSRE=0.04546875&zMoatImpID=1eae1362_73b43720f1244b12ac0bbe4c57882b9d&bedc=1&q=6&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-143-57.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:43 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 27 Jan 2022 04:54:43 GMT

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 0317 3 KB
4 KB 24ms
24ms Image
image/webp 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetway%2F581701278d987c10bca61aed%2Fimages%2F40807e86-c188-4e7e-8f70-5c3a1d78fbf7.png&w=104&h=90&q=90&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6f0a8c43f501d302935da4e0137ebc951674594cbd1919200ef19c239fd9a7c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:43 GMT
cf-cache-status: HIT
last-modified: Wed, 26 Jan 2022 07:55:13 GMT
api-supported-versions: 2.0
age: 75570
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 6d3f6279d8b55c3e-FRA
content-length: 3410
server: cloudflare
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 717f7a99-6bee-4744-a66c-3442b78fe3e7.svg
c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/images/ Frame 0317 27 KB
9 KB 28ms
28ms Image
image/svg+xml 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/images/717f7a99-6bee-4744-a66c-3442b78fe3e7.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1dd11385bf9a9e2e67c1107000d9e30010e95da3ef8b8c29b1b5c5071546595

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 Jan 2022 04:54:43 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: JDZegjfRvShKsHUH2G1lsg==
age: 959
x-ms-lease-status: unlocked
last-modified: Mon, 21 Jun 2021 11:53:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 804d82bd-d01e-0085-7e91-11c0fb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 6d3f6279e8b85c3e-FRA

GET
H2 200 60247ad2-a231-4d4d-b281-7cee8fd1d189.svg
c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/images/ Frame 0317 3 KB
1 KB 29ms
29ms Image
image/svg+xml 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/images/60247ad2-a231-4d4d-b281-7cee8fd1d189.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 115d3d222e948b73289c8180d4c821ae08feed8d7c3c62d7abff966e1f890bbb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 Jan 2022 04:54:43 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 7YVF1fdK2DQLVpofOPigCA==
age: 1010
x-ms-lease-status: unlocked
last-modified: Wed, 02 Jun 2021 09:28:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 08c463a0-001e-0000-6491-11ed26000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 6d3f6279e8ba5c3e-FRA

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame B346 7 KB
7 KB 25ms
25ms Image
image/webp 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetway%2F581701278d987c10bca61aed%2Fimages%2F9456c0d8-cdfd-48de-bbab-1f6aa6ee01f7.png&w=160&h=145&q=90&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a32a1abe3c04b272284b715ec261072d0a883fa62ab13aa2ae3123a225ac1c23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:43 GMT
cf-cache-status: HIT
last-modified: Wed, 26 Jan 2022 07:56:28 GMT
api-supported-versions: 2.0
age: 75495
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 6d3f6279f8d05c3e-FRA
content-length: 7310
server: cloudflare
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 9e2bc361-3646-41a4-a61c-2f9c8b372d9d.svg
c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/images/ Frame 0317 14 KB
4 KB 25ms
25ms Image
image/svg+xml 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/images/9e2bc361-3646-41a4-a61c-2f9c8b372d9d.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a566ae2a1e7934ac507ab1f3f7b34f7f7d4a2ecf6463c98cb1b2305e8efb19f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 Jan 2022 04:54:43 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: z/n/saqDL/0Fn4YhkL3Dgg==
age: 959
x-ms-lease-status: unlocked
last-modified: Wed, 21 Jul 2021 11:46:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: c895f7a5-601e-0080-65e9-101220000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 6d3f627a18eb5c3e-FRA

GET
H2 200 pixel.gif
px.moatads.com/ Frame AAEB 43 B
260 B 20ms
20ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=IPONWEB1&ol=2061738155&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwKreHhxgYYW%2Bup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-Ow7GM1%2F1Kg7M0g%3D%3D&sc=1&os=1-MQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=970&zGSRC=1&gu=https%3A%2F%2Fwww.superlutas.com.br%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.superlutas.com.br&lp=https%3A%2F%2Fwww.superlutas.com.br&t=1643259281475&de=273805249504&cu=1643259281475&m=1957&ar=3902fe7180d-clean&iw=f916008&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&lf=178&lg=1&lh=17&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A220%3A220%3A1072%3A216&aa=1&ad=1173&cn=1173&gn=1&gk=1173&gl=1173&ik=1173&ic=1173&ez=1&co=1173&cp=1236&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1236&cd=1236&ah=1236&am=1236&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=rmx%3Armx_57545%3Asuperlutas.com.br%3A1&bo=display&bd=2&gw=iponweb503341958152&zMoatOrigSlicer1=display&zMoatOrigSlicer2=2&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=5&jm=-1&tc=0&fs=196551&na=424059786&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:43 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 27 Jan 2022 04:54:43 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame EE34 43 B
260 B 17ms
17ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=BETWAY_GLOBAL_FT_DISPLAY1&ol=2997994851&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-WyMEUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-rBbrCERvHCbFpA%3D%3D&sc=1&os=1-pg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=970&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.superlutas.com.br&id=0&ii=2&f=1&j=https%3A%2F%2Fb5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.superlutas.com.br&t=1643259281833&de=601870697228&cu=1643259281833&m=1709&ar=3902fe7180d-clean&iw=5737bc0&cb=0&ym=0&ll=2&lm=3&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A432%3A432%3A798%3A211&aa=1&ad=1074&cn=53&gn=1&gk=1074&gl=53&ik=1074&ic=1074&ez=1&co=1074&cp=1014&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1014&cd=95&ah=1014&am=95&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=152991%3A17602%3A5601755%3A3638979&bo=superlutas.com.br&bd=superlutas.com.br&gw=betwayglobalftdisplay906661272790&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMMStrategy=-&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196551&na=659990172&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:43 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 27 Jan 2022 04:54:43 GMT

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame B346 7 KB
7 KB 25ms
24ms Image
image/webp 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetway%2F581701278d987c10bca61aed%2Fimages%2F9456c0d8-cdfd-48de-bbab-1f6aa6ee01f7.png&w=160&h=145&q=90&f=webp&rt=contain
Requested by: Host:
URL: widget-dc307f45-dbf8-4d8f-845b-c6d89cfe61d7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a32a1abe3c04b272284b715ec261072d0a883fa62ab13aa2ae3123a225ac1c23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:43 GMT
cf-cache-status: HIT
last-modified: Wed, 26 Jan 2022 07:56:28 GMT
api-supported-versions: 2.0
age: 75495
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 6d3f627a391d5c3e-FRA
content-length: 7310
server: cloudflare
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 pixel.gif
px.moatads.com/ Frame AAEB 43 B
260 B 18ms
18ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=IPONWEB1&ol=2061738155&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwKreHhxgYYW%2Bup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-Ow7GM1%2F1Kg7M0g%3D%3D&sc=1&os=1-MQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=970&zGSRC=1&gu=https%3A%2F%2Fwww.superlutas.com.br%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.superlutas.com.br&lp=https%3A%2F%2Fwww.superlutas.com.br&t=1643259281475&de=273805249504&cu=1643259281475&m=1958&ar=3902fe7180d-clean&iw=f916008&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&lf=178&lg=1&lh=17&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A220%3A220%3A1072%3A216&aa=1&ad=1173&cn=1173&gn=1&gk=1173&gl=1173&ik=1173&ic=1173&ez=1&co=1173&cp=1236&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1236&cd=1236&ah=1236&am=1236&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=rmx%3Armx_57545%3Asuperlutas.com.br%3A1&bo=display&bd=2&gw=iponweb503341958152&zMoatOrigSlicer1=display&zMoatOrigSlicer2=2&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=5&jm=-1&tc=0&fs=196551&na=1376101163&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:43 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 27 Jan 2022 04:54:43 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame EE34 43 B
260 B 16ms
16ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=BETWAY_GLOBAL_FT_DISPLAY1&ol=2997994851&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-WyMEUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-rBbrCERvHCbFpA%3D%3D&sc=1&os=1-pg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=970&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.superlutas.com.br&id=0&ii=2&f=1&j=https%3A%2F%2Fb5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.superlutas.com.br&t=1643259281833&de=601870697228&cu=1643259281833&m=1710&ar=3902fe7180d-clean&iw=5737bc0&cb=0&ym=0&ll=2&lm=3&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A432%3A432%3A798%3A211&aa=1&ad=1074&cn=1074&gn=1&gk=1074&gl=1074&ik=1074&ic=1074&ez=1&co=1074&cp=1014&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1014&cd=1014&ah=1014&am=1014&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=152991%3A17602%3A5601755%3A3638979&bo=superlutas.com.br&bd=superlutas.com.br&gw=betwayglobalftdisplay906661272790&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMMStrategy=-&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196551&na=405320835&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:43 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 27 Jan 2022 04:54:43 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame EE34 43 B
260 B 23ms
23ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=BETWAY_GLOBAL_FT_DISPLAY1&ol=2997994851&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-WyMEUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-rBbrCERvHCbFpA%3D%3D&sc=1&os=1-pg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=970&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.superlutas.com.br&id=0&ii=2&f=1&j=https%3A%2F%2Fb5823e8f6631fb9d1ee113afe45b394a.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.superlutas.com.br&t=1643259281833&de=601870697228&cu=1643259281833&m=1711&ar=3902fe7180d-clean&iw=5737bc0&cb=0&ym=0&ll=2&lm=3&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A432%3A432%3A798%3A211&aa=1&ad=1074&cn=1074&gn=1&gk=1074&gl=1074&ik=1074&ic=1074&ez=1&co=1074&cp=1014&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1014&cd=1014&ah=1014&am=1014&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=152991%3A17602%3A5601755%3A3638979&bo=superlutas.com.br&bd=superlutas.com.br&gw=betwayglobalftdisplay906661272790&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMMStrategy=-&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196551&na=1995250404&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:43 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 27 Jan 2022 04:54:43 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 791E 281 B
554 B 94ms
18ms Document
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 27 Jan 2022 04:54:43 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 86AF 2 KB
814 B 18ms
18ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1643259280057

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
spl.zeotap.com/ Frame CB11 8 KB
2 KB 196ms
150ms Document
text/html 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8c13a2d13f2032c7799a3908bf47d4f2114f25be8260a906704ade8084b1a8c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/

Response headers

date: Thu, 27 Jan 2022 04:54:44 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://www.superlutas.com.br
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d3f627caf938fee-FRA
content-encoding: br

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame CEF5 52 KB
17 KB 78ms
20ms Document
text/html 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Content-Type: text/html
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Fri, 28 Jan 2022 04:54:45 GMT
Date: Thu, 27 Jan 2022 04:54:43 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame C83D 52 KB
17 KB 78ms
21ms Document
text/html 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.superlutas.com.br/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Content-Type: text/html
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Fri, 28 Jan 2022 04:54:45 GMT
Date: Thu, 27 Jan 2022 04:54:43 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame CEF5 0
735 B 24ms
24ms Script
text/html 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 04:54:44 GMT
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 56fca0ad-06e4-4da1-ad8b-26f5a39031d4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 791E 32 KB
10 KB 17ms
17ms Script
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f46cc92a45e5d2f9007c9aff6ea24d395c901a5878f441733bb5d08682f4765a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 04:54:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 23:04:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=17027
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9704
Expires: Thu, 27 Jan 2022 09:38:31 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame C83D 0
735 B 25ms
24ms Script
text/html 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 04:54:44 GMT
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e6dfcd88-ac06-445e-8923-2bda1fa0f736
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame CB11 0
0 25ms
25ms Image
text/html 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame CB11 170 B
188 B 61ms
61ms Image
image/png 142.250.74.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame CB11
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=61190d7e-293b-46c3-82ba-8cff8564263a&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666...

95 B
153 B

158ms
157ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=61190d7e-293b-46c3-82ba-8cff8564263a&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:44 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6d3f627e497d8fee-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=61190d7e-293b-46c3-82ba-8cff8564263a&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361
date: Thu, 27 Jan 2022 04:54:44 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 403 /
dmp.adform.net/serving/cookie/match/ Frame CB11 0
331 B 101ms
31ms Image
text/plain 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:44 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

mw
mwzeom.zeotap.com/ Frame CB11
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dca36a3f4-ab18-498a-7f12-9b02bba4c742%26reqId%3D5...
https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dca36a3f4-ab18-498a-7f12-9b02bba4c742%26reqId%3D5...
https://mwzeom.zeotap.com/mw?cid=e109480c-1578-441e-bdf4-86c3c48fb9da&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666...

95 B
153 B

151ms
151ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=e109480c-1578-441e-bdf4-86c3c48fb9da&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:44 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6d3f627eea1e8fee-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:44 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://mwzeom.zeotap.com/mw?cid=e109480c-1578-441e-bdf4-86c3c48fb9da&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 481

GET
H2 200 cm
trc.taboola.com/sg/zeotap/1/ Frame CB11 0
104 B 30ms
26ms Image
text/plain 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 27 Jan 2022 04:54:44 GMT
via: 1.1 varnish
server: nginx
x-timer: S1643259284.112461,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4029-HHN

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame CB11 0
411 B 967ms
102ms Image
text/html 2600:1f18:6593:f602:3fd7:c8e3:cbda:5fe9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:6593:f602:3fd7:c8e3:cbda:5fe9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 04:54:45 GMT
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Content-Type: text/html
Keep-Alive: timeout=300
Content-Length: 0
Expires: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame CB11 0
41 B 32ms
28ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dca36a3f4-ab18-498a-7f12-9b02bba4c742%26reqId%3D5c4ef559-67ca-4666-78c9-b3e5cbd15584%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:43 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

mw
mwzeom.zeotap.com/ Frame CB11
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=136...
https://mwzeom.zeotap.com/mw?cid=41152c12-cafb-4e7a-a32c-d865bd437c94&zpartnerid=317&gdpr=1&gdpr_consent=

95 B
153 B

150ms
149ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=41152c12-cafb-4e7a-a32c-d865bd437c94&zpartnerid=317&gdpr=1&gdpr_consent=
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6d3f62846fea8fee-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:45 GMT
server: Apache-Coyote/1.1
location: https://mwzeom.zeotap.com/mw?cid=41152c12-cafb-4e7a-a32c-d865bd437c94&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame CB11
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=ca36a3f4-ab18-498a-7f12-9b02bba4c742&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=ca36a3f4-ab18-498a-7f12-9b02bba4c742&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=03098865546276556283380246960718046729&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-...

95 B
153 B

150ms
149ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=03098865546276556283380246960718046729&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:44 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6d3f627f1a4c8fee-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

DCS: dcs-prod-irl1-1-v027-09de5dfea.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 4fvEQ+G5Slg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=03098865546276556283380246960718046729&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 /
loadeu.exelator.com/load/ Frame CB11 0
324 B 177ms
47ms Image
text/plain 34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:44 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

mw
mwzeom.zeotap.com/ Frame CB11
Redirect Chain

https://bn01.er.bemail.it/zeotap.php?_bid=ca36a3f4-ab18-498a-7f12-9b02bba4c742&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-...
https://mwzeom.zeotap.com/mw?cid=BE1-2022012705-73016-0.238219001643259285-b639bae00ed797e5e272a9433655678f&zdid=533&env=mWeb

95 B
153 B

155ms
155ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=BE1-2022012705-73016-0.238219001643259285-b639bae00ed797e5e272a9433655678f&zdid=533&env=mWeb
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:44 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6d3f627ea9de8fee-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=BE1-2022012705-73016-0.238219001643259285-b639bae00ed797e5e272a9433655678f&zdid=533&env=mWeb
Date: Thu, 27 Jan 2022 04:54:45 GMT
Server: nginx/1.10.2
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2

200

mw
mwzeom.zeotap.com/ Frame CB11
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=7057744883630274714&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-...

95 B
181 B

151ms
150ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=7057744883630274714&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:44 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6d3f627e39788fee-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=7057744883630274714&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361
Date: Thu, 27 Jan 2022 04:54:44 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame CB11
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=ca36a3f4-ab18-498a-7f12-9b02bba4c742
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=ca36a3f4-ab18-498a-7f12-9b02bba4c742

95 B
426 B

26ms
26ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=ca36a3f4-ab18-498a-7f12-9b02bba4c742

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:44 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=ca36a3f4-ab18-498a-7f12-9b02bba4c742
date: Thu, 27 Jan 2022 04:54:44 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame CB11
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=ca36a3f4-ab18-498a-7f12-9b02bba4c742&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=ca36a3f4-ab18-498a-7f12-9b02bba4c742&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://mwzeom.zeotap.com/mw?webouuid=hd124n9C0kw4H0mdqRDvIe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-46...

95 B
153 B

153ms
153ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?webouuid=hd124n9C0kw4H0mdqRDvIe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6d3f62828e1e8fee-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:44 GMT
via: 1.1 google
last-modified: Thu, 27 Jan 2022 04:54:44 GMT
server: nginx/1.12.0
location: https://mwzeom.zeotap.com/mw?webouuid=hd124n9C0kw4H0mdqRDvIe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 2.gif
dmp.theadex.com/d/949/i/ Frame CB11 36 B
335 B 632ms
20ms Image
image/gif 89.163.159.103
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=ca36a3f4-ab18-498a-7f12-9b02bba4c742&axd_pid=175
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.163.159.103 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx /
Resource Hash: 204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:44 GMT
server: nginx
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-length: 36
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame CB11
Redirect Chain

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=ca36a3f4-ab18-498a-7f12-9b02bba4c742?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=ca36a3f4-ab18-498a-7f12-9b02bba4c742?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
https://mwzeom.zeotap.com/mw?pid=6ab363a347e5f58010347d2297af5711&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67...

95 B
153 B

150ms
150ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?pid=6ab363a347e5f58010347d2297af5711&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6d3f6282de818fee-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:44 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://mwzeom.zeotap.com/mw?pid=6ab363a347e5f58010347d2297af5711&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361
cache-control: no-cache
x-server: 10.45.24.115
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame CB11
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-WFfqHgFE2opfs8K1B7EuZNZXlS5Y1HnFYg--~A&zpartnerid=570&env=mWeb

95 B
176 B

153ms
153ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=y-WFfqHgFE2opfs8K1B7EuZNZXlS5Y1HnFYg--~A&zpartnerid=570&env=mWeb
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6d3f62826de98fee-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

date: Thu, 27 Jan 2022 04:54:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://mwzeom.zeotap.com/mw?cid=y-WFfqHgFE2opfs8K1B7EuZNZXlS5Y1HnFYg--~A&zpartnerid=570&env=mWeb
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H2

200

mw
mwzeom.zeotap.com/ Frame CB11
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=Yy2MPw3zl0zHY2WMoplqVWaN9GckQo8d%2BS41iYitP1U%3D

95 B
153 B

151ms
151ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=Yy2MPw3zl0zHY2WMoplqVWaN9GckQo8d%2BS41iYitP1U%3D
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:44 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6d3f62824d948fee-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:44 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=Yy2MPw3zl0zHY2WMoplqVWaN9GckQo8d%2BS41iYitP1U%3D
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame CB11 43 B
106 B 28ms
26ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=ca36a3f4-ab18-498a-7f12-9b02bba4c742&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:44 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame CB11 0
338 B 500ms
100ms Image
text/plain 52.22.124.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.124.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-124-154.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:44 GMT
cache-control: private, no-cache, no-store
x-request-time: D=35 t=1643259284
x-served-by: beacon-n029-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame CB11 95 B
361 B 389ms
23ms Image
image/png 168.119.146.39
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=ca36a3f4-ab18-498a-7f12-9b02bba4c742&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.39.146.119.168.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:44 GMT
server: nginx/1.14.2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/png

GET
H2

200

mw
mwzeom.zeotap.com/ Frame CB11
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YfIllAABnN9bhABB&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e...

95 B
153 B

147ms
147ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YfIllAABnN9bhABB&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:44 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6d3f62809bd08fee-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:44 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1643259284.456559,VS0,VE93
x-served-by: cache-hhn4083-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YfIllAABnN9bhABB&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame CB11
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://mwzeom.zeotap.com/mw?cid=8f6761f2-2594-4200-bca9-4f731221a2ce&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef55...

95 B
153 B

159ms
159ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=8f6761f2-2594-4200-bca9-4f731221a2ce&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:44 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6d3f62824d988fee-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Date: Thu, 27 Jan 2022 04:54:44 GMT
Server: MT3 4133 baa842e master cdg-pixel-x27 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://mwzeom.zeotap.com/mw?cid=8f6761f2-2594-4200-bca9-4f731221a2ce&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Thu, 27 Jan 2022 04:54:43 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame CB11
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd1...

0
337 B

100ms
100ms

Image
text/plain

52.22.124.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361
Protocol: H2
Server: 52.22.124.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-124-154.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:45 GMT
cache-control: private, no-cache, no-store
x-request-time: D=31 t=1643259285
x-served-by: beacon-n021-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361
date: Thu, 27 Jan 2022 04:54:45 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a007-ash-prod.krxd.net

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame CB11
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=ca36a3f4-ab18-498a-7f12-9b02bba4c742&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f1...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=ca36a3f4-ab18-498a-7f12-9b02bba4c742&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f1...

43 B
645 B

59ms
59ms

Image
image/gif

52.94.222.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=ca36a3f4-ab18-498a-7f12-9b02bba4c742&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361&dcc=t

Protocol

HTTP/1.1

Server

52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 04:54:45 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: K7NVEN969CA5T4SJ39RG
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 04:54:44 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: EAYDF24XAM9MXCFZ694Q
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=ca36a3f4-ab18-498a-7f12-9b02bba4c742&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 400 87734
tags.bluekai.com/site/ Frame CB11 0
145 B 211ms
184ms Image
text/plain 104.90.192.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/87734?id=ca36a3f4-ab18-498a-7f12-9b02bba4c742&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.192.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-192-27.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:45 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame CB11
Redirect Chain

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dca3...
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361

95 B
153 B

148ms
147ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6d3f62846fe58fee-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361
date: Thu, 27 Jan 2022 04:54:45 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame CB11 557 B
480 B 375ms
374ms Script
text/plain 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9629ed0f734c9ae1c1061e08c269946205ef0cf1b03760649f18f1678c98aec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray: 6d3f627db8e28fee-FRA
date: Thu, 27 Jan 2022 04:54:44 GMT
via: 1.1 google
cf-cache-status: MISS
last-modified: Thu, 27 Jan 2022 04:54:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 791E
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWNkNGQyNGRmZjI5MWViMWQzYzc3NDBjZTc2YzZlZWVlOTFlZTQ5NA

170 B
188 B

64ms
63ms

Image
image/png

142.250.74.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWNkNGQyNGRmZjI5MWViMWQzYzc3NDBjZTc2YzZlZWVlOTFlZTQ5NA

Protocol

Server

142.250.74.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWNkNGQyNGRmZjI5MWViMWQzYzc3NDBjZTc2YzZlZWVlOTFlZTQ5NA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 791E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YfIllAABnN9bhABB
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfIllAABnN9bhABB&_test=YfIllAABnN9bhABB

0
239 B

20ms
19ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfIllAABnN9bhABB&_test=YfIllAABnN9bhABB
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:44 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1643259284.325950,VS0,VE0
x-served-by: cache-hhn4083-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfIllAABnN9bhABB&_test=YfIllAABnN9bhABB
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 791E
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lXSTVCU1ctVC05TkRG

170 B
188 B

62ms
62ms

Image
image/png

142.250.74.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lXSTVCU1ctVC05TkRG

Protocol

Server

142.250.74.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lXSTVCU1ctVC05TkRG
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 791E
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYWI5BSW-T-9NDF&sigv=1&esig=2~48acf00b9e259a7843fe6655555a9c53529eb7d5

0
47 B

30ms
18ms

Image
text/plain

2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYWI5BSW-T-9NDF&sigv=1&esig=2~48acf00b9e259a7843fe6655555a9c53529eb7d5

Protocol

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:54:44 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYWI5BSW-T-9NDF&sigv=1&esig=2~48acf00b9e259a7843fe6655555a9c53529eb7d5
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 791E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=8f6761f2-2594-4200-bca9-4f731221a2ce

0
239 B

20ms
19ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=8f6761f2-2594-4200-bca9-4f731221a2ce
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

Date: Thu, 27 Jan 2022 04:54:44 GMT
Server: MT3 4133 baa842e master cdg-pixel-x25 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=8f6761f2-2594-4200-bca9-4f731221a2ce
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 27 Jan 2022 04:54:43 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 791E 70 B
264 B 116ms
46ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:54:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 791E 0
0 79ms
26ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 791E
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/5hvc01C7ApVyKVCKd5Ajbg?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4619165362298983510

0
239 B

19ms
19ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4619165362298983510
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

date: Thu, 27 Jan 2022 04:54:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4619165362298983510
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame EE34 1 B
280 B 123ms
123ms XHR
text/plain 130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=ZeBagfRkxqcAZtFIYKRJLdWYCsAJyIAR-FE7fPshldVrqKDkZ03zMGk/H-E0zFP89kalvmMg==&pm_ct=62d86f1cef7f008011ad94e1&pm_pl=1643259281979&pm_td=2200&pid=1000791&en=1.1&callback=__pm_glbl_1ZZ04f9lvKFl4b14lJmdvTNh._gc7&tt=g&v=1f9f249
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://eu.sportradarserving.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://eu.sportradarserving.com
Date: Thu, 27 Jan 2022 04:54:44 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H2 204 cmp
spl.zeotap.com/ Frame CB11 0
0 150ms
150ms Document
text/plain 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361&cmp=0
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=ca36a3f4-ab18-498a-7f12-9b02bba4c742&reqId=5c4ef559-67ca-4666-78c9-b3e5cbd15584&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date: Thu, 27 Jan 2022 04:54:44 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://spl.zeotap.com
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d3f62820d4a8fee-FRA

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame CEF5 0
735 B 24ms
23ms Script
text/html 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 04:54:45 GMT
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5a0a091d-2f90-4f7f-b785-bfc25b33359a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame C83D 0
735 B 76ms
52ms Script
text/html 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS