urlscan.io logo urlscan.io
SecurityTrails logo

www.controle.diarioceleste.com.br Open in urlscan Pro
190.89.239.204  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.controle.diarioceleste.com.br/
Submission: On January 04 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 76 IPs in 9 countries across 74 domains to perform 615 HTTP transactions. The main IP is 190.89.239.204, located in Brazil and belongs to HVC-AS, US. The main domain is www.controle.diarioceleste.com.br.
TLS certificate: Issued by R3 on January 4th 2022. Valid for: 3 months.
This is the only time www.controle.diarioceleste.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
116 190.89.239.204 29802 (HVC-AS)
18 192.0.77.37 2635 (AUTOMATTIC)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 192.0.76.3 2635 (AUTOMATTIC)
2 2a03:2880:f01... 32934 (FACEBOOK)
6 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
20 142.250.185.66 15169 (GOOGLE)
29 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 3.129.250.65 16509 (AMAZON-02)
5 2.18.232.7 16625 (AKAMAI-AS)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 18 37.157.6.246 198622 (ADFORM)
31 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
2 2600:1901:0:7... 15169 (GOOGLE)
24 2606:4700:20:... 13335 (CLOUDFLAR...)
2 3 2620:116:800d... 16509 (AMAZON-02)
4 4 151.101.2.49 54113 (FASTLY)
7 47 142.250.186.34 15169 (GOOGLE)
1 1 35.186.193.173 15169 (GOOGLE)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
3 3 72.251.249.14 29791 (VOXEL-DOT...)
8 151.139.128.11 20446 (HIGHWINDS3)
2 2 66.155.71.150 13768 (COGECO-PEER1)
4 52.58.61.12 16509 (AMAZON-02)
7 10 18.185.252.3 16509 (AMAZON-02)
3 3 185.29.134.244 30419 (MEDIAMATH...)
1 75.2.29.42 16509 (AMAZON-02)
5 2.18.234.233 16625 (AKAMAI-AS)
12 37.157.2.248 198622 (ADFORM)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 143.204.215.88 16509 (AMAZON-02)
1 13.248.151.244 16509 (AMAZON-02)
2 7 3.33.220.150 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
1 2 172.67.177.215 13335 (CLOUDFLAR...)
2 2 185.33.221.88 29990 (ASN-APPNEX)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
7 146.20.128.75 27357 (RACKSPACE)
1 142.250.184.230 15169 (GOOGLE)
20 146.20.128.185 27357 (RACKSPACE)
7 9 2001:678:cb4:... 56396 (AMOBEE)
4 4 84.200.5.215 31400 (ACCELERAT...)
1 1 78.46.85.162 24940 (HETZNER-AS)
1 82.113.101.132 6805 (TDDE-ASN1)
1 1 46.4.41.145 24940 (HETZNER-AS)
1 82.113.101.236 6805 (TDDE-ASN1)
2 104.111.239.217 16625 (AKAMAI-AS)
1 1 54.186.168.56 16509 (AMAZON-02)
4 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 3.120.18.167 16509 (AMAZON-02)
4 4 2a05:d018:d29... 16509 (AMAZON-02)
27 2a00:1450:400... 15169 (GOOGLE)
4 142.250.181.226 15169 (GOOGLE)
5 5 18.194.149.16 16509 (AMAZON-02)
2 2 52.214.119.250 16509 (AMAZON-02)
2 35.186.253.211 15169 (GOOGLE)
3 3 18.158.253.107 16509 (AMAZON-02)
5 5 18.156.0.31 16509 (AMAZON-02)
11 146.20.128.47 27357 (RACKSPACE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 169.50.137.182 36351 (SOFTLAYER)
12 13.32.27.72 16509 (AMAZON-02)
6 35.156.28.35 16509 (AMAZON-02)
4 39 13.248.245.213 16509 (AMAZON-02)
1 104.111.218.85 16625 (AKAMAI-AS)
1 37.157.6.252 198622 (ADFORM)
2 46.236.13.147 12703 (PULSANT-AS)
1 1 213.133.107.215 24940 (HETZNER-AS)
1 2 159.69.159.132 24940 (HETZNER-AS)
2 2 3.120.64.49 16509 (AMAZON-02)
4 185.94.180.123 35220 (SPOTX-AMS)
2 34.98.64.218 15169 (GOOGLE)
6 6 3.66.59.71 16509 (AMAZON-02)
6 18.194.21.212 16509 (AMAZON-02)
4 2.18.233.180 16625 (AKAMAI-AS)
2 2 198.47.127.19 62713 (AS-PUBMATIC)
1 1 2600:9000:211... 16509 (AMAZON-02)
1 2 34.96.105.8 15169 (GOOGLE)
1 143.204.215.68 16509 (AMAZON-02)
1 1 34.102.163.6 15169 (GOOGLE)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2 209.54.180.144 16509 (AMAZON-02)
1 1 50.31.142.63 23352 (SERVERCEN...)
6 13.35.253.104 16509 (AMAZON-02)
2 4 185.33.221.14 29990 (ASN-APPNEX)
2 2 52.30.38.36 16509 (AMAZON-02)
1 1 3.238.93.74 ()
2 2 18.195.217.206 16509 (AMAZON-02)
1 1 3.228.133.61 14618 (AMAZON-AES)
2 3.248.87.88 ()
615 76
116    190.89.239.204 (Brazil)

ASN29802 (HVC-AS, US)
PTR: us343.serverdo.in
www.controle.diarioceleste.com.br
controle.diarioceleste.com.br
18    192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
c0.wp.com
2    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:3033::ac43:9036 (United States)

ASN13335 (CLOUDFLARENET, US)
tags.juicebarads.com
4    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
6    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2606:4700::6812:19f6 (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.cleverwebserver.com
ui.cleverwebserver.com
5    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2606:4700:3031::ac43:b242 (United States)

ASN13335 (CLOUDFLARENET, US)
diarioceleste.com.br
www.diarioceleste.com.br
20    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
29    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
6    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
6    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    3.129.250.65 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-129-250-65.us-east-2.compute.amazonaws.com
ads.vidoomy.com
5    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
t.teads.tv
9    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
1    2a02:26f0:6c00:19c::26e5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s8t.teads.tv
18    37.157.6.246 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
c1.adform.net
31    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
11    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
24    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
3    2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
4    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
47    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
2    2a05:d018:24:b001:a15e:14c8:83cf:d3c5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
3    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
8    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
ad.lkqd.net
2    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
4    52.58.61.12 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-61-12.eu-central-1.compute.amazonaws.com
a.vidoomy.com
10    18.185.252.3 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-252-3.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    75.2.29.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: ae6a0aaac8071ff4b.awsglobalaccelerator.com
stg.vidoomy.com
5    2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
12    37.157.2.248 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
2    2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
1    143.204.215.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-88.fra53.r.cloudfront.net
choices.truste.com
1    13.248.151.244 (United States)

ASN16509 (AMAZON-02, US)
PTR: ad9411418cf2cdacd.awsglobalaccelerator.com
de1-bid.adsrvr.org
7    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    172.67.177.215 (United States)

ASN13335 (CLOUDFLARENET, US)
metrics.getrockerbox.com
2    185.33.221.88 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
4    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
7    146.20.128.75 (United States)

ASN27357 (RACKSPACE, US)
v.lkqd.net
1    142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net
ad.doubleclick.net
20    146.20.128.185 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
9    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
4    84.200.5.215 (Germany)

ASN31400 (ACCELERATED-IT, DE)
www.telefonica-partner.de
www.lead-alliance.net
1    78.46.85.162 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads1.sunbonet.de
partner.o2online.de
1    82.113.101.132 (Hanau, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de
portal.o2online.de
1    46.4.41.145 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads2.sunbonet.de
partner.blau.de
1    82.113.101.236 (Hanau, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.blau.de
portal.blau.de
2    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
1    54.186.168.56 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-186-168-56.us-west-2.compute.amazonaws.com
pixel.everesttech.net
4    2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
triplelift-match.dotomi.com
2    3.120.18.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-18-167.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
4    2a05:d018:d29:3602:7523:c0c8:9412:6c81 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
27    2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
googleads4.g.doubleclick.net
5    18.194.149.16 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-149-16.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    52.214.119.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-119-250.eu-west-1.compute.amazonaws.com
r.scoota.co
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
3    18.158.253.107 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-253-107.eu-central-1.compute.amazonaws.com
pixel.advertising.com
5    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
11    146.20.128.47 (United States)

ASN27357 (RACKSPACE, US)
t.lkqd.net
2    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
12    13.32.27.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-72.fra56.r.cloudfront.net
ib.3lift.com
6    35.156.28.35 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-28-35.eu-central-1.compute.amazonaws.com
tlx.3lift.com
39    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    104.111.218.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-218-85.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    37.157.6.252 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
cm.adform.net
2    46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net
track.webgains.com
1    213.133.107.215 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: dedi1115.your-server.de
campaign.mobility-ads.de
2    159.69.159.132 (Hobstin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.132.159.69.159.clients.your-server.de
www.autohaus-koenig.de
2    3.120.64.49 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-64-49.eu-central-1.compute.amazonaws.com
aws-fr.bidswitch.net
4    185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
vidoomy-d.openx.net
6    3.66.59.71 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-59-71.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
6    18.194.21.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-21-212.eu-central-1.compute.amazonaws.com
ads-eu.v.ssp.yahoo.com
4    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
vpaid.pubmatic.com
2    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    2600:9000:211e:fa00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    143.204.215.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-68.fra53.r.cloudfront.net
analytics.webgains.io
1    34.102.163.6 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    209.54.180.144 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    50.31.142.63 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
6    13.35.253.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-104.fra6.r.cloudfront.net
choices.trustarc.com
4    185.33.221.14 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    52.30.38.36 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-38-36.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    3.238.93.74 (None, )

ASN- ()
sync.hgrtb.com
2    18.195.217.206 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-217-206.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
1    3.228.133.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-133-61.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    3.248.87.88 (None, )

ASN- ()
api.webgains.io
Apex Domain
Subdomains		 Transfer
118 diarioceleste.com.br
www.controle.diarioceleste.com.br
controle.diarioceleste.com.br
diarioceleste.com.br
www.diarioceleste.com.br
3 MB
76 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
ad.doubleclick.net
googleads4.g.doubleclick.net
303 KB
69 googlesyndication.com
pagead2.googlesyndication.com
2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
tpc.googlesyndication.com
447 KB
57 3lift.com
ib.3lift.com
tlx.3lift.com
eb2.3lift.com
277 KB
46 lkqd.net
ad.lkqd.net
v.lkqd.net
cs.lkqd.net
t.lkqd.net
222 KB
31 adform.net
track.adform.net
s1.adform.net
c1.adform.net
cm.adform.net
423 KB
28 ad4m.at
as.ad4m.at
ad4m.at
assets.ad4m.at
719 KB
27 2mdn.net
s0.2mdn.net
238 KB
20 wp.com
c0.wp.com
stats.wp.com
pixel.wp.com
165 KB
15 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
ads-eu.v.ssp.yahoo.com
9 KB
12 bidswitch.net
x.bidswitch.net
aws-fr.bidswitch.net
5 KB
11 googletagservices.com
www.googletagservices.com
350 KB
9 advertising.com
pixel.advertising.com
ads.adaptv.advertising.com
6 KB
9 turn.com
ad.turn.com
r.turn.com
4 KB
8 adsrvr.org
de1-bid.adsrvr.org
match.adsrvr.org
4 KB
8 google.com
www.google.com
adservice.google.com
2 KB
6 trustarc.com
choices.trustarc.com
17 KB
6 pubmatic.com
vpaid.pubmatic.com
image6.pubmatic.com
5 KB
6 adnxs.com
secure.adnxs.com
ib.adnxs.com
4 KB
6 teads.tv
a.teads.tv
s8t.teads.tv
t.teads.tv
133 KB
6 vidoomy.com
ads.vidoomy.com
a.vidoomy.com
stg.vidoomy.com
7 KB
6 gstatic.com
fonts.gstatic.com
122 KB
5 w55c.net
pm.w55c.net
4 KB
5 stickyadstv.com
ads.stickyadstv.com
6 KB
5 everesttech.net
sync-tm.everesttech.net
pixel.everesttech.net
2 KB
5 google-analytics.com
www.google-analytics.com
40 KB
4 spotxchange.com
search.spotxchange.com
5 KB
4 openx.net
rtb.openx.net
vidoomy-d.openx.net
849 B
4 dotomi.com
dclk-match.dotomi.com
triplelift-match.dotomi.com
413 B
4 ad4mat.net
prod-rtb.ad4mat.net
static-de.ad4mat.net
8 KB
4 onesignal.com
cdn.onesignal.com
onesignal.com
76 KB
4 googletagmanager.com
www.googletagmanager.com
142 KB
3 webgains.io
analytics.webgains.io
api.webgains.io
51 KB
3 mathtag.com
sync.mathtag.com
2 KB
3 lijit.com
ap.lijit.com
2 KB
3 quantserve.com
cms.quantserve.com
1 KB
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 bidr.io
match.prod.bidr.io
1004 B
2 amazon-adsystem.com
s.amazon-adsystem.com
704 B
2 blismedia.com
tr.blismedia.com
541 B
2 autohaus-koenig.de
www.autohaus-koenig.de
532 B
2 webgains.com
track.webgains.com
42 KB
2 simpli.fi
um.simpli.fi
1 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 scoota.co
r.scoota.co
1 KB
2 creative-serving.com
ads.creative-serving.com
1 KB
2 awin1.com
www.awin1.com
1 KB
2 blau.de
partner.blau.de
portal.blau.de
2 KB
2 o2online.de
partner.o2online.de
portal.o2online.de
2 KB
2 lead-alliance.net
www.lead-alliance.net
1 KB
2 telefonica-partner.de
www.telefonica-partner.de
576 B
2 getrockerbox.com
metrics.getrockerbox.com
1 KB
2 sitescout.com
pixel-sync.sitescout.com
547 B
2 tidaltv.com
sync.tidaltv.com
828 B
2 google.de
adservice.google.de
914 B
2 cleverwebserver.com
scripts.cleverwebserver.com
ui.cleverwebserver.com
52 KB
2 facebook.net
connect.facebook.net
84 KB
2 googleapis.com
fonts.googleapis.com
2 KB
1 stackadapt.com
sync.srv.stackadapt.com
623 B
1 hgrtb.com
sync.hgrtb.com
259 B
1 zemanta.com
b1sync.zemanta.com
301 B
1 bing.com
c.bing.com
593 B
1 linkedin.com
px.ads.linkedin.com
706 B
1 mrtnsvr.com
ad.mrtnsvr.com
216 B
1 smaato.net
s.ad.smaato.net
444 B
1 mobility-ads.de
campaign.mobility-ads.de
469 B
1 yieldlab.net
ad.yieldlab.net
522 B
1 mookie1.com
odr.mookie1.com
324 B
1 truste.com
choices.truste.com
9 KB
1 ctnsnet.com
gcm.ctnsnet.com
512 B
1 googleadservices.com
partner.googleadservices.com
454 B
1 facebook.com
www.facebook.com
295 B
1 juicebarads.com
tags.juicebarads.com
14 KB
0 netmng.com Failed
google2waycm.netmng.com Failed
615 74
Domain Requested by
115 controle.diarioceleste.com.br www.controle.diarioceleste.com.br
controle.diarioceleste.com.br
47 cm.g.doubleclick.net 7 redirects 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
www.controle.diarioceleste.com.br
eb2.3lift.com
39 eb2.3lift.com 4 redirects 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
ib.3lift.com
eb2.3lift.com
www.controle.diarioceleste.com.br
31 tpc.googlesyndication.com 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
www.controle.diarioceleste.com.br
tpc.googlesyndication.com
s0.2mdn.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
29 pagead2.googlesyndication.com tags.juicebarads.com
pagead2.googlesyndication.com
2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
ad.doubleclick.net
tpc.googlesyndication.com
www.controle.diarioceleste.com.br
s0.2mdn.net
ib.3lift.com
googleads.g.doubleclick.net
www.googletagservices.com
27 s0.2mdn.net www.controle.diarioceleste.com.br
s0.2mdn.net
googleads.g.doubleclick.net
2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
20 cs.lkqd.net ad.lkqd.net
19 securepubads.g.doubleclick.net tags.juicebarads.com
securepubads.g.doubleclick.net
www.controle.diarioceleste.com.br
18 c0.wp.com www.controle.diarioceleste.com.br
17 track.adform.net 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
s1.adform.net
www.controle.diarioceleste.com.br
12 ib.3lift.com 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
ib.3lift.com
12 assets.ad4m.at as.ad4m.at
12 s1.adform.net track.adform.net
s1.adform.net
www.controle.diarioceleste.com.br
2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
aws-fr.bidswitch.net
11 t.lkqd.net ad.lkqd.net
11 www.googletagservices.com 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
www.googletagservices.com
googleads.g.doubleclick.net
10 x.bidswitch.net 7 redirects www.controle.diarioceleste.com.br
eb2.3lift.com
9 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
8 ad.lkqd.net www.controle.diarioceleste.com.br
ad.lkqd.net
8 ad4m.at as.ad4m.at
ad4m.at
8 as.ad4m.at 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
as.ad4m.at
ad4m.at
7 ad.turn.com 7 redirects
7 v.lkqd.net ad.lkqd.net
7 match.adsrvr.org 2 redirects 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
eb2.3lift.com
6 choices.trustarc.com choices.truste.com
www.controle.diarioceleste.com.br
choices.trustarc.com
6 ads-eu.v.ssp.yahoo.com www.controle.diarioceleste.com.br
6 ads.adaptv.advertising.com 6 redirects
6 tlx.3lift.com 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
6 www.google.com www.controle.diarioceleste.com.br
2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
tpc.googlesyndication.com
6 fonts.gstatic.com fonts.googleapis.com
5 ups.analytics.yahoo.com 5 redirects
5 pm.w55c.net 5 redirects
5 ads.stickyadstv.com www.controle.diarioceleste.com.br
ad.lkqd.net
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.controle.diarioceleste.com.br
4 ib.adnxs.com 2 redirects eb2.3lift.com
4 vpaid.pubmatic.com ad.lkqd.net
4 search.spotxchange.com ad.lkqd.net
4 googleads4.g.doubleclick.net www.controle.diarioceleste.com.br
googleads.g.doubleclick.net
4 pr-bh.ybp.yahoo.com 4 redirects
4 a.vidoomy.com www.controle.diarioceleste.com.br
ad.lkqd.net
4 sync-tm.everesttech.net 4 redirects
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
ib.3lift.com
www.controle.diarioceleste.com.br
4 www.googletagmanager.com www.controle.diarioceleste.com.br
tags.juicebarads.com
www.googletagmanager.com
www.autohaus-koenig.de
3 pixel.advertising.com 3 redirects
3 dclk-match.dotomi.com 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
3 sync.mathtag.com 3 redirects
3 ap.lijit.com 3 redirects
3 cms.quantserve.com 2 redirects 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
3 t.teads.tv www.controle.diarioceleste.com.br
3 cdn.onesignal.com www.controle.diarioceleste.com.br
cdn.onesignal.com
2 api.webgains.io analytics.webgains.io
2 rtb.mfadsrvr.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 s.amazon-adsystem.com 1 redirects eb2.3lift.com
2 tr.blismedia.com 1 redirects 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
2 r.turn.com 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
2 image6.pubmatic.com 2 redirects
2 vidoomy-d.openx.net ad.lkqd.net
2 aws-fr.bidswitch.net 2 redirects
2 www.autohaus-koenig.de 1 redirects as.ad4m.at
2 track.webgains.com as.ad4m.at
2 um.simpli.fi 2 redirects
2 rtb.openx.net 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
2 r.scoota.co 2 redirects
2 ads.creative-serving.com 2 redirects
2 www.awin1.com as.ad4m.at
2 www.lead-alliance.net 2 redirects
2 www.telefonica-partner.de 2 redirects
2 secure.adnxs.com 2 redirects
2 metrics.getrockerbox.com 1 redirects 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
2 static-de.ad4mat.net as.ad4m.at
2 pixel-sync.sitescout.com 2 redirects
2 sync.tidaltv.com 2 redirects
2 prod-rtb.ad4mat.net www.controle.diarioceleste.com.br
2 a.teads.tv tags.juicebarads.com
s8t.teads.tv
2 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 connect.facebook.net controle.diarioceleste.com.br
connect.facebook.net
2 fonts.googleapis.com www.controle.diarioceleste.com.br
1 sync.srv.stackadapt.com 1 redirects
1 sync.hgrtb.com 1 redirects
1 triplelift-match.dotomi.com eb2.3lift.com
1 b1sync.zemanta.com 1 redirects
1 c.bing.com eb2.3lift.com
1 px.ads.linkedin.com eb2.3lift.com
1 ad.mrtnsvr.com 1 redirects
1 analytics.webgains.io track.webgains.com
1 s.ad.smaato.net 1 redirects
1 campaign.mobility-ads.de 1 redirects
1 cm.adform.net googleads.g.doubleclick.net
1 ad.yieldlab.net googleads.g.doubleclick.net
1 s.tribalfusion.com www.controle.diarioceleste.com.br
1 a.tribalfusion.com 1 redirects
1 c1.adform.net 1 redirects
1 pixel.everesttech.net 1 redirects
1 portal.blau.de as.ad4m.at
1 partner.blau.de 1 redirects
1 portal.o2online.de as.ad4m.at
1 partner.o2online.de 1 redirects
1 ad.doubleclick.net www.googletagservices.com
1 odr.mookie1.com 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
1 de1-bid.adsrvr.org 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
1 choices.truste.com 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
1 stg.vidoomy.com www.controle.diarioceleste.com.br
1 gcm.ctnsnet.com 1 redirects
1 s8t.teads.tv a.teads.tv
1 ads.vidoomy.com tags.juicebarads.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 onesignal.com cdn.onesignal.com
1 stats.g.doubleclick.net www.google-analytics.com
1 ui.cleverwebserver.com www.controle.diarioceleste.com.br
1 pixel.wp.com www.controle.diarioceleste.com.br
1 www.diarioceleste.com.br www.controle.diarioceleste.com.br
1 diarioceleste.com.br 1 redirects
1 www.facebook.com www.controle.diarioceleste.com.br
1 scripts.cleverwebserver.com www.controle.diarioceleste.com.br
1 stats.wp.com www.controle.diarioceleste.com.br
1 tags.juicebarads.com www.controle.diarioceleste.com.br
1 www.controle.diarioceleste.com.br
0 google2waycm.netmng.com Failed 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
615 119
Subject Issuer Validity Valid
controle.diarioceleste.com.br
R3		 2022-01-04 -
2022-04-04		 3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-07 -
2022-07-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-10-13 -
2022-01-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-06 -
2022-09-05		 a year crt.sh
teads.tv
R3		 2022-01-03 -
2022-04-03		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2021-12-21 -
2022-03-21		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
ad.lkqd.net
R3		 2021-12-02 -
2022-03-02		 3 months crt.sh
ads.stickyadstv.com
DigiCert SHA2 Secure Server CA		 2021-09-19 -
2022-09-20		 a year crt.sh
*.truste.com
Amazon		 2021-02-16 -
2022-03-17		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.lkqd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-09 -
2022-07-14		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA		 2021-06-11 -
2022-06-16		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-20 -
2022-06-20		 a year crt.sh
autohaus-koenig.de
R3		 2021-12-17 -
2022-03-17		 3 months crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2021-12-23 -
2022-03-23		 3 months crt.sh
*.webgains.io
Amazon		 2021-03-12 -
2022-04-10		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-12-06 -
2022-06-06		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
*.trustarc.com
Go Daddy Secure Certificate Authority - G2		 2020-05-21 -
2022-07-17		 2 years crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh

This page contains 57 frames:

Primary Page: https://www.controle.diarioceleste.com.br/
Frame ID: 60A0C7557239D86BAA1916807128CAF0
Requests: 235 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Frame ID: 51ECF21E84873C6904570517633010BE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5822243610880583&output=html&adk=1812271804&adf=3025194257&lmt=1641262073&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641262073514&bpp=4&bdt=1320&idt=170&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2265409257296&frm=20&pv=2&ga_vid=1401732646.1641262073&ga_sid=1641262074&ga_hid=1269138336&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738&oid=2&pvsid=3369993781996694&pem=624&tmod=936&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=198
Frame ID: 9060E698AA5BA95BB630B33E5172591E
Requests: 1 HTTP requests in this frame

Frame: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DB129E4761D6EDA7C149E23237ED81BB
Requests: 1 HTTP requests in this frame

Frame: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B9F1CB24C6C165AD5C6DFAC1BB9A4C41
Requests: 17 HTTP requests in this frame

Frame: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EC8D7854E1DE36231672684B30B0320D
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jxrs5bypcqwzchf8k6m8d9erqz982t79v0chf5k1xw1qmm512x0gskk1587e0neb809bc9wfm7nc5xnr6dg9k03grs9pgh3fksxsqfs7j0dxw6kzzdqqn7pr0phcybkw3sav32kcz1q58xt1gjzn3v2e7wg7rmdxck18xfvxh9264vkpm1t35teem6xrncvamjrdrd4c333x457b53z2srf5216pm7k984t6yhhb1n7cwd97631y696278vfm850fn9gy87kwjtd5n68mq57ageqgkkfycapkeb3hpccajcyn6g997sy1appy15r12h1xyh3cqkekm35h1hd3b7wfe49kkvpsce0zhwjv62kwz49c9szfa0xma4nyh7j2qryvdez5qgs4ctgqrmz9v97bpsw8atjhhdsag1b0f47fse70a4qg6g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChkey-qvTYcG2J5KNrASbsqfoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjg0NTQ2MzQzODE1Mzc4MqABwq7o3QPIAQmpAn3D1gNt87I-4AIAqAMBqgSOAk_QdMsKkNlP62r71UaQVEM5-xb50owAFwwokFUHJKD0LohOxQwlE1jRIhCy68kgpqrNNRCOKHQjxxMuroBeUNx3vjRm5ofD5W1BQxxVvvkRJWdiGvESjPqEvZLmzE-N1he6josW4rGMWJ1u7Kf5Zp5W1Ps2IE-hFDtQIw8eWkuaJoqWd_9-qt3xaGZ8DVpP4ELQ56gDRa3xJ769hFaar1nyJ3JkdtqTehui0Y8_79XtxjkxODkhm-Din8iYJqbPWQJRFQcU0ZPlb4CHhP8kKv9uJt_giRDri25giElI_IQujkFSsup0fdFUNU4WBmo-Vkqd1yextLUPQLgEV78LeOBIjTClN78XKieOeo8meuAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1mVrDZAEscS7wbMYVYS9xIhkeR8w%26client%3Dca-pub-2845463438153782%26adurl%3D
Frame ID: CC63554A50F61CAED8E30944091FDF64
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 071035E33357131C362F937B9D081F24
Requests: 9 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: E96D78435D5FB1635E6BE6D7A04542CE
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 2F0D29DF50CD570DD27B418A4B390E47
Requests: 2 HTTP requests in this frame

Frame: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Frame ID: F2057CD5974BE00EDE962AC0F72F9448
Requests: 1 HTTP requests in this frame

Frame: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4661937D42B00E490DE6CBCD642826B1
Requests: 23 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: BF6836ADD5C08B7946439816D7D8CCBC
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 6D28EF34E8F7174B5EE4D5CABC308947
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: F9CBA3EE6B728D0C9DC23614B815073A
Requests: 6 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=KnVRbz8jl9YEznYcSjwwJZ72HxHdabap&g=5bc50ccaebb373c29b2fc6635011914a%2F1482311458844485650&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1641262075163&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jm5g0ta65vpqrwxh5rjcbc330gnn6z81bhbxkem596r7w3kqr7p3v4pvv0m51q8w2wqk60zd1htrvgswrntnzcef2kq48xaekpy8s1rszs835c6rj71qgdzm5n3e6gnbxs9rq52sdb71f0tj766yebhs1chj7aaj6pwz2bdmwfsgr3dtq31gpw0cp63ha2meamvzhbkfhf9zqe98mnknqs8hp52v24zq0pk51bra1w4yw1p7xht7fwttjb7jkj1j5r91n28chj6vb62gqz0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChkey-qvTYcG2J5KNrASbsqfoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjg0NTQ2MzQzODE1Mzc4MqABwq7o3QPIAQmpAn3D1gNt87I-4AIAqAMBqgSOAk_QdMsKkNlP62r71UaQVEM5-xb50owAFwwokFUHJKD0LohOxQwlE1jRIhCy68kgpqrNNRCOKHQjxxMuroBeUNx3vjRm5ofD5W1BQxxVvvkRJWdiGvESjPqEvZLmzE-N1he6josW4rGMWJ1u7Kf5Zp5W1Ps2IE-hFDtQIw8eWkuaJoqWd_9-qt3xaGZ8DVpP4ELQ56gDRa3xJ769hFaar1nyJ3JkdtqTehui0Y8_79XtxjkxODkhm-Din8iYJqbPWQJRFQcU0ZPlb4CHhP8kKv9uJt_giRDri25giElI_IQujkFSsup0fdFUNU4WBmo-Vkqd1yextLUPQLgEV78LeOBIjTClN78XKieOeo8meuAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1mVrDZAEscS7wbMYVYS9xIhkeR8w%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Frame ID: 2D044355FA167284F1177339A7E8D179
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4D83499F24CEB028ADAF6815D413AE5A
Requests: 9 HTTP requests in this frame

Frame: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2F67C629E706B63BAE34D8C468BB2CEF
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kgd2fn8tnkc21nyk7r6zb8w4qfngfd9c1f3vg6j3w7wzb7rd8xcsfy8krdz3dk6s0fgg0amfc15sarh7a7rf1yzxg0f9sfjrq6n262tz6amh5gk2zt87rqa5zs0qjrkgrh9jcemapr3egq0renc3tpje9z1dz8jzv2ys043v16vv38b6hc979w2cpb29bccx10ajs6xg06vwz4x0r98hkc6s66wrq27scj2sasdw34jq4rvkny52f7knwbhr9pv1vwrqsnzb3bj6ayf0bm21b3010353t5gr49bh99h9w468agn4d0d2x44q9aq857aqbk16qyzr96w4nmqh332r3a1zqz3j7eahvt3g0w9jsp84tyjvwjtr7qcqbpewq862hj2c10gtzs4x5b4ps63jv5tykb8atwhf03qfg06dvqfg2gdnqc0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAwtX-qvTYaKePMmMjuwP1J6gmA2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODKgAcKu6N0DyAEJqQJ9w9YDbfOyPuACAKgDAaoEjgJP0IUXK6aA44QNVbXIihgdZxPiq9xv4vpdQL5hNNZSsGa9GCJIcHnezFpd-l7p_bxxmqnzzRlb6mJuVOYrWV8M7DsfhNtZ-wTPSMxZVnQIZm7xu5nP5lir5UUM88z0lEEWEYA89goC8YtfPlk23M6at_zsDr8ikA7tHVCH3UC7OCo1-gxKmhVjWzDS7qYhQRciXs-z8w071Pv2QlXhPGY43lR7SuUs9-zvcC0sDeLfcRhniQovPUj38jtIEfp_YpqToBCbrEuxThk63mLB0DjSWZoRHKO8rLhUBGN3TM5m09QMKtiXbDgJZB_-ImdR9JlIdu1wfdD24kOGGGv1F_SCkfcuNOEBciuM82rWITPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Rnk9uyla3lYMfMR0VcR5Dvy-7BA%26client%3Dca-pub-2845463438153782%26adurl%3D
Frame ID: FD70E9236BCB7EC5BA288651DCA23BE9
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 059798BD1562F298A286F93EA92BF3FE
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D4F55D6FEB3AA2C9B42962FF94FD06BC
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
Frame ID: 8D4E5967CD38E2F8AECF20B5E17B7D42
Requests: 25 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: C2EEE6454AE10AA9850E85986837BBE3
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 5504ED5AEFDB9DE433C1BDD9EB4CD40C
Requests: 2 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: D6E7028F5E419290B722A769FA12880E
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 9DD9C31985BF445F92CD35852719A26F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9BBF36FF5EC101E940BFC8B973395825
Requests: 9 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 2189406AEEBD49697CABA1B5C5C6948E
Requests: 6 HTTP requests in this frame

Frame: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5E8FDF924C6B76FA576E8832EC40A541
Requests: 19 HTTP requests in this frame

Frame: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 58407F0B93E4DD2D27669C321ED00877
Requests: 18 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: B24510BBD34C977EAA6B6353472088D9
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=56666%2C22472%2C14044&b=4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK%2CB57hgfW7sEkPTxH6H3t9t31GF4TeTGBUM&f=rDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd%2Cj83uEfZeSJEmTYHEH2tWCgmBuKTzTxJc9&c=728&d=90&e=KnVRbz8jl9YEznYcSjwwJZ72HxHdabap&g=caaffbd9786bdebbb9df2235e56e7848%2F3134790401295411739&i=22427%2C27323%2C25007&j=21%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1641262075795&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbp60ggmka43nh9mtdzzvjaza838cs8sp7qqy2jzqjdv3ndjbn9xkhmsggd6e8s8j5gxa8bamc7aazr6tgc8w911b3hxvzj7eq52am0mmz4azkqjek5ksvnaa69yx5e0b41cm9997vy5djgmtpsk8m3b3pkbqmrwke6kgs4wg06fkmvrjwa2e3ztp4xgq15x9b9jqznqrez32vr9jbt5tx67j3s137p1jgsj10apy9thgzknrmxs585eawqy14km0q4858t3mvqe83w1xgg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCAwtX-qvTYaKePMmMjuwP1J6gmA2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODKgAcKu6N0DyAEJqQJ9w9YDbfOyPuACAKgDAaoEjgJP0IUXK6aA44QNVbXIihgdZxPiq9xv4vpdQL5hNNZSsGa9GCJIcHnezFpd-l7p_bxxmqnzzRlb6mJuVOYrWV8M7DsfhNtZ-wTPSMxZVnQIZm7xu5nP5lir5UUM88z0lEEWEYA89goC8YtfPlk23M6at_zsDr8ikA7tHVCH3UC7OCo1-gxKmhVjWzDS7qYhQRciXs-z8w071Pv2QlXhPGY43lR7SuUs9-zvcC0sDeLfcRhniQovPUj38jtIEfp_YpqToBCbrEuxThk63mLB0DjSWZoRHKO8rLhUBGN3TM5m09QMKtiXbDgJZB_-ImdR9JlIdu1wfdD24kOGGGv1F_SCkfcuNOEBciuM82rWITPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2Rnk9uyla3lYMfMR0VcR5Dvy-7BA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Frame ID: AAAD70A90D3AE98348DB574BE1E0B921
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
Frame ID: 0AEB1FCFB196137D2EAD92D170F6769E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E85C129AA062E8252F351E366208CE2A
Requests: 9 HTTP requests in this frame

Frame: data://truncated
Frame ID: D0CE5C412C082C4BCF693202229C603E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHR6uYCEMHGmI0DGOTo5b4BMAE&v=APEucNUzRuzmFjj1G_UbW5DCuCSUFoIXkL41sPDsNC4-W9Apn1T6P7fQE-kmQBNdUenz3-hRa_cAses6yyo3PNP_Z7uUU32dwVlLbYylH3JQq54QZxU5AX3ZXO4g5HCB8mpUhl10BOKRJHDDc99l6XsJqI0JuB1yv6YZLTxxZ0-KOcFbUIPDVe8
Frame ID: 9B1860F20CAD4AD5D4E140D0EB9D6852
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_V_pcrBp7JHbBiqZBNPanXO9ft1RXnSqR4by2J1ZbgNkUXtXu4_sGa62tuqOd2Prer8Xfzgbo1b_r0D3VGRdHTl6o37QedasWYxgFRj2DT_hpUK8ipQG0lyMbF12mCaNzglZ5opC3pjXrj70Rxhyfc4aang&cry=1&dbm_d=AKAmf-AalB1F_zaAZwpj3l3zKB3N70tz8lXQ_M9mm0j6BTAfw6TtihfRwyBsEUBirCkSJOJ4eItjCqQgElYSta1zLI8qGCafN3Cnl6arabNjREnq_Dd3u0T0t43IYlSdUTAznaZCxNQYVvPiPwLvgesxk8dRZLcpgQm-2Se5d2RLPHMHA2uulWt39y7qO6ae7-VLzm1QAiwDTYLqS99oa03QicdIozXr3uh4ntrNYmYt00rUaHZembc0iC7D8C1ny6ZTh6RtXUniHFtH7vd8bIbcMMoUE8NLqlGf_UtJ2y4N4XZg9kA5GVU9gEC4QuRIummNdgnrMeVtXdkc_-yzmVQsBh3eP_DKAPNmSuZE0dS8DVemmWh0I1dI3BKEsWGZSNbmO8c1wLeX5jmJvYSAZ3hOHOaZ3509-PbYLsfPTn5rloqXbWfh7XH9FQO5pSVrzvTRVihX2-FaQlMFcw_ysbUchV6UIVT2ZcOF0CpyHPmWP8DD4li7mrmr5weamEmUwx-ctdUVdIXmMTJRaTIafbYfQ0svJ810lCi0YdDc9iNYhcQ4QatD5nNjakJGL5LuBYClN1Yjez6uiXgOimjtvz_g8JeI1FuGWwTCEPsZa0b0Sk93X5FBjOk-ItopdmsGfAoXxMQehdt2y3j4UdI0HmSIoQTS81uZxb8SrzrSeftuSXcFsUwApwYzsTu8sCgMcjkzqQZFXCQnWQOm_bHBDMQ2jJHW8hQoUc6hmZsep7oyt8-xMgyzxVK7G9faKnHoGBC84UFKDS2RjH63f5TF1QyE9FxDuV3UGxZ5iy11x0URsVOZdMlVmGrPwsiVA1w9dJ2_SzLezj4dNpiQOADuLWS8BIz645p56qxRGZBGW4uKYJ6Gkv_pONI1t82usd1ZBkY-Vtl08CFt82BBTEpH-O_up3yfgidKegIiZVn9p7VIl_gxF8xUxR-UzpqCnS65mqc4Uvy4aFWW_fKdTjhxjhPBi8dYC3d5pLDLbkz1yXK2tvcD4cPv7Oa8BtoQlw4JesTekKq9ulXKsQnPCcH_A_wQ9cX0myG86iKORn62bsAWhM3tLNFPUGLCg3iBwg_BbkDio6Cb0l1xG9gDJnzTiFVErtUCPQmoeu6ubJNKaqsSlwIZxFJdVfdgzrNNT-cBEhO76ouZMEVymdb7Ft2GxtgMtcBenMH-cw-r99rF2-MVF6xLwYgULkUWKQ6-ysxeKm8STfDtHIlH5kflwqhIqESZLstpF1EK4fMIeEbCpVDwa3H1ZVKhbgbCDt-M0M77idZxdznSvwQ8wyD5Stg1dfq28dC5Sf16EBjr5iG00U2R4kSs48evgSKXii6MEFkEn0AZ2tTLjeLuAGuKms_zm49TFgYgFYV2HPoqsL_6n-B5P0oLv1wuBJiw7A5EUMrhJ9YwlRxFH2P_s_r2dcxodMz8qyhBS0wPKT0htXGM-3whtXF093SgRs1Ekn8vzfwbE3wcYm6c4NnFhnzOOgtfp7oUZa09WirGDnpdyeVH5azX-sxsJ1okeA_sID43qhqMQTfLPpijlaQwLOXdfhYBjVsI2sz7jfgtZCL0Yqm33EYqIXNdRtn9xsSsTmQ4RLyFedQwda35VKpS5KMjcfm-KbmvwaE3PAoMOnMdpn7iHncZLjQcWgQ6Lg-MUFI7XTot3Sbd43UMpJlQc2ZL9hLTGNJypCJmMaGVwW276n8f1AGTBVeLHAb5OnzS6m3wbponLahHIx4vy4D-xe7XyrPtomcpzxnqyL54FN_XKKnXWDcxKcijh2ITVvI8-ush4JcNyg0Dr72XQSEWCpo6MiqnywYRCBdZrIX3tv-B9vAvLBgcSJ63wGXsnXZ6cvqPsP61HUUfpIx-DwbCcVujLoRHAmBl7DfWeMT408WWXQjmf6-ne8esqczR8iiAqlqAKnlOH9rCPoaWpRFRnDRAD6FlyVA1eOTHV_uhlwyrbQvwTcjOPOFGLdDkobUmEpFItmrtkpSr26L1B6MNadvZDYY4vTUI6HgIlih4GhMm9j2yi6fk5t3UM4L5x0tZkb2eCy32BTG7OAx37ug-u-4u3rCHoYDV6J_6huxhLXQmZtVPk9IABYAk7zWbxYWmcgfqd9Xct-vAZBf_PL70SFl0qtRTwAdOOyMurQHGCv65GUPWQfi2yx2UDJ-8h7H4qTyCIjzhcMecM_XGQhuHW7L1JEMjihMudRFTKfEIyYKUm1l_UO4ObIoJvMZf7OrJWBl13MHmgYGPwo6Al6PPeIcUqa3SkFfZOqK8jV43O14ziyW-ut9Ew4BSjLyn6W3rY-HFsSnSSeNzOoIvQDl6K26HJjbJeotDVUO6iONW8_XRb1gIzLc1mB_maX64FGkM2azT588rTt49w15j9KKwz-kiAPcWMbyLEtcoHilHpSbW6WXTkaXiZFaW56T18k_LSiCiCKQwrZgZ-Xi3dSKJdembPxIal50L19DXWRCpUfuPWPCqXnrHdi744z2UCkCmb-PuGOkvt-aWkJR7htUzhusJrer3VOuZ5F5RrWMn47BlUH_kucbu3Xp6d1gKZ0BTOL_RSiGWUZTQrI6woczwqFrxcvQF53XxOAQfkNot_B-mafyMLBUpvhQesBS1vzuq676YfWOzQHIdGNloG3SKtzaIucyIVSgqQBSmBHkVW-wC5S8XemokLE-QAY87oYoB3vyLHaz3LE6Z98e4KZ39mGTDVx3lD9gDFanUdVB4L2dpOBPlL0s0N3ptZLdfW-SwswtzTmd4j9VEUbPRVGEZ4lExgbaP6MSm214IqcYSIlJxtIcusQq1Gar0EuVFaMoTSbNQx7srYUIGDZ7s2VwhWItvrR_pdOjmaK_p2IY8-nF99HWaLrziUfDljV7BMfruDtrIMGuRQr1ZIk0IB44V9csQU6J15TyoN1ALoij0LtvEEuQq1FsHUgsKQeopRC4qEJ5EeVt7ZXJAyTIRnChYSi7xpDdqfHkd0REmmrWUFTbBs_nliOkpH0A4qGq_CJ-ogIX4TVJYF8pDkp3syeSazzwEIPwhWz44rtJzZQ-Eg-D1SsFuupUDKUqxlZ2X44H5NUIq2kW_cBcQDqLB65lhUQ95LMYyPZuikHJlG8UO0-XQwwDF4vz081R5VNJKfnlNztv7cSsvnpd4W6Dsa0VSFym--_V_tZRao910nuIA0g&pr=96:0.062&cid=CAASBORogG4&xfc=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3DJuiceBarAds_SHA_RON_EB_HDX%26aid%3D47677051723035161120%26rev%3Dc0c4269%26ss%3D5%26bc%3D0.062%26pr%3DYdOr-wAC3j8Hg4LVAApolSQF2pNwtVan8TNb9Q%26brid%3D168917%26bmid%3D5989%26biid%3D6021%26bcud%3D62%26sid%3D142837%26ts%3D1641262075%26caid%3D0%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D60829%26rdir%3D&rfl=2%2Chttps%253A%252F%252Fwww.controle.diarioceleste.com.br%252F%240
Frame ID: 86ABB84F3EB92D7511C59FF25C163DCA
Requests: 10 HTTP requests in this frame

Frame: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 88668269D7E9D3CA24AA1F1CFC536B1C
Requests: 23 HTTP requests in this frame

Frame: https://www.autohaus-koenig.de/htlp/?coyotetrackingid=483566946
Frame ID: 78CBD9DE6D199689B8C803389F6F855A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8D0625D7B4A1465CAE2CABFF1665A9F4
Requests: 3 HTTP requests in this frame

Frame: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 12A9EA65EE5FA223155E3A44EBB7296E
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 06089388A0608C882453E0F9BCB80127
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D0FFEE699E3ECD0273F91E0B417C9772
Requests: 9 HTTP requests in this frame

Frame: data://truncated
Frame ID: 0545F664F42378175F546622C5F8F57A
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=52121887;rtbwp=0.05778-oLXRwAwHMq-irB7MNufUbuOsfis-yQcy0;rtbdata=2YxAY0WAPhb9bTdFbXjHIilwj3W__cFjJT1Z4Xt8je6Kmj3iR651e0KlUVRIefAePSMDQbIenuxhNyorT08VLdTxQuBcys3GOvhk9rjteZeT4ikbpymT6GKqHA4KRUlqTT3a49TMOD13_r0iKtiJjMavZnGsv4TcTO2ILPQaxpWpzAsQ_Swzv7hq0E4gBh3vCX-3tzGqmdTS0LRdLK0ZAATDctcH2QbecBi0W-VH5Rg3R6Yx3QD3bTb_119wm4vv0x3B-KWmWKSAiMRMx8y_nw2;OOBClickTrack=
Frame ID: 3C61CF6BF9FB216F586FF0B0A05D94F1
Requests: 6 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=10004&ld=1
Frame ID: 1665719F4023C41BB9966E9CE43B1657
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 274F4CE6A0A7D54BB28B196EFA16F296
Requests: 9 HTTP requests in this frame

Frame: data://truncated
Frame ID: EE5FE3D605AD66323CBF8A63EC41EF7F
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=51750730;rtbwp=0.06741-0dP11m5FSngPOLOUwRTDfbIPKv01adQy0;rtbdata=YyqrLJEYr-jsoKEwUKRyovlgeHiGGJ_ew4YzOb4p1A10EboH77V5F0t6cVckA6yaPSMDQbIenuxhNyorT08VLdTxQuBcys3GOvhk9rjteZeT4ikbpymT6GKqHA4KRUlqTT3a49TMOD13_r0iKtiJjMavZnGsv4TcTO2ILPQaxpWpzAsQ_Swzv7hq0E4gBh3vIdcT4zbrTn7S50APILNxHfWRaRip_E4LZ8ae_TYZFRrXPRQWRw2PMWhFsPeI52QudzxMjyqqe5u--Ts_ibrZrw2;OOBClickTrack=
Frame ID: 8743B01AACC1958AFD6FDECE67E1325C
Requests: 6 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=16588
Frame ID: B5C286B1D9A7886662BDB014A66E6272
Requests: 7 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=79825
Frame ID: 75C4E36318B5B6E3570D84B2F8ABE884
Requests: 10 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: BCAB11DA341E7AB27451C1281C4C1CC6
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 684E85D3E5E904140316AD8380407E78
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8C9DE32D3905F439C0210BD0EC0FF070
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C911D4CE664F01683F48A7CDA509EB2F
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: F9D138843726CD491CC4E9497BFC4B22
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: AB4429B9CE27A3D68590A7B97B72559A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cruzeiro - Diário Celeste

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • <link[^>]+s\d+\.wp\.com
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • dataTables.*\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • sweet(?:-)?alert(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

615
Requests

84 %
HTTPS

32 %
IPv6

74
Domains

119
Subdomains

76
IPs

9
Countries

6653 kB
Transfer

14959 kB
Size

91
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 154
  • https://diarioceleste.com.br/wp-content/uploads/2021/01/footer_bg.jpg HTTP 301
  • https://www.diarioceleste.com.br/wp-content/uploads/2021/01/footer_bg.jpg
Request Chain 215
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESELAtTu2fUvxDf0Mtc2eHtrA&google_cver=1&google_push=AYg5qPK2XqSAkA5uxk0CpOA6c4Hd5Ht2KIhBDSX0SyYxauY-EOZxifR7x-R-3xIAN40cFA6IwA9u3xVwOdH5M3GpPM_Y3Amohnk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELAtTu2fUvxDf0Mtc2eHtrA&google_push=AYg5qPK2XqSAkA5uxk0CpOA6c4Hd5Ht2KIhBDSX0SyYxauY-EOZxifR7x-R-3xIAN40cFA6IwA9u3xVwOdH5M3GpPM_Y3Amohnk
Request Chain 216
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEJ_j-1CI63PKiDEwk5CcOkM&google_cver=1&google_push=AYg5qPInCz3DvBZceDKkQYQ9Ly8SFFWlxxxRCSNgU8NOrinWwKV-0fPABPhzR545yyYHDFjZ4cWF-ijRfdEz1zE1hr1NjX5Su0U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPInCz3DvBZceDKkQYQ9Ly8SFFWlxxxRCSNgU8NOrinWwKV-0fPABPhzR545yyYHDFjZ4cWF-ijRfdEz1zE1hr1NjX5Su0U&google_hm=pqnhlykbTVmHAEs7a80pups
Request Chain 217
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEILpMkVf9G3Z16P67M5tMh4&google_cver=1&google_push=AYg5qPJR2Bb0jqRX9o6gb9HY6rC_HBwzGtT-rRS-1hUczsrKOd2ecxam0vIkrTQrYppWWKFYBZZg_6uYSWDT40moYultX1ZpbdE HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEILpMkVf9G3Z16P67M5tMh4&google_cver=1&google_push=AYg5qPJR2Bb0jqRX9o6gb9HY6rC_HBwzGtT-rRS-1hUczsrKOd2ecxam0vIkrTQrYppWWKFYBZZg_6uYSWDT40moYultX1ZpbdE&s_h=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=2Zqk0Z9dTsm4V98AVfGlGw&gdpr=1&gdpr_consent=
Request Chain 218
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOW8tWPtnt4RcQ0mS-MRAJU&google_cver=1&google_push=AYg5qPIMVluwtEOin_BumSDGlYphfQvNG8j2v67OzafYaJ7SH4J7QUUzbzxtY4swtdJCc99B-vCz06j6q8AxuQu0eZe6_H3FGA HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOW8tWPtnt4RcQ0mS-MRAJU&google_cver=1&google_push=AYg5qPIMVluwtEOin_BumSDGlYphfQvNG8j2v67OzafYaJ7SH4J7QUUzbzxtY4swtdJCc99B-vCz06j6q8AxuQu0eZe6_H3FGA&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIMVluwtEOin_BumSDGlYphfQvNG8j2v67OzafYaJ7SH4J7QUUzbzxtY4swtdJCc99B-vCz06j6q8AxuQu0eZe6_H3FGA&google_hm=4d88f5e3d9490238d1719b98
Request Chain 219
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEIEA47uGi40R0BR42GUJvLc&google_cver=1&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M
Request Chain 220
  • https://match.360yield.com/match/ebda?google_gid=CAESEDdbef6mHJHBlpMpdrVRDnM&google_cver=1&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmhQVVgJa36ropE HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEDdbef6mHJHBlpMpdrVRDnM&google_cver=1&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmhQVVgJa36ropE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmhQVVgJa36ropE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmhQVVgJa36ropE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmhQVVgJa36ropE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmhQVVgJa36ropE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmhQVVgJa36ropE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmhQVVgJa36ropE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmhQVVgJa36ropE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmhQVVgJa36ropE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmhQVVgJa36ropE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmhQVVgJa36ropE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmhQVVgJa36ropE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmhQVVgJa36ropE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmhQVVgJa36ropE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmhQVVgJa36ropE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmhQVVgJa36ropE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmhQVVgJa36ropE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmhQVVgJa36ropE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmhQVVgJa36ropE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmhQVVgJa36ropE
Request Chain 226
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Request Chain 227
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=594107061.8783061414939732.1004869 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=594107061.8783061414939732.1004869 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dvidoomy%26bsw_param%3D0caf0677-c490-439a-9f76-c1bb9d219461&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=b1c861d3-abfb-4f00-82ea-782ebbdf8fa7&expires=30&ssp=vidoomy&bsw_param=0caf0677-c490-439a-9f76-c1bb9d219461&gdpr=&gdpr_consent= HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=0caf0677-c490-439a-9f76-c1bb9d219461
Request Chain 242
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mookie-ps&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=mookie-ps&ttd_tpi=1 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_2087&src.visitorId=3e0b6a2f-88ed-4487-a221-34631cbb3ff3&gdpr=1&gdpr_consent=
Request Chain 243
  • https://metrics.getrockerbox.com/track/v4?source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=r9vak6v&tier_three=5llqzru&tier_four=cx40n3a0 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmetrics.getrockerbox.com%2Ftrack%2Fv4%3Fuid%3D%24UID%26source%3Dweight_watchers_subscription_germany%26tier_one%3Dttd-display%26tier_two%3Dr9vak6v%26tier_three%3D5llqzru%26tier_four%3Dcx40n3a0%26uid_ts%3D1641262075 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmetrics.getrockerbox.com%252Ftrack%252Fv4%253Fuid%253D%2524UID%2526source%253Dweight_watchers_subscription_germany%2526tier_one%253Dttd-display%2526tier_two%253Dr9vak6v%2526tier_three%253D5llqzru%2526tier_four%253Dcx40n3a0%2526uid_ts%253D1641262075 HTTP 302
  • https://metrics.getrockerbox.com/track/v4?uid=632072906110587084&source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=r9vak6v&tier_three=5llqzru&tier_four=cx40n3a0&uid_ts=1641262075
Request Chain 259
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7707125068487444624
Request Chain 266
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4392194267766048912
Request Chain 270
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidKnVRbz8jl9YEznYcSjwwJZ72HxHdabapasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidKnVRbz8jl9YEznYcSjwwJZ72HxHdabapasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022010403075561436752943X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidKnVRbz8jl9YEznYcSjwwJZ72HxHdabapasuid__suite_Netmix_Reach13_BlackFridayPush&spid=2022010403075561436752943X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidKnVRbz8jl9YEznYcSjwwJZ72HxHdabapasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211 HTTP 302
  • https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022010403075561436752943X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidKnVRbz8jl9YEznYcSjwwJZ72HxHdabapasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&ratenzahlung=24
Request Chain 273
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuidKnVRbz8jl9YEznYcSjwwJZ72HxHdabapasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuidKnVRbz8jl9YEznYcSjwwJZ72HxHdabapasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022010403075561436752941X113752V1225131106MSoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuidKnVRbz8jl9YEznYcSjwwJZ72HxHdabapasuid__suite_Netmix_Reach13_BlackFridayPush HTTP 302
  • https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022010403075561436752941X113752V1225131106MSoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuidKnVRbz8jl9YEznYcSjwwJZ72HxHdabapasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=113752
Request Chain 279
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGWAOgbFUFw7Ze6OZefLvTk&google_cver=1&google_push=AYg5qPKv_HGOm3n0F1h15dayFKZwKcvyh9WilprHZGZF5UtIP7fAjwAgEn4oyD24r597ycvjv6t-yidsl4azhKgapmnAPWklaJk HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKv_HGOm3n0F1h15dayFKZwKcvyh9WilprHZGZF5UtIP7fAjwAgEn4oyD24r597ycvjv6t-yidsl4azhKgapmnAPWklaJk&google_hm=D-CkpedODO9EuwWmJDGBUg
Request Chain 280
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPI2pUGBDoZ57LQK8mvNpvOmAbU2m92wfHWpaB0ThfCB2Hm9DuZ_hriWjXMC1-gz_FzS5gUb_YfeZi3aS0mP3n_SsCTqVB8&google_gid=CAESEAhigaraAIqollIfrkXoN3w&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWRPcl93QUM4WERvaEFBbQ&google_push=AYg5qPI2pUGBDoZ57LQK8mvNpvOmAbU2m92wfHWpaB0ThfCB2Hm9DuZ_hriWjXMC1-gz_FzS5gUb_YfeZi3aS0mP3n_SsCTqVB8
Request Chain 282
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEK7BxIXGc8sgL9ZtyIAyr6I&google_cver=1&google_push=AYg5qPI7Vn2Wjq3QHNBmIBaZBqiFSiMjzKVuVD2ZEnhESw7Rh9XKmpDCAsuFtirLxA7er4iA8YWl5aweQvEHeaha1DNUNMMHfCM HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=0caf0677-c490-439a-9f76-c1bb9d219461 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=0caf0677-c490-439a-9f76-c1bb9d219461 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=bae2a8fa-da16-48f3-a8ee-ee897fba81ab&ssp=google&expires=30&user_group=5&bsw_param=0caf0677-c490-439a-9f76-c1bb9d219461 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPI7Vn2Wjq3QHNBmIBaZBqiFSiMjzKVuVD2ZEnhESw7Rh9XKmpDCAsuFtirLxA7er4iA8YWl5aweQvEHeaha1DNUNMMHfCM&google_hm=DK8Gd8SQQ5qfdsG7nSGUYQ==
Request Chain 283
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOs9rsBjb80GiAOwxUSpNX8&google_cver=1&google_push=AYg5qPJbPwZ145AbaDQhuaE5gvB0jQTOtIEmwTQHFEA6BBm1anNSOkVDe-MpK3R5Imu2lmtJ4cSv1Bd4LsvDOYgkTZSGDyvp5A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJbPwZ145AbaDQhuaE5gvB0jQTOtIEmwTQHFEA6BBm1anNSOkVDe-MpK3R5Imu2lmtJ4cSv1Bd4LsvDOYgkTZSGDyvp5A&google_hm=NTgxNjY2NDc0MzA4NjY5NDY0NQ%3D%3D
Request Chain 284
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPxgeFUyzaj-InooH0HO3sg&google_cver=1&google_push=AYg5qPINux10U7p4xZH7m-K4e0zcgDRlakIRSIAAMr173MVMxO1QfoTiD9wCWLgFr429RwZSJTu-PYSen6SvoNoYdkcTE0y2NTM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY2NzYxMzkwNDg2NjM2NDc0Mw&google_push=AYg5qPINux10U7p4xZH7m-K4e0zcgDRlakIRSIAAMr173MVMxO1QfoTiD9wCWLgFr429RwZSJTu-PYSen6SvoNoYdkcTE0y2NTM
Request Chain 305
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPWjoJZxtnJFsS1ijSf4kpM&google_cver=1&google_push=AYg5qPKGpHS3RdocZOrGImPQyUDTQhnaSgoEWs21-DdfrU3ekAneCwl4FJfA1prJ75KllDnkj8Nv-neBbR6tVr71xWJfkGVjQLdN HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPWjoJZxtnJFsS1ijSf4kpM&google_cver=1&google_push=AYg5qPKGpHS3RdocZOrGImPQyUDTQhnaSgoEWs21-DdfrU3ekAneCwl4FJfA1prJ75KllDnkj8Nv-neBbR6tVr71xWJfkGVjQLdN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=REpaam5rS3YxTjR6ZVg1&google_gid=CAESEPWjoJZxtnJFsS1ijSf4kpM&google_cver=1&google_push=AYg5qPKGpHS3RdocZOrGImPQyUDTQhnaSgoEWs21-DdfrU3ekAneCwl4FJfA1prJ75KllDnkj8Nv-neBbR6tVr71xWJfkGVjQLdN
Request Chain 306
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDSuoW59ThW28AOm5jEVr88&google_cver=1&google_push=AYg5qPIrawI08h7qZPxJRAXfC3oJCaGcoZT7Xn9gILjUgRk9jS-DfuP9DcKb60fXtOxPOQXsdYeCTfgbm9Zz8PbCmKa0WN0ag8xZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=schh06v7TwCC6nguu9-Ppw&google_push=AYg5qPIrawI08h7qZPxJRAXfC3oJCaGcoZT7Xn9gILjUgRk9jS-DfuP9DcKb60fXtOxPOQXsdYeCTfgbm9Zz8PbCmKa0WN0ag8xZ
Request Chain 307
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEK_E9IMwekTWl60CiK7bdQ8&google_cver=1&google_push=AYg5qPK3vflEbZiYE96o63jc8QcNSz7DVp-vAA57mUU-IrOuax7FDrgoB4fsdAeY28TaKJJyytGujLO4yXAzPtcNS-xY1zDBVG7x HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WWRPcl93QUM4WERvaEFBbQ==&google_gid=CAESEK_E9IMwekTWl60CiK7bdQ8&google_cver=1&google_push=AYg5qPK3vflEbZiYE96o63jc8QcNSz7DVp-vAA57mUU-IrOuax7FDrgoB4fsdAeY28TaKJJyytGujLO4yXAzPtcNS-xY1zDBVG7x
Request Chain 308
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELNoLEW5qCEmqljkVanrVS0&google_cver=1&google_push=AYg5qPLPfZU0XK6Xfjp7dniRyqnvx233mpgD2REk_U02ko-veXalv3aKd70EW4xavYqxzmZ8KrxXfJ1hYFmCx_zpAeXCffjgmas HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=8c849103-308a-4972-86bf-6d198c4911e8&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=DK8Gd8SQQ5qfdsG7nSGUYQ== HTTP 302
  • https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEKNMQVWc2bjRhv8HJPzIVMg&google_cver=1
Request Chain 310
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKBcVu_u2c4BE0C4NiPbd6w&google_cver=1&google_push=AYg5qPJzKrgbxV6EgCs7KL8kGtS8BCEN6yk0yBj4s4Qo-HD5z1_F-cyoV77cmz2P90K4YPG3m5t-25DIqOHDBXaEfXLLZJ7fhYCq HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPJzKrgbxV6EgCs7KL8kGtS8BCEN6yk0yBj4s4Qo-HD5z1_F-cyoV77cmz2P90K4YPG3m5t-25DIqOHDBXaEfXLLZJ7fhYCq&google_hm=4d88f5e3d9490238d1719b98
Request Chain 311
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEPPi1-Uod2jiuKvHDP9Qetg&google_cver=1&google_push=AYg5qPKc5ArNvYV5njkXA1tJSntftaFnKeNmJe6AmJqWLnqlR4dgCAO86xaW9xusbnrub4aisMjKdPKYKIseiBwNcGwZni5Bo-ukxA HTTP 302
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEPPi1-Uod2jiuKvHDP9Qetg&google_cver=1&google_push=AYg5qPKc5ArNvYV5njkXA1tJSntftaFnKeNmJe6AmJqWLnqlR4dgCAO86xaW9xusbnrub4aisMjKdPKYKIseiBwNcGwZni5Bo-ukxA&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEPPi1-Uod2jiuKvHDP9Qetg&google_cver=1&google_push=AYg5qPKc5ArNvYV5njkXA1tJSntftaFnKeNmJe6AmJqWLnqlR4dgCAO86xaW9xusbnrub4aisMjKdPKYKIseiBwNcGwZni5Bo-ukxA&apid=UP216a32e9-6d03-11ec-9269-02dfe115da4c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyMTZhMzJlOS02ZDAzLTExZWMtOTI2OS0wMmRmZTExNWRhNGM%3D&google_push=AYg5qPKc5ArNvYV5njkXA1tJSntftaFnKeNmJe6AmJqWLnqlR4dgCAO86xaW9xusbnrub4aisMjKdPKYKIseiBwNcGwZni5Bo-ukxA
Request Chain 356
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJiuvFzqj4_ZH8WrPtyeKNE&google_cver=1&google_push=AYg5qPKjFvDCVQA5LGOoWS6lIJ6eKAplof9oY0Oa_nyuY_Xg4eQF3F4KinYr6mj0-0ZYokVtkWPmQ8ylv_MO_FUZ_jmt8kTdMQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=REpaam5rS3YxTjR6ZVg1&google_gid=CAESEJiuvFzqj4_ZH8WrPtyeKNE&google_cver=1&google_push=AYg5qPKjFvDCVQA5LGOoWS6lIJ6eKAplof9oY0Oa_nyuY_Xg4eQF3F4KinYr6mj0-0ZYokVtkWPmQ8ylv_MO_FUZ_jmt8kTdMQ
Request Chain 357
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEATRpjEN8V9lNqprUVtheZg&google_cver=1&google_push=AYg5qPLXgRLygSfTMaBtXq3wTpIZ-xLNpsdJgB5bO6ftWcne6eEGEPkwu_1wStHfrNOl2lN7Qu12bB6hGiCHPLb9jqkaBcR6PWg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLXgRLygSfTMaBtXq3wTpIZ-xLNpsdJgB5bO6ftWcne6eEGEPkwu_1wStHfrNOl2lN7Qu12bB6hGiCHPLb9jqkaBcR6PWg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEATRpjEN8V9lNqprUVtheZg&google_cver=1&google_push=AYg5qPLXgRLygSfTMaBtXq3wTpIZ-xLNpsdJgB5bO6ftWcne6eEGEPkwu_1wStHfrNOl2lN7Qu12bB6hGiCHPLb9jqkaBcR6PWg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLXgRLygSfTMaBtXq3wTpIZ-xLNpsdJgB5bO6ftWcne6eEGEPkwu_1wStHfrNOl2lN7Qu12bB6hGiCHPLb9jqkaBcR6PWg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 358
  • https://um.simpli.fi/gp_match?google_gid=CAESEFAgSugprnHIbcVm0XZod_U&google_cver=1&google_push=AYg5qPJO8FnoIH2s9V0bQ7QoiGNXY1zH3eARowmVieguMjcBeDfgiDwFEzkcde21THsgq5kR5sWUOLOHlcidNq6-cI0bpt1jUcM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7509EDD89CD543279D0C21224FF946B8&google_push=AYg5qPJO8FnoIH2s9V0bQ7QoiGNXY1zH3eARowmVieguMjcBeDfgiDwFEzkcde21THsgq5kR5sWUOLOHlcidNq6-cI0bpt1jUcM
Request Chain 360
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIWuP-r4My28mmoVs3gl-_s&google_cver=1&google_push=AYg5qPJh2PTM1mZytgL9uWYUtcvyGXaJJSSqaZHO0MlSGy8EMQAhb2GqtIOyoXNr_qdlXgRMIRNqX1KaWlKFMf3oKBJSMOTv6Cc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJh2PTM1mZytgL9uWYUtcvyGXaJJSSqaZHO0MlSGy8EMQAhb2GqtIOyoXNr_qdlXgRMIRNqX1KaWlKFMf3oKBJSMOTv6Cc&google_hm=NTgxNjY2NDc0MzA4NjY5NDY0NQ%3D%3D
Request Chain 361
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEaALM6E714T4YCKFpxMgWk&google_cver=1&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkjbikCKXIg HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEaALM6E714T4YCKFpxMgWk&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkjbikCKXIg&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkjbikCKXIg&google_cver=1&google_gid=CAESEEaALM6E714T4YCKFpxMgWk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkjbikCKXIg&google_cver=1&google_gid=CAESEEaALM6E714T4YCKFpxMgWk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkjbikCKXIg&google_cver=1&google_gid=CAESEEaALM6E714T4YCKFpxMgWk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkjbikCKXIg&google_cver=1&google_gid=CAESEEaALM6E714T4YCKFpxMgWk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkjbikCKXIg&google_cver=1&google_gid=CAESEEaALM6E714T4YCKFpxMgWk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkjbikCKXIg&google_cver=1&google_gid=CAESEEaALM6E714T4YCKFpxMgWk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkjbikCKXIg&google_cver=1&google_gid=CAESEEaALM6E714T4YCKFpxMgWk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkjbikCKXIg&google_cver=1&google_gid=CAESEEaALM6E714T4YCKFpxMgWk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkjbikCKXIg&google_cver=1&google_gid=CAESEEaALM6E714T4YCKFpxMgWk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkjbikCKXIg&google_cver=1&google_gid=CAESEEaALM6E714T4YCKFpxMgWk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkjbikCKXIg&google_cver=1&google_gid=CAESEEaALM6E714T4YCKFpxMgWk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkjbikCKXIg&google_cver=1&google_gid=CAESEEaALM6E714T4YCKFpxMgWk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkjbikCKXIg&google_cver=1&google_gid=CAESEEaALM6E714T4YCKFpxMgWk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkjbikCKXIg&google_cver=1&google_gid=CAESEEaALM6E714T4YCKFpxMgWk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkjbikCKXIg&google_cver=1&google_gid=CAESEEaALM6E714T4YCKFpxMgWk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkjbikCKXIg&google_cver=1&google_gid=CAESEEaALM6E714T4YCKFpxMgWk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkjbikCKXIg&google_cver=1&google_gid=CAESEEaALM6E714T4YCKFpxMgWk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkjbikCKXIg&google_cver=1&google_gid=CAESEEaALM6E714T4YCKFpxMgWk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkjbikCKXIg&google_cver=1&google_gid=CAESEEaALM6E714T4YCKFpxMgWk
Request Chain 367
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4392194267766048912
Request Chain 426
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEJpueM0Qha4kIxrCuZbvfps&google_cver=1
Request Chain 427
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm HTTP 302
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEIP0gxN0bfPMM0n_lprOzJo&google_cver=1&adform_v=1
Request Chain 429
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIRSywS_-xussfrMPONjpoc&google_cver=1&google_push=AYg5qPIUQPO6M9MvPQxtIqbMyoFIdX6f_ym8GPUV8aldvPViL5sq5k6J1LBeCOz-o3C9K4hEMIoqSs-33hlMELIvpqfLTP7ttA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=REpaam5rS3YxTjR6ZVg1&google_gid=CAESEIRSywS_-xussfrMPONjpoc&google_cver=1&google_push=AYg5qPIUQPO6M9MvPQxtIqbMyoFIdX6f_ym8GPUV8aldvPViL5sq5k6J1LBeCOz-o3C9K4hEMIoqSs-33hlMELIvpqfLTP7ttA
Request Chain 433
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESELqZtgtB5nHPum18F-0Bl-o&google_cver=1&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw
Request Chain 434
  • https://match.360yield.com/match/ebda?google_gid=CAESEGv5tNs5HXur3ARTCrfWOzw&google_cver=1&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5xXXrzmwjAVVI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5xXXrzmwjAVVI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5xXXrzmwjAVVI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5xXXrzmwjAVVI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5xXXrzmwjAVVI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5xXXrzmwjAVVI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5xXXrzmwjAVVI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5xXXrzmwjAVVI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5xXXrzmwjAVVI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5xXXrzmwjAVVI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5xXXrzmwjAVVI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5xXXrzmwjAVVI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5xXXrzmwjAVVI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5xXXrzmwjAVVI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5xXXrzmwjAVVI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5xXXrzmwjAVVI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5xXXrzmwjAVVI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5xXXrzmwjAVVI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5xXXrzmwjAVVI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5xXXrzmwjAVVI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5xXXrzmwjAVVI
Request Chain 435
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEAYvf2Cct27_wl1eSsnqHYA&google_cver=1&google_push=AYg5qPKyVQXANDF3eSLR6npezS1isCTL36QuLexbnsE5riZaDb3r_TzOOnUyy3vVcguumhPyRHr8_bS3ueZiZe1VuxMnBLdGVl8s HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEAYvf2Cct27_wl1eSsnqHYA&google_cver=1&google_push=AYg5qPKyVQXANDF3eSLR6npezS1isCTL36QuLexbnsE5riZaDb3r_TzOOnUyy3vVcguumhPyRHr8_bS3ueZiZe1VuxMnBLdGVl8s&apid=UP216a32e9-6d03-11ec-9269-02dfe115da4c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyMTZhMzJlOS02ZDAzLTExZWMtOTI2OS0wMmRmZTExNWRhNGM%3D&google_push=AYg5qPKyVQXANDF3eSLR6npezS1isCTL36QuLexbnsE5riZaDb3r_TzOOnUyy3vVcguumhPyRHr8_bS3ueZiZe1VuxMnBLdGVl8s
Request Chain 438
  • https://campaign.mobility-ads.de/highTrafficUrl/1.html?idPartner=39&idCampaignAd=0&subId=&subIdentifier=oneid4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHKoneid__asuidKnVRbz8jl9YEznYcSjwwJZ72HxHdabapasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.autohaus-koenig.de/htlp?coyotetrackingid=483566946 HTTP 301
  • https://www.autohaus-koenig.de/htlp/?coyotetrackingid=483566946
Request Chain 477
  • https://aws-fr.bidswitch.net/imp/0.054/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R52121887_Qrtbwp_R_I_WAUCTION__PRICE_X-oLXRwAwHMq-irB7MNufUbuOsfis-yQcy0_Qrtbdata_R2YxAY0WAPhb9bTdFbXjHIilwj3W____cFjJT1Z4Xt8je6Kmj3iR651e0KlUVRIefAePSMDQbIenuxhNyorT08VLdTxQuBcys3GOvhk9rjteZeT4ikbpymT6GKqHA4KRUlqTT3a49TMOD13__r0iKtiJjMavZnGsv4TcTO2ILPQaxpWpzAsQ__Swzv7hq0E4gBh3vCX-3tzGqmdTS0LRdLK0ZAATDctcH2QbecBi0W-VH5Rg3R6Yx3QD3bTb__119wm4vv0x3B-KWmWKSAiMRMx8y__nw2_QOOBClickTrack_R_I_WCLICK__URL_AURLENCODE_X/Ibpz3iwBtJbiBPourQOBQV0JD8RYwnTixoCawmozBG4s9QLV_3dD6LKPyEXHT7zKeFBohnZrRPN-phelA-DJau00opetz3zlsNRvO5rSeY4_qQr8DFzZvjijyUXK9GTKN_K9s-lZwmf8-ZW28HCZHQO3i6kE1l_PdRRv29yfoCGPJ76JC1OfJHINVFpxshtoY7iNxEzzFRD72jehCHjwFJWXmmhqm1cVDQtUVDLzXUR2p8RjVbq9PdPRcWz22bYfTIFg-U7_-9ehsO3MKMDdupwnKsvl1TNIj8TF5XbVin1SDOZO9-umys1cOYckNTd2NXSYfZmnJ9FmLXXJrJFEru8ixW4RcDHP_tG22YXYGL-Sd8bdMdX_iLjzNfB48QEta6D4cx7Nvdqy48JD4W75kVG0VD1QBEbarDTMOONlHLuXXzW1kgmT3-VtqM1UetPeqcjDoAfjTa9X0sbFXI1nvWwVo8s-0P7g6cTlSFADLqYi05GOHD4ufjUy41A2kKmq4kQBXaFa8ttYTVFucKP-qreH2xovub7HUdZ7PM7q6W9gx9Z_XCoBCFcCefQidPpeyKrBJMWjqgQhPaaM6NYAptieEhnhIYNAwE_pRDWDULjNCDaMYRG5jVtx_SXafW3SIgUO0ivkibD8QPuzpApKpasOj1Kjyuc81jX65kuvgjQM3rqqSgd5pje314WBxQovg-ROzcqyEoNMUUQiCRrhHEOHEgcUC03bijHYuGvu6cB7YMtwNNggKTr7Nya06dVZfhOeC3tknhzh7ftdk9CzAYb7U-4QDUxT_ZIjXaS9viPXjkB2DhAsCLnlqryRBq-CD5XDFuKNCGf0_NUpcOom6vHPdsRoTwwAfSS4EwYalGPImdKH6ZYZyxP5wNdP9OoEUdfbaTk/ HTTP 302
  • https://track.adform.net/adfscript/?bn=52121887;rtbwp=0.05778-oLXRwAwHMq-irB7MNufUbuOsfis-yQcy0;rtbdata=2YxAY0WAPhb9bTdFbXjHIilwj3W__cFjJT1Z4Xt8je6Kmj3iR651e0KlUVRIefAePSMDQbIenuxhNyorT08VLdTxQuBcys3GOvhk9rjteZeT4ikbpymT6GKqHA4KRUlqTT3a49TMOD13_r0iKtiJjMavZnGsv4TcTO2ILPQaxpWpzAsQ_Swzv7hq0E4gBh3vCX-3tzGqmdTS0LRdLK0ZAATDctcH2QbecBi0W-VH5Rg3R6Yx3QD3bTb_119wm4vv0x3B-KWmWKSAiMRMx8y_nw2;OOBClickTrack=
Request Chain 481
  • https://eb2.3lift.com/sync?max=10&cb=10004 HTTP 302
  • https://eb2.3lift.com/sync?max=10&cb=10004&ld=1
Request Chain 489
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=294423215&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=294423215&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1&a.y_rid=e351206d-1d7a-4b57-a07a-ef63f07f6142&a.is_yahoo=3&redirect_y=dHM9MTY0MTI2MjA3NjQwNy4zNDU3MDM6YXBpZD1VUDIxNmEzMmU5LTZkMDMtMTFlYy05MjY5LTAyZGZlMTE1ZGE0YzpyZXF1ZXN0X2lkPWUzNTEyMDZkLTFkN2EtNGI1Ny1hMDdhLWVmNjNmMDdmNjE0Mg==
Request Chain 490
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1622453941&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1622453941&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1&a.y_rid=e41a0d03-6fc5-43c8-ac20-b28c0e42eacc&a.is_yahoo=3&redirect_y=dHM9MTY0MTI2MjA3NjQwNi42MjA2MDU6YXBpZD1VUDIxNmEzMmU5LTZkMDMtMTFlYy05MjY5LTAyZGZlMTE1ZGE0YzpyZXF1ZXN0X2lkPWU0MWEwZDAzLTZmYzUtNDNjOC1hYzIwLWIyOGMwZTQyZWFjYw==
Request Chain 491
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=61487399&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=61487399&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1&a.y_rid=22a5e54d-6837-4bfe-8ce8-99b8f143ebba&a.is_yahoo=3&redirect_y=dHM9MTY0MTI2MjA3NjQwNy42NDUyNjQ6YXBpZD1VUDIxNmEzMmU5LTZkMDMtMTFlYy05MjY5LTAyZGZlMTE1ZGE0YzpyZXF1ZXN0X2lkPTIyYTVlNTRkLTY4MzctNGJmZS04Y2U4LTk5YjhmMTQzZWJiYQ==
Request Chain 492
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=889970178&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=889970178&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=155a6256-5304-42df-aa43-1173d4af6acc&a.is_yahoo=3&redirect_y=dHM9MTY0MTI2MjA3NjQwNy40MjQ1NjE6YXBpZD1VUDIxNmEzMmU5LTZkMDMtMTFlYy05MjY5LTAyZGZlMTE1ZGE0YzpyZXF1ZXN0X2lkPTE1NWE2MjU2LTUzMDQtNDJkZi1hYTQzLTExNzNkNGFmNmFjYw==
Request Chain 496
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1433020603&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1433020603&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1&a.y_rid=ce930f20-4194-45f6-831d-6f6e715eaef4&a.is_yahoo=3&redirect_y=dHM9MTY0MTI2MjA3NjQwOC42MjY0NjU6YXBpZD1VUDIxNmEzMmU5LTZkMDMtMTFlYy05MjY5LTAyZGZlMTE1ZGE0YzpyZXF1ZXN0X2lkPWNlOTMwZjIwLTQxOTQtNDVmNi04MzFkLTZmNmU3MTVlYWVmNA==
Request Chain 498
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=734672147&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=734672147&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1&a.y_rid=9e9e817c-f83f-4836-b85f-6ab496cbecef&a.is_yahoo=3&redirect_y=dHM9MTY0MTI2MjA3NjQwOC45Mzk0NTM6YXBpZD1VUDIxNmEzMmU5LTZkMDMtMTFlYy05MjY5LTAyZGZlMTE1ZGE0YzpyZXF1ZXN0X2lkPTllOWU4MTdjLWY4M2YtNDgzNi1iODVmLTZhYjQ5NmNiZWNlZg==
Request Chain 501
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEET0uMNU7U3Xt-RbCNPCQ9Q&google_cver=1&google_push=AYg5qPKYG9HJ3vnEudsAfM0zcDzbX1C0hLXVanoOEn8LNB1ShCTNc_qDiKGeMd-jlUAoSVDT4ByZZG3Ckz7MFYmR1-KGLDFXaPrx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=REpaam5rS3YxTjR6ZVg1&google_gid=CAESEET0uMNU7U3Xt-RbCNPCQ9Q&google_cver=1&google_push=AYg5qPKYG9HJ3vnEudsAfM0zcDzbX1C0hLXVanoOEn8LNB1ShCTNc_qDiKGeMd-jlUAoSVDT4ByZZG3Ckz7MFYmR1-KGLDFXaPrx
Request Chain 504
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJxtZpgdfYg-3ysJiNcQ5nw&google_cver=1&google_push=AYg5qPLaI7cKdwoapwyUbHNakKy1JsiDvZGQyCPvgr9MoZWZ9JbQ4bSmnLAWRSW4831hHVyvNjSFpfIko5pw6PwBWqTeFNzaAco HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJxtZpgdfYg-3ysJiNcQ5nw&google_cver=1&google_push=AYg5qPLaI7cKdwoapwyUbHNakKy1JsiDvZGQyCPvgr9MoZWZ9JbQ4bSmnLAWRSW4831hHVyvNjSFpfIko5pw6PwBWqTeFNzaAco&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8XvUfHLYRG2YMG6zqp3CjQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLaI7cKdwoapwyUbHNakKy1JsiDvZGQyCPvgr9MoZWZ9JbQ4bSmnLAWRSW4831hHVyvNjSFpfIko5pw6PwBWqTeFNzaAco
Request Chain 505
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKYRFZ2w69BWZdS54AKrZnM&google_cver=1&google_push=AYg5qPJKrreN6lYg3dvNmdkVYuixXz8oyIaTiUEnGCEfJYx7a4PwbzZJgMZHA4EW7s4Au5iZO4YgUKGULiY-FjZASP56Uyy7B8LD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJKrreN6lYg3dvNmdkVYuixXz8oyIaTiUEnGCEfJYx7a4PwbzZJgMZHA4EW7s4Au5iZO4YgUKGULiY-FjZASP56Uyy7B8LD
Request Chain 506
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDgRbjrVCGBYpvhBNQkjo4M&google_cver=1&google_push=AYg5qPIgMj10EYfITPQcPtYBHcubT_83SFOBunIsLFbFkv-jtWL0dN4tnUvg762rsZA4eGrFXqsuDfNpy_sR6Wkrqlq3I_VGncw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTMzOTU2Mzc3NTc1NjQ3MjQ5NDY%3D&google_push=AYg5qPIgMj10EYfITPQcPtYBHcubT_83SFOBunIsLFbFkv-jtWL0dN4tnUvg762rsZA4eGrFXqsuDfNpy_sR6Wkrqlq3I_VGncw
Request Chain 507
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKOOqJW0NxlFU8cRd_wa7uY&google_cver=1&google_push=AYg5qPILwfiEzZah8a6Dg_7gRUICyL_vPtXGvpvB8tra05rxylML0K-ItKRvw-nI8grxKZl1fhCKVEx9KP2os4c9oeUs1IC0HhObbg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1ELkJ3Uy5GRTJ1SEIyYWkwRExqNkEyM0kwMHNtQjM4eX5B&google_push=AYg5qPILwfiEzZah8a6Dg_7gRUICyL_vPtXGvpvB8tra05rxylML0K-ItKRvw-nI8grxKZl1fhCKVEx9KP2os4c9oeUs1IC0HhObbg
Request Chain 512
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESED10LRRhgdIFwuZPTqTZ3P0&google_cver=1&google_push=AYg5qPKnIWJUiXUZ2-ahlfh5Pp2qhaJS3nX2RGUFcSp7m356k_MHV1IATc0BiwAfvOhFHcvx-tUh4NiXuHa6aLOj6irfLj57M3nf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDM5MjE5NDI2Nzc2NjA0ODkxMg==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELC128047bh_Lgt0Y-yXAzE&google_cver=1
Request Chain 513
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEJWAsqHYSX4CbJdjk9lKWoE&google_cver=1&google_push=AYg5qPIMvbvuMnMADMWoGjRot1_nCL5T-JWoHccF8fhG7DsTKajCEMtCkXgKc7yu_K_dtE-vHsgPbYx5I-umIXHL5VEACbIKu1w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WWRPcl93QUM4WERvaEFBbQ==&google_gid=CAESEJWAsqHYSX4CbJdjk9lKWoE&google_cver=1&google_push=AYg5qPIMvbvuMnMADMWoGjRot1_nCL5T-JWoHccF8fhG7DsTKajCEMtCkXgKc7yu_K_dtE-vHsgPbYx5I-umIXHL5VEACbIKu1w
Request Chain 515
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPZyrGozP9a5TNJlV0Ej-y4&google_cver=1&google_push=AYg5qPKmQ0VYcgs-9vBm7BTnI-YdsUQMYx50vZV7niOrcgohsYC4xp9LRMYUtq7HeZqq6M9z3re9w0js5lV_nh4aYF5ruM5SzQKa HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKmQ0VYcgs-9vBm7BTnI-YdsUQMYx50vZV7niOrcgohsYC4xp9LRMYUtq7HeZqq6M9z3re9w0js5lV_nh4aYF5ruM5SzQKa&google_hm=NTgxNjY2NDc0MzA4NjY5NDY0NQ%3D%3D
Request Chain 516
  • https://match.360yield.com/match/ebda?google_gid=CAESEOvF-zha8lOgTK2lINm8XiU&google_cver=1&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6bzT_RYW2lSSubZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6bzT_RYW2lSSubZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6bzT_RYW2lSSubZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6bzT_RYW2lSSubZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6bzT_RYW2lSSubZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6bzT_RYW2lSSubZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6bzT_RYW2lSSubZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6bzT_RYW2lSSubZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6bzT_RYW2lSSubZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6bzT_RYW2lSSubZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6bzT_RYW2lSSubZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6bzT_RYW2lSSubZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6bzT_RYW2lSSubZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6bzT_RYW2lSSubZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6bzT_RYW2lSSubZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6bzT_RYW2lSSubZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6bzT_RYW2lSSubZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6bzT_RYW2lSSubZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6bzT_RYW2lSSubZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6bzT_RYW2lSSubZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6bzT_RYW2lSSubZ
Request Chain 517
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDEKy2hjjGuAV1CoWIXn-ls&google_cver=1&google_push=AYg5qPKI0WwmMv-YXXaIJ3UYYnJARH8XIPLRL4ue5ZOjVZXsnX52AAylDYJnVe31bHvPxHSkBkV_r_g0guJW3crNluYnlRoHP6WpFA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1ELkJ3Uy5GRTJ1SEIyYWkwRExqNkEyM0kwMHNtQjM4eX5B&google_push=AYg5qPKI0WwmMv-YXXaIJ3UYYnJARH8XIPLRL4ue5ZOjVZXsnX52AAylDYJnVe31bHvPxHSkBkV_r_g0guJW3crNluYnlRoHP6WpFA
Request Chain 522
  • https://ad.mrtnsvr.com/sync/triplelift HTTP 302
  • https://eb2.3lift.com/xuidmid=7976&xuid=o8RAfubfp&dongle=u6nf
Request Chain 523
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGwKA9AtvoYH5vvv86goqx4&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 524
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTMzOTU2Mzc3NTc1NjQ3MjQ5NDY%3D
Request Chain 526
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/13395637757564724946?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-86iGP3RE2oQ7zxhfGm_90ZrqA_FVX7V..TuCLCySng--~A&dongle=0883
Request Chain 529
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=13395637757564724946 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=13395637757564724946&dcc=t
Request Chain 530
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 537
  • https://aws-fr.bidswitch.net/imp/0.063/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R51750730_Qrtbwp_R_I_WAUCTION__PRICE_X-0dP11m5FSngPOLOUwRTDfbIPKv01adQy0_Qrtbdata_RYyqrLJEYr-jsoKEwUKRyovlgeHiGGJ__ew4YzOb4p1A10EboH77V5F0t6cVckA6yaPSMDQbIenuxhNyorT08VLdTxQuBcys3GOvhk9rjteZeT4ikbpymT6GKqHA4KRUlqTT3a49TMOD13__r0iKtiJjMavZnGsv4TcTO2ILPQaxpWpzAsQ__Swzv7hq0E4gBh3vIdcT4zbrTn7S50APILNxHfWRaRip__E4LZ8ae__TYZFRrXPRQWRw2PMWhFsPeI52QudzxMjyqqe5u--Ts__ibrZrw2_QOOBClickTrack_R_I_WCLICK__URL_AURLENCODE_X/bzmViO7Z3gbxqWuvluOZQETC6pg0KPhgxbsh5fpKECLCYtmTQ1FjPYJKjpDWRgr9xYB7f0khNgroBQh_i-W8NPeBDG-zDKCI9ZETVMt_TNm_5wK4ZoYup26K7e9BkNXUMLMR_qv77onhsiuRRJdhZfkBZIgb1QgSSP2tJyx976rh0eIatF75eOQ6pE1gwvk-1GtHCQy0tdi44mXit-R9qGHrnCeU2tMgvdWITn0mEOex4bEjB4bzx__2z3muoNmwYl8NkloiqLIJAyqbxrge-sbISc9bool3B9fMbAwTCdSJExoBRHN5XxIik0nsPBAYUjN7qpCWZhIN-TR-AOIGRCMyNyRMfZx6QRd3P2G6WVvsG4WC8Tj7qsVW8yF3VZ-EozGX63Kk6-BNGAkDiqxo6jCPRAr1IUUgk8jPJNuRTaod7cYulUIRAaWbfA5CGNhfcbxKvVeJrj8i5qyMDX0ZXS38HHi2SQAACVFoSleBmfCY-6z3WDgzJRRR6mm9g0JQ90R8lyLsYNyS-XQiL758BKnX2V7goyUGRXSiU_pc6VPGUj-BL_cU7PeV_j-oYtlvz9_JB7Ue278zRr03vMQembWM3MKpC699yDPL_021iZBlzHktq-VM-KGYUfX-bLWHIxcpTY1nb8o8Y9e21-OEluQIhQqwAULJ9camcubsBO0KiRRyTMZQU3VTklFgVxDx0nS2Q5Cd_BGL_3OcjocMoeu_O45FCMK54olJUjRioH3hOYNArLLqYfyWo9lo-pyKvWmKCgnJEfstWSTVVdka_sub62ryKIYD4WK3tSfeA5vXV6O-gQDnlNmNUsmjexfoU09YdFWFYfJcO6tuMo8qxaecDkJMPUbULOSeuilmfnGEaqh_46ACGKs0e_utBWK9hK1BLP80lFwZHMCSxEcblzJ1_GICYfZWo2XEeZzw/ HTTP 302
  • https://track.adform.net/adfscript/?bn=51750730;rtbwp=0.06741-0dP11m5FSngPOLOUwRTDfbIPKv01adQy0;rtbdata=YyqrLJEYr-jsoKEwUKRyovlgeHiGGJ_ew4YzOb4p1A10EboH77V5F0t6cVckA6yaPSMDQbIenuxhNyorT08VLdTxQuBcys3GOvhk9rjteZeT4ikbpymT6GKqHA4KRUlqTT3a49TMOD13_r0iKtiJjMavZnGsv4TcTO2ILPQaxpWpzAsQ_Swzv7hq0E4gBh3vIdcT4zbrTn7S50APILNxHfWRaRip_E4LZ8ae_TYZFRrXPRQWRw2PMWhFsPeI52QudzxMjyqqe5u--Ts_ibrZrw2;OOBClickTrack=
Request Chain 543
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESELC128047bh_Lgt0Y-yXAzE&google_cver=1&google_push=AYg5qPKAlQ2CI2MFEZQ6F_OL_TzUYBEKsa0mHX483LTJDTNQXzO7JRFluQVa7CLpCTKR3aUhxJUrg8FPNRNqYmdVw6pUrzvzEMtj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDM5MjE5NDI2Nzc2NjA0ODkxMg==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELC128047bh_Lgt0Y-yXAzE&google_cver=1
Request Chain 544
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPL15170Ry18KGKNhCpWaGM&google_cver=1&google_push=AYg5qPKQCnaDNOhyZ55zf635a6Eh6Gl01hlUlPvvocRqMr3boPvqfcrPAIE-izjRUwEv85VwK-v55gEHETUB7F7EPDO-iyQqPGHT HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKQCnaDNOhyZ55zf635a6Eh6Gl01hlUlPvvocRqMr3boPvqfcrPAIE-izjRUwEv85VwK-v55gEHETUB7F7EPDO-iyQqPGHT&google_hm=D-CkpedODO9EuwWmJDGBUg
Request Chain 546
  • https://um.simpli.fi/gp_match?google_gid=CAESEIHOUvPMFY4nsmlFFIvhOdo&google_cver=1&google_push=AYg5qPIWKSkbcgz8xNWX4cqq8klukvPYh5BhmPe4lZJKwquv9Fl0cFOI2ZpklKHPJ12OyihAyiYr5tqYDDUyzJdVfebVKJtzAeI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7509EDD89CD543279D0C21224FF946B8&google_push=AYg5qPIWKSkbcgz8xNWX4cqq8klukvPYh5BhmPe4lZJKwquv9Fl0cFOI2ZpklKHPJ12OyihAyiYr5tqYDDUyzJdVfebVKJtzAeI
Request Chain 548
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEBmA9O6DjqU1cAIikW9VmaM&google_cver=1&google_push=AYg5qPIynYcpisrELU5bUqD8j_zdovXccftAxa9NBHOu4Uj_VpivqhGmJBnoVUw_eiDD8JcgWcksm_j6efTGoCJoCkFYSwKWUqX4 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPIynYcpisrELU5bUqD8j_zdovXccftAxa9NBHOu4Uj_VpivqhGmJBnoVUw_eiDD8JcgWcksm_j6efTGoCJoCkFYSwKWUqX4&google_hm=hmHTq_wF5XzlRpPBTQ&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D61D3ABFC05E57CE54693C14DBLIS
Request Chain 549
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMu5zliAXqjRkbeW80QUtHA&google_cver=1&google_push=AYg5qPKd1DL9VuNdqct647Yi0p3cuCq9AWv4fHbUQVKDDGSNUyJsx-IdTLr7mL4hmKRmZOGd3j0geUu-VlKkECGn2IqQxUpcV0jn-w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1ELkJ3Uy5GRTJ1SEIyYWkwRExqNkEyM0kwMHNtQjM4eX5B&google_push=AYg5qPKd1DL9VuNdqct647Yi0p3cuCq9AWv4fHbUQVKDDGSNUyJsx-IdTLr7mL4hmKRmZOGd3j0geUu-VlKkECGn2IqQxUpcV0jn-w
Request Chain 557
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=4392194267766048912&dongle=d407
Request Chain 560
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=1%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3690&xuid=b1c861d3-abfb-4f00-82ea-782ebbdf8fa7&dongle=3995&gdpr=1&gdpr_consent=
Request Chain 561
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=1%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3657&xuid=YdOr_wAC8XDohAAm&dongle=3c0a&gdpr=1&gdpr_consent=
Request Chain 562
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=632072906110587084&dongle=4d58&gdpr=1&gdpr_consent=
Request Chain 565
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=632072906110587084&dongle=4d58&gdpr=1&gdpr_consent=
Request Chain 566
  • https://eb2.3lift.com/ebda?sync=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTMzOTU2Mzc3NTc1NjQ3MjQ5NDY%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=1&gdpr_consent=
Request Chain 567
  • https://match.prod.bidr.io/cookie-sync/trl HTTP 303
  • https://match.prod.bidr.io/cookie-sync/trl?_bee_ppp=1 HTTP 303
  • https://eb2.3lift.com/xuid?mid=7255&xuid=ABG-OU7Dp1gAAEA59Q76GQ&dongle=bzwx
Request Chain 570
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3646&xuid=no-consent&dongle=1fa5&gdpr=1&gdpr_consent=
Request Chain 571
  • https://sync.hgrtb.com/triplelift?redir=http%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D7666%26xuid%3Dmy_external_user_id%26dongle%3D8f7 HTTP 302
  • https://eb2.3lift.com/xuid?mid=7666&xuid=b98b52f4-aa3b-4eb9-9dc9-b0c0787623fa&dongle=8f7
Request Chain 572
  • https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=1&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=triplelift&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4945&xuid=7c0e8899-e544-43dc-be4b-f8e6020c4dbd&dongle=31ac
Request Chain 573
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-8ec1e53e-56b9-4f3b-5073-e9afbf915b6f$ip$91.199.118.155&dongle=4430
Request Chain 610
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4392194267766048912
Request Chain 618
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=1421038697&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=1421038697&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1&a.y_rid=8fa92913-fb4a-4abc-ba2f-62a3b01abef8&a.is_yahoo=3&redirect_y=dHM9MTY0MTI2MjA3ODAyNy40MTA0MDA6YXBpZD1VUDIxNmEzMmU5LTZkMDMtMTFlYy05MjY5LTAyZGZlMTE1ZGE0YzptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPThmYTkyOTEzLWZiNGEtNGFiYy1iYTJmLTYyYTNiMDFhYmVmOA==
Request Chain 619
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=664264674&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=664264674&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1&a.y_rid=2aa6b271-99f5-4970-8de8-031c27fcf87e&a.is_yahoo=3&redirect_y=dHM9MTY0MTI2MjA3ODAyOC42MDcxNzg6YXBpZD1VUDIxNmEzMmU5LTZkMDMtMTFlYy05MjY5LTAyZGZlMTE1ZGE0YzptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPTJhYTZiMjcxLTk5ZjUtNDk3MC04ZGU4LTAzMWMyN2ZjZjg3ZQ==
Request Chain 621
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=1879586745&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=1879586745&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=31a12392-7443-49a4-87db-7106ca3f3441&a.is_yahoo=3&redirect_y=dHM9MTY0MTI2MjA3ODAyOC44NzAzNjE6YXBpZD1VUDIxNmEzMmU5LTZkMDMtMTFlYy05MjY5LTAyZGZlMTE1ZGE0YzptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPTMxYTEyMzkyLTc0NDMtNDlhNC04N2RiLTcxMDZjYTNmMzQ0MQ==
Request Chain 624
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=2146436133&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=2146436133&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1&a.y_rid=f1ef457c-7124-40f1-bf36-7acdf43309b0&a.is_yahoo=3&redirect_y=dHM9MTY0MTI2MjA3ODAzMC4xNzQ1NjE6YXBpZD1VUDIxNmEzMmU5LTZkMDMtMTFlYy05MjY5LTAyZGZlMTE1ZGE0YzptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPWYxZWY0NTdjLTcxMjQtNDBmMS1iZjM2LTdhY2RmNDMzMDliMA==
Request Chain 626
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=223944192&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=223944192&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1&a.y_rid=46f8b61c-d52b-4095-a165-115f469938f0&a.is_yahoo=3&redirect_y=dHM9MTY0MTI2MjA3ODAzMi4xMjAzNjE6YXBpZD1VUDIxNmEzMmU5LTZkMDMtMTFlYy05MjY5LTAyZGZlMTE1ZGE0YzptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPTQ2ZjhiNjFjLWQ1MmItNDA5NS1hMTY1LTExNWY0Njk5MzhmMA==

615 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.controle.diarioceleste.com.br/ 		616 KB
81 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
1188032245ea8f4d0c03938253437fcc1c613dcc5aa090db0b19271aac915fea

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx/1.20.2
date
Tue, 04 Jan 2022 02:07:52 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
link
<https://controle.diarioceleste.com.br/wp-json/>; rel="https://api.w.org/" <https://controle.diarioceleste.com.br/wp-json/wp/v2/pages/7083>; rel="alternate"; type="application/json" <https://www.diarioceleste.com.br/>; rel=shortlink
content-encoding
gzip
style.min.css
c0.wp.com/c/5.8.2/wp-includes/css/dist/block-library/ 		79 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
br
last-modified
Wed, 01 Sep 2021 04:05:58 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 Jan 2023 02:07:52 GMT
mediaelementplayer-legacy.min.css
c0.wp.com/c/5.8.2/wp-includes/js/mediaelement/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
br
last-modified
Tue, 29 Sep 2020 15:53:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 Jan 2023 02:07:52 GMT
wp-mediaelement.min.css
c0.wp.com/c/5.8.2/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/mediaelement/wp-mediaelement.min.css
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
br
last-modified
Fri, 07 Jun 2019 20:45:02 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 Jan 2023 02:07:52 GMT
styles.css
controle.diarioceleste.com.br/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.3
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Sun, 28 Nov 2021 05:45:47 GMT
server
nginx/1.20.2
etag
W/"61a3178b-aab"
vary
Accept-Encoding
content-type
text/css
dashicons.min.css
c0.wp.com/c/5.8.2/wp-includes/css/ 		58 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/css/dashicons.min.css
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
br
last-modified
Wed, 03 Mar 2021 21:16:22 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 Jan 2023 02:07:52 GMT
sportspress.css
controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress/assets/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress/assets/css/sportspress.css?ver=2.7.1
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
d1e7b86a016640acdf9b9475530d6ca3b60ae82093138ae06df90a97e0b3af29

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 14:36:38 GMT
server
nginx/1.20.2
etag
W/"604241f6-2e50"
vary
Accept-Encoding
content-type
text/css
icons.css
controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress/assets/css/ 		2 KB
878 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress/assets/css/icons.css?ver=2.7
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
1499434474341ae6bea12a035804abdcfe3ba63fce3eeda8b4a61a88a82e0d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 14:36:38 GMT
server
nginx/1.20.2
etag
W/"604241f6-9e4"
vary
Accept-Encoding
content-type
text/css
sportspress-league-menu.css
controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-league-menu/css/ 		829 B
451 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-league-menu/css/sportspress-league-menu.css?ver=2.1.2
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
2e30ce916dc6e6a8661c565a1f37c4c67681dbecadd07fce14a35ac566763e5a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 14:29:01 GMT
server
nginx/1.20.2
etag
W/"6042402d-33d"
vary
Accept-Encoding
content-type
text/css
sportspress-match-stats.css
controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-match-stats/css/ 		975 B
499 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-match-stats/css/sportspress-match-stats.css?ver=2.2
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
7f5ea34f651b214f3577127932bfbef816b7a7c1ed84264ce5233d54ca78ec83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 14:29:04 GMT
server
nginx/1.20.2
etag
W/"60424030-3cf"
vary
Accept-Encoding
content-type
text/css
sportspress-results-matrix.css
controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-results-matrix/css/ 		998 B
461 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-results-matrix/css/sportspress-results-matrix.css?ver=2.6.9
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
c41e16bdee6fa9c0ac1cffeb7546c2b7d568421656ce1b9dc4df0eeb08605e71

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 14:29:04 GMT
server
nginx/1.20.2
etag
W/"60424030-3e6"
vary
Accept-Encoding
content-type
text/css
sportspress-scoreboard.css
controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-scoreboard/css/ 		1 KB
606 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-scoreboard/css/sportspress-scoreboard.css?ver=2.6.11
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
189c08d44ddda8907afb937de0e125a6aba5c5df4a3678fee894272180c85541

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 14:29:07 GMT
server
nginx/1.20.2
etag
W/"60424033-4d1"
vary
Accept-Encoding
content-type
text/css
sportspress-scoreboard-ltr.css
controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-scoreboard/css/ 		334 B
292 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-scoreboard/css/sportspress-scoreboard-ltr.css?ver=2.6.11
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
56586b3b65cde1c9378097ce0fd776cf2e7f0862d94f81f3740a9cf5bd4843ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 14:29:07 GMT
server
nginx/1.20.2
etag
W/"60424033-14e"
vary
Accept-Encoding
content-type
text/css
sportspress-sponsors.css
controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-sponsors/css/ 		889 B
497 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-sponsors/css/sportspress-sponsors.css?ver=2.6.15
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
e8743978cd69629c7c8612629753b33c979139569e58cd8a50a68dc14b4893cc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 14:29:10 GMT
server
nginx/1.20.2
etag
W/"60424036-379"
vary
Accept-Encoding
content-type
text/css
sportspress-timelines.css
controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-timelines/css/ 		777 B
497 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-timelines/css/sportspress-timelines.css?ver=2.6
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
91c9837847e103525f6b00b6066c15df74e18576956d52f8b359e5426b73781b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 14:29:20 GMT
server
nginx/1.20.2
etag
W/"60424040-309"
vary
Accept-Encoding
content-type
text/css
sportspress-tournaments.css
controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-tournaments/css/ 		2 KB
651 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-tournaments/css/sportspress-tournaments.css?ver=2.6.21
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
69d5ecee9d49838d1a15e85356754339c0211cf2fea3c28ea1ce43e88f30b232

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 14:29:20 GMT
server
nginx/1.20.2
etag
W/"60424040-69d"
vary
Accept-Encoding
content-type
text/css
sportspress-tournaments-ltr.css
controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-tournaments/css/ 		1 KB
449 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-tournaments/css/sportspress-tournaments-ltr.css?ver=2.6.21
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
280639fb9be527f18ee3f89f8599c50bd9a826b9c7563a2e29e47dc3d1d76416

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 14:29:20 GMT
server
nginx/1.20.2
etag
W/"60424040-500"
vary
Accept-Encoding
content-type
text/css
jquery.bracket.min.css
controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-tournaments/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-tournaments/css/jquery.bracket.min.css?ver=0.11.0
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
942b6757fcee126e043999470c953af3fcb67d0a17249bb08914d3a86a47bd7a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 14:29:20 GMT
server
nginx/1.20.2
etag
W/"60424040-13ca"
vary
Accept-Encoding
content-type
text/css
sportspress-twitter.css
controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-twitter/css/ 		160 B
284 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-twitter/css/sportspress-twitter.css?ver=2.1.2
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
0ec390ad895cf27cba604d31b03aad81f26ca0676ad3b925b632a7e10eb1cfee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
last-modified
Fri, 05 Mar 2021 14:29:24 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"60424044-a0"
content-length
160
content-type
text/css
sportspress-user-scores.css
controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-user-scores/css/ 		202 B
326 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-user-scores/css/sportspress-user-scores.css?ver=2.3
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
8992f316d050539ec4e21773924cc63d23e0e7aaca4b7bf4a946e096eda9198d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
last-modified
Fri, 05 Mar 2021 14:29:26 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"60424046-ca"
content-length
202
content-type
text/css
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&subset=cyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext%2Cvietnamese&ver=2.7
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 04 Jan 2022 01:04:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 04 Jan 2022 02:07:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Jan 2022 02:07:52 GMT
sportspress-style.css
controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress/assets/css/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress/assets/css/sportspress-style.css?ver=2.7
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
b04f1af6109fe68b11b9cb8be3895cd4018ccc56f78e309ac5b76d435f5cb82f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 14:36:38 GMT
server
nginx/1.20.2
etag
W/"604241f6-3e88"
vary
Accept-Encoding
content-type
text/css
sportspress-style-ltr.css
controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress/assets/css/ 		816 B
463 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress/assets/css/sportspress-style-ltr.css?ver=2.7
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
e90714da5aa48971f7e92a59f529c1782d19298a126c86db1e514ed93d6b9093

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 14:36:38 GMT
server
nginx/1.20.2
etag
W/"604241f6-330"
vary
Accept-Encoding
content-type
text/css
style.css
controle.diarioceleste.com.br/wp-content/plugins/td-composer/td-multi-purpose/ 		36 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=381db5cebf26144e1b1ab5f0477be694
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
d227e31ec93027f2b903fe5011b6ef0d67fd1fd8e0105843a2f56626e74f4322

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Wed, 22 Dec 2021 15:05:49 GMT
server
nginx/1.20.2
etag
W/"61c33ecd-91a4"
vary
Accept-Encoding
content-type
text/css
css
fonts.googleapis.com/ 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7COxygen%3A700%2C400&display=swap&ver=11.4
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a59bdfbe2d7603d0fc66a490c8362f95b13e26ff839612dd613d430b6d94bf7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 04 Jan 2022 02:07:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 04 Jan 2022 02:07:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Jan 2022 02:07:52 GMT
instagram-widget.css
controle.diarioceleste.com.br/wp-content/plugins/instagram-widget-by-wpzoom/css/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/instagram-widget-by-wpzoom/css/instagram-widget.css?ver=1.9.4
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
3db7e4486865423a7d1b5b08b7d87967d8d5996dbae0f9a0e974b763c0a7a161

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 12:04:52 GMT
server
nginx/1.20.2
etag
W/"61a0cd64-4c75"
vary
Accept-Encoding
content-type
text/css
magnific-popup.min.css
controle.diarioceleste.com.br/wp-content/plugins/gutentor/assets/library/magnific-popup/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/gutentor/assets/library/magnific-popup/magnific-popup.min.css?ver=1.8.0
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
9af0f4e90a7cba0dbe38575666bfedf0e853278155957eb78e63761e33b88a11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Mon, 08 Nov 2021 16:06:05 GMT
server
nginx/1.20.2
etag
W/"61894aed-1473"
vary
Accept-Encoding
content-type
text/css
swiper.css
controle.diarioceleste.com.br/wp-content/plugins/instagram-widget-by-wpzoom/assets/frontend/swiper/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/instagram-widget-by-wpzoom/assets/frontend/swiper/swiper.css?ver=1.9.4
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
ce609c266dedb0ee7936ae8490d284cdfe37242d5f839d6cfd432eb472933589

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 12:04:52 GMT
server
nginx/1.20.2
etag
W/"61a0cd64-39da"
vary
Accept-Encoding
content-type
text/css
featherlight.css
controle.diarioceleste.com.br/wp-content/plugins/perfect-survey/resources/frontend/assets/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/perfect-survey/resources/frontend/assets/css/featherlight.css?ver=5.8.2
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
6fef1e9a733d7dd62a4d190056ca17b3445d871bc3deb64a3b772cfea6f7668d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Fri, 11 Jun 2021 14:57:31 GMT
server
nginx/1.20.2
etag
W/"60c379db-e07"
vary
Accept-Encoding
content-type
text/css
jquery-ui.css
controle.diarioceleste.com.br/wp-content/plugins/perfect-survey/resources/frontend/assets/css/ 		23 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/perfect-survey/resources/frontend/assets/css/jquery-ui.css?ver=5.8.2
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
39dc7caec8eeaf5ac988f044df5dd44085ca963e9818a7baa9b7d28bb4263284

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Fri, 11 Jun 2021 14:57:31 GMT
server
nginx/1.20.2
etag
W/"60c379db-5a0e"
vary
Accept-Encoding
content-type
text/css
survey-front-end.css
controle.diarioceleste.com.br/wp-content/plugins/perfect-survey/resources/frontend/assets/css/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/perfect-survey/resources/frontend/assets/css/survey-front-end.css?ver=5.8.2
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
7713951547d129cdbfd676b605c788fec19dbc155e177d5d3b1ee73b98c315ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Fri, 11 Jun 2021 14:57:31 GMT
server
nginx/1.20.2
etag
W/"60c379db-364e"
vary
Accept-Encoding
content-type
text/css
survey-general.css
controle.diarioceleste.com.br/wp-content/plugins/perfect-survey/resources/backend/assets/css/ 		66 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/perfect-survey/resources/backend/assets/css/survey-general.css?ver=5.8.2
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
7974ea43cfdbb548e0a536c11079dc8787b796729fedf7aa720c30c3d41bb29f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Fri, 11 Jun 2021 14:57:31 GMT
server
nginx/1.20.2
etag
W/"60c379db-1078e"
vary
Accept-Encoding
content-type
text/css
default.min.css
controle.diarioceleste.com.br/wp-content/plugins/tablepress/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/tablepress/css/default.min.css?ver=1.14
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Tue, 20 Jul 2021 17:43:55 GMT
server
nginx/1.20.2
etag
W/"60f70b5b-13e4"
vary
Accept-Encoding
content-type
text/css
font-awesome.css
controle.diarioceleste.com.br/wp-content/plugins/td-composer/assets/fonts/font-awesome/ 		43 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/td-composer/assets/fonts/font-awesome/font-awesome.css?ver=381db5cebf26144e1b1ab5f0477be694
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
af49f53268c08752ca4c11e7f467dbb93d1c3a192a123c837e278869754f94f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Wed, 22 Dec 2021 15:05:47 GMT
server
nginx/1.20.2
etag
W/"61c33ecb-ab38"
vary
Accept-Encoding
content-type
text/css
style.css
controle.diarioceleste.com.br/wp-content/themes/Newspaper/ 		146 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/themes/Newspaper/style.css?ver=11.4
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
e1056ba71e3fcb9898b0cd94af69bdb9f4ce94cca79fd0ac2a1ec1a4d505523a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Wed, 22 Dec 2021 15:05:22 GMT
server
nginx/1.20.2
etag
W/"61c33eb2-24643"
vary
Accept-Encoding
content-type
text/css
style.min.css
c0.wp.com/c/5.8.2/wp-includes/css/dist/components/ 		119 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/css/dist/components/style.min.css
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
267e5fb978fa691c1b12174c588280dd4e69df0123957736d771b9f1dcd13f76
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
br
last-modified
Wed, 01 Sep 2021 04:05:58 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 Jan 2023 02:07:52 GMT
style.min.css
c0.wp.com/c/5.8.2/wp-includes/css/dist/block-editor/ 		99 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/css/dist/block-editor/style.min.css
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
d5a456774176f31718c9ce26f8077ca182362f6d153bd0f5f5fa145d93fb48f7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
br
last-modified
Wed, 01 Sep 2021 19:28:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 Jan 2023 02:07:52 GMT
style.min.css
c0.wp.com/c/5.8.2/wp-includes/css/dist/nux/ 		3 KB
691 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/css/dist/nux/style.min.css
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2afca1a64c042d5045d5ec75094fe657cc8bf757a0d7c6df0fa42969284b6ec5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
br
last-modified
Wed, 01 Sep 2021 04:05:58 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 Jan 2023 02:07:52 GMT
style.min.css
c0.wp.com/c/5.8.2/wp-includes/css/dist/reusable-blocks/ 		389 B
430 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/css/dist/reusable-blocks/style.min.css
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
115e6b5dc9d38bc61444ea742ed56610be8c69c6d04d41f49eb3c550f54cc87f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 04 Jan 2022 02:07:52 GMT
last-modified
Wed, 01 Sep 2021 04:05:58 GMT
server
nginx
strict-transport-security
max-age=15552000
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
389
expires
Wed, 04 Jan 2023 02:07:52 GMT
style.min.css
c0.wp.com/c/5.8.2/wp-includes/css/dist/editor/ 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/css/dist/editor/style.min.css
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
40ab039ddf421b282235661a8567992ee23ce45239fdf4047e27ba58fb397767
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
br
last-modified
Wed, 01 Sep 2021 04:05:58 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 Jan 2023 02:07:52 GMT
blocks.style.build.css
controle.diarioceleste.com.br/wp-content/plugins/gutentor/dist/ 		264 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/gutentor/dist/blocks.style.build.css?ver=3.1.6
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
7d274de930eb4259e31c1f046393f3f2afe5687d9f9c2712b52229385ba51fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Mon, 08 Nov 2021 16:06:05 GMT
server
nginx/1.20.2
etag
W/"61894aed-421c6"
vary
Accept-Encoding
content-type
text/css
gdpr-main.css
controle.diarioceleste.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/styles/ 		73 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/styles/gdpr-main.css?ver=4.7.0
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
28ba94202c3d185a9a758398f283d22b4fb8d6f5fd20d1e83385ae9e420c1380

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Tue, 21 Dec 2021 12:03:30 GMT
server
nginx/1.20.2
etag
W/"61c1c292-12264"
vary
Accept-Encoding
content-type
text/css
td_legacy_main.css
controle.diarioceleste.com.br/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 		155 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=381db5cebf26144e1b1ab5f0477be694
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
9fde46370e7dfc5dbc549914da67dad5fe3220607a612de2909483d186376bbf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Wed, 22 Dec 2021 15:05:47 GMT
server
nginx/1.20.2
etag
W/"61c33ecb-26d24"
vary
Accept-Encoding
content-type
text/css
td_standard_pack_main.css
controle.diarioceleste.com.br/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 		715 KB
61 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=79f8a1d02f05c15c98a62e68cd419e0b
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
7a89d23287ae3c749a356c76da7ef88c34d0ed018c049701b05304c3f6601ab7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Wed, 22 Dec 2021 15:06:26 GMT
server
nginx/1.20.2
etag
W/"61c33ef2-b2ccc"
vary
Accept-Encoding
content-type
text/css
jetpack.css
c0.wp.com/p/jetpack/10.4/css/ 		85 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/10.4/css/jetpack.css
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
a6e9c02837fc4e15d5f6940b514eb5c52f7a752cdbb05862097e7239ad7366a3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
br
last-modified
Tue, 16 Nov 2021 17:11:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 Jan 2023 02:07:52 GMT
diarioceleste.js
tags.juicebarads.com/js/ 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.juicebarads.com/js/diarioceleste.js?v=1641262071&ver=5.8.2
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a12f6c341938eb24f4b5c08571ef9a1242fed237c5b3c73f593343ef2efe7be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 22 Dec 2021 13:18:31 GMT
server
cloudflare
etag
W/"61c325a7-c88a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6ArNMDA5Utd5jG3qoLbWFZd5LqiRPI1DHyZrHvkwJyyKqzix5ep3fZV7sF7v%2FHB5J4f7PRZImmkbudqXfFdPmbl34mxgjRPy4haDtQ66lFNK836Ewf44oEn4MLo7kdvaMf9RvefXCKNjxpnEvd51fsbAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c80ea6f9c484ee0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery.min.js
c0.wp.com/c/5.8.2/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/jquery/jquery.min.js
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
br
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 Jan 2023 02:07:52 GMT
jquery-migrate.min.js
c0.wp.com/c/5.8.2/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 Jan 2023 02:07:52 GMT
seo-automated-link-building.js
controle.diarioceleste.com.br/wp-content/plugins/seo-automated-link-building/js/ 		493 B
436 B 		Script
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/seo-automated-link-building/js/seo-automated-link-building.js?ver=5.8.2
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
3a8566c410bdc9c4b1a222d4e198c179255893accb662ed34ac308c39fc01bac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 16:30:44 GMT
server
nginx/1.20.2
etag
W/"61a7a334-1ed"
vary
Accept-Encoding
content-type
application/javascript
sportspress-facebook-sdk.js
controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-facebook/js/ 		468 B
472 B 		Script
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-facebook/js/sportspress-facebook-sdk.js?ver=2.11
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
4a54e0f9f88e55e67663c6419b93ab31dfea3eadabf045ab51f3603e5c1ec014

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 14:29:01 GMT
server
nginx/1.20.2
etag
W/"6042402d-1d4"
vary
Accept-Encoding
content-type
application/javascript
jquery.bracket.min.js
controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-tournaments/js/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-tournaments/js/jquery.bracket.min.js?ver=0.11.0
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
2b8c1d6e272519fc3c3c51af5fbfbe125dc26bc413cb7840b5a8a9dfa3107caa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 14:29:23 GMT
server
nginx/1.20.2
etag
W/"60424043-60bf"
vary
Accept-Encoding
content-type
application/javascript
sweetalert.min.js
controle.diarioceleste.com.br/wp-content/plugins/perfect-survey/resources/frontend/assets/js/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/perfect-survey/resources/frontend/assets/js/sweetalert.min.js?ver=1.0.0
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
15211e0be73438987ed05236dc4ce90962f7c46452427364446576505e66697b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Fri, 11 Jun 2021 14:57:31 GMT
server
nginx/1.20.2
etag
W/"60c379db-9f62"
vary
Accept-Encoding
content-type
application/javascript
featherlight.js
controle.diarioceleste.com.br/wp-content/plugins/perfect-survey/resources/frontend/assets/js/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/perfect-survey/resources/frontend/assets/js/featherlight.js?ver=1.7.9
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
8229f3c107482bc93008d1934c044198fe418852cf32e8ae7240086c9e9e78c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Fri, 11 Jun 2021 14:57:31 GMT
server
nginx/1.20.2
etag
W/"60c379db-59bd"
vary
Accept-Encoding
content-type
application/javascript
survey.common.js
controle.diarioceleste.com.br/wp-content/plugins/perfect-survey/resources/frontend/assets/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/perfect-survey/resources/frontend/assets/js/survey.common.js?ver=1.0.0
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
80c1e9531472d618e40813cda63f6f91ee15f7d653c40c9181c8a3ab79e16ab1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Fri, 11 Jun 2021 14:57:31 GMT
server
nginx/1.20.2
etag
W/"60c379db-16d4"
vary
Accept-Encoding
content-type
application/javascript
survey.main.js
controle.diarioceleste.com.br/wp-content/plugins/perfect-survey/resources/frontend/assets/js/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/perfect-survey/resources/frontend/assets/js/survey.main.js?ver=1.0.0
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
0c4f536f41f8d54b5cfccb706ed54c2f1378eefb835cca65debdf8a9b681d9f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Fri, 11 Jun 2021 14:57:31 GMT
server
nginx/1.20.2
etag
W/"60c379db-1315"
vary
Accept-Encoding
content-type
application/javascript
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-57583848-1
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a1473115bd81043127f3d50c5125e0634a6f462340a12ed9d814c37a5e1c9358
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36254
x-xss-protection
0
last-modified
Tue, 04 Jan 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 04 Jan 2022 02:07:52 GMT
logodiariocelesteazul.png
controle.diarioceleste.com.br/wp-content/uploads/2021/01/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2021/01/logodiariocelesteazul.png
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
35427bee7326b9125939440515fc52b3ec2228de0280561c62a1f3e1e29e93d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
last-modified
Fri, 05 Mar 2021 13:39:29 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"60423491-671c"
content-length
26396
content-type
image/png
Betpix365_BANNER_RETANGULO_SITE-scaled.jpg
controle.diarioceleste.com.br/wp-content/uploads/2021/12/ 		159 KB
160 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2021/12/Betpix365_BANNER_RETANGULO_SITE-scaled.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
54e261ac516594dda3e0bbc238618b2bc9b9e0b096ef69a70265a7252dd78147

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
last-modified
Fri, 10 Dec 2021 13:12:14 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61b3522e-27d33"
content-length
163123
content-type
image/jpeg
dentinho.jpg
controle.diarioceleste.com.br/wp-content/uploads/2021/12/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2021/12/dentinho.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
ebd797bdab98482911a13a7b10c47488990f4b8784d2e5d8a3dff360fba516cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Fri, 10 Dec 2021 15:58:59 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61b37943-11b18"
content-length
72472
content-type
image/jpeg
paulo-pezzolano-anunciado-324x160.jpg
controle.diarioceleste.com.br/wp-content/uploads/2022/01/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2022/01/paulo-pezzolano-anunciado-324x160.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
6eac1cbc3815731eee3a44c2f8b1ec2b5bc3e0c0fe2f2284638f238be3ba18ab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Mon, 03 Jan 2022 23:38:18 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61d388ea-50ae"
content-length
20654
content-type
image/jpeg
paulo-pezzolano-1-324x160.jpg
controle.diarioceleste.com.br/wp-content/uploads/2022/01/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2022/01/paulo-pezzolano-1-324x160.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
527216f5a7191ef2aaad9e7352cb2ba796d9f189f3407cba50e9bcfacc6cb136

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Mon, 03 Jan 2022 21:41:41 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61d36d95-455f"
content-length
17759
content-type
image/jpeg
PEDRO-MARTINS-324x160.jpg
controle.diarioceleste.com.br/wp-content/uploads/2022/01/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2022/01/PEDRO-MARTINS-324x160.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
6158156e9beecb18c9c1fef9181a35f8495ad9799554bbcd5e4a185ab4dd4638

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Mon, 03 Jan 2022 19:40:17 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61d35121-1a01"
content-length
6657
content-type
image/jpeg
time-feminino-cruzeiro-324x160.jpg
controle.diarioceleste.com.br/wp-content/uploads/2022/01/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2022/01/time-feminino-cruzeiro-324x160.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
06cbe3c0f376f63b0c691c556c34a7eec39a973fd6a695860051c7e656eef4d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Mon, 03 Jan 2022 19:00:07 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61d347b7-298c"
content-length
10636
content-type
image/jpeg
treino-cruzeiro-324x160.jpg
controle.diarioceleste.com.br/wp-content/uploads/2021/12/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2021/12/treino-cruzeiro-324x160.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
a0582eccbbdfe4d63a20fd57084efdedaa269dd4405e4bfae87fa3d1dca8e448

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Wed, 22 Dec 2021 14:56:00 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61c33c80-3a71"
content-length
14961
content-type
image/jpeg
flavio-volante-324x160.jpg
controle.diarioceleste.com.br/wp-content/uploads/2022/01/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2022/01/flavio-volante-324x160.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
de130d90c4ac84acf57d670698416f31ed9245c770eb691b52751ac449017453

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Mon, 03 Jan 2022 18:40:37 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61d34325-34b4"
content-length
13492
content-type
image/jpeg
Waguininho-324x160.jpg
controle.diarioceleste.com.br/wp-content/uploads/2022/01/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2022/01/Waguininho-324x160.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
0d5fdb8585a6666488e36dec3229ed54a161dd44410c1a4a105428ae8759f7e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Mon, 03 Jan 2022 17:26:39 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61d331cf-29f1"
content-length
10737
content-type
image/jpeg
pezzolano-2-324x160.jpg
controle.diarioceleste.com.br/wp-content/uploads/2022/01/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2022/01/pezzolano-2-324x160.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
b04196d172b99cd8d8f8136a23ed9f3f30abb122804a409013f473ba69afe271

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Mon, 03 Jan 2022 16:12:17 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61d32061-21a8"
content-length
8616
content-type
image/jpeg
toca-da-raposa-324x160.jpg
controle.diarioceleste.com.br/wp-content/uploads/2022/01/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2022/01/toca-da-raposa-324x160.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
778f89c62dad1fcdc74a76104f8dc95cdb7fad0fa4d4f8142723c2cb440e7a03

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Mon, 03 Jan 2022 15:46:06 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61d31a3e-210d"
content-length
8461
content-type
image/jpeg
cruzeiro-copinha-treino-324x160.jpg
controle.diarioceleste.com.br/wp-content/uploads/2022/01/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2022/01/cruzeiro-copinha-treino-324x160.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
5f1e1b1be8d315de8af302292f59cdea120ead63577e456d46c9cf4622c80229

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Mon, 03 Jan 2022 14:05:19 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61d3029f-4212"
content-length
16914
content-type
image/jpeg
ronaldoc-324x160.jpg
controle.diarioceleste.com.br/wp-content/uploads/2022/01/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2022/01/ronaldoc-324x160.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
bd2f819f1922834893f5fb91a46f3be532ea0cf8b2e54f1ed596ea623ce238e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Mon, 03 Jan 2022 13:15:34 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61d2f6f6-257b"
content-length
9595
content-type
image/jpeg
sergio-rodrigues-324x160.png
controle.diarioceleste.com.br/wp-content/uploads/2022/01/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2022/01/sergio-rodrigues-324x160.png
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
aed987ef61d7ede5218faa1d522a7a79d184483712664afc596fd32f42b28759

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Mon, 03 Jan 2022 12:54:21 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61d2f1fd-1470d"
content-length
83725
content-type
image/png
sergio-santos-rodrigues-324x160.jpg
controle.diarioceleste.com.br/wp-content/uploads/2022/01/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2022/01/sergio-santos-rodrigues-324x160.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
502b21feb07da7288d3fc751e8d9522fbb2b0ebd9e970f551dbc5b4fddf3994b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Sun, 02 Jan 2022 22:43:44 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61d22aa0-202b"
content-length
8235
content-type
image/jpeg
ronaldo-324x160.jpg
controle.diarioceleste.com.br/wp-content/uploads/2022/01/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2022/01/ronaldo-324x160.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
107e891db20c6621813b4f0bfadd11fc4402440ac4dbf92d4e395598c9832514

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Sun, 02 Jan 2022 11:58:11 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61d19353-20af"
content-length
8367
content-type
image/jpeg
time-feminino-cruzeiro-100x70.jpg
controle.diarioceleste.com.br/wp-content/uploads/2022/01/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2022/01/time-feminino-cruzeiro-100x70.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
05a8064d59bbff5b98080b8175f03352ab02348fd442c8910a7cf4da6b04f98c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Mon, 03 Jan 2022 19:00:07 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61d347b7-9ff"
content-length
2559
content-type
image/jpeg
duda-100x70.jpg
controle.diarioceleste.com.br/wp-content/uploads/2021/12/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2021/12/duda-100x70.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
e7e87bc7c1da75ea1f517e0c6df8983530623b69c6676ccca10cbe905869a9a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Thu, 30 Dec 2021 18:45:53 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61cdfe61-29a5"
content-length
10661
content-type
image/jpeg
Yael-Oviedo-100x70.jpg
controle.diarioceleste.com.br/wp-content/uploads/2021/12/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2021/12/Yael-Oviedo-100x70.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
01ddc6dbd15cc803055acc5a336a0547d4af0c2fe85e3e3587810deb397aa083

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Mon, 27 Dec 2021 15:29:17 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61c9dbcd-b4c"
content-length
2892
content-type
image/jpeg
51699002462_464505a77b_o-100x70.jpg
controle.diarioceleste.com.br/wp-content/uploads/2021/12/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2021/12/51699002462_464505a77b_o-100x70.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
8ea3a33f02142d5a949c449867a422e08e3ffa6903890dc8f1df2933e3cd712a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Thu, 16 Dec 2021 16:42:32 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61bb6c78-8c97"
content-length
35991
content-type
image/jpeg
sde-cbf-100x70.jpg
controle.diarioceleste.com.br/wp-content/uploads/2021/12/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2021/12/sde-cbf-100x70.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
4eb1486c71d3f6285f1a59152925398df1a16b950c04efa9bf75ddc376023145

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Tue, 07 Dec 2021 12:57:19 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61af5a2f-bf8"
content-length
3064
content-type
image/jpeg
49119704096_d7e7076959_o-100x70.jpg
controle.diarioceleste.com.br/wp-content/uploads/2021/12/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2021/12/49119704096_d7e7076959_o-100x70.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
358f93c5271e0b8cd9dc774736a10cbdcd53f3c6413083bfdc27e53887bc7cb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Sun, 05 Dec 2021 13:26:44 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61acbe14-7b58"
content-length
31576
content-type
image/jpeg
cruzeiro-106x128.png
controle.diarioceleste.com.br/wp-content/uploads/2020/01/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2020/01/cruzeiro-106x128.png
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
d124c0d47f3dad95f0fcbf08e0faab2a1d5fe796b459c438661a53b879e1ed1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Fri, 05 Mar 2021 12:47:16 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"60422854-414f"
content-length
16719
content-type
image/png
URT-150x150.png
controle.diarioceleste.com.br/wp-content/uploads/2020/01/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2020/01/URT-150x150.png
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
fd128bb1bb09334b954f40d3932d4617931b7685b7eccb14ca69bbf24bf9aef4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Fri, 05 Mar 2021 12:48:42 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"604228aa-478b"
content-length
18315
content-type
image/png
am%C3%A9rica-150x150.png
controle.diarioceleste.com.br/wp-content/uploads/2020/01/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2020/01/am%C3%A9rica-150x150.png
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
b684aef220bd97e4fbb9c80de3ae948607cc969ec7840be0d32a1f0c7b331e03

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Fri, 05 Mar 2021 12:46:50 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"6042283a-2cc7"
content-length
11463
content-type
image/png
Athletic_Club-128x128.png
controle.diarioceleste.com.br/wp-content/uploads/2021/01/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2021/01/Athletic_Club-128x128.png
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
96404afbbcaec432cae1518105cc4472194c96576ffbfbff447c44aadd73e48e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Fri, 05 Mar 2021 13:36:56 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"604233f8-2f9f"
content-length
12191
content-type
image/png
atl%C3%A9ticomg-150x150.png
controle.diarioceleste.com.br/wp-content/uploads/2019/11/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2019/11/atl%C3%A9ticomg-150x150.png
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
718e2c2b96b20c45de9c93e36bdfa89ca06d53d8f9c14a45e430a35d26754b4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Fri, 05 Mar 2021 12:43:16 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"60422764-2db1"
content-length
11697
content-type
image/png
Caldense-150x150.png
controle.diarioceleste.com.br/wp-content/uploads/2020/01/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2020/01/Caldense-150x150.png
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
124ae650115eb30ff9e5c63cacb88dc562bfd9c7f2928ab3cfb890670c98aaa9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Fri, 05 Mar 2021 12:47:05 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"60422849-45a7"
content-length
17831
content-type
image/png
democrata-128x128.png
controle.diarioceleste.com.br/wp-content/uploads/2020/02/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2020/02/democrata-128x128.png
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
58879e8811754d8383a63ef32969a62c02154576c46c8f47a0d50847f5bac431

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Fri, 05 Mar 2021 12:49:12 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"604228c8-1501"
content-length
5377
content-type
image/png
patrocinense-1-90x128.png
controle.diarioceleste.com.br/wp-content/uploads/2020/01/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2020/01/patrocinense-1-90x128.png
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
bf2deef67d637ab5268bc6c0c34456572531ec087df60f45783cde881f03172b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Fri, 05 Mar 2021 12:48:13 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"6042288d-1a51"
content-length
6737
content-type
image/png
Pouso_Alegre_Futebol_Clube-128x128.png
controle.diarioceleste.com.br/wp-content/uploads/2021/01/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2021/01/Pouso_Alegre_Futebol_Clube-128x128.png
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
c580cac2a022550b0dfb6edb1b0d64129a1d39b37a0aed14cc86b4c4b769a192

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Fri, 05 Mar 2021 13:40:37 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"604234d5-3408"
content-length
13320
content-type
image/png
Tombense-150x150.png
controle.diarioceleste.com.br/wp-content/uploads/2020/01/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2020/01/Tombense-150x150.png
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
b1b9f509b25a71d5a79f2ec823ba9088298b74f05d0f72638a679d07e4167132

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Fri, 05 Mar 2021 12:48:35 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"604228a3-742e"
content-length
29742
content-type
image/png
uberlandia-150x150.png
controle.diarioceleste.com.br/wp-content/uploads/2020/01/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2020/01/uberlandia-150x150.png
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
d9f542eb3c6be355a6167d8e5b11b372f63dbddaef6648487f7b1235f3f29be5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Fri, 05 Mar 2021 12:48:40 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"604228a8-3815"
content-length
14357
content-type
image/png
Villa_Nova-150x150.png
controle.diarioceleste.com.br/wp-content/uploads/2020/01/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2020/01/Villa_Nova-150x150.png
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
6bef4e8542d999cba05f2d0399a96ccfd2ed45c3223547178e380fd73a3a6c1b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Fri, 05 Mar 2021 12:48:43 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"604228ab-377c"
content-length
14204
content-type
image/png
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88522cca257c7b55886862e9549236b005c2fcbb1246bcd986621476739c2127

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
3134
etag
W/"f138f96bdde8c4ff4dce4300db918980"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6c80ea72afc54db8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 07 Jan 2022 02:07:52 GMT
regenerator-runtime.min.js
c0.wp.com/c/5.8.2/wp-includes/js/dist/vendor/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/dist/vendor/regenerator-runtime.min.js
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
br
last-modified
Wed, 23 Jun 2021 00:06:13 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 Jan 2023 02:07:52 GMT
wp-polyfill.min.js
c0.wp.com/c/5.8.2/wp-includes/js/dist/vendor/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
br
last-modified
Mon, 14 Jun 2021 23:18:11 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 Jan 2023 02:07:52 GMT
index.js
controle.diarioceleste.com.br/wp-content/plugins/contact-form-7/includes/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.3
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
d0ba7e2275cddbdf3d2473a60565d950efb8474ba7bda393cc64f56ff39d85ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Sun, 28 Nov 2021 05:45:47 GMT
server
nginx/1.20.2
etag
W/"61a3178b-2e56"
vary
Accept-Encoding
content-type
application/javascript
jquery.dataTables.min.js
controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress/assets/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress/assets/js/jquery.dataTables.min.js?ver=1.10.4
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
f3e9d5a0e959973519a493eafd7d257e56633333b25688ccc4c7c071cea858d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 14:36:41 GMT
server
nginx/1.20.2
etag
W/"604241f9-13bdf"
vary
Accept-Encoding
content-type
application/javascript
sportspress.js
controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress/assets/js/sportspress.js?ver=2.7.1
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
4e8149856625f4e9a157b60ca64536687ceaaab7914dde8df7a71fef0c65b254

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 14:36:42 GMT
server
nginx/1.20.2
etag
W/"604241fa-1049"
vary
Accept-Encoding
content-type
application/javascript
jquery.waypoints.min.js
controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-match-stats/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-match-stats/js/jquery.waypoints.min.js?ver=4.0.0
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
8c39ce2883aad8a36c4194dc053127b29efa1677cc12db45e805760c5d9f14d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 14:29:04 GMT
server
nginx/1.20.2
etag
W/"60424030-2281"
vary
Accept-Encoding
content-type
application/javascript
sportspress-match-stats.js
controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-match-stats/js/ 		292 B
360 B 		Script
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-match-stats/js/sportspress-match-stats.js?ver=2.2
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
b26f89e57885fb78e9179b98396a07094c7f9f51195f79bdee0a2b8dfe62481b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 14:29:04 GMT
server
nginx/1.20.2
etag
W/"60424030-124"
vary
Accept-Encoding
content-type
application/javascript
sportspress-scoreboard.js
controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-scoreboard/js/ 		3 KB
681 B 		Script
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-scoreboard/js/sportspress-scoreboard.js?ver=1641262071
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
e3dce73099413fb979d4915810491f811e8b6bc1df1298f20344ff9e76f13e50

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 14:29:08 GMT
server
nginx/1.20.2
etag
W/"60424034-abf"
vary
Accept-Encoding
content-type
application/javascript
sportspress-sponsors.js
controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-sponsors/js/ 		791 B
443 B 		Script
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-sponsors/js/sportspress-sponsors.js?ver=1641262071
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
561ba42a2b675c6a15db9cb005bdec8ea3dae8c69a01cd4a57f0923d57d7ca5e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 14:29:13 GMT
server
nginx/1.20.2
etag
W/"60424039-317"
vary
Accept-Encoding
content-type
application/javascript
sportspress-tournaments.js
controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-tournaments/js/ 		348 B
354 B 		Script
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-tournaments/js/sportspress-tournaments.js?ver=2.6.21
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
29172ee9d3db002c837ee55984ae7cf518812ec296375f9628f2a04f5621dd98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 14:29:23 GMT
server
nginx/1.20.2
etag
W/"60424043-15c"
vary
Accept-Encoding
content-type
application/javascript
underscore.min.js
c0.wp.com/c/5.8.2/wp-includes/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/underscore.min.js
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
br
last-modified
Thu, 27 May 2021 19:33:19 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 Jan 2023 02:07:52 GMT
js_posts_autoload.min.js
controle.diarioceleste.com.br/wp-content/plugins/td-cloud-library/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=c181d64d1d8a935f19bbe229f049bcfe
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
1cb5dcdb11eda07425f9584041552e161f7ff7395cf52d201e023dcd869157f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Wed, 22 Dec 2021 15:05:30 GMT
server
nginx/1.20.2
etag
W/"61c33eba-14a0"
vary
Accept-Encoding
content-type
application/javascript
tagdiv_theme.min.js
controle.diarioceleste.com.br/wp-content/plugins/td-composer/legacy/Newspaper/js/ 		266 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.4
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
64aa3aea4984154fa8dbe542159695fdc109c6421f7e7ee3513779404181e676

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Wed, 22 Dec 2021 15:05:47 GMT
server
nginx/1.20.2
etag
W/"61c33ecb-42624"
vary
Accept-Encoding
content-type
application/javascript
comment-reply.min.js
c0.wp.com/c/5.8.2/wp-includes/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/comment-reply.min.js
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
br
last-modified
Thu, 18 Mar 2021 17:48:23 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 Jan 2023 02:07:52 GMT
core.min.js
c0.wp.com/c/5.8.2/wp-includes/js/jquery/ui/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/jquery/ui/core.min.js
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
br
last-modified
Thu, 18 Mar 2021 17:48:23 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 Jan 2023 02:07:52 GMT
datepicker.min.js
c0.wp.com/c/5.8.2/wp-includes/js/jquery/ui/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/jquery/ui/datepicker.min.js
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
9fd95260ee110232e2e143adfb5c5f0df7ffee9d2513288ff4102d9e401c663c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
br
last-modified
Tue, 08 Jun 2021 17:15:15 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 Jan 2023 02:07:52 GMT
gutentor.min.js
controle.diarioceleste.com.br/wp-content/plugins/gutentor/assets/js/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/gutentor/assets/js/gutentor.min.js?ver=3.1.6
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
d51d3132f201642d716200003782812ced682ed49bd7923be002063ee11a16e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
gzip
last-modified
Mon, 08 Nov 2021 16:06:05 GMT
server
nginx/1.20.2
etag
W/"61894aed-57d1"
vary
Accept-Encoding
content-type
application/javascript
main.js
controle.diarioceleste.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/scripts/ 		54 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/scripts/main.js?ver=4.7.0
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
fb42ae17c02a0458684266d58cdf7a61ef37397beb4faad9a07cfd6edc7dab81

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
content-encoding
gzip
last-modified
Tue, 21 Dec 2021 12:03:30 GMT
server
nginx/1.20.2
etag
W/"61c1c292-d8de"
vary
Accept-Encoding
content-type
application/javascript
js_files_for_front.min.js
controle.diarioceleste.com.br/wp-content/plugins/td-cloud-library/assets/js/ 		37 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=c181d64d1d8a935f19bbe229f049bcfe
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
5d5ee2ea990988787e3dd82b9b312600c09ce412250e63530e0e347c04b06c1a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
content-encoding
gzip
last-modified
Wed, 22 Dec 2021 15:05:30 GMT
server
nginx/1.20.2
etag
W/"61c33eba-947c"
vary
Accept-Encoding
content-type
application/javascript
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.2
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88522cca257c7b55886862e9549236b005c2fcbb1246bcd986621476739c2127

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
3132
etag
W/"f138f96bdde8c4ff4dce4300db918980"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6c80ea72afc74db8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 07 Jan 2022 02:07:52 GMT
gdpr-logo.png
controle.diarioceleste.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/images/gdpr-logo.png
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
2d91c5b43406f8e7f61aca23cec58ee76a8e9a9d4b9a7c96cc9700a3376ca42b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Tue, 21 Dec 2021 12:03:30 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61c1c292-5c3"
content-length
1475
content-type
image/png
e-202201.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202201.js
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn
date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sat, 31 Dec 2022 23:13:22 GMT
lazyload.min.js
controle.diarioceleste.com.br/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
content-encoding
gzip
last-modified
Wed, 24 Mar 2021 18:47:14 GMT
server
nginx/1.20.2
etag
W/"605b8932-1ed2"
vary
Accept-Encoding
content-type
application/javascript
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: controle.diarioceleste.com.br
URL: https://controle.diarioceleste.com.br/wp-content/plugins/sportspress-pro/includes/sportspress-facebook/js/sportspress-facebook-sdk.js?ver=2.11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9cb77e98b4987c9f42a1cdc2e9ffa668ebe09ac4aa53c6dc5bedbeff2e6e736b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
VHH2nH2BgjX3lE3Yyq2iAA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1686
x-fb-rlafr
0
x-fb-debug
WZJaJN7q1UKDMhfHqw0DggiyY4knB/gHzL/L4LozFrNKc9vn4mtTj6r0yDaNtKlnH7RXLBv5RcDT8q2GKH53cA==
x-fb-trip-id
686109401
x-fb-content-md5
845752f071bba96cea09e79f4c496edd
x-frame-options
DENY
date
Tue, 04 Jan 2022 02:07:52 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"252ab4bb2b231151cb9fcbf4f3ceb6e3"
timing-allow-origin
*
expires
Tue, 04 Jan 2022 02:17:16 GMT
newspaper.woff
controle.diarioceleste.com.br/wp-content/themes/Newspaper/images/icons/ 		0
0
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7COxygen%3A700%2C400&display=swap&ver=11.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.controle.diarioceleste.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 13:52:02 GMT
x-content-type-options
nosniff
age
303350
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 31 Dec 2022 13:52:02 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&subset=cyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext%2Cvietnamese&ver=2.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.controle.diarioceleste.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 13:39:48 GMT
x-content-type-options
nosniff
age
304084
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 31 Dec 2022 13:39:48 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7COxygen%3A700%2C400&display=swap&ver=11.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.controle.diarioceleste.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 17:56:19 GMT
x-content-type-options
nosniff
age
461493
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Dec 2022 17:56:19 GMT
e9f38ccc1ba8329bfa989c468a75a6b0.js
scripts.cleverwebserver.com/ 		130 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.cleverwebserver.com/e9f38ccc1ba8329bfa989c468a75a6b0.js
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1518b3d973c7dab268599cf6a7ebd79f2abd88e1d443dba4e52f0625e07b95c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:52 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 16 Dec 2021 12:10:11 GMT
server
cloudflare
x-amz-request-id
9MBXQVMWR5M5W7EA
etag
W/"510e750b8cd5a24e50a5a2795e8118e6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
Pq7FVDxgJGnATGFVZ3H1RLUL.tpteiU4
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
6c80ea734d133240-FRA
x-amz-id-2
tCtZPNfuVndnq5EmAV+UJI89E1vEG3ufcNqT7QXuWVHJq6EwsHZAm3tQ9RTQ42RlplP1B3z7KH0=
expires
Tue, 04 Jan 2022 02:37:52 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&subset=cyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext%2Cvietnamese&ver=2.7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.controle.diarioceleste.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 14:02:00 GMT
x-content-type-options
nosniff
age
561952
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Dec 2022 14:02:00 GMT
sdk.js
connect.facebook.net/en_US/ 		290 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=a69d47a6e958ad72ec8ef353c452e75c
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2df47bb3addee043381b6e01e957744fd281b8fc642dc4774005a096595eb05c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.controle.diarioceleste.com.br/
Origin
https://www.controle.diarioceleste.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
/eDBAF4DhAW/+Q6Lp9bMEA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
83417
x-fb-rlafr
0
x-fb-debug
xNmRyn8tM9EPa/BHdVQaaH1Dkkdk9PP+N1fOmaynRCH8Tdd56SJafWM/l1bxGgZj1J4jEp+l6lSJxAShTNtxuA==
x-fb-content-md5
53fe97cfdd09ec61e402d79ff3841b0d
x-frame-options
DENY
date
Tue, 04 Jan 2022 02:07:52 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"a05eb1daee262bfa0262943ae41fe47c"
timing-allow-origin
*
priority
u=3,i
expires
Wed, 04 Jan 2023 01:40:22 GMT
paulo-pezzolano-anunciado-696x392.jpg
controle.diarioceleste.com.br/wp-content/uploads/2022/01/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2022/01/paulo-pezzolano-anunciado-696x392.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
7eef8608d3a966f6e2e55e1e8325922163e1fa84a9804206230f9a5f37ee63de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Mon, 03 Jan 2022 23:38:17 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61d388e9-c0a6"
content-length
49318
content-type
image/jpeg
edu-485x360.jpg
controle.diarioceleste.com.br/wp-content/uploads/2022/01/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2022/01/edu-485x360.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
0d8bfae49e542cc562327932e8877d87639dbe4d1df7743657f161cff3b8f81a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Mon, 03 Jan 2022 22:55:44 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61d37ef0-a6c5"
content-length
42693
content-type
image/jpeg
pezzolano-chegou-218x150.jpg
controle.diarioceleste.com.br/wp-content/uploads/2022/01/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2022/01/pezzolano-chegou-218x150.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
c7e8b8b0ef6b5cdaafd0c1bf8c1f1fe779260e75874abe12a2b4a7ea1204a81f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Mon, 03 Jan 2022 22:38:10 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61d37ad2-7402"
content-length
29698
content-type
image/jpeg
paulo-pezzolano-1-218x150.jpg
controle.diarioceleste.com.br/wp-content/uploads/2022/01/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2022/01/paulo-pezzolano-1-218x150.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
7052e792e308a2387efa0d7bd83de848ebe07b6cb72038ac8513ab9713519bfc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Mon, 03 Jan 2022 21:41:40 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61d36d94-3a6e"
content-length
14958
content-type
image/jpeg
PEDRO-MARTINS-218x150.jpg
controle.diarioceleste.com.br/wp-content/uploads/2022/01/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2022/01/PEDRO-MARTINS-218x150.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
7b5933acf268935d635412ed564ff7c9a568e7782fdd276d7f80d8d427868a5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Mon, 03 Jan 2022 19:40:16 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61d35120-1499"
content-length
5273
content-type
image/jpeg
time-feminino-cruzeiro-218x150.jpg
controle.diarioceleste.com.br/wp-content/uploads/2022/01/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2022/01/time-feminino-cruzeiro-218x150.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
98b165bcbd7b3788685e1bfa6c88a43d96a55a281d7cb79e30dffe090c2a5e41

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Mon, 03 Jan 2022 19:00:06 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61d347b6-1eb8"
content-length
7864
content-type
image/jpeg
fontawesome-webfont.woff2
controle.diarioceleste.com.br/wp-content/plugins/td-composer/assets/fonts/font-awesome/ 		0
0
2sDcZG1Wl4LcnbuCNWgzaGW5.woff2
fonts.gstatic.com/s/oxygen/v10/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oxygen/v10/2sDcZG1Wl4LcnbuCNWgzaGW5.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7COxygen%3A700%2C400&display=swap&ver=11.4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5f9ecb6ce5cd13a976187541227e0246570ae91864d052b3e9cc0a4636dc8a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.controle.diarioceleste.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 13:37:53 GMT
x-content-type-options
nosniff
age
304199
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16184
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:03:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 31 Dec 2022 13:37:53 GMT
elements.png
controle.diarioceleste.com.br/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/elements.png
Requested by
Host: controle.diarioceleste.com.br
URL: https://controle.diarioceleste.com.br/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=381db5cebf26144e1b1ab5f0477be694
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
277c84697b5039a7583a843ba2e6b784354925898a15056c8d975b696d2e7c2c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://controle.diarioceleste.com.br/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=381db5cebf26144e1b1ab5f0477be694
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Wed, 22 Dec 2021 15:05:47 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61c33ecb-1035"
content-length
4149
content-type
image/png
pezzolano-218x150.jpg
controle.diarioceleste.com.br/wp-content/uploads/2022/01/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2022/01/pezzolano-218x150.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
251494916cc4c78fd627cad05e9cec482e5ef4a51a99ec2b96d3a1bba2caac63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Sat, 01 Jan 2022 22:27:19 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61d0d547-1436"
content-length
5174
content-type
image/jpeg
Paulo-Pezzolano-218x150.jpg
controle.diarioceleste.com.br/wp-content/uploads/2022/01/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2022/01/Paulo-Pezzolano-218x150.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
22a6d659e0a0999a31855dfe6bc85f4a2fefd88f2f1ae80e1a859af0ff66b9b2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Sat, 01 Jan 2022 13:00:12 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61d0505c-132b"
content-length
4907
content-type
image/jpeg
sergio-santos-rodrigues-218x150.jpg
controle.diarioceleste.com.br/wp-content/uploads/2022/01/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2022/01/sergio-santos-rodrigues-218x150.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
6542386045f000be35565764afdc693add96f82ff290c3d042b0d7aef1677d8b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Sun, 02 Jan 2022 22:43:28 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61d22a90-1604"
content-length
5636
content-type
image/jpeg
ronaldo-11-218x150.jpg
controle.diarioceleste.com.br/wp-content/uploads/2021/12/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2021/12/ronaldo-11-218x150.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
b7c9a5b0b38ca35ff0dc384f4884871daa1f30f897b0fee18a633be03f94c7dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Fri, 31 Dec 2021 00:45:35 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61ce52af-4c39"
content-length
19513
content-type
image/jpeg
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-57583848-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1979
date
Tue, 04 Jan 2022 01:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 04 Jan 2022 03:34:54 GMT
zel-o-485x360.jpg
controle.diarioceleste.com.br/wp-content/uploads/2021/04/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2021/04/zel-o-485x360.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
8ee72522f8851ffce1868831b7bc6d37257850f93267b19e33adcef0092c8871

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Wed, 28 Apr 2021 23:34:38 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"6089f10e-7bc8"
content-length
31688
content-type
image/jpeg
cruzeiro-tempo-de-terra-218x150.jpg
controle.diarioceleste.com.br/wp-content/uploads/2021/06/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2021/06/cruzeiro-tempo-de-terra-218x150.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
3f40bc40d708c962a94023356a2076a8269d64c8246a5b5376b42bf6351a8ac3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Thu, 17 Jun 2021 04:59:12 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"60cad6a0-56c7"
content-length
22215
content-type
image/jpeg
paulo-pezzolano-anunciado-485x360.jpg
controle.diarioceleste.com.br/wp-content/uploads/2022/01/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2022/01/paulo-pezzolano-anunciado-485x360.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
08a6cf0b7286c74eba2932942eed8213ea918b6db3fbdf0e59ccb371df69d074

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Mon, 03 Jan 2022 23:38:17 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61d388e9-9041"
content-length
36929
content-type
image/jpeg
treino-cruzeiro-218x150.jpg
controle.diarioceleste.com.br/wp-content/uploads/2021/12/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2021/12/treino-cruzeiro-218x150.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
48a927f2b30131ace1e8b886fe8d2d340e7ba80791563f0e5fb33e8586fbe452

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Wed, 22 Dec 2021 14:55:58 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61c33c7e-2a00"
content-length
10752
content-type
image/jpeg
pezzolano-chegou-696x392.jpg
controle.diarioceleste.com.br/wp-content/uploads/2022/01/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2022/01/pezzolano-chegou-696x392.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
2ffc48b41d06f7df18daaf0b5c18a9ec8a5f17fd1df3883ee953151f9a87271b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Mon, 03 Jan 2022 22:38:10 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61d37ad2-11058"
content-length
69720
content-type
image/jpeg
imagem_2021-10-09_134248-696x431.png
controle.diarioceleste.com.br/wp-content/uploads/2021/10/ 		464 KB
465 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2021/10/imagem_2021-10-09_134248-696x431.png
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
4980bda72ee19e17ca1a7b098f1ae9484adee34e4a0e68ce9f4605b306df0b83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Sat, 09 Oct 2021 16:43:07 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"6161c69b-740d0"
content-length
475344
content-type
image/png
cruzeiro-x-atl%C3%A9tico-pr%C3%A9-jogo.jpg
controle.diarioceleste.com.br/wp-content/uploads/2019/11/ 		479 KB
480 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2019/11/cruzeiro-x-atl%C3%A9tico-pr%C3%A9-jogo.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
91095c11e4ee34fc591e9ae61d1650e5cd02a90bb64e5dff7757b93de0f3840d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Fri, 05 Mar 2021 12:43:35 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"60422777-77c26"
content-length
490534
content-type
image/jpeg
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7COxygen%3A700%2C400&display=swap&ver=11.4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.controle.diarioceleste.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 17:58:32 GMT
x-content-type-options
nosniff
age
461361
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Dec 2022 17:58:32 GMT
/
www.facebook.com/tr/ 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=229958377062169&ev=fb_page_view&dl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&rl=&if=false&ts=1641262073119&sw=1600&sh=1200&at=
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Tue, 04 Jan 2022 02:07:53 GMT
marcelo-mendez-485x360.jpg
controle.diarioceleste.com.br/wp-content/uploads/2021/12/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2021/12/marcelo-mendez-485x360.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
21d871a313c7064c4f9d0b462b743557e5282f53a45bb4a30d697091337eb1dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Mon, 27 Dec 2021 17:52:05 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61c9fd45-6ba7"
content-length
27559
content-type
image/jpeg
sada-cruzeiro-2-218x150.jpg
controle.diarioceleste.com.br/wp-content/uploads/2021/12/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2021/12/sada-cruzeiro-2-218x150.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
52837f8e6500e3ccc4746760ac2a13c756d5dd232d9ec204a0e5df0c9b5c8f44

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Mon, 27 Dec 2021 12:54:06 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61c9b76e-3217"
content-length
12823
content-type
image/jpeg
sada-cruzeiro-1-218x150.jpg
controle.diarioceleste.com.br/wp-content/uploads/2021/12/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2021/12/sada-cruzeiro-1-218x150.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
1802916cab838711ade3021032e3d81f3b3562726b408d72dd6566af36a649c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Thu, 23 Dec 2021 22:20:48 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61c4f640-4c29"
content-length
19497
content-type
image/jpeg
sada-cruzeiro-218x150.jpg
controle.diarioceleste.com.br/wp-content/uploads/2021/12/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2021/12/sada-cruzeiro-218x150.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
9166cbbecbdffd1ee6e60cca22d487e524ac199583fd372ef032fa0c2196409a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Mon, 20 Dec 2021 12:32:57 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61c077f9-2e5b"
content-length
11867
content-type
image/jpeg
newspaper.ttf
controle.diarioceleste.com.br/wp-content/themes/Newspaper/images/icons/ 		0
0
cruzeiro-copinha-treino-485x360.jpg
controle.diarioceleste.com.br/wp-content/uploads/2022/01/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2022/01/cruzeiro-copinha-treino-485x360.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
704093e6dbcaa87b77efac3adc3430b5aa84c9f19f73e8244ed0eb42c4cf920d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Mon, 03 Jan 2022 14:05:19 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61d3029f-b6e1"
content-length
46817
content-type
image/jpeg
tiago-abdon-218x150.jpg
controle.diarioceleste.com.br/wp-content/uploads/2021/12/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2021/12/tiago-abdon-218x150.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
2638a81ca371a2235741edbb23617ec83c3a38e81c326c08b578deea0f73d8cc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Thu, 30 Dec 2021 21:05:13 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61ce1f09-5015"
content-length
20501
content-type
image/jpeg
igor-lemos-1-218x150.jpg
controle.diarioceleste.com.br/wp-content/uploads/2021/12/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2021/12/igor-lemos-1-218x150.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
1f99dd1eea9be5307b89e629a14ed780446a1e17959318ef7a75a1ef14320721

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Wed, 29 Dec 2021 21:49:21 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61ccd7e1-4079"
content-length
16505
content-type
image/jpeg
copinha-3-218x150.jpg
controle.diarioceleste.com.br/wp-content/uploads/2021/12/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.diarioceleste.com.br/wp-content/uploads/2021/12/copinha-3-218x150.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.204 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us343.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
e223703c112f0eeca17ebb7d9a9f229f5d6b888d50f0399c6e643adbbc7c19f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
last-modified
Wed, 29 Dec 2021 17:36:26 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"61cc9c9a-c6c"
content-length
3180
content-type
image/jpeg
footer_bg.jpg
www.diarioceleste.com.br/wp-content/uploads/2021/01/
Redirect Chain
  • https://diarioceleste.com.br/wp-content/uploads/2021/01/footer_bg.jpg
  • https://www.diarioceleste.com.br/wp-content/uploads/2021/01/footer_bg.jpg
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.diarioceleste.com.br/wp-content/uploads/2021/01/footer_bg.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Server
2606:4700:3031::ac43:b242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

date
Tue, 04 Jan 2022 02:07:54 GMT
via
1.1 varnish (Varnish/5.2)
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-redirect-by
WordPress
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
x-varnish
22441359
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9J%2BVZIU8%2BbpCSsk0IMm1wMVMrHcJS3SYBDjCdlPjf4Tko5crXV77mXd4dfUXjZ%2FOvBPgs3o2%2BaJ4CX3camqWtTfUnN3NYy1zP8inAdJVLk13ocw47akXV57%2BbHaUsAaUP6LzHePCnwhrI0bkBTYDZvXHBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://www.diarioceleste.com.br/wp-content/uploads/2021/01/footer_bg.jpg
cache-control
no-cache, must-revalidate, max-age=0, max-age=3, must-revalidate
cf-ray
6c80ea761c292c19-FRA
expires
Wed, 11 Jan 1984 05:00:00 GMT
truncated
/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855

Request headers

Referer
Origin
https://www.controle.diarioceleste.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1269138336&t=pageview&_s=1&dl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&ul=en-us&de=UTF-8&dt=Cruzeiro%20-%20Di%C3%A1rio%20Celeste&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1735228117&gjid=1703876754&cid=1401732646.1641262073&tid=UA-57583848-1&_gid=1212573865.1641262073&_r=1&gtm=2ouc10&z=2022542481
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.controle.diarioceleste.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.controle.diarioceleste.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1269138336&t=pageview&_s=2&dl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&ul=en-us&de=UTF-8&dt=Cruzeiro%20-%20Di%C3%A1rio%20Celeste&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=&gjid=&cid=1401732646.1641262073&tid=UA-57583848-1&_gid=1212573865.1641262073&gtm=2ouc10&z=914538212
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 03:10:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
82634
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
fontawesome-webfont.woff
controle.diarioceleste.com.br/wp-content/plugins/td-composer/assets/fonts/font-awesome/ 		0
0
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e000e7805a03b275608d64f0ee40fc1140ea80bcb3daa6bc9a5406dd107f9d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
3129
etag
W/"bade15bfdcba7ee19d22e61741b04b27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6c80ea76bdad4e31-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 07 Jan 2022 02:07:53 GMT
g.gif
pixel.wp.com/ 		50 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A10.4&blog=124605814&post=7083&tz=-3&srv=controle.diarioceleste.com.br&host=www.controle.diarioceleste.com.br&ref=&fcp=2298&rand=0.7977367289928483
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 04 Jan 2022 02:07:53 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.juicebarads.com
URL: https://tags.juicebarads.com/js/diarioceleste.js?v=1641262071&ver=5.8.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1091 / 747 of 1000 / last-modified: 1639397097"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26912
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 04 Jan 2022 02:07:53 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5822243610880583
Requested by
Host: tags.juicebarads.com
URL: https://tags.juicebarads.com/js/diarioceleste.js?v=1641262071&ver=5.8.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73f5365b1465fbae7d80abf56a1c0bd20f7b66117a6254c158a4f908ec04ad50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.controle.diarioceleste.com.br/
Origin
https://www.controle.diarioceleste.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51732
x-xss-protection
0
server
cafe
etag
2462624697410891604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 04 Jan 2022 02:07:53 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-175164381-50
Requested by
Host: tags.juicebarads.com
URL: https://tags.juicebarads.com/js/diarioceleste.js?v=1641262071&ver=5.8.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
44ec02de71946ab47b5893a06a0939acf70475ae1b3a027f78f79e10acfa9bbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36178
x-xss-protection
0
last-modified
Tue, 04 Jan 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 04 Jan 2022 02:07:53 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-175164381-50&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-57583848-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c026d4af160d0ee7ced20d4786f1a7e9e49301689089a2b329ed86f3b279a4e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36190
x-xss-protection
0
last-modified
Tue, 04 Jan 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 04 Jan 2022 02:07:53 GMT
/
ui.cleverwebserver.com/ 		144 B
209 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ui.cleverwebserver.com/
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ce18cdb2853cee920e0eba3183e7644402ed7ce950c6fb560afb1d95331c7c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6c80ea76cf1a3240-FRA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
collect
stats.g.doubleclick.net/j/ 		2 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-57583848-1&cid=1401732646.1641262073&jid=1735228117&gjid=1703876754&_gid=1212573865.1641262073&_u=YEBAAUAAAAAAAC~&z=693214807
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.controle.diarioceleste.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 04 Jan 2022 02:07:53 GMT
content-type
text/plain
access-control-allow-origin
https://www.controle.diarioceleste.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2021120601.js
securepubads.g.doubleclick.net/gpt/ 		348 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119476
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 04 Jan 2022 02:07:53 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		138 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.controle.diarioceleste.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a82b42ad66e8b7db192ab5ffe0bd6c15b55d939a6b96f49851318972e6e83a8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 04 Jan 2022 02:07:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
expires
Tue, 04 Jan 2022 02:07:53 GMT
web
onesignal.com/api/v1/sync/9132bbfc-3443-457a-b085-6da345d24c2a/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/9132bbfc-3443-457a-b085-6da345d24c2a/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c650ad2de9ad603789638a51f6900f1166ae41ffdf5051e63af90f518ee529d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3557
cf-polished
origSize=5216
status
200 OK
x-envoy-upstream-service-time
155
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
1b3d617f-33e7-4969-9d4c-61a4ee5a3596
x-runtime
0.153472
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d106b71f12d0aa61c6327cf4d234085"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
6c80ea775bc14db8-FRA
access-control-allow-headers
SDK-Version
expires
Tue, 04 Jan 2022 03:07:53 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 		276 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5822243610880583&plah=www.controle.diarioceleste.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5822243610880583
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101734
x-xss-protection
0
server
cafe
etag
4507154694380913909
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 04 Jan 2022 02:07:53 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/ Frame 51EC 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5822243610880583
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 03 Jan 2022 18:36:45 GMT
expires
Mon, 17 Jan 2022 18:36:45 GMT
content-type
text/html; charset=UTF-8
etag
17731914101004188133
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4884
x-xss-protection
0
age
27068
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
fontawesome-webfont.ttf
controle.diarioceleste.com.br/wp-content/plugins/td-composer/assets/fonts/font-awesome/ 		0
0
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1269138336&t=pageview&_s=1&dl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&ul=en-us&de=UTF-8&dt=Cruzeiro%20-%20Di%C3%A1rio%20Celeste&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=1779520014&gjid=403944862&cid=1401732646.1641262073&tid=UA-175164381-50&_gid=1212573865.1641262073&_r=1&gtm=2ouc10&z=760251910
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.controle.diarioceleste.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.controle.diarioceleste.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-57583848-1&cid=1401732646.1641262073&jid=1735228117&_u=YEBAAUAAAAAAAC~&z=360280499
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		224 B
454 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.controle.diarioceleste.com.br&callback=_gfp_s_&client=ca-pub-5822243610880583
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5822243610880583&plah=www.controle.diarioceleste.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
1deb7ec46806b09ad27b9134b5f1169cb1b479d30198c85ba38162cdc7402d1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
208
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.controle.diarioceleste.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5822243610880583&plah=www.controle.diarioceleste.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 04 Jan 2022 02:07:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.controle.diarioceleste.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5822243610880583&plah=www.controle.diarioceleste.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 04 Jan 2022 02:07:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9060 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5822243610880583&output=html&adk=1812271804&adf=3025194257&lmt=1641262073&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641262073514&bpp=4&bdt=1320&idt=170&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2265409257296&frm=20&pv=2&ga_vid=1401732646.1641262073&ga_sid=1641262074&ga_hid=1269138336&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738&oid=2&pvsid=3369993781996694&pem=624&tmod=936&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=198
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5822243610880583&plah=www.controle.diarioceleste.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 04 Jan 2022 02:07:53 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 04 Jan 2022 02:07:53 GMT
cache-control
private
diarioceleste_17740.js
ads.vidoomy.com/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.vidoomy.com/diarioceleste_17740.js
Requested by
Host: tags.juicebarads.com
URL: https://tags.juicebarads.com/js/diarioceleste.js?v=1641262071&ver=5.8.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.129.250.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-129-250-65.us-east-2.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash
27de805901b0d4087ab509abacf9cd382a79682c62ce6d243c2fb19e4cad7928

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 02:07:54 GMT
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By
PHP/7.0.33
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Content-Length
5420
tag
a.teads.tv/page/137323/ 		741 B
662 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/137323/tag
Requested by
Host: tags.juicebarads.com
URL: https://tags.juicebarads.com/js/diarioceleste.js?v=1641262071&ver=5.8.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
81e7fc5e066da9722af5a7819784e8b30a7f665cd5673e7634381f3fd563ce44

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:54 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=3600
access-control-allow-credentials
true
content-length
462
expires
Tue, 04 Jan 2022 03:07:54 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.controle.diarioceleste.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 04 Jan 2022 02:07:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.controle.diarioceleste.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 04 Jan 2022 02:07:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3369993781996694&correlator=4433681235818750&output=ldjh&impl=fifs&eid=44755510&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20220104&iu_parts=21622511100%3A21873343208%2Cdiarioceleste_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x300%7C320x250%7C320x100%7C320x50%7C336x280&prev_scp=site%3Ddiarioceleste%26place%3Ddmh-v-sidebar2&cookie=ID%3D891a7ad1ca8fa810-22374c0a15cd0079%3AT%3D1641262073%3ART%3D1641262073%3AS%3DALNI_MY7jNKwOLSgTlnS4c-MfmlbXHMIZw&bc=31&abxe=1&lmt=1641262074&dt=1641262074440&dlt=1641262072195&idt=1460&frm=20&biw=1600&bih=1200&oid=2&adxs=1022&adys=690&adks=2676087603&ucis=1&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=324x3189&msz=324x0&ga_vid=1401732646.1641262073&ga_sid=1641262074&ga_hid=1269138336&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
7712f778cdb133f3169002cbdefd0503bd942a4b6543f267d986255946d8d1f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10926
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.controle.diarioceleste.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DB12 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 04 Jan 2022 02:07:54 GMT
expires
Wed, 04 Jan 2023 02:07:54 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3369993781996694&correlator=4433681235818750&output=ldjh&impl=fifs&eid=44755510&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20220104&iu_parts=21622511100%3A21873343208%2Cdiarioceleste_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&prev_scp=site%3Ddiarioceleste%26place%3Ddmh-h-destaque13&cookie=ID%3D891a7ad1ca8fa810-22374c0a15cd0079%3AT%3D1641262073%3ART%3D1641262073%3AS%3DALNI_MY7jNKwOLSgTlnS4c-MfmlbXHMIZw&bc=31&abxe=1&lmt=1641262074&dt=1641262074450&dlt=1641262072195&idt=1460&frm=20&biw=1600&bih=1200&oid=2&adxs=266&adys=2695&adks=2750716831&ucis=2&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=696x1580&msz=696x0&ga_vid=1401732646.1641262073&ga_sid=1641262074&ga_hid=1269138336&ga_fc=true&fws=4&ohw=696&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
bfa61b70c2bf4390ff3a52bcafb867ca6a82a852cc610d866b0b6c489d54d4cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12005
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.controle.diarioceleste.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		25 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3369993781996694&correlator=4433681235818750&output=ldjh&impl=fifs&eid=44755510&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20220104&iu_parts=21622511100%3A21873343208%2Cdiarioceleste_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&prev_scp=site%3Ddiarioceleste%26place%3Ddmh-h-destaque14&cookie=ID%3D891a7ad1ca8fa810-22374c0a15cd0079%3AT%3D1641262073%3ART%3D1641262073%3AS%3DALNI_MY7jNKwOLSgTlnS4c-MfmlbXHMIZw&bc=31&abxe=1&lmt=1641262074&dt=1641262074453&dlt=1641262072195&idt=1460&frm=20&biw=1600&bih=1200&oid=2&adxs=266&adys=4323&adks=2750716830&ucis=3&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=696x340&msz=696x0&ga_vid=1401732646.1641262073&ga_sid=1641262074&ga_hid=1269138336&ga_fc=true&fws=4&ohw=1600&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
2f0f8368aa29d102ade4d52626f13d1d1214ff44d4d85f2c842e49817638e22c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11302
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.controle.diarioceleste.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		34 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3369993781996694&correlator=4433681235818750&output=ldjh&impl=fifs&eid=44755510&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20220104&iu_parts=21622511100%3A21873343208%2Cdiarioceleste_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&prev_scp=site%3Ddiarioceleste%26place%3Ddmh-h-destaque11&cookie=ID%3D891a7ad1ca8fa810-22374c0a15cd0079%3AT%3D1641262073%3ART%3D1641262073%3AS%3DALNI_MY7jNKwOLSgTlnS4c-MfmlbXHMIZw&bc=31&abxe=1&lmt=1641262074&dt=1641262074458&dlt=1641262072195&idt=1460&frm=20&biw=1600&bih=1200&oid=2&adxs=266&adys=1030&adks=2750716817&ucis=4&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=696x519&msz=696x0&ga_vid=1401732646.1641262073&ga_sid=1641262074&ga_hid=1269138336&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
8a7fceb32c826dffad0a9c1a9287cbebdd0d7e9affc18d73e5d9d2c834d76841
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
262911
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15934
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
411635
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.controle.diarioceleste.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3369993781996694&correlator=4433681235818750&output=ldjh&impl=fifs&eid=44755510&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20220104&iu_parts=21622511100%3A21873343208%2Cdiarioceleste_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&prev_scp=site%3Ddiarioceleste%26place%3Ddmh-h-destaque12&cookie=ID%3D891a7ad1ca8fa810-22374c0a15cd0079%3AT%3D1641262073%3ART%3D1641262073%3AS%3DALNI_MY7jNKwOLSgTlnS4c-MfmlbXHMIZw&bc=31&abxe=1&lmt=1641262074&dt=1641262074461&dlt=1641262072195&idt=1460&frm=20&biw=1600&bih=1200&oid=2&adxs=266&adys=1998&adks=2750716816&ucis=5&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=696x649&msz=696x0&ga_vid=1401732646.1641262073&ga_sid=1641262074&ga_hid=1269138336&ga_fc=true&fws=4&ohw=696&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
070393de80f029aefe89c1cf65c5f4328ace34d5bcc6e21f076e0d10be351fd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12161
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.controle.diarioceleste.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		25 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3369993781996694&correlator=4433681235818750&output=ldjh&impl=fifs&eid=44755510&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20220104&iu_parts=21622511100%3A21873343208%2Cdiarioceleste_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x300%7C320x250%7C320x100%7C320x50%7C336x280&prev_scp=site%3Ddiarioceleste%26place%3Ddmh-v-sidebar1&cookie=ID%3D891a7ad1ca8fa810-22374c0a15cd0079%3AT%3D1641262073%3ART%3D1641262073%3AS%3DALNI_MY7jNKwOLSgTlnS4c-MfmlbXHMIZw&bc=31&abxe=1&lmt=1641262074&dt=1641262074464&dlt=1641262072195&idt=1460&frm=20&biw=1600&bih=1200&oid=2&adxs=1022&adys=394&adks=2676087602&ucis=6&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=324x3189&msz=324x0&ga_vid=1401732646.1641262073&ga_sid=1641262074&ga_hid=1269138336&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
c2c2b4e09c219ba054567f7690007866c4b0277f230001793a67cc0d3bf5e568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11150
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.controle.diarioceleste.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3369993781996694&correlator=4433681235818750&output=ldjh&impl=fifs&eid=44755510&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20220104&iu_parts=21622511100%3A21873343208%2Cdiarioceleste_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&prev_scp=site%3Ddiarioceleste%26place%3Ddmh-h-destaque5&cookie=ID%3D891a7ad1ca8fa810-22374c0a15cd0079%3AT%3D1641262073%3ART%3D1641262073%3AS%3DALNI_MY7jNKwOLSgTlnS4c-MfmlbXHMIZw&bc=31&abxe=1&lmt=1641262074&dt=1641262074468&dlt=1641262072195&idt=1460&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=4967&adks=2319057107&ucis=7&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1068x311&msz=1068x0&ga_vid=1401732646.1641262073&ga_sid=1641262074&ga_hid=1269138336&ga_fc=true&fws=4&ohw=1600&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
764f9e51d68d51adaacadf43c657557ae97ec4753c29bec4d516eb6000596a21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
262911
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12230
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
411635
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.controle.diarioceleste.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3369993781996694&correlator=4433681235818750&output=ldjh&impl=fifs&eid=44755510&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20220104&iu_parts=21622511100%3A21873343208%2Cdiarioceleste_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C320x250%7C300x300%7C320x100%7C320x50%7C336x280%7C300x100&prev_scp=site%3Ddiarioceleste%26place%3Ddmh-v-sidebar3&cookie=ID%3D891a7ad1ca8fa810-22374c0a15cd0079%3AT%3D1641262073%3ART%3D1641262073%3AS%3DALNI_MY7jNKwOLSgTlnS4c-MfmlbXHMIZw&bc=31&abxe=1&lmt=1641262074&dt=1641262074472&dlt=1641262072195&idt=1460&frm=20&biw=1600&bih=1200&oid=2&adxs=1022&adys=2124&adks=4138043207&ucis=8&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=324x3189&msz=324x0&ga_vid=1401732646.1641262073&ga_sid=1641262074&ga_hid=1269138336&ga_fc=true&fws=4&ohw=1600&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
5ca8dae0b7a8c1ceaf7c15929e5a6ea0cebf8bc7aaf29a688e7d0941ed94d8cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
262911
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12179
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
411635
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.controle.diarioceleste.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
teads-format.min.js
s8t.teads.tv/media/format/v3/ 		600 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/137323/tag
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:19c::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
12908fba830466a63d701246d2ab82c2728d680f333e7b32dd09eb8ad7b0a413

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:54 GMT
content-encoding
br
vary
Accept-Encoding
x-amz-request-id
RHBG6R62AATPP57Y
content-length
134179
x-amz-id-2
GEVJ1LJtsvWKn+YEFR/f5mJqzCd6l47tfPceVJLtLUE+on34oIBYZAkwQEsVOw9BascZqXkKE/4=
last-modified
Thu, 16 Dec 2021 15:16:54 GMT
etag
"0f6efc47ad711e0c01b740309e970dbf"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=1800, no-transform
access-control-allow-credentials
false
x-bucket
7
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 04 Jan 2022 02:37:54 GMT
track
t.teads.tv/ 		23 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&auctid=e6e33719-2f75-48a6-8f72-73ab4a4d1eb8&pageId=137323&pid=150742&debug_metadata=gCnyR4NPex&fv=931&ts=1641262074618&f=1&referer=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:54 GMT
cache-control
private, max-age=3666
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=e6e33719-2f75-48a6-8f72-73ab4a4d1eb8&pageId=137323&pid=150742&slot=corner&fv=931&ts=1641262074623&f=1&referer=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:54 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
ad
a.teads.tv/page/137323/ 		540 B
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/137323/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&page=%7B%22id%22%3A137323%2C%22placements%22%3A%5B%7B%22id%22%3A150742%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A523%2C%22height%22%3A294%7D%2C%22slotType%22%3A%22corner%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%2C%22first_party_data%22%3A%7B%22firstPartyCookieTeadsId%22%3Anull%2C%22sharedIds%22%3Anull%7D%7D&auctid=e6e33719-2f75-48a6-8f72-73ab4a4d1eb8&formatVersion=931&env=js-web&netBw=10&ttfb=1400
Requested by
Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
010ec6ae5c22fe4fd7caa576a218d691d6c670f0032d098bbb4e6c93d9bd7918

Request headers

Accept
application/json; charset=UTF-8
Referer
https://www.controle.diarioceleste.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:54 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.controle.diarioceleste.com.br
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
366
expires
Tue, 04 Jan 2022 02:07:54 GMT
container.html
2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B9F1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 04 Jan 2022 02:07:54 GMT
expires
Wed, 04 Jan 2023 02:07:54 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adCall&pid=150742&pageId=137323&auctid=e6e33719-2f75-48a6-8f72-73ab4a4d1eb8&vid=00000000-0000-0000-0000-000000000001&env=js-web&bsg=uncat&bsias=uncat&rpm_reason=12&p=vRI_Nf6Osay8MUgTXbM8xY3F&cts=1641262074655&cs=686743967041760424105&fv=931&ts=1641262074820&referer=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:54 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
container.html
2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EC8D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 04 Jan 2022 02:07:54 GMT
expires
Wed, 04 Jan 2023 02:07:54 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame B9F1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CvCkM-qvTYcfzHdSBjuwPws25-A_ovpiUXKCls8n9CMCNtwEQASAAYJUCggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODLIAQmpAnr1ZKhGYoQ-4AIAqAMBqgSJAk_QditQRlERCgUpqfouYi8iFGYofNQ3bBxR9vlezAq9qpV8Qg8G0RQ364IWmZ_t2XGvZgcS1priaVb0ARcRce0XV1zq4LBnLL-DlkG_0CP4XCdR5aJa2JkgGw-74VlZ0mXb_LrWnuiCULgu0mvGzsm2NRXbiUoGtz-zdvkTt4x0vbZB0xBnb30yLao9yMBeU3UAIKJAmfBLbNCZfCt7c7I4gsuqbQ1ps62o0mNkd0F8DBzjXysufjXgMvuqi8bk5ex6vawg8inz7eN2r6_V-E8nsLWzWTyuIRmwNA8ndhd1pe-djv67E9PLLElxo49s7HxSZihn47sUtAiK0zgJ5Qb31BCZii8Jc1DgBAGABqzgi7T1ic7_3QGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0yODQ1NDYzNDM4MTUzNzgyGM_UaQ&sigh=QdqMmvCHvn8&uach_m=[UACH]&cid=CAQSPACNIrLM6ACk4ZYHz4vCdawWelPi8WLKOjnVbFN8NV-GggLe_-Jz4cXhEwgILDdmHCOwTCYs60LWuybp1xgB
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
/
track.adform.net/adfscript/ Frame B9F1 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=46747358;rtbwp=YdOr-gAHeccHg4DUAA5mwhWPpdKmLV_s7Zu6SQ;rtbdata=sE7aJDcJuehW4jG2InUKx2c2X04jNWPu2Khm8ptOI7mW9G6-kSd51g6lzVbaIVSCwP5mmb1ZEPnTmH0JRC7vPkbTgNHX2Gb2BSga_wqbXrUSxFA_n3xXpRmQZP2mOwfaaMwOE8Kw1NgddDWXC0o5AR36NRsXaTPpY9LqVqr5u73Ri7cYcyp-m7PRkeAURXdVuSjuJH3O9LopifyFOpkPMqGloshJgAGNhXtvFaTK2iS5ulHu_8-bIsbk21oTzP-01ejLGfZaMtplGmNzwd-hVpOYdiw-7pVO3i3IlGDfNRRpsHQDE1RBHrNOUs5OeowVIpE1YpJauBBue6m5mETywNZpSM_HdKpX0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CznHs-qvTYcfzHdSBjuwPws25-A_ovpiUXKCls8n9CMCNtwEQASAAYJUCggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODLIAQmpAnr1ZKhGYoQ-4AIAqAMBqgSMAk_QditQRlERCgUpqfouYi8iFGYofNQ3bBxR9vlezAq9qpV8Qg8G0RQ364IWmZ_t2XGvZgcS1priaVb0ARcRce0XV1zq4LBnLL-DlkG_0CP4XCdR5aJa2JkgGw-74VlZ0mXb_LrWnuiCULgu0mvGzsm2NRXbiUoGtz-zdvkTt4x0vbZB0xBnb30yLao9yMBeU3UAIKJAmfBLbNCZfCt7c7I4gsuqbQ1ps62o0mNkd0F8DBzjXysufjXgMvuqi8bk5ex6vawg8inz7eN2r6_V-E8nsLWzWTyuIRmwNA8ndhd1pe-dzPyagU9TjSXbAquqBAeTpkxz6XIemhBcAMhyJMxayjyBFJKwH_pj8NHgBAGABqzgi7T1ic7_3QGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_0md757Jio_ZIUXovpqDoJSh7lKSg&client=ca-pub-2845463438153782&adurl=
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9ce3adeb7af923dfe95b4e52a29e4119499f9890040c17ac74089d3699e2b841
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:54 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
1723
expires
-1
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame B9F1 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 01:37:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1823
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Jan 2022 01:37:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B9F1 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 04 Jan 2022 02:07:54 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame B9F1 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 01:56:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
669
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Jan 2022 01:56:45 GMT
l
www.google.com/ads/measurement/ Frame B9F1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSO0S_BQybX1CzIR-eljL4wn902r-yYC8Rwmp-VXuMYYQ7DM5jXe8632iKcb8Plmy5nB7TsYp9Mn9CsLVfUjbtkhsVIaA
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame B9F1 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 20:54:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18775
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 03 Jan 2023 20:54:59 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame EC8D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CAWiv-qvTYcG2J5KNrASbsqfoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjg0NTQ2MzQzODE1Mzc4MqABwq7o3QPIAQmpAn3D1gNt87I-4AIAqAMBqgSLAk_QdMsKkNlP62r71UaQVEM5-xb50owAFwwokFUHJKD0LohOxQwlE1jRIhCy68kgpqrNNRCOKHQjxxMuroBeUNx3vjRm5ofD5W1BQxxVvvkRJWdiGvESjPqEvZLmzE-N1he6josW4rGMWJ1u7Kf5Zp5W1Ps2IE-hFDtQIw8eWkuaJoqWd_9-qt3xaGZ8DVpP4ELQ56gDRa3xJ769hFaar1nyJ3JkdtqTehui0Y8_79XtxjkxODkhm-Din8iYJqbPWQJRFQcU0ZPlb4CHhP8kKv9uJt_giRDri25giElI_IQujkFSsuo2f_DG4reRRqK5HtxHnrVDjaEF7bIqT2KLuqnadaS7G6fC9rjOsuAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTI4NDU0NjM0MzgxNTM3ODIYz9Rp&sigh=aFj-NPI8tJk&uach_m=[UACH]&cid=CAQSPACNIrLMoz88IzNYOdo4tNeAqW_8SLPsvoHD5_UOkO-_5L7lPpWFTuw9OjEzotPPnMrjh19JQg_nmgSTrhgB
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame EC8D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1j8b2tntgz6embfxcw4k2gzkc9zv0p3r5gr47jaxkzxw2jxkx046ffjt0fa5hqv23rbt9x58q3xgddzs5e2cyr9afb4wzjxpszejvrfnzj3w2bnqsff49mssmq60mmjy2rvwn7dw4wm0t27a0g7p6mz4dkm0hqn88xyh6a00ww6f4t44hpwrxkp98wgnzhjaa3wyzvmfr76j3fx4srjtcf5tk7nh97m4qd2ney083kfrg8qxaszky2azvrm3d6vet2tnv5c1zxy885qw8drby2stcf6yn29f8wg0mr2gs6awjv2m0q03p1551m55k9bgpmgnwab9p6pfs672z0rk70f87jp3xshyc5280n6crhmhsp4jnz2aysky9fz4k4ggy3jwysm78cm5n3sbsy1ybm6231mgj&b=YdOr-gAJ20EKiwaSAAnZGx8_TJgFatfh9JCrKg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 04 Jan 2022 02:07:54 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
as.ad4m.at/ad/ Frame CC63 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1jxrs5bypcqwzchf8k6m8d9erqz982t79v0chf5k1xw1qmm512x0gskk1587e0neb809bc9wfm7nc5xnr6dg9k03grs9pgh3fksxsqfs7j0dxw6kzzdqqn7pr0phcybkw3sav32kcz1q58xt1gjzn3v2e7wg7rmdxck18xfvxh9264vkpm1t35teem6xrncvamjrdrd4c333x457b53z2srf5216pm7k984t6yhhb1n7cwd97631y696278vfm850fn9gy87kwjtd5n68mq57ageqgkkfycapkeb3hpccajcyn6g997sy1appy15r12h1xyh3cqkekm35h1hd3b7wfe49kkvpsce0zhwjv62kwz49c9szfa0xma4nyh7j2qryvdez5qgs4ctgqrmz9v97bpsw8atjhhdsag1b0f47fse70a4qg6g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChkey-qvTYcG2J5KNrASbsqfoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjg0NTQ2MzQzODE1Mzc4MqABwq7o3QPIAQmpAn3D1gNt87I-4AIAqAMBqgSOAk_QdMsKkNlP62r71UaQVEM5-xb50owAFwwokFUHJKD0LohOxQwlE1jRIhCy68kgpqrNNRCOKHQjxxMuroBeUNx3vjRm5ofD5W1BQxxVvvkRJWdiGvESjPqEvZLmzE-N1he6josW4rGMWJ1u7Kf5Zp5W1Ps2IE-hFDtQIw8eWkuaJoqWd_9-qt3xaGZ8DVpP4ELQ56gDRa3xJ769hFaar1nyJ3JkdtqTehui0Y8_79XtxjkxODkhm-Din8iYJqbPWQJRFQcU0ZPlb4CHhP8kKv9uJt_giRDri25giElI_IQujkFSsup0fdFUNU4WBmo-Vkqd1yextLUPQLgEV78LeOBIjTClN78XKieOeo8meuAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1mVrDZAEscS7wbMYVYS9xIhkeR8w%26client%3Dca-pub-2845463438153782%26adurl%3D
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92a37d39cf04132aa7a4d303cac0b8fff2a5cc77fa87f6f91ca89f15d99b1158
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/

Response headers

date
Tue, 04 Jan 2022 02:07:54 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c80ea804fd24e92-FRA
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame EC8D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 01:37:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1823
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Jan 2022 01:37:31 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0710 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 03 Jan 2022 05:53:44 GMT
expires
Tue, 04 Jan 2022 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
72850
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EC8D 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 04 Jan 2022 02:07:54 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame EC8D 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 01:56:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
669
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Jan 2022 01:56:45 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame EC8D 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 20:54:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18775
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 03 Jan 2023 20:54:59 GMT
dpixel
cms.quantserve.com/ Frame 0710 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEL5dIv45v7-sCtVvG7ogu-Y&google_cver=1&google_push=AYg5qPK1QiT5k6qdmXCxYETQY7pw6AfPzNCFekKRBW0KWYF_EbmeWFt26QpHuhNdAAkVXMGLdusBYPcbQd0kcEiB_MwA4cbEGUI
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:54 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0710
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELAtTu2fUvxDf0Mtc2eHtrA&google_push=AYg5qPK2XqSAkA5uxk0CpOA6c4Hd5Ht2KIhBDSX0SyYxauY-EOZxifR7x-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELAtTu2fUvxDf0Mtc2eHtrA&google_push=AYg5qPK2XqSAkA5uxk0CpOA6c4Hd5Ht2KIhBDSX0SyYxauY-EOZxifR7x-R-3xIAN40cFA6IwA9u3xVwOdH5M3GpPM_Y3Amohnk
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1641262075.975194,VS0,VE93
x-served-by
cache-fra19157-FRA
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELAtTu2fUvxDf0Mtc2eHtrA&google_push=AYg5qPK2XqSAkA5uxk0CpOA6c4Hd5Ht2KIhBDSX0SyYxauY-EOZxifR7x-R-3xIAN40cFA6IwA9u3xVwOdH5M3GpPM_Y3Amohnk
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 0710
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEJ_j-1CI63PKiDEwk5CcOkM&google_cver=1&google_push=AYg5qPInCz3DvBZceDKkQYQ9Ly8SFFWlxxxRCSNgU8NOrinWwKV-0fPABPhzR545yyYHDFjZ4cWF-ijRfdE...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPInCz3DvBZceDKkQYQ9Ly8SFFWlxxxRCSNgU8NOrinWwKV-0fPABPhzR545yyYHDFjZ4cWF-ijRfdEz1zE1hr1NjX5Su0U&google_hm=pqnhlykbTVmHAEs7a80pups
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPInCz3DvBZceDKkQYQ9Ly8SFFWlxxxRCSNgU8NOrinWwKV-0fPABPhzR545yyYHDFjZ4cWF-ijRfdEz1zE1hr1NjX5Su0U&google_hm=pqnhlykbTVmHAEs7a80pups
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:54 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPInCz3DvBZceDKkQYQ9Ly8SFFWlxxxRCSNgU8NOrinWwKV-0fPABPhzR545yyYHDFjZ4cWF-ijRfdEz1zE1hr1NjX5Su0U&google_hm=pqnhlykbTVmHAEs7a80pups
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0710
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEILpMkVf9G3Z16P67M5tMh4&google_cver=1&google_push=AYg5qPJR2Bb0jqRX9o6gb9HY6rC_HBwzGtT-rRS-1hUczsrKOd2ecxam0vIkrTQrYppWWKFYBZZ...
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEILpMkVf9G3Z16P67M5tMh4&google_cver=1&google_push=AYg5qPJR2Bb0jqRX9o6gb9HY6rC_HBwzGtT-rRS-1hUczsrKOd2ecxam0vIkrTQrYppWWKFYBZZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=2Zqk0Z9dTsm4V98AVfGlGw&gdpr=1&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=2Zqk0Z9dTsm4V98AVfGlGw&gdpr=1&gdpr_consent=
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
server
Apache-Coyote/1.1
location
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=2Zqk0Z9dTsm4V98AVfGlGw&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
pixel
cm.g.doubleclick.net/ Frame 0710
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOW8tWPtnt4RcQ0mS-MRAJU&google_cver=1&google_push=AYg5qPIMVluwtEOin_BumSDGlYphfQvNG8j2v67OzafYaJ7SH4J7QUUzbzxtY4swtdJCc99B-vCz06j6q8AxuQu0e...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOW8tWPtnt4RcQ0mS-MRAJU&google_cver=1&google_push=AYg5qPIMVluwtEOin_BumSDGlYphfQvNG8j2v67OzafYaJ7SH4J7QUUzbzxtY4swtdJCc99B-vCz06j6q8AxuQu0e...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIMVluwtEOin_BumSDGlYphfQvNG8j2v67OzafYaJ7SH4J7QUUzbzxtY4swtdJCc99B-vCz06j6q8AxuQu0eZe6_H3FGA&google_hm=4d88f5e3d9490238d1719b98
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIMVluwtEOin_BumSDGlYphfQvNG8j2v67OzafYaJ7SH4J7QUUzbzxtY4swtdJCc99B-vCz06j6q8AxuQu0eZe6_H3FGA&google_hm=4d88f5e3d9490238d1719b98
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 04 Jan 2022 02:07:55 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIMVluwtEOin_BumSDGlYphfQvNG8j2v67OzafYaJ7SH4J7QUUzbzxtY4swtdJCc99B-vCz06j6q8AxuQu0eZe6_H3FGA&google_hm=4d88f5e3d9490238d1719b98
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame 0710
Redirect Chain
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEIEA47uGi40R0BR42GUJvLc&google_cver=1&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M
0
0
pixel
cm.g.doubleclick.net/ Frame 0710
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEDdbef6mHJHBlpMpdrVRDnM&google_cver=1&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmhQVVgJa3...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEDdbef6mHJHBlpMpdrVRDnM&google_cver=1&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmhQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmh...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmh...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmh...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmh...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmh...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmh...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmh...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmh...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmh...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmh...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmh...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmh...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmh...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmh...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmh...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmh...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmh...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmh...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmh...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame 0710 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ii0JLUCq86Sf2VbUikgoM8EKh-hhFLiwYoaMaCf35V-bl5PxHc9POZjyqsBrikKf3o5kaN
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:54 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame CC63 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jxrs5bypcqwzchf8k6m8d9erqz982t79v0chf5k1xw1qmm512x0gskk1587e0neb809bc9wfm7nc5xnr6dg9k03grs9pgh3fksxsqfs7j0dxw6kzzdqqn7pr0phcybkw3sav32kcz1q58xt1gjzn3v2e7wg7rmdxck18xfvxh9264vkpm1t35teem6xrncvamjrdrd4c333x457b53z2srf5216pm7k984t6yhhb1n7cwd97631y696278vfm850fn9gy87kwjtd5n68mq57ageqgkkfycapkeb3hpccajcyn6g997sy1appy15r12h1xyh3cqkekm35h1hd3b7wfe49kkvpsce0zhwjv62kwz49c9szfa0xma4nyh7j2qryvdez5qgs4ctgqrmz9v97bpsw8atjhhdsag1b0f47fse70a4qg6g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChkey-qvTYcG2J5KNrASbsqfoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjg0NTQ2MzQzODE1Mzc4MqABwq7o3QPIAQmpAn3D1gNt87I-4AIAqAMBqgSOAk_QdMsKkNlP62r71UaQVEM5-xb50owAFwwokFUHJKD0LohOxQwlE1jRIhCy68kgpqrNNRCOKHQjxxMuroBeUNx3vjRm5ofD5W1BQxxVvvkRJWdiGvESjPqEvZLmzE-N1he6josW4rGMWJ1u7Kf5Zp5W1Ps2IE-hFDtQIw8eWkuaJoqWd_9-qt3xaGZ8DVpP4ELQ56gDRa3xJ769hFaar1nyJ3JkdtqTehui0Y8_79XtxjkxODkhm-Din8iYJqbPWQJRFQcU0ZPlb4CHhP8kKv9uJt_giRDri25giElI_IQujkFSsup0fdFUNU4WBmo-Vkqd1yextLUPQLgEV78LeOBIjTClN78XKieOeo8meuAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1mVrDZAEscS7wbMYVYS9xIhkeR8w%26client%3Dca-pub-2845463438153782%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jxrs5bypcqwzchf8k6m8d9erqz982t79v0chf5k1xw1qmm512x0gskk1587e0neb809bc9wfm7nc5xnr6dg9k03grs9pgh3fksxsqfs7j0dxw6kzzdqqn7pr0phcybkw3sav32kcz1q58xt1gjzn3v2e7wg7rmdxck18xfvxh9264vkpm1t35teem6xrncvamjrdrd4c333x457b53z2srf5216pm7k984t6yhhb1n7cwd97631y696278vfm850fn9gy87kwjtd5n68mq57ageqgkkfycapkeb3hpccajcyn6g997sy1appy15r12h1xyh3cqkekm35h1hd3b7wfe49kkvpsce0zhwjv62kwz49c9szfa0xma4nyh7j2qryvdez5qgs4ctgqrmz9v97bpsw8atjhhdsag1b0f47fse70a4qg6g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChkey-qvTYcG2J5KNrASbsqfoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjg0NTQ2MzQzODE1Mzc4MqABwq7o3QPIAQmpAn3D1gNt87I-4AIAqAMBqgSOAk_QdMsKkNlP62r71UaQVEM5-xb50owAFwwokFUHJKD0LohOxQwlE1jRIhCy68kgpqrNNRCOKHQjxxMuroBeUNx3vjRm5ofD5W1BQxxVvvkRJWdiGvESjPqEvZLmzE-N1he6josW4rGMWJ1u7Kf5Zp5W1Ps2IE-hFDtQIw8eWkuaJoqWd_9-qt3xaGZ8DVpP4ELQ56gDRa3xJ769hFaar1nyJ3JkdtqTehui0Y8_79XtxjkxODkhm-Din8iYJqbPWQJRFQcU0ZPlb4CHhP8kKv9uJt_giRDri25giElI_IQujkFSsup0fdFUNU4WBmo-Vkqd1yextLUPQLgEV78LeOBIjTClN78XKieOeo8meuAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1mVrDZAEscS7wbMYVYS9xIhkeR8w%26client%3Dca-pub-2845463438153782%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
466971
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 29 Dec 2021 16:25:04 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6c80ea80d9c54ec8-FRA
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame CC63 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jxrs5bypcqwzchf8k6m8d9erqz982t79v0chf5k1xw1qmm512x0gskk1587e0neb809bc9wfm7nc5xnr6dg9k03grs9pgh3fksxsqfs7j0dxw6kzzdqqn7pr0phcybkw3sav32kcz1q58xt1gjzn3v2e7wg7rmdxck18xfvxh9264vkpm1t35teem6xrncvamjrdrd4c333x457b53z2srf5216pm7k984t6yhhb1n7cwd97631y696278vfm850fn9gy87kwjtd5n68mq57ageqgkkfycapkeb3hpccajcyn6g997sy1appy15r12h1xyh3cqkekm35h1hd3b7wfe49kkvpsce0zhwjv62kwz49c9szfa0xma4nyh7j2qryvdez5qgs4ctgqrmz9v97bpsw8atjhhdsag1b0f47fse70a4qg6g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChkey-qvTYcG2J5KNrASbsqfoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjg0NTQ2MzQzODE1Mzc4MqABwq7o3QPIAQmpAn3D1gNt87I-4AIAqAMBqgSOAk_QdMsKkNlP62r71UaQVEM5-xb50owAFwwokFUHJKD0LohOxQwlE1jRIhCy68kgpqrNNRCOKHQjxxMuroBeUNx3vjRm5ofD5W1BQxxVvvkRJWdiGvESjPqEvZLmzE-N1he6josW4rGMWJ1u7Kf5Zp5W1Ps2IE-hFDtQIw8eWkuaJoqWd_9-qt3xaGZ8DVpP4ELQ56gDRa3xJ769hFaar1nyJ3JkdtqTehui0Y8_79XtxjkxODkhm-Din8iYJqbPWQJRFQcU0ZPlb4CHhP8kKv9uJt_giRDri25giElI_IQujkFSsup0fdFUNU4WBmo-Vkqd1yextLUPQLgEV78LeOBIjTClN78XKieOeo8meuAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1mVrDZAEscS7wbMYVYS9xIhkeR8w%26client%3Dca-pub-2845463438153782%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date
Tue, 04 Jan 2022 02:07:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16778
x-guploader-uploadid
ADPycdsOKTGHIoWahD0TZTQoYWUEfcQg0132oq9AD9469QffPzMPQd5lf_jiilD5Vec202kqqI-Hxsh29ygvyTXNSQg63d9QPA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 02 Nov 2021 14:54:41 GMT
server
cloudflare
etag
W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nm8iLOwzcyc4rzWh6oGSYGza%2BiXDEyhZ77JCQCGfapynnshOGhF0eBZMT%2FYO8Gb2ehnmboCuYTwveb%2B9q1eTOy3jUEAqoaDl60%2BMoLcjsp2RNWmGAB1c6muYIpn1ElgbAhtfooU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1635864881199576
content-type
application/javascript; charset=utf-8
expires
Mon, 03 Jan 2022 21:28:17 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11933
cf-ray
6c80ea80d84e4e92-FRA
cf-bgj
minify
formats.js
ad.lkqd.net/vpaid/ Frame E96D 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1641262075.cds025.ml1.hn,1641262075.cds211.ml1.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
formats.js
ad.lkqd.net/vpaid/ Frame 2F0D 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1641262075.cds025.ml1.hn,1641262075.cds211.ml1.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
cookie
a.vidoomy.com/api/rtbserver/ Frame F205
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
  • https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
43 B
290 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.61.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-61-12.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
content-type
image/gif
content-length
43
content-encoding
none
vary
Origin

Redirect headers

cache-control
max-age=0,no-cache,no-store
pragma
no-cache
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
content-length
0
date
Tue, 04 Jan 2022 02:07:54 GMT
server
AC1.1
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=594107061.8783061414939732.1004869
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=594107061.8783061414939732.1004869
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dvidoomy%26bsw_param%3D0caf0677-c490-439a-9f76-c1bb9d21946...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=b1c861d3-abfb-4f00-82ea-782ebbdf8fa7&expires=30&ssp=vidoomy&bsw_param=0caf0677-c490-439a-9f76-c1bb9d219461&gdpr=&gdpr_consent=
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=0caf0677-c490-439a-9f76-c1bb9d219461
43 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=0caf0677-c490-439a-9f76-c1bb9d219461
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Server
52.58.61.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-61-12.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
content-encoding
none
content-length
43
vary
Origin
content-type
image/gif

Redirect headers

Location
//a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=0caf0677-c490-439a-9f76-c1bb9d219461
Date
Tue, 04 Jan 2022 02:07:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
ve
stg.vidoomy.com/api/rtbserver/ 		9 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stg.vidoomy.com/api/rtbserver/ve?ad_type=Video&adomain=&c=GB&category=&crid=17740&deal=&domain=vidoomy.com&dsp=&dsp_ssp=&dt=1&gdpr=&gdprcs=&os=&p=&p_id=1&s=a&seat=1&size=&sspid=0&sync=0&zid=0&uimp=1
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.29.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae6a0aaac8071ff4b.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
content-length
9
vary
Origin
content-type
application/json
auto-user-sync
ads.stickyadstv.com/ 		43 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 02:07:55 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1641262074027082-570
Expires
Tue, 04 Jan 2022 02:07:55 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame B9F1 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=46747358;rtbwp=YdOr-gAHeccHg4DUAA5mwhWPpdKmLV_s7Zu6SQ;rtbdata=sE7aJDcJuehW4jG2InUKx2c2X04jNWPu2Khm8ptOI7mW9G6-kSd51g6lzVbaIVSCwP5mmb1ZEPnTmH0JRC7vPkbTgNHX2Gb2BSga_wqbXrUSxFA_n3xXpRmQZP2mOwfaaMwOE8Kw1NgddDWXC0o5AR36NRsXaTPpY9LqVqr5u73Ri7cYcyp-m7PRkeAURXdVuSjuJH3O9LopifyFOpkPMqGloshJgAGNhXtvFaTK2iS5ulHu_8-bIsbk21oTzP-01ejLGfZaMtplGmNzwd-hVpOYdiw-7pVO3i3IlGDfNRRpsHQDE1RBHrNOUs5OeowVIpE1YpJauBBue6m5mETywNZpSM_HdKpX0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CznHs-qvTYcfzHdSBjuwPws25-A_ovpiUXKCls8n9CMCNtwEQASAAYJUCggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODLIAQmpAnr1ZKhGYoQ-4AIAqAMBqgSMAk_QditQRlERCgUpqfouYi8iFGYofNQ3bBxR9vlezAq9qpV8Qg8G0RQ364IWmZ_t2XGvZgcS1priaVb0ARcRce0XV1zq4LBnLL-DlkG_0CP4XCdR5aJa2JkgGw-74VlZ0mXb_LrWnuiCULgu0mvGzsm2NRXbiUoGtz-zdvkTt4x0vbZB0xBnb30yLao9yMBeU3UAIKJAmfBLbNCZfCt7c7I4gsuqbQ1ps62o0mNkd0F8DBzjXysufjXgMvuqi8bk5ex6vawg8inz7eN2r6_V-E8nsLWzWTyuIRmwNA8ndhd1pe-dzPyagU9TjSXbAquqBAeTpkxz6XIemhBcAMhyJMxayjyBFJKwH_pj8NHgBAGABqzgi7T1ic7_3QGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_0md757Jio_ZIUXovpqDoJSh7lKSg&client=ca-pub-2845463438153782&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
30d2143e5e0ad4af94bf25a55ea17ac1451f5f8b91ff96dc4a32b4791aaeeab8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 14:23:05 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 05 Jan 2022 05:22:52 GMT
truncated
/ Frame EC8D 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
185513ad5ed54196b721f7cb789e9c4a2a58cc5696407b10429e5ff55487e245

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
container.html
2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4661 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 04 Jan 2022 02:07:54 GMT
expires
Wed, 04 Jan 2023 02:07:54 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame CC63 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Tue, 04 Jan 2022 02:07:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9762480
x-guploader-uploadid
ADPycdu4kVh88oPygz4q2L0gysGWlMlIFE5YReoxzb2pqvToqgh3BYrLqoA2iyx1syc2mGJLpBFm-K4K9hJXRMmcJywY3ItGvg
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9cyLIA5LZMZnOR%2Bzhe%2FkyAtdUSFAUPChoyFabdnEHhxlxza0laSy0Pdu6R0D4XAzTLaQqjgPP35e2e8k1x6vRNu9UKquTAIHtkA404LezJVPPTx3G%2F9McFF5WNWUj6B11RZhl66M4ni1WCzhpDyj9ZS"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
6c80ea814d6c1f55-FRA
expires
Tue, 13 Sep 2022 02:19:55 GMT
frame.html
ad4m.at/ Frame BF68 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycdul5Ccw7d7rhgjk4K-9bNVBIMJUbbihzRGNqm4eKjFMeeucQ20B3FnwIcyOYympdB6UUlF8mlNguKXZm3TvRLI
expires
Tue, 04 Jan 2022 03:07:55 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
508430
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXY2gju331kGjZWT8kAhsktkA2h4lDkkZ0T9IUh4IjpRDaLOh8y3%2BbBZDYXaczCJ9K01ldpwVnRIe1DmWm2jl75XWQcFPhvm%2BRew1dqZpln9%2BvA6MrOhlTFJZ5wjdFgGCySnHNo%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6c80ea812a644ec8-FRA
content-encoding
br
dcmads.js
www.googletagservices.com/dcm/ Frame 4661 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 01:38:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1751
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4486
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 19:29:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 04 Jan 2022 02:38:44 GMT
ca
choices.truste.com/ Frame 4661 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=r9vak6v_5llqzru_cx40n3a0&c=tradedesk01cont1&js=pmw0&w=728&h=90&sid=0
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-88.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
bc7fce0a350a832fcd05e41a4de0c70e8e18f5790d534b97da46a71a5f59361a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
FRA53-C1
vary
Accept-Encoding, Origin
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-id
djir1EKD9pLnY_hYcMifon_o235g5OH_bwez2XnUXEAhJlkkFuLoTw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 4661 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 01:37:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1824
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Jan 2022 01:37:31 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 4661 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 01:26:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2482
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Jan 2022 01:26:33 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 4661 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 20:54:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18776
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 03 Jan 2023 20:54:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4661 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 04 Jan 2022 02:07:55 GMT
google
de1-bid.adsrvr.org/bid/feedback/ Frame 4661 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de1-bid.adsrvr.org/bid/feedback/google?t=1&iid=946a70d4-9e3c-4080-806f-ce04d411f98e&crid=cx40n3a0&wp=YdOr-gAMrKYHg4VGAA7GtEBUZ_fd0HfXTs-Izg&aid=1&wpc=USD&sfe=140b2bfa&puid=CAESEHNBZTRUuhH763oWFOjwZ6c&tdid=&pid=vko50on&ag=5llqzru&adv=kywm6zw&sig=1bpUopiTNXNFMaOU0_ir_sXWH-pSm3ZFQB-r5P_VWU70.&bp=0.101651957251956&cf=2909522&fq=0&td_s=www.controle.diarioceleste.com.br&rcats=&mcat=&mste=&mfld=3&mssi=&mfsi=&uhow=51&agsa=&rgz=60313&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=pt&mlang=&svpid=pub-2845463438153782&did=&rcxt=Other&lat=50.118800&lon=8.684300&tmpc=8.99&daid=&vp=0&osi=&osv=&mk=Google&mdl=Chrome%20-%20Windows&c=CgdHZXJtYW55EgVIZXNzZRoAIhFGcmFua2Z1cnQgYW0gTWFpbjgCUAR4AIABAIgBAZABAA..&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..&durs=AuzKvO&crrelr=&pcm=1&grdc=CAEYASABKAFAAUgC&vc=2&said=YdOr%2BgANtUoKd7LB1wCWDw%3D%3D&auct=1&im=1&mc=9df97d30-c10e-47ff-86ff-25786f6ed425
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.248.151.244 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad9411418cf2cdacd.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:54 GMT
server
Kestrel
transfer-encoding
chunked
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control
must-revalidate, no-cache
connection
close
content-type
image/gif
v2
odr.mookie1.com/t/ Frame 4661
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mookie-ps&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=mookie-ps&ttd_tpi=1
  • https://odr.mookie1.com/t/v2?tagid=V2_2087&src.visitorId=3e0b6a2f-88ed-4487-a221-34631cbb3ff3&gdpr=1&gdpr_consent=
43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_2087&src.visitorId=3e0b6a2f-88ed-4487-a221-34631cbb3ff3&gdpr=1&gdpr_consent=
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://odr.mookie1.com/t/v2?tagid=V2_2087&src.visitorId=3e0b6a2f-88ed-4487-a221-34631cbb3ff3&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
259
v4
metrics.getrockerbox.com/track/ Frame 4661
Redirect Chain
  • https://metrics.getrockerbox.com/track/v4?source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=r9vak6v&tier_three=5llqzru&tier_four=cx40n3a0
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmetrics.getrockerbox.com%2Ftrack%2Fv4%3Fuid%3D%24UID%26source%3Dweight_watchers_subscription_germany%26tier_one%3Dttd-display%26tier_two%3Dr9vak6v%26ti...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmetrics.getrockerbox.com%252Ftrack%252Fv4%253Fuid%253D%2524UID%2526source%253Dweight_watchers_subscription_germany%2526tier_one%253Dt...
  • https://metrics.getrockerbox.com/track/v4?uid=632072906110587084&source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=r9vak6v&tier_three=5llqzru&tier_four=cx40n3a0&uid_ts=16412...
44 B
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.getrockerbox.com/track/v4?uid=632072906110587084&source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=r9vak6v&tier_three=5llqzru&tier_four=cx40n3a0&uid_ts=1641262075
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.67.177.215 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JiTWW49xmiILLNewSzaCkoavjm7rJUo6jqMSeoIRmtkcoIXbbx7B%2FvpTCFsRgidP0G4nWw59XhqwUgbBHwmmoGX3udg1J0OIvd9KlmTKwRbB89ecfyW8JS%2FGU1MY9lcRvzZMzNHk1Mu2XBY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6c80ea82caee41c8-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 02:07:55 GMT
X-Proxy-Origin
91.199.118.155; 91.199.118.155; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
91b58053-92b0-401b-b16a-f66ba65a2f9e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://metrics.getrockerbox.com/track/v4?uid=632072906110587084&source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=r9vak6v&tier_three=5llqzru&tier_four=cx40n3a0&uid_ts=1641262075
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 4661 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cfct8-qvTYabZMsaKjuwPtI27yA6ZvIm3XKqkgLzPAsCNtwEQASAAYJUCggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODLIAQngAgCoAwGqBIwCT9A8tT2YraybEEUNF4slKCyj8jq5bkCXiQfMqvZnTlh21E_SiLInRoMkzYT1CZIySQHIqK1SgodlX5lzI2Xt8H7xwvYAjagm4tPMgqKkZkEytrh3z_KRM81RV2mxQ2aGkua5SMlASg-LaTYuqLeiDfSfYsL-Kce7QMQddyfecAfN9OR3NzcGtBNQ7uOUlsXMrZa-TjkhE2BKBLrelogXolZmS4b-gAufgekVOWBYoLAqRD9S0R9_hX8u9jevu3ABKOhvdhzLN89MujVEP19HHNjMNM3o-ly9qxIPdAMg27lSR76-s4pSOAxKxG3_e5YrCuHhdLWQTEdTpOANrWqTN76w7Dx76mdW_0IrQOAEAYAGipD3ndy2p6lVoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMjg0NTQ2MzQzODE1Mzc4MhjP1Gk&sigh=iqTw2VNQ7yY&uach_m=[UACH]&cid=CAQSPACNIrLMp1bBIpz3LekRh31iyt89fRD71yt6XO4LYj8oWKNle8elMNQrcTdVzsv08AmpXpA42h9to5GkUBgB&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
impl_v81.js
www.googletagservices.com/dcm/ Frame 4661 		41 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v81.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 12:47:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48022
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17189
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 19:28:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Jan 2023 12:47:33 GMT
rs
ad4m.at/ Frame CC63 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac24edff050b6cc02ce1f1f6479dc99edcba9ab77b5cb9ac3d2e2d83eac608c2

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6c80ea81ab1e4a9e-FRA
date
Tue, 04 Jan 2022 02:07:55 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HEnUiwlf47TwDftgh8nE1%2B8M8wenUg3WEflT0qEHvyQljgATD%2BOm%2B5RJHySQfTUj%2BwDBwshWBg3hOTcW78EWL8YkpowIsJMq8uSRyPeHskW7TB5c%2FCtpRZbpSJV9VaQq5RTIvNM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-jrpn
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-jrpn
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fFg8rz25UJJWt8y1AF31ibkJkWcAB0DYb81PdAsGgdMGofW1Z0YBLrxIFECS4Jz9yCuD0Ujr9smwtYN8q%2FJUaWSeWKF%2BXx6Ck4dDHtURNBy4DxKIQKMZTIVXxYTt%2F9ptUzqbhF0%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c80ea818afa4a9e-FRA
usync.html
ad.lkqd.net/cookie-sync/ Frame 6D28 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
content-encoding
gzip
content-length
1909
content-type
text/html
last-modified
Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges
bytes
etag
"10c6626c1705141142b0302e29b3bd0e"
cache-control
public, max-age=1209600
x-hw
1641262075.cds025.ml1.hn,1641262075.cds223.ml1.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame E96D 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1149535&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c5=&c6=52453&rnd=24793684&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.75 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
86dabf596f4044a228b29607107ac6dab42b5a40d6fc4b4d7fa9e481ba89bf74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.controle.diarioceleste.com.br
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1365
usync.html
ad.lkqd.net/cookie-sync/ Frame F9CB 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
content-encoding
gzip
content-length
1909
content-type
text/html
last-modified
Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges
bytes
etag
"10c6626c1705141142b0302e29b3bd0e"
cache-control
public, max-age=1209600
x-hw
1641262075.cds025.ml1.hn,1641262075.cds223.ml1.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 2F0D 		180 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1149536&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c5=&c6=52453&rnd=7832997&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.75 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.controle.diarioceleste.com.br
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
150
/
track.adform.net/adfserve/ Frame B9F1 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=46747358;rtbwp=YdOr-gAHeccHg4DUAA5mwhWPpdKmLV_s7Zu6SQ;rtbdata=sE7aJDcJuehW4jG2InUKx2c2X04jNWPu2Khm8ptOI7mW9G6-kSd51g6lzVbaIVSCwP5mmb1ZEPnTmH0JRC7vPkbTgNHX2Gb2BSga_wqbXrUSxFA_n3xXpRmQZP2mOwfaaMwOE8Kw1NgddDWXC0o5AR36NRsXaTPpY9LqVqr5u73Ri7cYcyp-m7PRkeAURXdVuSjuJH3O9LopifyFOpkPMqGloshJgAGNhXtvFaTK2iS5ulHu_8-bIsbk21oTzP-01ejLGfZaMtplGmNzwd-hVpOYdiw-7pVO3i3IlGDfNRRpsHQDE1RBHrNOUs5OeowVIpE1YpJauBBue6m5mETywNZpSM_HdKpX0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CznHs-qvTYcfzHdSBjuwPws25-A_ovpiUXKCls8n9CMCNtwEQASAAYJUCggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODLIAQmpAnr1ZKhGYoQ-4AIAqAMBqgSMAk_QditQRlERCgUpqfouYi8iFGYofNQ3bBxR9vlezAq9qpV8Qg8G0RQ364IWmZ_t2XGvZgcS1priaVb0ARcRce0XV1zq4LBnLL-DlkG_0CP4XCdR5aJa2JkgGw-74VlZ0mXb_LrWnuiCULgu0mvGzsm2NRXbiUoGtz-zdvkTt4x0vbZB0xBnb30yLao9yMBeU3UAIKJAmfBLbNCZfCt7c7I4gsuqbQ1ps62o0mNkd0F8DBzjXysufjXgMvuqi8bk5ex6vawg8inz7eN2r6_V-E8nsLWzWTyuIRmwNA8ndhd1pe-dzPyagU9TjSXbAquqBAeTpkxz6XIemhBcAMhyJMxayjyBFJKwH_pj8NHgBAGABqzgi7T1ic7_3QGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_0md757Jio_ZIUXovpqDoJSh7lKSg&client=ca-pub-2845463438153782&adurl=;js=1;adfxid=1x;9930;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.controle.diarioceleste.com.br
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
97b6924d1d0d23c63b43cd656ec015048dac888185fa4ce55ef13f8d02a7f4ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
3268
expires
-1
B26509325.314896209;dc_ver=81.236;sz=728x90;u_sd=1;kw=5llqzru;dc_adk=3183303651;ord=ydiuyd;click=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D946a70d4-9e3c-4080-806f-ce04d411f98e%26ag%3D5l...
ad.doubleclick.net/ddm/adj/N1549806.422087GROUPMCOMPETENCEC/ Frame 4661 		62 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1549806.422087GROUPMCOMPETENCEC/B26509325.314896209;dc_ver=81.236;sz=728x90;u_sd=1;kw=5llqzru;dc_adk=3183303651;ord=ydiuyd;click=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D946a70d4-9e3c-4080-806f-ce04d411f98e%26ag%3D5llqzru%26sfe%3D140b2bfa%26sig%3Dgv8zph5R8nrE5_r6xdsOlKgIOXCr9damXP8pLCsrGOw.%26crid%3Dcx40n3a0%26cf%3D2909522%26fq%3D0%26t%3D1%26td_s%3Dwww.controle.diarioceleste.com.br%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Dgoogle%26uhow%3D51%26agsa%3D%26wp%3DYdOr-gAMrKYHg4VGAA7GtEBUZ_fd0HfXTs-Izg%26rgz%3D60313%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3Dpub-2845463438153782%26rlangs%3Dpt%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D8.99%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55EgVIZXNzZRoAIhFGcmFua2Z1cnQgYW0gTWFpbjgCUAR4AIABAIgBAZABAA..%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26pcm%3D1%26said%3DYdOr%252BgANtUoKd7LB1wCWDw%253D%253D%26auct%3D1%26grdc%3DCAEYASABKAFAAUgC%26r%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCvLtu-qvTYabZMsaKjuwPtI27yA6ZvIm3XKqkgLzPAsCNtwEQASAAYJUCggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODLIAQngAgCoAwGqBI8CT9A8tT2YraybEEUNF4slKCyj8jq5bkCXiQfMqvZnTlh21E_SiLInRoMkzYT1CZIySQHIqK1SgodlX5lzI2Xt8H7xwvYAjagm4tPMgqKkZkEytrh3z_KRM81RV2mxQ2aGkua5SMlASg-LaTYuqLeiDfSfYsL-Kce7QMQddyfecAfN9OR3NzcGtBNQ7uOUlsXMrZa-TjkhE2BKBLrelogXolZmS4b-gAufgekVOWBYoLAqRD9S0R9_hX8u9jevu3ABKOhvdhzLN89MujVEP19HHNjMNM3o-ly9qxIPdAMg27lSR76-s4oQOi3YfIdPO02bYwItVVJ0U1NZCeojtflm459XAo5lxn_sMOprm3xZseAEAYAGipD3ndy2p6lVoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_26pog9yKea7CseYfPtwJccbqZ8Ag%2526client%253Dca-pub-2845463438153782%2526adurl%253D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F$0;xdt=1;crlt=h19Y2Y0p4R;sttr=53;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
cafe /
Resource Hash
747bac1d5969e3b43ebd07e4c105a5cb0b623e7fc3cb9f0c1da29d343bf7346d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25459
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rar
as.ad4m.at/ad/ Frame 2D04 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=23576%2C19491%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=KnVRbz8jl9YEznYcSjwwJZ72HxHdabap&g=5bc50ccaebb373c29b2fc6635011914a%2F1482311458844485650&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1641262075163&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jm5g0ta65vpqrwxh5rjcbc330gnn6z81bhbxkem596r7w3kqr7p3v4pvv0m51q8w2wqk60zd1htrvgswrntnzcef2kq48xaekpy8s1rszs835c6rj71qgdzm5n3e6gnbxs9rq52sdb71f0tj766yebhs1chj7aaj6pwz2bdmwfsgr3dtq31gpw0cp63ha2meamvzhbkfhf9zqe98mnknqs8hp52v24zq0pk51bra1w4yw1p7xht7fwttjb7jkj1j5r91n28chj6vb62gqz0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChkey-qvTYcG2J5KNrASbsqfoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjg0NTQ2MzQzODE1Mzc4MqABwq7o3QPIAQmpAn3D1gNt87I-4AIAqAMBqgSOAk_QdMsKkNlP62r71UaQVEM5-xb50owAFwwokFUHJKD0LohOxQwlE1jRIhCy68kgpqrNNRCOKHQjxxMuroBeUNx3vjRm5ofD5W1BQxxVvvkRJWdiGvESjPqEvZLmzE-N1he6josW4rGMWJ1u7Kf5Zp5W1Ps2IE-hFDtQIw8eWkuaJoqWd_9-qt3xaGZ8DVpP4ELQ56gDRa3xJ769hFaar1nyJ3JkdtqTehui0Y8_79XtxjkxODkhm-Din8iYJqbPWQJRFQcU0ZPlb4CHhP8kKv9uJt_giRDri25giElI_IQujkFSsup0fdFUNU4WBmo-Vkqd1yextLUPQLgEV78LeOBIjTClN78XKieOeo8meuAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1mVrDZAEscS7wbMYVYS9xIhkeR8w%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91e855f7118b0605be6f3b770b00f704eb917cbf36dbb54819c72d5ae5d1cc96
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jxrs5bypcqwzchf8k6m8d9erqz982t79v0chf5k1xw1qmm512x0gskk1587e0neb809bc9wfm7nc5xnr6dg9k03grs9pgh3fksxsqfs7j0dxw6kzzdqqn7pr0phcybkw3sav32kcz1q58xt1gjzn3v2e7wg7rmdxck18xfvxh9264vkpm1t35teem6xrncvamjrdrd4c333x457b53z2srf5216pm7k984t6yhhb1n7cwd97631y696278vfm850fn9gy87kwjtd5n68mq57ageqgkkfycapkeb3hpccajcyn6g997sy1appy15r12h1xyh3cqkekm35h1hd3b7wfe49kkvpsce0zhwjv62kwz49c9szfa0xma4nyh7j2qryvdez5qgs4ctgqrmz9v97bpsw8atjhhdsag1b0f47fse70a4qg6g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChkey-qvTYcG2J5KNrASbsqfoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjg0NTQ2MzQzODE1Mzc4MqABwq7o3QPIAQmpAn3D1gNt87I-4AIAqAMBqgSOAk_QdMsKkNlP62r71UaQVEM5-xb50owAFwwokFUHJKD0LohOxQwlE1jRIhCy68kgpqrNNRCOKHQjxxMuroBeUNx3vjRm5ofD5W1BQxxVvvkRJWdiGvESjPqEvZLmzE-N1he6josW4rGMWJ1u7Kf5Zp5W1Ps2IE-hFDtQIw8eWkuaJoqWd_9-qt3xaGZ8DVpP4ELQ56gDRa3xJ769hFaar1nyJ3JkdtqTehui0Y8_79XtxjkxODkhm-Din8iYJqbPWQJRFQcU0ZPlb4CHhP8kKv9uJt_giRDri25giElI_IQujkFSsup0fdFUNU4WBmo-Vkqd1yextLUPQLgEV78LeOBIjTClN78XKieOeo8meuAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1mVrDZAEscS7wbMYVYS9xIhkeR8w%26client%3Dca-pub-2845463438153782%26adurl%3D

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c80ea81daf14ec8-FRA
content-encoding
br
cs
cs.lkqd.net/ Frame 6D28 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.185 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 6D28 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.185 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 6D28 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.185 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 6D28 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.185 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 6D28
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7707125068487444624
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7707125068487444624
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.185 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7707125068487444624
pragma
no-cache
date
Tue, 04 Jan 2022 02:07:54 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4D83 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 03 Jan 2022 05:53:44 GMT
expires
Tue, 04 Jan 2022 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
72851
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame B9F1 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aac6b2dce51db55f2600b649f8e5598ee2043488feb81ad4c2f2e793d3825e7b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
cs
cs.lkqd.net/ Frame F9CB 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.185 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame F9CB 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.185 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame F9CB 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.185 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame F9CB 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.185 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame F9CB
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4392194267766048912
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4392194267766048912
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.185 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4392194267766048912
pragma
no-cache
date
Tue, 04 Jan 2022 02:07:54 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 2D04 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=KnVRbz8jl9YEznYcSjwwJZ72HxHdabap&g=5bc50ccaebb373c29b2fc6635011914a%2F1482311458844485650&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1641262075163&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jm5g0ta65vpqrwxh5rjcbc330gnn6z81bhbxkem596r7w3kqr7p3v4pvv0m51q8w2wqk60zd1htrvgswrntnzcef2kq48xaekpy8s1rszs835c6rj71qgdzm5n3e6gnbxs9rq52sdb71f0tj766yebhs1chj7aaj6pwz2bdmwfsgr3dtq31gpw0cp63ha2meamvzhbkfhf9zqe98mnknqs8hp52v24zq0pk51bra1w4yw1p7xht7fwttjb7jkj1j5r91n28chj6vb62gqz0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChkey-qvTYcG2J5KNrASbsqfoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjg0NTQ2MzQzODE1Mzc4MqABwq7o3QPIAQmpAn3D1gNt87I-4AIAqAMBqgSOAk_QdMsKkNlP62r71UaQVEM5-xb50owAFwwokFUHJKD0LohOxQwlE1jRIhCy68kgpqrNNRCOKHQjxxMuroBeUNx3vjRm5ofD5W1BQxxVvvkRJWdiGvESjPqEvZLmzE-N1he6josW4rGMWJ1u7Kf5Zp5W1Ps2IE-hFDtQIw8eWkuaJoqWd_9-qt3xaGZ8DVpP4ELQ56gDRa3xJ769hFaar1nyJ3JkdtqTehui0Y8_79XtxjkxODkhm-Din8iYJqbPWQJRFQcU0ZPlb4CHhP8kKv9uJt_giRDri25giElI_IQujkFSsup0fdFUNU4WBmo-Vkqd1yextLUPQLgEV78LeOBIjTClN78XKieOeo8meuAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1mVrDZAEscS7wbMYVYS9xIhkeR8w%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=23576%2C19491%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=KnVRbz8jl9YEznYcSjwwJZ72HxHdabap&g=5bc50ccaebb373c29b2fc6635011914a%2F1482311458844485650&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1641262075163&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jm5g0ta65vpqrwxh5rjcbc330gnn6z81bhbxkem596r7w3kqr7p3v4pvv0m51q8w2wqk60zd1htrvgswrntnzcef2kq48xaekpy8s1rszs835c6rj71qgdzm5n3e6gnbxs9rq52sdb71f0tj766yebhs1chj7aaj6pwz2bdmwfsgr3dtq31gpw0cp63ha2meamvzhbkfhf9zqe98mnknqs8hp52v24zq0pk51bra1w4yw1p7xht7fwttjb7jkj1j5r91n28chj6vb62gqz0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChkey-qvTYcG2J5KNrASbsqfoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjg0NTQ2MzQzODE1Mzc4MqABwq7o3QPIAQmpAn3D1gNt87I-4AIAqAMBqgSOAk_QdMsKkNlP62r71UaQVEM5-xb50owAFwwokFUHJKD0LohOxQwlE1jRIhCy68kgpqrNNRCOKHQjxxMuroBeUNx3vjRm5ofD5W1BQxxVvvkRJWdiGvESjPqEvZLmzE-N1he6josW4rGMWJ1u7Kf5Zp5W1Ps2IE-hFDtQIw8eWkuaJoqWd_9-qt3xaGZ8DVpP4ELQ56gDRa3xJ769hFaar1nyJ3JkdtqTehui0Y8_79XtxjkxODkhm-Din8iYJqbPWQJRFQcU0ZPlb4CHhP8kKv9uJt_giRDri25giElI_IQujkFSsup0fdFUNU4WBmo-Vkqd1yextLUPQLgEV78LeOBIjTClN78XKieOeo8meuAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1mVrDZAEscS7wbMYVYS9xIhkeR8w%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
466971
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 29 Dec 2021 16:25:04 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6c80ea821b1a4ec8-FRA
cf-bgj
minify
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 2D04 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=KnVRbz8jl9YEznYcSjwwJZ72HxHdabap&g=5bc50ccaebb373c29b2fc6635011914a%2F1482311458844485650&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1641262075163&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jm5g0ta65vpqrwxh5rjcbc330gnn6z81bhbxkem596r7w3kqr7p3v4pvv0m51q8w2wqk60zd1htrvgswrntnzcef2kq48xaekpy8s1rszs835c6rj71qgdzm5n3e6gnbxs9rq52sdb71f0tj766yebhs1chj7aaj6pwz2bdmwfsgr3dtq31gpw0cp63ha2meamvzhbkfhf9zqe98mnknqs8hp52v24zq0pk51bra1w4yw1p7xht7fwttjb7jkj1j5r91n28chj6vb62gqz0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChkey-qvTYcG2J5KNrASbsqfoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjg0NTQ2MzQzODE1Mzc4MqABwq7o3QPIAQmpAn3D1gNt87I-4AIAqAMBqgSOAk_QdMsKkNlP62r71UaQVEM5-xb50owAFwwokFUHJKD0LohOxQwlE1jRIhCy68kgpqrNNRCOKHQjxxMuroBeUNx3vjRm5ofD5W1BQxxVvvkRJWdiGvESjPqEvZLmzE-N1he6josW4rGMWJ1u7Kf5Zp5W1Ps2IE-hFDtQIw8eWkuaJoqWd_9-qt3xaGZ8DVpP4ELQ56gDRa3xJ769hFaar1nyJ3JkdtqTehui0Y8_79XtxjkxODkhm-Din8iYJqbPWQJRFQcU0ZPlb4CHhP8kKv9uJt_giRDri25giElI_IQujkFSsup0fdFUNU4WBmo-Vkqd1yextLUPQLgEV78LeOBIjTClN78XKieOeo8meuAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1mVrDZAEscS7wbMYVYS9xIhkeR8w%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date
Tue, 04 Jan 2022 02:07:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
473674
cf-polished
origFmt=png, origSize=115129
x-guploader-uploadid
ADPycdsYdplWe2VFuW7eDo9nKghYCaMoVzHRBeWc_q6a6t0uqhH5NWxQhLiKvmU1h9Q6QpMsZFqiNrVtmC46-ZvQ2TbLpnwDwQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
54564
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jSLy4R8i8jsYtQQt2bpCuinRvlsI5ftuUOXCeiUwvD2gpw7b7O7N3%2FPjm2OlAwHUohF9UK9Fwv3iMeuMu%2BerA2rMBWdavU4wIIiTsg9gJy8FSayLgJUP7ZwVv8r1%2Bonh1C2Q3pWQI0N1EQmG"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883484779402
content-type
image/webp
expires
Wed, 05 Jan 2022 02:07:55 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
115129
accept-ranges
bytes
cf-ray
6c80ea8229b94e92-FRA
cf-bgj
imgq:85,h2pri
F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 2D04 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=KnVRbz8jl9YEznYcSjwwJZ72HxHdabap&g=5bc50ccaebb373c29b2fc6635011914a%2F1482311458844485650&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1641262075163&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jm5g0ta65vpqrwxh5rjcbc330gnn6z81bhbxkem596r7w3kqr7p3v4pvv0m51q8w2wqk60zd1htrvgswrntnzcef2kq48xaekpy8s1rszs835c6rj71qgdzm5n3e6gnbxs9rq52sdb71f0tj766yebhs1chj7aaj6pwz2bdmwfsgr3dtq31gpw0cp63ha2meamvzhbkfhf9zqe98mnknqs8hp52v24zq0pk51bra1w4yw1p7xht7fwttjb7jkj1j5r91n28chj6vb62gqz0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChkey-qvTYcG2J5KNrASbsqfoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjg0NTQ2MzQzODE1Mzc4MqABwq7o3QPIAQmpAn3D1gNt87I-4AIAqAMBqgSOAk_QdMsKkNlP62r71UaQVEM5-xb50owAFwwokFUHJKD0LohOxQwlE1jRIhCy68kgpqrNNRCOKHQjxxMuroBeUNx3vjRm5ofD5W1BQxxVvvkRJWdiGvESjPqEvZLmzE-N1he6josW4rGMWJ1u7Kf5Zp5W1Ps2IE-hFDtQIw8eWkuaJoqWd_9-qt3xaGZ8DVpP4ELQ56gDRa3xJ769hFaar1nyJ3JkdtqTehui0Y8_79XtxjkxODkhm-Din8iYJqbPWQJRFQcU0ZPlb4CHhP8kKv9uJt_giRDri25giElI_IQujkFSsup0fdFUNU4WBmo-Vkqd1yextLUPQLgEV78LeOBIjTClN78XKieOeo8meuAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1mVrDZAEscS7wbMYVYS9xIhkeR8w%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=I4uEDQ==, md5=w0ixd5U6xXIINsBOGiFnPQ==
date
Tue, 04 Jan 2022 02:07:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1653022
cf-polished
qual=85, origFmt=jpeg, origSize=132437
x-guploader-uploadid
ADPycdv7vRBQr2QMlXGOu8j5zKVRNqjeCpSJANF3jqhNt--ImucjNTEMjmInHqg5BeHzQYawsQM8qh2aXRKioKMJQf5e931Tlg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
23154
last-modified
Thu, 09 Dec 2021 17:51:23 GMT
server
cloudflare
etag
"c348b177953ac5720836c04e1a21673d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0zPrQCHGhMMR%2FZG6Zb7ngfrCgxYl0xLOq5Oeab%2BEHbQpKPd%2FHgJ4ilOSMJPdIRJwYvu5eTu3pEL1VsBwU94sJMdDMwfBj7nu7%2Fm%2B1zqSA4F2yviDeMCritHMB3MWR5I5E4h%2B1e1nwiijF5C3"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1639072283176296
content-type
image/webp
expires
Wed, 05 Jan 2022 02:07:55 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
132437
accept-ranges
bytes
cf-ray
6c80ea8229bb4e92-FRA
cf-bgj
imgq:85,h2pri
postview.gif
portal.o2online.de/nws/img/ Frame 2D04
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidKnVRbz8jl9YEznYcSjwwJZ72HxHdabapasuid__suite_Netmix_Reach13_BlackFridayPush&gd...
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidKnVRbz8jl9YEznYcSjwwJZ72HxHdabapasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_c...
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022010403075561436752943X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidKnVRbz8...
  • https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=202201040307556143675...
43 B
808 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022010403075561436752943X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidKnVRbz8jl9YEznYcSjwwJZ72HxHdabapasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&ratenzahlung=24
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=KnVRbz8jl9YEznYcSjwwJZ72HxHdabap&g=5bc50ccaebb373c29b2fc6635011914a%2F1482311458844485650&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1641262075163&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jm5g0ta65vpqrwxh5rjcbc330gnn6z81bhbxkem596r7w3kqr7p3v4pvv0m51q8w2wqk60zd1htrvgswrntnzcef2kq48xaekpy8s1rszs835c6rj71qgdzm5n3e6gnbxs9rq52sdb71f0tj766yebhs1chj7aaj6pwz2bdmwfsgr3dtq31gpw0cp63ha2meamvzhbkfhf9zqe98mnknqs8hp52v24zq0pk51bra1w4yw1p7xht7fwttjb7jkj1j5r91n28chj6vb62gqz0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChkey-qvTYcG2J5KNrASbsqfoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjg0NTQ2MzQzODE1Mzc4MqABwq7o3QPIAQmpAn3D1gNt87I-4AIAqAMBqgSOAk_QdMsKkNlP62r71UaQVEM5-xb50owAFwwokFUHJKD0LohOxQwlE1jRIhCy68kgpqrNNRCOKHQjxxMuroBeUNx3vjRm5ofD5W1BQxxVvvkRJWdiGvESjPqEvZLmzE-N1he6josW4rGMWJ1u7Kf5Zp5W1Ps2IE-hFDtQIw8eWkuaJoqWd_9-qt3xaGZ8DVpP4ELQ56gDRa3xJ769hFaar1nyJ3JkdtqTehui0Y8_79XtxjkxODkhm-Din8iYJqbPWQJRFQcU0ZPlb4CHhP8kKv9uJt_giRDri25giElI_IQujkFSsup0fdFUNU4WBmo-Vkqd1yextLUPQLgEV78LeOBIjTClN78XKieOeo8meuAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1mVrDZAEscS7wbMYVYS9xIhkeR8w%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
82.113.101.132 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.o2online.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 02:07:55 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Tue, 04 Jan 2022 02:07:55 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022010403075561436752943X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidKnVRbz8jl9YEznYcSjwwJZ72HxHdabapasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&ratenzahlung=24
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Keep-Alive
timeout=10
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 2D04 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=KnVRbz8jl9YEznYcSjwwJZ72HxHdabap&g=5bc50ccaebb373c29b2fc6635011914a%2F1482311458844485650&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1641262075163&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jm5g0ta65vpqrwxh5rjcbc330gnn6z81bhbxkem596r7w3kqr7p3v4pvv0m51q8w2wqk60zd1htrvgswrntnzcef2kq48xaekpy8s1rszs835c6rj71qgdzm5n3e6gnbxs9rq52sdb71f0tj766yebhs1chj7aaj6pwz2bdmwfsgr3dtq31gpw0cp63ha2meamvzhbkfhf9zqe98mnknqs8hp52v24zq0pk51bra1w4yw1p7xht7fwttjb7jkj1j5r91n28chj6vb62gqz0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChkey-qvTYcG2J5KNrASbsqfoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjg0NTQ2MzQzODE1Mzc4MqABwq7o3QPIAQmpAn3D1gNt87I-4AIAqAMBqgSOAk_QdMsKkNlP62r71UaQVEM5-xb50owAFwwokFUHJKD0LohOxQwlE1jRIhCy68kgpqrNNRCOKHQjxxMuroBeUNx3vjRm5ofD5W1BQxxVvvkRJWdiGvESjPqEvZLmzE-N1he6josW4rGMWJ1u7Kf5Zp5W1Ps2IE-hFDtQIw8eWkuaJoqWd_9-qt3xaGZ8DVpP4ELQ56gDRa3xJ769hFaar1nyJ3JkdtqTehui0Y8_79XtxjkxODkhm-Din8iYJqbPWQJRFQcU0ZPlb4CHhP8kKv9uJt_giRDri25giElI_IQujkFSsup0fdFUNU4WBmo-Vkqd1yextLUPQLgEV78LeOBIjTClN78XKieOeo8meuAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1mVrDZAEscS7wbMYVYS9xIhkeR8w%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date
Tue, 04 Jan 2022 02:07:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1212894
cf-polished
origFmt=png, origSize=24833
x-guploader-uploadid
ADPycdua4HE5tgYL9XtK-eiTvniYjScFLiCFlKUT9qVyd9WSxZd_ObMXnHRkFnmvhe4hv-lU5Cwb4kNVBciqormPRIs
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9258
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ci1zR5Bz6WWo%2FOWUg373D2Vm7Xw5AZPvx8lqFAwhjvQEqdPT9LxIsnpoLTF4RDzTTJcebPiB43sEJGDFfwiab%2FbwGgMODwadW1tnL2DIkckdStLw2ZdXcPQRGTQ8ULefkCXw0y6Zmv12yXAp"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883517528266
content-type
image/webp
expires
Wed, 05 Jan 2022 02:07:55 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
24833
accept-ranges
bytes
cf-ray
6c80ea8229bd4e92-FRA
cf-bgj
imgq:85,h2pri
0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
assets.ad4m.at/product_image/ Frame 2D04 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=KnVRbz8jl9YEznYcSjwwJZ72HxHdabap&g=5bc50ccaebb373c29b2fc6635011914a%2F1482311458844485650&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1641262075163&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jm5g0ta65vpqrwxh5rjcbc330gnn6z81bhbxkem596r7w3kqr7p3v4pvv0m51q8w2wqk60zd1htrvgswrntnzcef2kq48xaekpy8s1rszs835c6rj71qgdzm5n3e6gnbxs9rq52sdb71f0tj766yebhs1chj7aaj6pwz2bdmwfsgr3dtq31gpw0cp63ha2meamvzhbkfhf9zqe98mnknqs8hp52v24zq0pk51bra1w4yw1p7xht7fwttjb7jkj1j5r91n28chj6vb62gqz0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChkey-qvTYcG2J5KNrASbsqfoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjg0NTQ2MzQzODE1Mzc4MqABwq7o3QPIAQmpAn3D1gNt87I-4AIAqAMBqgSOAk_QdMsKkNlP62r71UaQVEM5-xb50owAFwwokFUHJKD0LohOxQwlE1jRIhCy68kgpqrNNRCOKHQjxxMuroBeUNx3vjRm5ofD5W1BQxxVvvkRJWdiGvESjPqEvZLmzE-N1he6josW4rGMWJ1u7Kf5Zp5W1Ps2IE-hFDtQIw8eWkuaJoqWd_9-qt3xaGZ8DVpP4ELQ56gDRa3xJ769hFaar1nyJ3JkdtqTehui0Y8_79XtxjkxODkhm-Din8iYJqbPWQJRFQcU0ZPlb4CHhP8kKv9uJt_giRDri25giElI_IQujkFSsup0fdFUNU4WBmo-Vkqd1yextLUPQLgEV78LeOBIjTClN78XKieOeo8meuAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1mVrDZAEscS7wbMYVYS9xIhkeR8w%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=1aKs/g==, md5=nBaxji7Rcg1LrHhoV5P3TA==
date
Tue, 04 Jan 2022 02:07:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1212861
cf-polished
qual=85, origFmt=jpeg, origSize=84530
x-guploader-uploadid
ADPycdvulYrDQNUtRxoDFICktszvBld-zumqmU9xDn4fyYnfszA26fzJ2NfXO2rFBYElUh5ZQKFvMfk-nQj1PrGuhQwqjXpKBA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19022
last-modified
Wed, 10 Nov 2021 15:00:52 GMT
server
cloudflare
etag
"9c16b18e2ed1720d4bac78685793f74c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzTU2Y6rmBxxmwsSCYq6M7cJd1dTPkjiQ%2FQEC4BaYEAIBjCCTBcbh8wBjc49LIyIyozykv8N2KMfA4k%2FYaDaDAW%2F1vfL5%2BNxINW8FPmGg4mNJ09NXc3%2BP6BSo8UQ68v7LOJ7MRgphybSvexL"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1636556452656256
content-type
image/webp
expires
Wed, 05 Jan 2022 02:07:55 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
84530
accept-ranges
bytes
cf-ray
6c80ea8229bc4e92-FRA
cf-bgj
imgq:85,h2pri
postview.gif
portal.blau.de/nws/img/ Frame 2D04
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuidKnVRbz8jl9YEznYcSjwwJZ72HxHdabapasuid__suite_Netmix_Reach13_BlackFridayPush&gd...
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuidKnVRbz8jl9YEznYcSjwwJZ72HxHdabapasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_c...
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022010403075561436752941X113752V1225131106MSoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuidKnVRbz8jl...
  • https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=20220104030755614367529...
43 B
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022010403075561436752941X113752V1225131106MSoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuidKnVRbz8jl9YEznYcSjwwJZ72HxHdabapasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=113752
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=KnVRbz8jl9YEznYcSjwwJZ72HxHdabap&g=5bc50ccaebb373c29b2fc6635011914a%2F1482311458844485650&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1641262075163&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jm5g0ta65vpqrwxh5rjcbc330gnn6z81bhbxkem596r7w3kqr7p3v4pvv0m51q8w2wqk60zd1htrvgswrntnzcef2kq48xaekpy8s1rszs835c6rj71qgdzm5n3e6gnbxs9rq52sdb71f0tj766yebhs1chj7aaj6pwz2bdmwfsgr3dtq31gpw0cp63ha2meamvzhbkfhf9zqe98mnknqs8hp52v24zq0pk51bra1w4yw1p7xht7fwttjb7jkj1j5r91n28chj6vb62gqz0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChkey-qvTYcG2J5KNrASbsqfoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjg0NTQ2MzQzODE1Mzc4MqABwq7o3QPIAQmpAn3D1gNt87I-4AIAqAMBqgSOAk_QdMsKkNlP62r71UaQVEM5-xb50owAFwwokFUHJKD0LohOxQwlE1jRIhCy68kgpqrNNRCOKHQjxxMuroBeUNx3vjRm5ofD5W1BQxxVvvkRJWdiGvESjPqEvZLmzE-N1he6josW4rGMWJ1u7Kf5Zp5W1Ps2IE-hFDtQIw8eWkuaJoqWd_9-qt3xaGZ8DVpP4ELQ56gDRa3xJ769hFaar1nyJ3JkdtqTehui0Y8_79XtxjkxODkhm-Din8iYJqbPWQJRFQcU0ZPlb4CHhP8kKv9uJt_giRDri25giElI_IQujkFSsup0fdFUNU4WBmo-Vkqd1yextLUPQLgEV78LeOBIjTClN78XKieOeo8meuAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1mVrDZAEscS7wbMYVYS9xIhkeR8w%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
82.113.101.236 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.blau.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 02:07:55 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Tue, 04 Jan 2022 02:07:55 GMT
X-NODEIP
46.4.41.145
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022010403075561436752941X113752V1225131106MSoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuidKnVRbz8jl9YEznYcSjwwJZ72HxHdabapasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=113752
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Keep-Alive
timeout=10
63C59000D9C213BF45B1F82F0F2618F31313AAAA8B58CC73D9E650F42FBED7BA4DF9A1F0D5E39C9D50FDF4A5C844FF0FCC1CD3C6A60D5E5960184143530743A4
assets.ad4m.at/logo/ Frame 2D04 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/63C59000D9C213BF45B1F82F0F2618F31313AAAA8B58CC73D9E650F42FBED7BA4DF9A1F0D5E39C9D50FDF4A5C844FF0FCC1CD3C6A60D5E5960184143530743A4
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=KnVRbz8jl9YEznYcSjwwJZ72HxHdabap&g=5bc50ccaebb373c29b2fc6635011914a%2F1482311458844485650&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1641262075163&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jm5g0ta65vpqrwxh5rjcbc330gnn6z81bhbxkem596r7w3kqr7p3v4pvv0m51q8w2wqk60zd1htrvgswrntnzcef2kq48xaekpy8s1rszs835c6rj71qgdzm5n3e6gnbxs9rq52sdb71f0tj766yebhs1chj7aaj6pwz2bdmwfsgr3dtq31gpw0cp63ha2meamvzhbkfhf9zqe98mnknqs8hp52v24zq0pk51bra1w4yw1p7xht7fwttjb7jkj1j5r91n28chj6vb62gqz0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChkey-qvTYcG2J5KNrASbsqfoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjg0NTQ2MzQzODE1Mzc4MqABwq7o3QPIAQmpAn3D1gNt87I-4AIAqAMBqgSOAk_QdMsKkNlP62r71UaQVEM5-xb50owAFwwokFUHJKD0LohOxQwlE1jRIhCy68kgpqrNNRCOKHQjxxMuroBeUNx3vjRm5ofD5W1BQxxVvvkRJWdiGvESjPqEvZLmzE-N1he6josW4rGMWJ1u7Kf5Zp5W1Ps2IE-hFDtQIw8eWkuaJoqWd_9-qt3xaGZ8DVpP4ELQ56gDRa3xJ769hFaar1nyJ3JkdtqTehui0Y8_79XtxjkxODkhm-Din8iYJqbPWQJRFQcU0ZPlb4CHhP8kKv9uJt_giRDri25giElI_IQujkFSsup0fdFUNU4WBmo-Vkqd1yextLUPQLgEV78LeOBIjTClN78XKieOeo8meuAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1mVrDZAEscS7wbMYVYS9xIhkeR8w%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e992acf8af7de27497c44cca7f3758d64d10946bebd1b17319287c0d8f83b29c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=6d5z5w==, md5=vnImUageZAe9/YM5SlniMg==
date
Tue, 04 Jan 2022 02:07:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1212886
cf-polished
origFmt=png, origSize=15890
x-guploader-uploadid
ADPycdvO2r_Qwsa4pUKVH6tiSd6mtjDv5ZDd5qF-Y1TmjICwmcmV50kEJZ08IJPE7IWiQjhlub6GeW0aFxVGifynNrY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6208
last-modified
Thu, 16 Jul 2020 06:05:30 GMT
server
cloudflare
etag
"be722651a81e6407bdfd83394a59e232"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lttjfPcEeTWadp2AQ2xGebNUyCALho1gjC%2FjUbSvmFmmWLbNeP88ibrfNpsXBPAeXT9Bu4fpfbFphnZWbD19A9QccPFNnSRIx6j2iBMWppPE74QZ%2Bd%2BWNm37jVhZTcq63EmuGT%2FU0c2llWRO"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1594879530502671
content-type
image/webp
expires
Wed, 05 Jan 2022 02:07:55 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
15890
accept-ranges
bytes
cf-ray
6c80ea8229bf4e92-FRA
cf-bgj
imgq:85,h2pri
1676B5A8D805B79544F31FDF318F71919051388884DEE860E61C018B9F1A57100F3300CCE67F3E220C3E5A469FED99CE509B2A1EDD13F0FB6C8277D894DDF6BE
assets.ad4m.at/product_image/ Frame 2D04 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/1676B5A8D805B79544F31FDF318F71919051388884DEE860E61C018B9F1A57100F3300CCE67F3E220C3E5A469FED99CE509B2A1EDD13F0FB6C8277D894DDF6BE
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=KnVRbz8jl9YEznYcSjwwJZ72HxHdabap&g=5bc50ccaebb373c29b2fc6635011914a%2F1482311458844485650&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1641262075163&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jm5g0ta65vpqrwxh5rjcbc330gnn6z81bhbxkem596r7w3kqr7p3v4pvv0m51q8w2wqk60zd1htrvgswrntnzcef2kq48xaekpy8s1rszs835c6rj71qgdzm5n3e6gnbxs9rq52sdb71f0tj766yebhs1chj7aaj6pwz2bdmwfsgr3dtq31gpw0cp63ha2meamvzhbkfhf9zqe98mnknqs8hp52v24zq0pk51bra1w4yw1p7xht7fwttjb7jkj1j5r91n28chj6vb62gqz0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChkey-qvTYcG2J5KNrASbsqfoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjg0NTQ2MzQzODE1Mzc4MqABwq7o3QPIAQmpAn3D1gNt87I-4AIAqAMBqgSOAk_QdMsKkNlP62r71UaQVEM5-xb50owAFwwokFUHJKD0LohOxQwlE1jRIhCy68kgpqrNNRCOKHQjxxMuroBeUNx3vjRm5ofD5W1BQxxVvvkRJWdiGvESjPqEvZLmzE-N1he6josW4rGMWJ1u7Kf5Zp5W1Ps2IE-hFDtQIw8eWkuaJoqWd_9-qt3xaGZ8DVpP4ELQ56gDRa3xJ769hFaar1nyJ3JkdtqTehui0Y8_79XtxjkxODkhm-Din8iYJqbPWQJRFQcU0ZPlb4CHhP8kKv9uJt_giRDri25giElI_IQujkFSsup0fdFUNU4WBmo-Vkqd1yextLUPQLgEV78LeOBIjTClN78XKieOeo8meuAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1mVrDZAEscS7wbMYVYS9xIhkeR8w%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
028565858aca93c3b487996eb5af450fa2671990023c0a38f485a16513d26013

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=z6IwRA==, md5=1A70ndCinKDnYB0bQF1NeA==
date
Tue, 04 Jan 2022 02:07:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1212896
cf-polished
qual=85, origFmt=jpeg, origSize=25987
x-guploader-uploadid
ADPycducIMB0EQ5nx8OTTKFok5AtJ_dXDoVGriO6_W65_ioNLDNUKHdQMMQCMdoAlPIWN27xpBYz5N9plySv-z8TRH8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8886
last-modified
Thu, 17 Dec 2020 12:29:34 GMT
server
cloudflare
etag
"d40ef49dd0a29ca0e7601d1b405d4d78"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIOeKLKjXiFqK42E9hVHob%2BdvWjcwBk61jxa7DT%2Fed1rtR6A1y1%2Fb7r0ryerUVuLfJMtmxGt04lRnek99EDBlcxX1yLDp6sn6YHNHkrQen8Olj5VG3dC5vUnCPgySUIsKhVPXKlh3DDQOlne"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1608208174589657
content-type
image/webp
expires
Wed, 05 Jan 2022 02:07:55 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
25987
accept-ranges
bytes
cf-ray
6c80ea8229c14e92-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame 2D04 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2629118&v=19228&q=388274&r=412871&pv=1&pref3=oneid2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcgoneid__asuidKnVRbz8jl9YEznYcSjwwJZ72HxHdabapasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=KnVRbz8jl9YEznYcSjwwJZ72HxHdabap&g=5bc50ccaebb373c29b2fc6635011914a%2F1482311458844485650&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1641262075163&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jm5g0ta65vpqrwxh5rjcbc330gnn6z81bhbxkem596r7w3kqr7p3v4pvv0m51q8w2wqk60zd1htrvgswrntnzcef2kq48xaekpy8s1rszs835c6rj71qgdzm5n3e6gnbxs9rq52sdb71f0tj766yebhs1chj7aaj6pwz2bdmwfsgr3dtq31gpw0cp63ha2meamvzhbkfhf9zqe98mnknqs8hp52v24zq0pk51bra1w4yw1p7xht7fwttjb7jkj1j5r91n28chj6vb62gqz0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChkey-qvTYcG2J5KNrASbsqfoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMjg0NTQ2MzQzODE1Mzc4MqABwq7o3QPIAQmpAn3D1gNt87I-4AIAqAMBqgSOAk_QdMsKkNlP62r71UaQVEM5-xb50owAFwwokFUHJKD0LohOxQwlE1jRIhCy68kgpqrNNRCOKHQjxxMuroBeUNx3vjRm5ofD5W1BQxxVvvkRJWdiGvESjPqEvZLmzE-N1he6josW4rGMWJ1u7Kf5Zp5W1Ps2IE-hFDtQIw8eWkuaJoqWd_9-qt3xaGZ8DVpP4ELQ56gDRa3xJ769hFaar1nyJ3JkdtqTehui0Y8_79XtxjkxODkhm-Din8iYJqbPWQJRFQcU0ZPlb4CHhP8kKv9uJt_giRDri25giElI_IQujkFSsup0fdFUNU4WBmo-Vkqd1yextLUPQLgEV78LeOBIjTClN78XKieOeo8meuAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1mVrDZAEscS7wbMYVYS9xIhkeR8w%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 02:07:55 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
container.html
2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2F67 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 04 Jan 2022 02:07:54 GMT
expires
Wed, 04 Jan 2023 02:07:54 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
google2waycm.netmng.com/cm/ Frame 4D83 		0
0
pixel
cm.g.doubleclick.net/ Frame 4D83
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGWAOgbFUFw7Ze6OZefLvTk&google_cver=1&google_push=AYg5qPKv_HGOm3n0F1h15dayFKZwKcvyh9WilprHZGZF5UtIP7fAjwAgEn...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKv_HGOm3n0F1h15dayFKZwKcvyh9WilprHZGZF5UtIP7fAjwAgEn4oyD24r597ycvjv6t-yidsl4azhKgapmnAPWklaJk&google_hm=D-Ckped...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKv_HGOm3n0F1h15dayFKZwKcvyh9WilprHZGZF5UtIP7fAjwAgEn4oyD24r597ycvjv6t-yidsl4azhKgapmnAPWklaJk&google_hm=D-CkpedODO9EuwWmJDGBUg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKv_HGOm3n0F1h15dayFKZwKcvyh9WilprHZGZF5UtIP7fAjwAgEn4oyD24r597ycvjv6t-yidsl4azhKgapmnAPWklaJk&google_hm=D-CkpedODO9EuwWmJDGBUg
pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4D83
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPI2pUGBDoZ57LQK8mvNpvOmAbU2m92wfHWpaB0...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWRPcl93QUM4WERvaEFBbQ&google_push=AYg5qPI2pUGBDoZ57LQK8mvNpvOmAbU2m92wfHWpaB0ThfCB2Hm9DuZ_hriWjXMC1-gz_FzS5gUb_YfeZi3aS0mP3n_SsCTqVB8
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWRPcl93QUM4WERvaEFBbQ&google_push=AYg5qPI2pUGBDoZ57LQK8mvNpvOmAbU2m92wfHWpaB0ThfCB2Hm9DuZ_hriWjXMC1-gz_FzS5gUb_YfeZi3aS0mP3n_SsCTqVB8
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWRPcl93QUM4WERvaEFBbQ&google_push=AYg5qPI2pUGBDoZ57LQK8mvNpvOmAbU2m92wfHWpaB0ThfCB2Hm9DuZ_hriWjXMC1-gz_FzS5gUb_YfeZi3aS0mP3n_SsCTqVB8
Date
Tue, 04 Jan 2022 02:07:55 GMT
Server
Apache
Connection
keep-alive
Content-Length
390
Content-Type
text/html; charset=iso-8859-1
current
dclk-match.dotomi.com/match/bounce/ Frame 4D83 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEAx893buSEr-sg5pm2G7RRw&google_cver=1&google_push=AYg5qPIoKQbzInqS52QGm0L99NGCp0DX7bpwaLttN30RIyiibubwAAT4w72zCcS-LtPIDDzGNf-abirxLjr1rfbkZg5zk6Nj40E
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 4D83
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEK7BxIXGc8sgL9ZtyIAyr6I&google_cver=1&google_push=AYg5qPI7Vn2Wjq3QHNBmIBaZBqiFSiMjzKVuVD2ZEnhESw7Rh9XKmpDCAsuFtirLxA7er4iA8YWl5aweQvEHeaha1DNU...
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=0caf0677-c490-439a-9f76-c1bb9d219461
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=0caf0677-c490-439a-9f76-c1bb9d219461
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=bae2a8fa-da16-48f3-a8ee-ee897fba81ab&ssp=google&expires=30&user_group=5&bsw_param=0caf0677-c490-439a-9f76-c1bb9d219461
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPI7Vn2Wjq3QHNBmIBaZBqiFSiMjzKVuVD2ZEnhESw7Rh9XKmpDCAsuFtirLxA7er4iA8YWl5aweQvEHeaha1DNUNMMHfCM&google_hm=DK8Gd8SQQ5qfdsG7nSGUYQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPI7Vn2Wjq3QHNBmIBaZBqiFSiMjzKVuVD2ZEnhESw7Rh9XKmpDCAsuFtirLxA7er4iA8YWl5aweQvEHeaha1DNUNMMHfCM&google_hm=DK8Gd8SQQ5qfdsG7nSGUYQ==
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPI7Vn2Wjq3QHNBmIBaZBqiFSiMjzKVuVD2ZEnhESw7Rh9XKmpDCAsuFtirLxA7er4iA8YWl5aweQvEHeaha1DNUNMMHfCM&google_hm=DK8Gd8SQQ5qfdsG7nSGUYQ==
Date
Tue, 04 Jan 2022 02:07:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 4D83
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOs9rsBjb80GiAOwxUSpNX8&google_cver=1&google_push=AYg5qPJbPwZ145AbaDQhuaE5gvB0jQTOtIEmwTQHFEA6BBm1anNSOkVDe-MpK3R5Imu2lmtJ4cSv1Bd4LsvDOYgkTZSGDyvp5A
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJbPwZ145AbaDQhuaE5gvB0jQTOtIEmwTQHFEA6BBm1anNSOkVDe-MpK3R5Imu2lmtJ4cSv1Bd4LsvDOYgkTZSGDyvp5A&google_hm=NTgxNjY2NDc0MzA4NjY5NDY0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJbPwZ145AbaDQhuaE5gvB0jQTOtIEmwTQHFEA6BBm1anNSOkVDe-MpK3R5Imu2lmtJ4cSv1Bd4LsvDOYgkTZSGDyvp5A&google_hm=NTgxNjY2NDc0MzA4NjY5NDY0NQ%3D%3D
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 04 Jan 2022 02:07:55 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJbPwZ145AbaDQhuaE5gvB0jQTOtIEmwTQHFEA6BBm1anNSOkVDe-MpK3R5Imu2lmtJ4cSv1Bd4LsvDOYgkTZSGDyvp5A&google_hm=NTgxNjY2NDc0MzA4NjY5NDY0NQ%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 4D83
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPxgeFUyzaj-InooH0HO3sg&google_cver=1&google_push=AYg5qPINux10U7p4xZH7m-K4e0zcgDRlakIRSIAAMr173MVMxO1QfoTiD9wCWLgFr429RwZSJTu-PYSe...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY2NzYxMzkwNDg2NjM2NDc0Mw&google_push=AYg5qPINux10U7p4xZH7m-K4e0zcgDRlakIRSIAAMr173MVMxO1QfoTiD9wCWLgFr429RwZSJTu-PY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY2NzYxMzkwNDg2NjM2NDc0Mw&google_push=AYg5qPINux10U7p4xZH7m-K4e0zcgDRlakIRSIAAMr173MVMxO1QfoTiD9wCWLgFr429RwZSJTu-PYSen6SvoNoYdkcTE0y2NTM
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY2NzYxMzkwNDg2NjM2NDc0Mw&google_push=AYg5qPINux10U7p4xZH7m-K4e0zcgDRlakIRSIAAMr173MVMxO1QfoTiD9wCWLgFr429RwZSJTu-PYSen6SvoNoYdkcTE0y2NTM
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 4D83 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KrU-yWNJxoAIJnxX6BJAalv5v9uO4bQKeVb9o7WnmOTN9JFE12t2bCXjsZYDaPGcPXiDoG
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame B9F1 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
1f647589f081c26a24954bf8f32fb7ea1b828fe3a41cebc760154191a167efea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 14:23:05 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 05 Jan 2022 05:23:36 GMT
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 4661 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
Origin
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 20:53:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18878
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jan 2022 20:53:17 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame 4661 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1549806.422087GROUPMCOMPETENCEC/B26509325.314896209;dc_ver=81.236;sz=728x90;u_sd=1;kw=5llqzru;dc_adk=3183303651;ord=ydiuyd;click=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D946a70d4-9e3c-4080-806f-ce04d411f98e%26ag%3D5llqzru%26sfe%3D140b2bfa%26sig%3Dgv8zph5R8nrE5_r6xdsOlKgIOXCr9damXP8pLCsrGOw.%26crid%3Dcx40n3a0%26cf%3D2909522%26fq%3D0%26t%3D1%26td_s%3Dwww.controle.diarioceleste.com.br%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Dgoogle%26uhow%3D51%26agsa%3D%26wp%3DYdOr-gAMrKYHg4VGAA7GtEBUZ_fd0HfXTs-Izg%26rgz%3D60313%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3Dpub-2845463438153782%26rlangs%3Dpt%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D8.99%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55EgVIZXNzZRoAIhFGcmFua2Z1cnQgYW0gTWFpbjgCUAR4AIABAIgBAZABAA..%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26pcm%3D1%26said%3DYdOr%252BgANtUoKd7LB1wCWDw%253D%253D%26auct%3D1%26grdc%3DCAEYASABKAFAAUgC%26r%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCvLtu-qvTYabZMsaKjuwPtI27yA6ZvIm3XKqkgLzPAsCNtwEQASAAYJUCggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODLIAQngAgCoAwGqBI8CT9A8tT2YraybEEUNF4slKCyj8jq5bkCXiQfMqvZnTlh21E_SiLInRoMkzYT1CZIySQHIqK1SgodlX5lzI2Xt8H7xwvYAjagm4tPMgqKkZkEytrh3z_KRM81RV2mxQ2aGkua5SMlASg-LaTYuqLeiDfSfYsL-Kce7QMQddyfecAfN9OR3NzcGtBNQ7uOUlsXMrZa-TjkhE2BKBLrelogXolZmS4b-gAufgekVOWBYoLAqRD9S0R9_hX8u9jevu3ABKOhvdhzLN89MujVEP19HHNjMNM3o-ly9qxIPdAMg27lSR76-s4oQOi3YfIdPO02bYwItVVJ0U1NZCeojtflm459XAo5lxn_sMOprm3xZseAEAYAGipD3ndy2p6lVoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_26pog9yKea7CseYfPtwJccbqZ8Ag%2526client%253Dca-pub-2845463438153782%2526adurl%253D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F$0;xdt=1;crlt=h19Y2Y0p4R;sttr=53;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 00:21:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6401
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Jan 2022 00:21:14 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4661 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 20:54:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18776
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Jan 2023 20:54:59 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2F67 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CSdpj-qvTYaKePMmMjuwP1J6gmA2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODKgAcKu6N0DyAEJqQJ9w9YDbfOyPuACAKgDAaoEiwJP0IUXK6aA44QNVbXIihgdZxPiq9xv4vpdQL5hNNZSsGa9GCJIcHnezFpd-l7p_bxxmqnzzRlb6mJuVOYrWV8M7DsfhNtZ-wTPSMxZVnQIZm7xu5nP5lir5UUM88z0lEEWEYA89goC8YtfPlk23M6at_zsDr8ikA7tHVCH3UC7OCo1-gxKmhVjWzDS7qYhQRciXs-z8w071Pv2QlXhPGY43lR7SuUs9-zvcC0sDeLfcRhniQovPUj38jtIEfp_YpqToBCbrEuxThk63mLB0DjSWZoRHKO8rLhUBGN3TM5m09QMKtiXLjoo9sgHpSeZc9HerKTij-ni6O6MNnMolzbLAw-6Ks0Zp_cTs6LgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0yODQ1NDYzNDM4MTUzNzgyGM_UaQ&sigh=m3AQnxsBi-w&uach_m=[UACH]&cid=CAQSPACNIrLMOJUfDwp7a9EcQy3_ouX7jcMmul6phcZhtbC0t8xNEwHv9fJSE_IiQHxxBmCtVSTF46TomJ6kvxgB
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 2F67 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1jn6hh59mrcy0p2xgtyen3mqtv3jvx5y1zk35rx4r71e8zrjvhn387m812k77d4rk06z4n3z96yw8qp2rnmgkrf1tnadkvm3bx373zv0jxbx2wwzt5axnd33v6t6xwxes6960grwe4488j1wzpj5e06gkex0wyareerxapratv8p6zbkd774h5hxxnh0pn4dc4a32ge3fgyc36dz8ah39by9nsxm6ny2exrz0psjcxy5tm30vq0r0tf9fch4w4c8t9pf7ytgt2f95ayt9yfjq9ewtjjaa6b16nrpcp3j3k1xnfptaqnmtrrvygkm16qme0ne50fjpc9v74tn16ztk7yhr0ny6sah2q654a7db01yhmmnpsyk1vhhthttjfg5p8tys2ebfww8cp6j59xm9j2d6h6v0&b=YdOr-gAPDyIHg4ZJAAgPVFrVLlfINVfaBXUfFg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 04 Jan 2022 02:07:55 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
as.ad4m.at/ad/ Frame FD70 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1kgd2fn8tnkc21nyk7r6zb8w4qfngfd9c1f3vg6j3w7wzb7rd8xcsfy8krdz3dk6s0fgg0amfc15sarh7a7rf1yzxg0f9sfjrq6n262tz6amh5gk2zt87rqa5zs0qjrkgrh9jcemapr3egq0renc3tpje9z1dz8jzv2ys043v16vv38b6hc979w2cpb29bccx10ajs6xg06vwz4x0r98hkc6s66wrq27scj2sasdw34jq4rvkny52f7knwbhr9pv1vwrqsnzb3bj6ayf0bm21b3010353t5gr49bh99h9w468agn4d0d2x44q9aq857aqbk16qyzr96w4nmqh332r3a1zqz3j7eahvt3g0w9jsp84tyjvwjtr7qcqbpewq862hj2c10gtzs4x5b4ps63jv5tykb8atwhf03qfg06dvqfg2gdnqc0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAwtX-qvTYaKePMmMjuwP1J6gmA2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODKgAcKu6N0DyAEJqQJ9w9YDbfOyPuACAKgDAaoEjgJP0IUXK6aA44QNVbXIihgdZxPiq9xv4vpdQL5hNNZSsGa9GCJIcHnezFpd-l7p_bxxmqnzzRlb6mJuVOYrWV8M7DsfhNtZ-wTPSMxZVnQIZm7xu5nP5lir5UUM88z0lEEWEYA89goC8YtfPlk23M6at_zsDr8ikA7tHVCH3UC7OCo1-gxKmhVjWzDS7qYhQRciXs-z8w071Pv2QlXhPGY43lR7SuUs9-zvcC0sDeLfcRhniQovPUj38jtIEfp_YpqToBCbrEuxThk63mLB0DjSWZoRHKO8rLhUBGN3TM5m09QMKtiXbDgJZB_-ImdR9JlIdu1wfdD24kOGGGv1F_SCkfcuNOEBciuM82rWITPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Rnk9uyla3lYMfMR0VcR5Dvy-7BA%26client%3Dca-pub-2845463438153782%26adurl%3D
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7b0d8e40cff46a5d291f9039faa70bcd6e14845d21aafdc7a717b2b7f804c74
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c80ea826b654ec8-FRA
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 2F67 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 01:37:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1824
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Jan 2022 01:37:31 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0597 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 03 Jan 2022 05:53:44 GMT
expires
Tue, 04 Jan 2022 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
72851
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2F67 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 04 Jan 2022 02:07:55 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 2F67 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 01:26:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2482
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Jan 2022 01:26:33 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 2F67 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 20:54:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18776
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 03 Jan 2023 20:54:59 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D4F5 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Mon, 03 Jan 2022 20:54:59 GMT
expires
Tue, 03 Jan 2023 20:54:59 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
18776
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
track.adform.net/csimpr/ Frame B9F1 		35 B
502 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=46747358&csi=rPgXzHb8f95m64AEGP3w5ktluffwkPTiChDJmLTgx2TrygPkIxxfk7_ZqrrjE4cswRFgI3Mdm8UszVcjxNtcQmQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
45757866.png
s1.adform.net/Banners/45757866/ Frame B9F1 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/45757866/45757866.png?bv=2
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7cbf165032e81dd2f6658b53a5bb9b13991802902f355a0778e5f99be2911f0c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
last-modified
Mon, 07 Jun 2021 10:32:07 GMT
server
nginx
etag
"60bdf5a7-337a"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
13178
index.html
s0.2mdn.net/sadbundle/18141009460309047531/ Frame 8D4E 		65 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
881e783c0fbff9c18d75a79588bee24c0ddda5ece31ff287d14faa86709bf54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
date
Tue, 04 Jan 2022 02:07:55 GMT
expires
Wed, 04 Jan 2023 02:07:55 GMT
cache-control
public, max-age=31536000
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 4661 		0
524 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstNzMahVSMQ4Gm0of9aNZmwTy7j3ShNSiimNtGq6sL2mUXeKz0vh9zbGPioCMjuSeU75NyDWHgNTlM_Bbd0B6IZ_O6jjkdRIEnog2PSXtSjHNuNmkRb50Ikf6cOouJwDPCIlAtRhPP805wvsZ0i7FoFOlx8mR1_6h89LBXoknRK3k5N&sig=Cg0ArKJSzITOYnHUjBZFEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=94&cbvp=1&cstd=88&cisv=r20211207.37135&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 04 Jan 2022 02:07:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame FD70 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kgd2fn8tnkc21nyk7r6zb8w4qfngfd9c1f3vg6j3w7wzb7rd8xcsfy8krdz3dk6s0fgg0amfc15sarh7a7rf1yzxg0f9sfjrq6n262tz6amh5gk2zt87rqa5zs0qjrkgrh9jcemapr3egq0renc3tpje9z1dz8jzv2ys043v16vv38b6hc979w2cpb29bccx10ajs6xg06vwz4x0r98hkc6s66wrq27scj2sasdw34jq4rvkny52f7knwbhr9pv1vwrqsnzb3bj6ayf0bm21b3010353t5gr49bh99h9w468agn4d0d2x44q9aq857aqbk16qyzr96w4nmqh332r3a1zqz3j7eahvt3g0w9jsp84tyjvwjtr7qcqbpewq862hj2c10gtzs4x5b4ps63jv5tykb8atwhf03qfg06dvqfg2gdnqc0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAwtX-qvTYaKePMmMjuwP1J6gmA2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODKgAcKu6N0DyAEJqQJ9w9YDbfOyPuACAKgDAaoEjgJP0IUXK6aA44QNVbXIihgdZxPiq9xv4vpdQL5hNNZSsGa9GCJIcHnezFpd-l7p_bxxmqnzzRlb6mJuVOYrWV8M7DsfhNtZ-wTPSMxZVnQIZm7xu5nP5lir5UUM88z0lEEWEYA89goC8YtfPlk23M6at_zsDr8ikA7tHVCH3UC7OCo1-gxKmhVjWzDS7qYhQRciXs-z8w071Pv2QlXhPGY43lR7SuUs9-zvcC0sDeLfcRhniQovPUj38jtIEfp_YpqToBCbrEuxThk63mLB0DjSWZoRHKO8rLhUBGN3TM5m09QMKtiXbDgJZB_-ImdR9JlIdu1wfdD24kOGGGv1F_SCkfcuNOEBciuM82rWITPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Rnk9uyla3lYMfMR0VcR5Dvy-7BA%26client%3Dca-pub-2845463438153782%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kgd2fn8tnkc21nyk7r6zb8w4qfngfd9c1f3vg6j3w7wzb7rd8xcsfy8krdz3dk6s0fgg0amfc15sarh7a7rf1yzxg0f9sfjrq6n262tz6amh5gk2zt87rqa5zs0qjrkgrh9jcemapr3egq0renc3tpje9z1dz8jzv2ys043v16vv38b6hc979w2cpb29bccx10ajs6xg06vwz4x0r98hkc6s66wrq27scj2sasdw34jq4rvkny52f7knwbhr9pv1vwrqsnzb3bj6ayf0bm21b3010353t5gr49bh99h9w468agn4d0d2x44q9aq857aqbk16qyzr96w4nmqh332r3a1zqz3j7eahvt3g0w9jsp84tyjvwjtr7qcqbpewq862hj2c10gtzs4x5b4ps63jv5tykb8atwhf03qfg06dvqfg2gdnqc0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAwtX-qvTYaKePMmMjuwP1J6gmA2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODKgAcKu6N0DyAEJqQJ9w9YDbfOyPuACAKgDAaoEjgJP0IUXK6aA44QNVbXIihgdZxPiq9xv4vpdQL5hNNZSsGa9GCJIcHnezFpd-l7p_bxxmqnzzRlb6mJuVOYrWV8M7DsfhNtZ-wTPSMxZVnQIZm7xu5nP5lir5UUM88z0lEEWEYA89goC8YtfPlk23M6at_zsDr8ikA7tHVCH3UC7OCo1-gxKmhVjWzDS7qYhQRciXs-z8w071Pv2QlXhPGY43lR7SuUs9-zvcC0sDeLfcRhniQovPUj38jtIEfp_YpqToBCbrEuxThk63mLB0DjSWZoRHKO8rLhUBGN3TM5m09QMKtiXbDgJZB_-ImdR9JlIdu1wfdD24kOGGGv1F_SCkfcuNOEBciuM82rWITPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Rnk9uyla3lYMfMR0VcR5Dvy-7BA%26client%3Dca-pub-2845463438153782%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
466971
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 29 Dec 2021 16:25:04 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6c80ea82fbd94ec8-FRA
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame FD70 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kgd2fn8tnkc21nyk7r6zb8w4qfngfd9c1f3vg6j3w7wzb7rd8xcsfy8krdz3dk6s0fgg0amfc15sarh7a7rf1yzxg0f9sfjrq6n262tz6amh5gk2zt87rqa5zs0qjrkgrh9jcemapr3egq0renc3tpje9z1dz8jzv2ys043v16vv38b6hc979w2cpb29bccx10ajs6xg06vwz4x0r98hkc6s66wrq27scj2sasdw34jq4rvkny52f7knwbhr9pv1vwrqsnzb3bj6ayf0bm21b3010353t5gr49bh99h9w468agn4d0d2x44q9aq857aqbk16qyzr96w4nmqh332r3a1zqz3j7eahvt3g0w9jsp84tyjvwjtr7qcqbpewq862hj2c10gtzs4x5b4ps63jv5tykb8atwhf03qfg06dvqfg2gdnqc0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAwtX-qvTYaKePMmMjuwP1J6gmA2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODKgAcKu6N0DyAEJqQJ9w9YDbfOyPuACAKgDAaoEjgJP0IUXK6aA44QNVbXIihgdZxPiq9xv4vpdQL5hNNZSsGa9GCJIcHnezFpd-l7p_bxxmqnzzRlb6mJuVOYrWV8M7DsfhNtZ-wTPSMxZVnQIZm7xu5nP5lir5UUM88z0lEEWEYA89goC8YtfPlk23M6at_zsDr8ikA7tHVCH3UC7OCo1-gxKmhVjWzDS7qYhQRciXs-z8w071Pv2QlXhPGY43lR7SuUs9-zvcC0sDeLfcRhniQovPUj38jtIEfp_YpqToBCbrEuxThk63mLB0DjSWZoRHKO8rLhUBGN3TM5m09QMKtiXbDgJZB_-ImdR9JlIdu1wfdD24kOGGGv1F_SCkfcuNOEBciuM82rWITPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Rnk9uyla3lYMfMR0VcR5Dvy-7BA%26client%3Dca-pub-2845463438153782%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date
Tue, 04 Jan 2022 02:07:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16778
x-guploader-uploadid
ADPycdsOKTGHIoWahD0TZTQoYWUEfcQg0132oq9AD9469QffPzMPQd5lf_jiilD5Vec202kqqI-Hxsh29ygvyTXNSQg63d9QPA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 02 Nov 2021 14:54:41 GMT
server
cloudflare
etag
W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ePQk%2FnRVzA0CFZIWwad%2Byf2KTdvfMDM3HzacInA6atFFDGUxmQE%2BU4A3lMmPy8DdNwV0IoEfUfUn6%2FyhhbYFFhCq94%2BFN9VGqEFp2QWeus3OCDUmFk0139GadrtFjC1t%2FKOCt8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1635864881199576
content-type
application/javascript; charset=utf-8
expires
Mon, 03 Jan 2022 21:28:17 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11933
cf-ray
6c80ea82fbdb4ec8-FRA
cf-bgj
minify
pixel
cm.g.doubleclick.net/ Frame 0597
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPWjoJZxtnJFsS1ijSf4kpM&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPWjoJZxtnJFsS1ijSf4kpM&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=REpaam5rS3YxTjR6ZVg1&google_gid=CAESEPWjoJZxtnJFsS1ijSf4kpM&google_cver=1&google_push=AYg5qPKGpHS3RdocZOrGImPQyUDTQhnaSgoEWs21-DdfrU3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=REpaam5rS3YxTjR6ZVg1&google_gid=CAESEPWjoJZxtnJFsS1ijSf4kpM&google_cver=1&google_push=AYg5qPKGpHS3RdocZOrGImPQyUDTQhnaSgoEWs21-DdfrU3ekAneCwl4FJfA1prJ75KllDnkj8Nv-neBbR6tVr71xWJfkGVjQLdN
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 02:07:54 GMT
Server
PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-0fb8f8c60b2bcfa88@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=REpaam5rS3YxTjR6ZVg1&google_gid=CAESEPWjoJZxtnJFsS1ijSf4kpM&google_cver=1&google_push=AYg5qPKGpHS3RdocZOrGImPQyUDTQhnaSgoEWs21-DdfrU3ekAneCwl4FJfA1prJ75KllDnkj8Nv-neBbR6tVr71xWJfkGVjQLdN
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0597
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDSuoW59ThW28AOm5jEVr88&google_cver=1&google_push=AYg5qPIrawI08h7qZPxJRAXfC3oJCaGcoZT7Xn9gILjUgRk9jS-DfuP9DcKb60fXtOxPOQXsdYeCTfgbm9Zz8PbC...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=schh06v7TwCC6nguu9-Ppw&google_push=AYg5qPIrawI08h7qZPxJRAXfC3oJCaGcoZT7Xn9gILjUgRk9jS-DfuP9DcKb60fXtOxPOQXsdYeCTfgbm9Zz8PbCmKa0WN0a...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=schh06v7TwCC6nguu9-Ppw&google_push=AYg5qPIrawI08h7qZPxJRAXfC3oJCaGcoZT7Xn9gILjUgRk9jS-DfuP9DcKb60fXtOxPOQXsdYeCTfgbm9Zz8PbCmKa0WN0ag8xZ
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 04 Jan 2022 02:07:55 GMT
Server
MT3 4133 baa842e master cdg-pixel-x5 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=schh06v7TwCC6nguu9-Ppw&google_push=AYg5qPIrawI08h7qZPxJRAXfC3oJCaGcoZT7Xn9gILjUgRk9jS-DfuP9DcKb60fXtOxPOQXsdYeCTfgbm9Zz8PbCmKa0WN0ag8xZ
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 04 Jan 2022 02:07:54 GMT
pixel
cm.g.doubleclick.net/ Frame 0597
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WWRPcl93QUM4WERvaEFBbQ==&google_gid=CAESEK_E9IMwekTWl60CiK7bdQ8&google_cver=1&google_push=AYg5qPK3vflEbZiYE96o63jc8QcNSz7DVp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WWRPcl93QUM4WERvaEFBbQ==&google_gid=CAESEK_E9IMwekTWl60CiK7bdQ8&google_cver=1&google_push=AYg5qPK3vflEbZiYE96o63jc8QcNSz7DVp-vAA57mUU-IrOuax7FDrgoB4fsdAeY28TaKJJyytGujLO4yXAzPtcNS-xY1zDBVG7x
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
via
1.1 varnish
server
Varnish
x-timer
S1641262075.422367,VS0,VE0
x-served-by
cache-fra19157-FRA
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WWRPcl93QUM4WERvaEFBbQ==&google_gid=CAESEK_E9IMwekTWl60CiK7bdQ8&google_cver=1&google_push=AYg5qPK3vflEbZiYE96o63jc8QcNSz7DVp-vAA57mUU-IrOuax7FDrgoB4fsdAeY28TaKJJyytGujLO4yXAzPtcNS-xY1zDBVG7x
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
google_sync_status
x.bidswitch.net/ Frame 0597
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELNoLEW5qCEmqljkVanrVS0&google_cver=1&google_push=AYg5qPLPfZU0XK6Xfjp7dniRyqnvx233mpgD2REk_U02ko-veXalv3aKd70EW4xavYqxzmZ8KrxXfJ1hYFmCx_zpAeXC...
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=8c849103-308a-4972-86bf-6d198c4911e8&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=DK8Gd8SQQ5qfdsG7nSGUYQ==
  • https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEKNMQVWc2bjRhv8HJPzIVMg&google_cver=1
43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEKNMQVWc2bjRhv8HJPzIVMg&google_cver=1
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
HTTP/1.1
Server
18.185.252.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-252-3.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 02:07:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEKNMQVWc2bjRhv8HJPzIVMg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 0597 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESELNtq1AMZ-T1Ouu9Fh1juhs&google_cver=1&google_push=AYg5qPLmO2ulf3kbiCsxnehV0uB28XgLd80AryrStTCY12MTS_a6TKAkLoh-Mjx1Da3k00bB_ZEDId2VOVuozxjyqXXY5pH2vq3B
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
aggcf6up6mfoivrsi4jlrtn8qdhduto1
pixel
cm.g.doubleclick.net/ Frame 0597
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKBcVu_u2c4BE0C4NiPbd6w&google_cver=1&google_push=AYg5qPJzKrgbxV6EgCs7KL8kGtS8BCEN6yk0yBj4s4Qo-HD5z1_F-cyoV77cmz2P90K4YPG3m5t-25DIqOHDBXaEf...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPJzKrgbxV6EgCs7KL8kGtS8BCEN6yk0yBj4s4Qo-HD5z1_F-cyoV77cmz2P90K4YPG3m5t-25DIqOHDBXaEfXLLZJ7fhYCq&google_hm=4d88f5e3d9490238d1719b98
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPJzKrgbxV6EgCs7KL8kGtS8BCEN6yk0yBj4s4Qo-HD5z1_F-cyoV77cmz2P90K4YPG3m5t-25DIqOHDBXaEfXLLZJ7fhYCq&google_hm=4d88f5e3d9490238d1719b98
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 04 Jan 2022 02:07:55 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPJzKrgbxV6EgCs7KL8kGtS8BCEN6yk0yBj4s4Qo-HD5z1_F-cyoV77cmz2P90K4YPG3m5t-25DIqOHDBXaEfXLLZJ7fhYCq&google_hm=4d88f5e3d9490238d1719b98
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame 0597
Redirect Chain
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEPPi1-Uod2jiuKvHDP9Qetg&google_cver=1&google_push=AYg5qPKc5ArNvYV5njkXA1tJSntftaFnKeNmJe6AmJqWLnqlR4dgCAO8...
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEPPi1-Uod2jiuKvHDP9Qetg&google_cver=1&google_push=AYg5qPKc5ArNvYV5njkXA1tJSntftaFnKeNmJe6AmJqWLnqlR4dgCAO8...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEPPi1-Uod2jiuKvHDP9Qetg&google_cver=1&google_push=AYg5qPKc5ArNvYV5njkXA1tJSntftaFnKeNmJe6AmJqWLnqlR4dgCA...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyMTZhMzJlOS02ZDAzLTExZWMtOTI2OS0wMmRmZTExNWRhNGM%3D&google_push=AYg5qPKc5ArNvYV5njkXA1tJSntftaFnKeNmJe6AmJqWLnqlR4dgCAO86xaW9xusbn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyMTZhMzJlOS02ZDAzLTExZWMtOTI2OS0wMmRmZTExNWRhNGM%3D&google_push=AYg5qPKc5ArNvYV5njkXA1tJSntftaFnKeNmJe6AmJqWLnqlR4dgCAO86xaW9xusbnrub4aisMjKdPKYKIseiBwNcGwZni5Bo-ukxA
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyMTZhMzJlOS02ZDAzLTExZWMtOTI2OS0wMmRmZTExNWRhNGM%3D&google_push=AYg5qPKc5ArNvYV5njkXA1tJSntftaFnKeNmJe6AmJqWLnqlR4dgCAO86xaW9xusbnrub4aisMjKdPKYKIseiBwNcGwZni5Bo-ukxA
date
Tue, 04 Jan 2022 02:07:55 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 0597 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IIBgBr70xYX0UL5sPhdjzN4A3S5hHvxeAqYzPxphaMYX4b33xBED2GQVmt7PLMcbxdMHfo-Q
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 2F67 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6bfa453d3714ec99118326f1d9a28e0171a99726fd5735dbf10b2f19c34b632

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.controle.diarioceleste.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 04 Jan 2022 02:07:55 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.controle.diarioceleste.com.br
t
t.lkqd.net/ Frame C2EE 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.controle.diarioceleste.com.br
date
Tue, 04 Jan 2022 02:07:55 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid.js
ad.lkqd.net/vpaid/ Frame 5504 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1641262075.cds025.ml1.hn,1641262075.cds020.ml1.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.controle.diarioceleste.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 04 Jan 2022 02:07:55 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.controle.diarioceleste.com.br
t
t.lkqd.net/ Frame D6E7 		0
0
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame FD70 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Tue, 04 Jan 2022 02:07:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9762480
x-guploader-uploadid
ADPycdu4kVh88oPygz4q2L0gysGWlMlIFE5YReoxzb2pqvToqgh3BYrLqoA2iyx1syc2mGJLpBFm-K4K9hJXRMmcJywY3ItGvg
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SGr2iNVeJc1E%2FrWWPQkgAHN1FADQYdZIxsVCQx79xnmcIxHmfjzb89gIfiUVfYWrVTVtcWeJ7w9AnF%2Ftjery4CwTrEmJAlccwftlY8b9BuL5BzMUzZ%2FYM%2BEmMdnUubc%2Fhp4f1XeQ3YN%2Fjgb5lbIuRsLy"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
6c80ea83bcd04ea3-FRA
expires
Tue, 13 Sep 2022 02:19:55 GMT
frame.html
ad4m.at/ Frame 9DD9 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycdul5Ccw7d7rhgjk4K-9bNVBIMJUbbihzRGNqm4eKjFMeeucQ20B3FnwIcyOYympdB6UUlF8mlNguKXZm3TvRLI
expires
Tue, 04 Jan 2022 03:07:55 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
508430
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r0w1iIb5ixSypiDzsGFijEL4HjV9n96O4sFBo3H8xBM9tcq2fjT1b%2FkQwy9fzw6514xb3oHCM5nP4SaR29oUGwW68MZBlLGB7njMOS%2Fc%2BV1e64uSUtcplCiM%2Fx9DqJRQpz%2B4VOY%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6c80ea83bc904ec8-FRA
content-encoding
br
gwdpage_style.css
s0.2mdn.net/sadbundle/18141009460309047531/ Frame 8D4E 		55 B
103 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/gwdpage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 23:06:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
529272
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 28 Dec 2022 23:06:43 GMT
gwdpagedeck_style.css
s0.2mdn.net/sadbundle/18141009460309047531/ Frame 8D4E 		731 B
263 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/gwdpagedeck_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 00:13:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
525286
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Dec 2022 00:13:09 GMT
gwdgooglead_style.css
s0.2mdn.net/sadbundle/18141009460309047531/ Frame 8D4E 		24 B
72 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/gwdgooglead_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 00:13:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
525286
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Dec 2022 00:13:09 GMT
gwdimage_style.css
s0.2mdn.net/sadbundle/18141009460309047531/ Frame 8D4E 		281 B
187 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/gwdimage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 00:13:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
525286
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Dec 2022 00:13:09 GMT
gwdattached_style.css
s0.2mdn.net/sadbundle/18141009460309047531/ Frame 8D4E 		26 B
74 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/gwdattached_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 00:13:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
525286
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Dec 2022 00:13:09 GMT
gwdtaparea_style.css
s0.2mdn.net/sadbundle/18141009460309047531/ Frame 8D4E 		157 B
144 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/gwdtaparea_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 00:13:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
525286
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Dec 2022 00:13:09 GMT
googbase_min.js
s0.2mdn.net/sadbundle/18141009460309047531/ Frame 8D4E 		400 B
304 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/googbase_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 00:13:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
525286
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
275
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Dec 2022 00:13:09 GMT
gwd_webcomponents_v1_min.js
s0.2mdn.net/sadbundle/18141009460309047531/ Frame 8D4E 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/gwd_webcomponents_v1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c27626364eeaffb44ad2decb980dace7bedb3c8ea1575f81927fc9409cb5b49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 00:13:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
525286
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6276
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Dec 2022 00:13:09 GMT
gwdpage_min.js
s0.2mdn.net/sadbundle/18141009460309047531/ Frame 8D4E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/gwdpage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3260225ba132e9bf8956514e81f6136265ee05250271a027bb2029cbbf4651d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 00:13:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
525286
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1308
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Dec 2022 00:13:09 GMT
gwdpagedeck_min.js
s0.2mdn.net/sadbundle/18141009460309047531/ Frame 8D4E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/gwdpagedeck_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4eefdd923f73deeaec9e4ecb4cc3fae74379145f0fd3f5892165326bce8ed0ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 23:06:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
529272
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3191
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 28 Dec 2022 23:06:43 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 8D4E 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 20:53:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18875
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jan 2022 20:53:20 GMT
gwdgooglead_min.js
s0.2mdn.net/sadbundle/18141009460309047531/ Frame 8D4E 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/gwdgooglead_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b671e2140966063715d21667867d60de45adc723cd1b31e0d2f7466105a90247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 23:06:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
529272
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4481
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 28 Dec 2022 23:06:43 GMT
gwdimage_min.js
s0.2mdn.net/sadbundle/18141009460309047531/ Frame 8D4E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/gwdimage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 23:06:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
529272
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2014
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 28 Dec 2022 23:06:43 GMT
gwdattached_min.js
s0.2mdn.net/sadbundle/18141009460309047531/ Frame 8D4E 		1 KB
619 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/gwdattached_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 23:06:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
529272
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
590
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 28 Dec 2022 23:06:43 GMT
gwdtexthelper_min.js
s0.2mdn.net/sadbundle/18141009460309047531/ Frame 8D4E 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/gwdtexthelper_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dea5d8ba9e54379b26e109f61ceba20a0781d4f80eed75fce6ad0993d4784195
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 23:06:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
529272
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2823
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 28 Dec 2022 23:06:43 GMT
gwdtaparea_min.js
s0.2mdn.net/sadbundle/18141009460309047531/ Frame 8D4E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/gwdtaparea_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f2aac94d011ec45570ef1245e5fc8df73ebd09b1c6859c5a8393df5336e01b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 23:06:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
529272
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1356
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 28 Dec 2022 23:06:43 GMT
gwdgpadataprovider_min.js
s0.2mdn.net/sadbundle/18141009460309047531/ Frame 8D4E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/gwdgpadataprovider_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a170f5913eecb1afeda4cccca5d5b9589c8f068a04ae2c517b602e1484982b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 23:06:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
529272
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1293
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 28 Dec 2022 23:06:43 GMT
gwddatabinder_min.js
s0.2mdn.net/sadbundle/18141009460309047531/ Frame 8D4E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/gwddatabinder_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3460d76a3013a4bb9c689877b41f3eadbf5e780ed9230fb8f8bbd16fcc59842
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 23:06:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
529272
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2351
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 28 Dec 2022 23:06:43 GMT
gwd-dynamic-binders.js
s0.2mdn.net/sadbundle/18141009460309047531/ Frame 8D4E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/gwd-dynamic-binders.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df544db2e8b010512a5ec168d3a9b91355c7197d04a1b29325510e29405e6e0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 23:06:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
529272
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9229
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 28 Dec 2022 23:06:43 GMT
b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
pagead2.googlesyndication.com/bg/ Frame D4F5 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 15:47:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
37221
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13622
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Jan 2023 15:47:34 GMT
nunito-v8-latin-700.woff2
controle.diarioceleste.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/ 		0
0
nunito-v8-latin-regular.woff2
controle.diarioceleste.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/ 		0
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9BBF 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 03 Jan 2022 05:53:44 GMT
expires
Tue, 04 Jan 2022 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
72851
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 4661 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
adff67f70114d426aa7d0993ab6d17afd9974f24807e747df249564c8336fdd8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
usync.html
ad.lkqd.net/cookie-sync/ Frame 2189 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
content-encoding
gzip
content-length
1909
content-type
text/html
last-modified
Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges
bytes
etag
"10c6626c1705141142b0302e29b3bd0e"
cache-control
public, max-age=1209600
x-hw
1641262075.cds025.ml1.hn,1641262075.cds223.ml1.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 5504 		100 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1149535&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c5=&c6=52453&rnd=24793684&m=&rtv=1&thost=www.controle.diarioceleste.com.br
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.75 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
cfb5c70e3128e3d387755a05d7b469ce8fc2ba2be79863b85256c5d2d106909b

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://www.controle.diarioceleste.com.br
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
6036
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1149535&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c5=&c6=52453&rnd=24793684&m=&rtv=1&thost=www.controle.diarioceleste.com.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.75 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.controle.diarioceleste.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 04 Jan 2022 02:07:55 GMT
content-length
0
access-control-allow-origin
https://www.controle.diarioceleste.com.br
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
National2-Medium.woff
s0.2mdn.net/creatives/assets/4372196/ Frame 8D4E 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4372196/National2-Medium.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66e6fad9e5ec87bcda3f169e68173f0d99c792ec94f8586d7df8a4edb540d1e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:05:05 GMT
x-content-type-options
nosniff
age
170
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46308
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 12:01:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jan 2022 02:20:05 GMT
container.html
2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5E8F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 04 Jan 2022 02:07:54 GMT
expires
Wed, 04 Jan 2023 02:07:54 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 4661 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstNzMahVSMQ4Gm0of9aNZmwTy7j3ShNSiimNtGq6sL2mUXeKz0vh9zbGPioCMjuSeU75NyDWHgNTlM_Bbd0B6IZ_O6jjkdRIEnog2PSXtSjHNuNmkRb50Ikf6cOouJwDPCIlAtRhPP805wvsZ0i7FoFOlx8mR1_6h89LBXoknRK3k5N&sig=Cg0ArKJSzITOYnHUjBZFEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=419&vt=11&dtpt=325&dett=3&cstd=88&cisv=r20211207.37135&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 04 Jan 2022 02:07:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F67 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?v=3&s=pagead&action=load3pas&it=fb.765,e2e.1211,fs.758,reqs.758,ress.765,rese.767&srt=8&e=&id=csi_pagead&gqid=&qqid=CKKD2teBl_UCFUmGgwcdVA8I0w&rt=lb.203,ol.446
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
nunito-v8-latin-700.woff
controle.diarioceleste.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/ 		0
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8D4E 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e003d9f9155d881ea713b1fea3fc155bf0c3cc94530d3171e14d307292f7ae32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 04 Jan 2022 02:07:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4430
x-xss-protection
0
current
dclk-match.dotomi.com/match/bounce/ Frame 9BBF 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGYPZxnT58DpIkOZ9Z6_HvI&google_cver=1&google_push=AYg5qPJ0SS4lZYycXrNvRmv8UQ2PNq96jtWVYF5n1HNgcdFf-q9pLtw-QbuV6DEV8OQPV3ZFA8sjwXZx-m5-Kmj-psbrhzl98Sc
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 9BBF
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJiuvFzqj4_ZH8WrPtyeKNE&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=REpaam5rS3YxTjR6ZVg1&google_gid=CAESEJiuvFzqj4_ZH8WrPtyeKNE&google_cver=1&google_push=AYg5qPKjFvDCVQA5LGOoWS6lIJ6eKAplof9oY0Oa_nyuY_X...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=REpaam5rS3YxTjR6ZVg1&google_gid=CAESEJiuvFzqj4_ZH8WrPtyeKNE&google_cver=1&google_push=AYg5qPKjFvDCVQA5LGOoWS6lIJ6eKAplof9oY0Oa_nyuY_Xg4eQF3F4KinYr6mj0-0ZYokVtkWPmQ8ylv_MO_FUZ_jmt8kTdMQ
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 02:07:55 GMT
Server
PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-0e9f0e24f4a2a06c9@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=REpaam5rS3YxTjR6ZVg1&google_gid=CAESEJiuvFzqj4_ZH8WrPtyeKNE&google_cver=1&google_push=AYg5qPKjFvDCVQA5LGOoWS6lIJ6eKAplof9oY0Oa_nyuY_Xg4eQF3F4KinYr6mj0-0ZYokVtkWPmQ8ylv_MO_FUZ_jmt8kTdMQ
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 9BBF
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEATRpjEN8V9lNqprUVtheZg&google_cver=1&google_push=AYg5qPLXgRLygSfTMaBtXq3wTpIZ-xLNpsdJgB5bO6ftWcne6eEGEPkwu_1wStHfrNOl2lN7Qu12bB6hGiCHPLb9jqkaBcR6PWg&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEATRpjEN8V9lNqprUVtheZg&google_cver=1&google_push=AYg5qPLXgRLygSfTMaBtXq3wTpIZ-xLNpsdJgB5bO6ftWcne6eEGEPkwu_1wStHfrNOl2lN7Qu12bB6hGiCHPLb9jqkaBcR6PWg...
43 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEATRpjEN8V9lNqprUVtheZg&google_cver=1&google_push=AYg5qPLXgRLygSfTMaBtXq3wTpIZ-xLNpsdJgB5bO6ftWcne6eEGEPkwu_1wStHfrNOl2lN7Qu12bB6hGiCHPLb9jqkaBcR6PWg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLXgRLygSfTMaBtXq3wTpIZ-xLNpsdJgB5bO6ftWcne6eEGEPkwu_1wStHfrNOl2lN7Qu12bB6hGiCHPLb9jqkaBcR6PWg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6c80ea86dad08b9b-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
970
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6c80ea8588b78b9b-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEATRpjEN8V9lNqprUVtheZg&google_cver=1&google_push=AYg5qPLXgRLygSfTMaBtXq3wTpIZ-xLNpsdJgB5bO6ftWcne6eEGEPkwu_1wStHfrNOl2lN7Qu12bB6hGiCHPLb9jqkaBcR6PWg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLXgRLygSfTMaBtXq3wTpIZ-xLNpsdJgB5bO6ftWcne6eEGEPkwu_1wStHfrNOl2lN7Qu12bB6hGiCHPLb9jqkaBcR6PWg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9BBF
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEFAgSugprnHIbcVm0XZod_U&google_cver=1&google_push=AYg5qPJO8FnoIH2s9V0bQ7QoiGNXY1zH3eARowmVieguMjcBeDfgiDwFEzkcde21THsgq5kR5sWUOLOHlcidNq6-cI0bpt1jUcM
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7509EDD89CD543279D0C21224FF946B8&google_push=AYg5qPJO8FnoIH2s9V0bQ7QoiGNXY1zH3eARowmVieguMjcBeDfgiDwFEzkcde21THsgq5kR5sWUOLOHlcidNq6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7509EDD89CD543279D0C21224FF946B8&google_push=AYg5qPJO8FnoIH2s9V0bQ7QoiGNXY1zH3eARowmVieguMjcBeDfgiDwFEzkcde21THsgq5kR5sWUOLOHlcidNq6-cI0bpt1jUcM
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 04 Jan 2022 02:07:55 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7509EDD89CD543279D0C21224FF946B8&google_push=AYg5qPJO8FnoIH2s9V0bQ7QoiGNXY1zH3eARowmVieguMjcBeDfgiDwFEzkcde21THsgq5kR5sWUOLOHlcidNq6-cI0bpt1jUcM
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Mon, 03 Jan 2022 02:07:55 GMT
google
match.adsrvr.org/track/cmf/ Frame 9BBF 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHNBZTRUuhH763oWFOjwZ6c&google_cver=1&google_push=AYg5qPLcchV7cLidJnmugi9JTnmxYoyaVehhrL5CI8LzNFO_XU4X4jyvStRPvpZDmGAFQMEUtG_XWFw0aiv4lQt7_MbplmJjQw
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 9BBF
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIWuP-r4My28mmoVs3gl-_s&google_cver=1&google_push=AYg5qPJh2PTM1mZytgL9uWYUtcvyGXaJJSSqaZHO0MlSGy8EMQAhb2GqtIOyoXNr_qdlXgRMIRNqX1KaWlKFMf3oKBJSMOT...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJh2PTM1mZytgL9uWYUtcvyGXaJJSSqaZHO0MlSGy8EMQAhb2GqtIOyoXNr_qdlXgRMIRNqX1KaWlKFMf3oKBJSMOTv6Cc&google_hm=NTgxNjY2NDc0MzA4NjY5NDY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJh2PTM1mZytgL9uWYUtcvyGXaJJSSqaZHO0MlSGy8EMQAhb2GqtIOyoXNr_qdlXgRMIRNqX1KaWlKFMf3oKBJSMOTv6Cc&google_hm=NTgxNjY2NDc0MzA4NjY5NDY0NQ%3D%3D
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 04 Jan 2022 02:07:55 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJh2PTM1mZytgL9uWYUtcvyGXaJJSSqaZHO0MlSGy8EMQAhb2GqtIOyoXNr_qdlXgRMIRNqX1KaWlKFMf3oKBJSMOTv6Cc&google_hm=NTgxNjY2NDc0MzA4NjY5NDY0NQ%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 9BBF
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEaALM6E714T4YCKFpxMgWk&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEaALM6E714T4YCKFpxMgWk&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkj...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame 9BBF 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JpX9LWH9cN_2gAqBTPtDAxf34CK8R10p7mrNZGvftDemUxVuWNPe0p5V9xJISGF9wjzauL
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
cs
cs.lkqd.net/ Frame 2189 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.185 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 2189 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.185 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 2189 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.185 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 2189 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.185 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 2189
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4392194267766048912
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4392194267766048912
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.185 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4392194267766048912
pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
adview
securepubads.g.doubleclick.net/pagead/ Frame 5E8F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CALHU-6vTYb-8C9WFjuwPldGp6A3ukrWTXL-ihcfkBcCNtwEQASAAYJUCggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODLIAQngAgCoAwGqBIYCT9CFn9CyGgU9QrPWf3TkzUb8HMXl5n89cg4Du6o0d-BsEt3JF8sim3uVLHq0vXTwuXhIJ2kXovGaasxNJqtXgcoEl3Cu-W2K5lsvUPJ7rhPOPaPmUF4fjoxOcN8P6FEk2yvrn8gLCVDKQ35mdSogxFEOBSQ0x0Sr8Ot6_CARaIprbTsMuox94iCRyf6QtTQhmhR8SjsK5F-DN3liVl6ccZr6wDBUqSR5ZuTIpgL888KSZQ7zJLCElKUsCu0t0t2BEli-8zYgcl_c5Q8Eggt_tAuRRjK7IfPjPYyN4si8hm_Io1dZBg3UIv6M_76D7WqARxMOWkC2aKTvvqRs0U7AAZWPrcpQ7OAEAYAGzqO9jOPx6rgkoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMjg0NTQ2MzQzODE1Mzc4MhjP1Gk&sigh=W6NU0YqmvmE&uach_m=[UACH]&cid=CAQSPACNIrLM9ekNOR_6Y8A8u_pb96qmCAdD-2F3pUv0DLzacKFqcxKpHfNyU-Q0_6PVigK0UnP3MgeRufWQ-hgB
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
ttj
ib.3lift.com/ Frame 5E8F 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/ttj?inv_code=JuiceBarAds_SHA_RON_EB_HDX
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-72.fra56.r.cloudfront.net
Software
/
Resource Hash
c67ccb06fe072838f5e17ccc12d9a54f76aeb3e359cfdd4c491d116bfe096520

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:02:09 GMT
via
1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
age
681
etag
"65cb7913fd29dc1a897df1c3b52cbd46"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-C2
content-encoding
gzip
content-length
2012
x-amz-cf-id
YDUFcsB9MftL_jt89ng4EPqZnuTEUcQGnGtlmxmS8vJP7i6CptxbtQ==
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 5E8F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 01:37:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1824
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Jan 2022 01:37:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5E8F 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 04 Jan 2022 02:07:55 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 5E8F 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 01:26:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2482
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Jan 2022 01:26:33 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 5E8F 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 20:54:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18776
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 03 Jan 2023 20:54:59 GMT
notify
tlx.3lift.com/s2s/ Frame 5E8F 		37 B
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/s2s/notify?px=1&pr=YdOr-wAC3j8Hg4LVAApolSQF2pNwtVan8TNb9Q&ts=1641262075&aid=47677051723035161120&ec=5989_142837_400127076&n=GgDyAr8BCAASFDQ3Njc3MDUxNzIzMDM1MTYxMTIwGAAgASjlLjD12whAAUgAUAFgCmgAcNWnCpABAJgBAKgBALABPrgBHcABLsgBPuABJ%2FABAPgBPoACLogCJ5ECAAAAAAAA8D%2BZAgAAAAAAANA%2FoQIAAAAAAADwP6gCALACAMgCBNgCAPECZmZmZmZm5j%2F4AoUvgAPYBYgDWpADAJgDAKADALgD2zHAAwDIAwDSAwk0MDAxMjcwNzbaAwk4MzI5NzE1ODX4AgWIAwCSAwRjNjI3
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.28.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-28-35.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
pe
eb2.3lift.com/ Frame 5E8F 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/pe?fid=10&peid=0&aid=47677051723035161120
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
ww-logo.svg
s0.2mdn.net/sadbundle/18141009460309047531/ Frame 8D4E 		861 B
512 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/ww-logo.svg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02e5d19a183da192e043987b408ccc29f42f512819fff85ba46f8a678dbb1773
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 00:13:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
525284
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
483
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Dec 2022 00:13:11 GMT
60021267_20211209091510968_WW_Winter_Prospecting_Program1.jpg
s0.2mdn.net/ads/richmedia/studio/60021267/ Frame 8D4E 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60021267/60021267_20211209091510968_WW_Winter_Prospecting_Program1.jpg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dbb0e9a1e4a7d82d4a339cf4a87d3b2d10711462f7588a906d4a3faba41a4c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=0hszwnSEWU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 01:42:51 GMT
x-content-type-options
nosniff
age
1504
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13954
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 17:15:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 05 Jan 2022 01:42:51 GMT
rs
ad4m.at/ Frame FD70 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1c8ca57a9dec265bfbdb6f995a58c5cf08763c5939bfbb9138141222899f028

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6c80ea859de44a9e-FRA
date
Tue, 04 Jan 2022 02:07:55 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RiIkJUx8YnhfvFGKpFBoQeXSyx0aoUQ4OuRDe%2FNwJiMBxrmNjIRig1xH1oBKD2DhwMSIbA1viws8QmQgxLnvo61JbHZo7%2FiDehfMsWFmEq8QfydrcJzSs2Mdtu9nUPotnLUV0UQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-jrpn
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-jrpn
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Au5dJK8gec5U3nxw4p086Vc7EefGENpxMCrpyPQiI%2BitpjQNw%2FoFOLL5y7MoTmrLq8Kg3pojs5%2B8SRUq1M9jLEKeUz1YPs6K9MLT2kKNGteBLenZ7N7%2FISBT440SO1cEso9I4o%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c80ea857dcc4a9e-FRA
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8D4E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
expires
Tue, 04 Jan 2022 02:07:55 GMT
container.html
2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5840 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 04 Jan 2022 02:07:54 GMT
expires
Wed, 04 Jan 2023 02:07:54 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
nunito-v8-latin-regular.woff
controle.diarioceleste.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/ 		0
0
t
t.lkqd.net/ Frame B245 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.controle.diarioceleste.com.br
date
Tue, 04 Jan 2022 02:07:55 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.controle.diarioceleste.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 04 Jan 2022 02:07:55 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.controle.diarioceleste.com.br
bundle.js
ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/ Frame 5E8F 		246 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/bundle.js
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=JuiceBarAds_SHA_RON_EB_HDX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-72.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42bab28225b200fcaef4d6dc17379592c02c63daf49fea12450d9c66e4afa1c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 17:14:46 GMT
content-encoding
gzip
last-modified
Mon, 13 Dec 2021 17:10:39 GMT
server
AmazonS3
age
1846390
etag
"63ce70b8f5a8fd74fd206c097492fb0f"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
cache-control
max-age=31536000, immutable
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
79992
x-amz-cf-id
z9hnVtRE59AeroBhDMnvW4nJ1x2KwhFFsSc0hXUP-V64pqAFWzkSbg==
rar
as.ad4m.at/ad/ Frame AAAD 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=56666%2C22472%2C14044&b=4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK%2CB57hgfW7sEkPTxH6H3t9t31GF4TeTGBUM&f=rDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd%2Cj83uEfZeSJEmTYHEH2tWCgmBuKTzTxJc9&c=728&d=90&e=KnVRbz8jl9YEznYcSjwwJZ72HxHdabap&g=caaffbd9786bdebbb9df2235e56e7848%2F3134790401295411739&i=22427%2C27323%2C25007&j=21%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1641262075795&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbp60ggmka43nh9mtdzzvjaza838cs8sp7qqy2jzqjdv3ndjbn9xkhmsggd6e8s8j5gxa8bamc7aazr6tgc8w911b3hxvzj7eq52am0mmz4azkqjek5ksvnaa69yx5e0b41cm9997vy5djgmtpsk8m3b3pkbqmrwke6kgs4wg06fkmvrjwa2e3ztp4xgq15x9b9jqznqrez32vr9jbt5tx67j3s137p1jgsj10apy9thgzknrmxs585eawqy14km0q4858t3mvqe83w1xgg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCAwtX-qvTYaKePMmMjuwP1J6gmA2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODKgAcKu6N0DyAEJqQJ9w9YDbfOyPuACAKgDAaoEjgJP0IUXK6aA44QNVbXIihgdZxPiq9xv4vpdQL5hNNZSsGa9GCJIcHnezFpd-l7p_bxxmqnzzRlb6mJuVOYrWV8M7DsfhNtZ-wTPSMxZVnQIZm7xu5nP5lir5UUM88z0lEEWEYA89goC8YtfPlk23M6at_zsDr8ikA7tHVCH3UC7OCo1-gxKmhVjWzDS7qYhQRciXs-z8w071Pv2QlXhPGY43lR7SuUs9-zvcC0sDeLfcRhniQovPUj38jtIEfp_YpqToBCbrEuxThk63mLB0DjSWZoRHKO8rLhUBGN3TM5m09QMKtiXbDgJZB_-ImdR9JlIdu1wfdD24kOGGGv1F_SCkfcuNOEBciuM82rWITPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2Rnk9uyla3lYMfMR0VcR5Dvy-7BA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88be9db33fc64f3c574f56bdc11a2c91fcf179011a1a9b334cf909bb0e456c02
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kgd2fn8tnkc21nyk7r6zb8w4qfngfd9c1f3vg6j3w7wzb7rd8xcsfy8krdz3dk6s0fgg0amfc15sarh7a7rf1yzxg0f9sfjrq6n262tz6amh5gk2zt87rqa5zs0qjrkgrh9jcemapr3egq0renc3tpje9z1dz8jzv2ys043v16vv38b6hc979w2cpb29bccx10ajs6xg06vwz4x0r98hkc6s66wrq27scj2sasdw34jq4rvkny52f7knwbhr9pv1vwrqsnzb3bj6ayf0bm21b3010353t5gr49bh99h9w468agn4d0d2x44q9aq857aqbk16qyzr96w4nmqh332r3a1zqz3j7eahvt3g0w9jsp84tyjvwjtr7qcqbpewq862hj2c10gtzs4x5b4ps63jv5tykb8atwhf03qfg06dvqfg2gdnqc0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAwtX-qvTYaKePMmMjuwP1J6gmA2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODKgAcKu6N0DyAEJqQJ9w9YDbfOyPuACAKgDAaoEjgJP0IUXK6aA44QNVbXIihgdZxPiq9xv4vpdQL5hNNZSsGa9GCJIcHnezFpd-l7p_bxxmqnzzRlb6mJuVOYrWV8M7DsfhNtZ-wTPSMxZVnQIZm7xu5nP5lir5UUM88z0lEEWEYA89goC8YtfPlk23M6at_zsDr8ikA7tHVCH3UC7OCo1-gxKmhVjWzDS7qYhQRciXs-z8w071Pv2QlXhPGY43lR7SuUs9-zvcC0sDeLfcRhniQovPUj38jtIEfp_YpqToBCbrEuxThk63mLB0DjSWZoRHKO8rLhUBGN3TM5m09QMKtiXbDgJZB_-ImdR9JlIdu1wfdD24kOGGGv1F_SCkfcuNOEBciuM82rWITPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Rnk9uyla3lYMfMR0VcR5Dvy-7BA%26client%3Dca-pub-2845463438153782%26adurl%3D

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c80ea860ebe4ec8-FRA
content-encoding
br
nunito-v8-latin-700.ttf
controle.diarioceleste.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/ 		0
0
EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
pagead2.googlesyndication.com/bg/ Frame 0AEB 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 20:54:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
18776
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13555
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Jan 2023 20:54:59 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E85C 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 03 Jan 2022 05:53:44 GMT
expires
Tue, 04 Jan 2022 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
72851
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 5E8F 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
327b14f53cd86965457248b0a60398062cf738f95b0cf4cfc2ac3fd7aeca2bf3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame 5840 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CV_xI-6vTYYOZIsPy3wPG_7bIBei-mJRcoKWzyf0IwI23ARABIABglQKCARdjYS1wdWItMjg0NTQ2MzQzODE1Mzc4MsgBCakCevVkqEZihD7gAgCoAwGqBIkCT9AJKuD4FbV7reDOuuF8wyKiE4vKI38C99_WbWOKjiILIYLZRf-XSdQDdY7fsIjukcgNzUSdz1mYwlPiW7hFpw37LX0vlpDvuKsVfd-pY-lq3dZbSxE68fEuO5zgLnES_3ahpnNj5IsC76l7uRBwJM6mEZ55R0iSvU3N7xjj0zp8EJZnQ-V2tP_CvT4-z7vH1_hkdfr4trbePgGJDGKg2fVJMzqdHW-1ZBcdQBMGhy2ChIk1xm3s_KBrXLi3COsJs9Gb-e85WpfKjNHaI56dJcpB_k3gKfi1jsk0BJL9HtITEhQZjzhl-qLv8MzBvPx4eCGVlWGgzYFrh5tnXJ4LUZEv59WV6iugaOAEAYAG95222qfVjssfoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMjg0NTQ2MzQzODE1Mzc4MhjP1Gk&sigh=JqyK3Y6sBJE&uach_m=[UACH]&cid=CAQSPACNIrLMZR1HwLjTzItFxsOqCRcKMeWROuO8rIE-kqpeVjRNtVse_H1dhrtLViDXiNyeqosCT7AsxJtoExgB
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
/
track.adform.net/adfscript/ Frame 5840 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=46122647;rtbwp=YdOr-wAIjIMKd_lDAA2_xqGPYiWTX0sSmjic_w;rtbdata=sE7aJDcJuegdKCn7zHyi9_FRUR4GSi6IDJGX4Ff6Dv-e9fWGgeG7KQ6lzVbaIVSCIspSLvWTteuSuqkhLpZinfTVqV7K2UCDyk4duVUUcw0SxFA_n3xXpRmQZP2mOwfaaMwOE8Kw1NgddDWXC0o5AR36NRsXaTPpY9LqVqr5u7004_0ID0LYS7PRkeAURXdVuSjuJH3O9LopifyFOpkPMqGloshJgAGNGryWsoEKSI65ulHu_8-bIsbk21oTzP-01ejLGfZaMtplGmNzwd-hVpOYdiw-7pVO3i3IlGDfNRRpsHQDE1RBHrNOUs5OeowVIpE1YpJauBBue6m5mETywErzvcOouG350;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CRJM_-6vTYYOZIsPy3wPG_7bIBei-mJRcoKWzyf0IwI23ARABIABglQKCARdjYS1wdWItMjg0NTQ2MzQzODE1Mzc4MsgBCakCevVkqEZihD7gAgCoAwGqBIwCT9AJKuD4FbV7reDOuuF8wyKiE4vKI38C99_WbWOKjiILIYLZRf-XSdQDdY7fsIjukcgNzUSdz1mYwlPiW7hFpw37LX0vlpDvuKsVfd-pY-lq3dZbSxE68fEuO5zgLnES_3ahpnNj5IsC76l7uRBwJM6mEZ55R0iSvU3N7xjj0zp8EJZnQ-V2tP_CvT4-z7vH1_hkdfr4trbePgGJDGKg2fVJMzqdHW-1ZBcdQBMGhy2ChIk1xm3s_KBrXLi3COsJs9Gb-e85WpfKjNHaI56dJcpB_k3gKfi1jsk0BJL9HtITEhRbjRn3ZjpOnGZgmDqQA-BV8XWqBItFn020rOXKmzwxy80LV5LMwjuE1OAEAYAG95222qfVjssfoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_2emQ8kNBYd5iy64LXmrahSGoEO6A&client=ca-pub-2845463438153782&adurl=
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
941643009275fc7d3b06cd76c6e5bce630edb5031ab4a7f5ec180237a42e9985
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
1733
expires
-1
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 5840 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 01:37:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1824
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Jan 2022 01:37:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5840 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 04 Jan 2022 02:07:55 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 5840 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 01:26:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2482
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Jan 2022 01:26:33 GMT
l
www.google.com/ads/measurement/ Frame 5840 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQD9xST8m_soiLejlPAbiwf9cx-4TO54kwXFvbeE4A9KLCdldMObwW-a2OOZ4Sy4mLQiLV26enP3-uq5wfARLRB5coywA
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 5840 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 20:54:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18776
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 03 Jan 2023 20:54:59 GMT
notify
tlx.3lift.com/s2s/ Frame 5E8F 		37 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/s2s/notify?px=1&pr=YdOr-wAC3j8Hg4LVAApolSQF2pNwtVan8TNb9Q&ts=1641262075&aid=47677051723035161120&ec=5989_142837_400127076&n=GgDyAr8BCAASFDQ3Njc3MDUxNzIzMDM1MTYxMTIwGAAgASjlLjD12whAAUgAUAFgCmgAcNWnCpABAJgBAKgBALABPrgBHcABLsgBPuABJ%2FABAPgBPoACLogCJ5ECAAAAAAAA8D%2BZAgAAAAAAANA%2FoQIAAAAAAADwP6gCALACAMgCBNgCAPECZmZmZmZm5j%2F4AoUvgAPYBYgDWpADAJgDAKADALgD2zHAAwDIAwDSAwk0MDAxMjcwNzbaAwk4MzI5NzE1ODX4AgWIAwCSAwRjNjI3&b=1
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.28.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-28-35.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
r
eb2.3lift.com/ Frame 5E8F 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/r?inv_code=JuiceBarAds_SHA_RON_EB_HDX&aid=47677051723035161120&rev=c0c4269&ss=5&bc=0.062&pr=can%27t%2520access%2520top%2520document&brid=168917&bmid=5989&biid=6021&bcud=62&sid=142837&ts=1641262075&caid=0&unid=0&domain=2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com&ref=https%253A%252F%252Fwww.controle.diarioceleste.com.br%252F&rr=creative&fid=10&rb=0&g=0&cb=42638
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
truncated
/ Frame D0CE 		26 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/gif
OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 5E8F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-72.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 07:26:46 GMT
via
1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:36 GMT
server
AmazonS3
age
585670
etag
"ddf020e069f1706b72b7698b28fede09"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
3125
x-amz-cf-id
oeG8xONh8gZP0KRwDiqgcaNDq7c6-JJ2H-4WnTGImMA8wmmbjU4xqg==
OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 5E8F 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-72.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 17:17:10 GMT
via
1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:31 GMT
server
AmazonS3
age
31846
etag
"7ceab27af00fa466072a3c3360041755"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
3518
x-amz-cf-id
2a4kjDMhCOsYYOD94-WD86dyAU6UxoZbOVg6ATBMyydeCd-HdEsaWg==
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9B18 		261 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHR6uYCEMHGmI0DGOTo5b4BMAE&v=APEucNUzRuzmFjj1G_UbW5DCuCSUFoIXkL41sPDsNC4-W9Apn1T6P7fQE-kmQBNdUenz3-hRa_cAses6yyo3PNP_Z7uUU32dwVlLbYylH3JQq54QZxU5AX3ZXO4g5HCB8mpUhl10BOKRJHDDc99l6XsJqI0JuB1yv6YZLTxxZ0-KOcFbUIPDVe8
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 04 Jan 2022 02:07:55 GMT
server
cafe
cache-control
private
content-length
145
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 86AB 		53 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_V_pcrBp7JHbBiqZBNPanXO9ft1RXnSqR4by2J1ZbgNkUXtXu4_sGa62tuqOd2Prer8Xfzgbo1b_r0D3VGRdHTl6o37QedasWYxgFRj2DT_hpUK8ipQG0lyMbF12mCaNzglZ5opC3pjXrj70Rxhyfc4aang&cry=1&dbm_d=AKAmf-AalB1F_zaAZwpj3l3zKB3N70tz8lXQ_M9mm0j6BTAfw6TtihfRwyBsEUBirCkSJOJ4eItjCqQgElYSta1zLI8qGCafN3Cnl6arabNjREnq_Dd3u0T0t43IYlSdUTAznaZCxNQYVvPiPwLvgesxk8dRZLcpgQm-2Se5d2RLPHMHA2uulWt39y7qO6ae7-VLzm1QAiwDTYLqS99oa03QicdIozXr3uh4ntrNYmYt00rUaHZembc0iC7D8C1ny6ZTh6RtXUniHFtH7vd8bIbcMMoUE8NLqlGf_UtJ2y4N4XZg9kA5GVU9gEC4QuRIummNdgnrMeVtXdkc_-yzmVQsBh3eP_DKAPNmSuZE0dS8DVemmWh0I1dI3BKEsWGZSNbmO8c1wLeX5jmJvYSAZ3hOHOaZ3509-PbYLsfPTn5rloqXbWfh7XH9FQO5pSVrzvTRVihX2-FaQlMFcw_ysbUchV6UIVT2ZcOF0CpyHPmWP8DD4li7mrmr5weamEmUwx-ctdUVdIXmMTJRaTIafbYfQ0svJ810lCi0YdDc9iNYhcQ4QatD5nNjakJGL5LuBYClN1Yjez6uiXgOimjtvz_g8JeI1FuGWwTCEPsZa0b0Sk93X5FBjOk-ItopdmsGfAoXxMQehdt2y3j4UdI0HmSIoQTS81uZxb8SrzrSeftuSXcFsUwApwYzsTu8sCgMcjkzqQZFXCQnWQOm_bHBDMQ2jJHW8hQoUc6hmZsep7oyt8-xMgyzxVK7G9faKnHoGBC84UFKDS2RjH63f5TF1QyE9FxDuV3UGxZ5iy11x0URsVOZdMlVmGrPwsiVA1w9dJ2_SzLezj4dNpiQOADuLWS8BIz645p56qxRGZBGW4uKYJ6Gkv_pONI1t82usd1ZBkY-Vtl08CFt82BBTEpH-O_up3yfgidKegIiZVn9p7VIl_gxF8xUxR-UzpqCnS65mqc4Uvy4aFWW_fKdTjhxjhPBi8dYC3d5pLDLbkz1yXK2tvcD4cPv7Oa8BtoQlw4JesTekKq9ulXKsQnPCcH_A_wQ9cX0myG86iKORn62bsAWhM3tLNFPUGLCg3iBwg_BbkDio6Cb0l1xG9gDJnzTiFVErtUCPQmoeu6ubJNKaqsSlwIZxFJdVfdgzrNNT-cBEhO76ouZMEVymdb7Ft2GxtgMtcBenMH-cw-r99rF2-MVF6xLwYgULkUWKQ6-ysxeKm8STfDtHIlH5kflwqhIqESZLstpF1EK4fMIeEbCpVDwa3H1ZVKhbgbCDt-M0M77idZxdznSvwQ8wyD5Stg1dfq28dC5Sf16EBjr5iG00U2R4kSs48evgSKXii6MEFkEn0AZ2tTLjeLuAGuKms_zm49TFgYgFYV2HPoqsL_6n-B5P0oLv1wuBJiw7A5EUMrhJ9YwlRxFH2P_s_r2dcxodMz8qyhBS0wPKT0htXGM-3whtXF093SgRs1Ekn8vzfwbE3wcYm6c4NnFhnzOOgtfp7oUZa09WirGDnpdyeVH5azX-sxsJ1okeA_sID43qhqMQTfLPpijlaQwLOXdfhYBjVsI2sz7jfgtZCL0Yqm33EYqIXNdRtn9xsSsTmQ4RLyFedQwda35VKpS5KMjcfm-KbmvwaE3PAoMOnMdpn7iHncZLjQcWgQ6Lg-MUFI7XTot3Sbd43UMpJlQc2ZL9hLTGNJypCJmMaGVwW276n8f1AGTBVeLHAb5OnzS6m3wbponLahHIx4vy4D-xe7XyrPtomcpzxnqyL54FN_XKKnXWDcxKcijh2ITVvI8-ush4JcNyg0Dr72XQSEWCpo6MiqnywYRCBdZrIX3tv-B9vAvLBgcSJ63wGXsnXZ6cvqPsP61HUUfpIx-DwbCcVujLoRHAmBl7DfWeMT408WWXQjmf6-ne8esqczR8iiAqlqAKnlOH9rCPoaWpRFRnDRAD6FlyVA1eOTHV_uhlwyrbQvwTcjOPOFGLdDkobUmEpFItmrtkpSr26L1B6MNadvZDYY4vTUI6HgIlih4GhMm9j2yi6fk5t3UM4L5x0tZkb2eCy32BTG7OAx37ug-u-4u3rCHoYDV6J_6huxhLXQmZtVPk9IABYAk7zWbxYWmcgfqd9Xct-vAZBf_PL70SFl0qtRTwAdOOyMurQHGCv65GUPWQfi2yx2UDJ-8h7H4qTyCIjzhcMecM_XGQhuHW7L1JEMjihMudRFTKfEIyYKUm1l_UO4ObIoJvMZf7OrJWBl13MHmgYGPwo6Al6PPeIcUqa3SkFfZOqK8jV43O14ziyW-ut9Ew4BSjLyn6W3rY-HFsSnSSeNzOoIvQDl6K26HJjbJeotDVUO6iONW8_XRb1gIzLc1mB_maX64FGkM2azT588rTt49w15j9KKwz-kiAPcWMbyLEtcoHilHpSbW6WXTkaXiZFaW56T18k_LSiCiCKQwrZgZ-Xi3dSKJdembPxIal50L19DXWRCpUfuPWPCqXnrHdi744z2UCkCmb-PuGOkvt-aWkJR7htUzhusJrer3VOuZ5F5RrWMn47BlUH_kucbu3Xp6d1gKZ0BTOL_RSiGWUZTQrI6woczwqFrxcvQF53XxOAQfkNot_B-mafyMLBUpvhQesBS1vzuq676YfWOzQHIdGNloG3SKtzaIucyIVSgqQBSmBHkVW-wC5S8XemokLE-QAY87oYoB3vyLHaz3LE6Z98e4KZ39mGTDVx3lD9gDFanUdVB4L2dpOBPlL0s0N3ptZLdfW-SwswtzTmd4j9VEUbPRVGEZ4lExgbaP6MSm214IqcYSIlJxtIcusQq1Gar0EuVFaMoTSbNQx7srYUIGDZ7s2VwhWItvrR_pdOjmaK_p2IY8-nF99HWaLrziUfDljV7BMfruDtrIMGuRQr1ZIk0IB44V9csQU6J15TyoN1ALoij0LtvEEuQq1FsHUgsKQeopRC4qEJ5EeVt7ZXJAyTIRnChYSi7xpDdqfHkd0REmmrWUFTbBs_nliOkpH0A4qGq_CJ-ogIX4TVJYF8pDkp3syeSazzwEIPwhWz44rtJzZQ-Eg-D1SsFuupUDKUqxlZ2X44H5NUIq2kW_cBcQDqLB65lhUQ95LMYyPZuikHJlG8UO0-XQwwDF4vz081R5VNJKfnlNztv7cSsvnpd4W6Dsa0VSFym--_V_tZRao910nuIA0g&pr=96:0.062&cid=CAASBORogG4&xfc=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3DJuiceBarAds_SHA_RON_EB_HDX%26aid%3D47677051723035161120%26rev%3Dc0c4269%26ss%3D5%26bc%3D0.062%26pr%3DYdOr-wAC3j8Hg4LVAApolSQF2pNwtVan8TNb9Q%26brid%3D168917%26bmid%3D5989%26biid%3D6021%26bcud%3D62%26sid%3D142837%26ts%3D1641262075%26caid%3D0%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D60829%26rdir%3D&rfl=2%2Chttps%253A%252F%252Fwww.controle.diarioceleste.com.br%252F%240
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d724de9d279f96b2c7d3346f4ad30e26ab21412e6dc7c41c74527bc811cb8e52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25442
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 86AB 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AnKYhKMdZ6O7xaBj_kGfGttirWXJTMeq6904h9484t7ITHFPOZsT-vK4N-MNLSjQ26RD9FXQUxbo0AIv4TjRZpsUbCjIaAq2QQO0Usu2l_55LXULk
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aop
eb2.3lift.com/ Frame 5E8F 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/aop?inv_code=JuiceBarAds_SHA_RON_EB_HDX&aid=47677051723035161120&rev=c0c4269&ss=5&bc=0.062&pr=can%27t%2520access%2520top%2520document&brid=168917&bmid=5989&biid=6021&bcud=62&sid=142837&ts=1641262075&caid=0&unid=0&domain=2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com&ref=https%253A%252F%252Fwww.controle.diarioceleste.com.br%252F&rr=creative&fid=10&rb=0&g=0&cb=95072
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
nunito-v8-latin-regular.ttf
controle.diarioceleste.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/ 		0
0
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 5840 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=46122647;rtbwp=YdOr-wAIjIMKd_lDAA2_xqGPYiWTX0sSmjic_w;rtbdata=sE7aJDcJuegdKCn7zHyi9_FRUR4GSi6IDJGX4Ff6Dv-e9fWGgeG7KQ6lzVbaIVSCIspSLvWTteuSuqkhLpZinfTVqV7K2UCDyk4duVUUcw0SxFA_n3xXpRmQZP2mOwfaaMwOE8Kw1NgddDWXC0o5AR36NRsXaTPpY9LqVqr5u7004_0ID0LYS7PRkeAURXdVuSjuJH3O9LopifyFOpkPMqGloshJgAGNGryWsoEKSI65ulHu_8-bIsbk21oTzP-01ejLGfZaMtplGmNzwd-hVpOYdiw-7pVO3i3IlGDfNRRpsHQDE1RBHrNOUs5OeowVIpE1YpJauBBue6m5mETywErzvcOouG350;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CRJM_-6vTYYOZIsPy3wPG_7bIBei-mJRcoKWzyf0IwI23ARABIABglQKCARdjYS1wdWItMjg0NTQ2MzQzODE1Mzc4MsgBCakCevVkqEZihD7gAgCoAwGqBIwCT9AJKuD4FbV7reDOuuF8wyKiE4vKI38C99_WbWOKjiILIYLZRf-XSdQDdY7fsIjukcgNzUSdz1mYwlPiW7hFpw37LX0vlpDvuKsVfd-pY-lq3dZbSxE68fEuO5zgLnES_3ahpnNj5IsC76l7uRBwJM6mEZ55R0iSvU3N7xjj0zp8EJZnQ-V2tP_CvT4-z7vH1_hkdfr4trbePgGJDGKg2fVJMzqdHW-1ZBcdQBMGhy2ChIk1xm3s_KBrXLi3COsJs9Gb-e85WpfKjNHaI56dJcpB_k3gKfi1jsk0BJL9HtITEhRbjRn3ZjpOnGZgmDqQA-BV8XWqBItFn020rOXKmzwxy80LV5LMwjuE1OAEAYAG95222qfVjssfoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_2emQ8kNBYd5iy64LXmrahSGoEO6A&client=ca-pub-2845463438153782&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
30d2143e5e0ad4af94bf25a55ea17ac1451f5f8b91ff96dc4a32b4791aaeeab8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 14:23:05 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 05 Jan 2022 05:22:52 GMT
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame AAAD 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C22472%2C14044&b=4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK%2CB57hgfW7sEkPTxH6H3t9t31GF4TeTGBUM&f=rDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd%2Cj83uEfZeSJEmTYHEH2tWCgmBuKTzTxJc9&c=728&d=90&e=KnVRbz8jl9YEznYcSjwwJZ72HxHdabap&g=caaffbd9786bdebbb9df2235e56e7848%2F3134790401295411739&i=22427%2C27323%2C25007&j=21%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1641262075795&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbp60ggmka43nh9mtdzzvjaza838cs8sp7qqy2jzqjdv3ndjbn9xkhmsggd6e8s8j5gxa8bamc7aazr6tgc8w911b3hxvzj7eq52am0mmz4azkqjek5ksvnaa69yx5e0b41cm9997vy5djgmtpsk8m3b3pkbqmrwke6kgs4wg06fkmvrjwa2e3ztp4xgq15x9b9jqznqrez32vr9jbt5tx67j3s137p1jgsj10apy9thgzknrmxs585eawqy14km0q4858t3mvqe83w1xgg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCAwtX-qvTYaKePMmMjuwP1J6gmA2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODKgAcKu6N0DyAEJqQJ9w9YDbfOyPuACAKgDAaoEjgJP0IUXK6aA44QNVbXIihgdZxPiq9xv4vpdQL5hNNZSsGa9GCJIcHnezFpd-l7p_bxxmqnzzRlb6mJuVOYrWV8M7DsfhNtZ-wTPSMxZVnQIZm7xu5nP5lir5UUM88z0lEEWEYA89goC8YtfPlk23M6at_zsDr8ikA7tHVCH3UC7OCo1-gxKmhVjWzDS7qYhQRciXs-z8w071Pv2QlXhPGY43lR7SuUs9-zvcC0sDeLfcRhniQovPUj38jtIEfp_YpqToBCbrEuxThk63mLB0DjSWZoRHKO8rLhUBGN3TM5m09QMKtiXbDgJZB_-ImdR9JlIdu1wfdD24kOGGGv1F_SCkfcuNOEBciuM82rWITPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2Rnk9uyla3lYMfMR0VcR5Dvy-7BA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=56666%2C22472%2C14044&b=4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK%2CB57hgfW7sEkPTxH6H3t9t31GF4TeTGBUM&f=rDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd%2Cj83uEfZeSJEmTYHEH2tWCgmBuKTzTxJc9&c=728&d=90&e=KnVRbz8jl9YEznYcSjwwJZ72HxHdabap&g=caaffbd9786bdebbb9df2235e56e7848%2F3134790401295411739&i=22427%2C27323%2C25007&j=21%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1641262075795&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbp60ggmka43nh9mtdzzvjaza838cs8sp7qqy2jzqjdv3ndjbn9xkhmsggd6e8s8j5gxa8bamc7aazr6tgc8w911b3hxvzj7eq52am0mmz4azkqjek5ksvnaa69yx5e0b41cm9997vy5djgmtpsk8m3b3pkbqmrwke6kgs4wg06fkmvrjwa2e3ztp4xgq15x9b9jqznqrez32vr9jbt5tx67j3s137p1jgsj10apy9thgzknrmxs585eawqy14km0q4858t3mvqe83w1xgg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCAwtX-qvTYaKePMmMjuwP1J6gmA2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODKgAcKu6N0DyAEJqQJ9w9YDbfOyPuACAKgDAaoEjgJP0IUXK6aA44QNVbXIihgdZxPiq9xv4vpdQL5hNNZSsGa9GCJIcHnezFpd-l7p_bxxmqnzzRlb6mJuVOYrWV8M7DsfhNtZ-wTPSMxZVnQIZm7xu5nP5lir5UUM88z0lEEWEYA89goC8YtfPlk23M6at_zsDr8ikA7tHVCH3UC7OCo1-gxKmhVjWzDS7qYhQRciXs-z8w071Pv2QlXhPGY43lR7SuUs9-zvcC0sDeLfcRhniQovPUj38jtIEfp_YpqToBCbrEuxThk63mLB0DjSWZoRHKO8rLhUBGN3TM5m09QMKtiXbDgJZB_-ImdR9JlIdu1wfdD24kOGGGv1F_SCkfcuNOEBciuM82rWITPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2Rnk9uyla3lYMfMR0VcR5Dvy-7BA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
466972
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 29 Dec 2021 16:25:04 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6c80ea870f8d4ec8-FRA
cf-bgj
minify
DE7723A3AFDAF019578E8DC48EFCA5260074D3BD31078DAB30E39934BDB537A7756DE8A298EFEBC96FD918DCFB3DF6E8EFF3AA5A7830C15D1026723FEFAFAC4A
assets.ad4m.at/logo/ Frame AAAD 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DE7723A3AFDAF019578E8DC48EFCA5260074D3BD31078DAB30E39934BDB537A7756DE8A298EFEBC96FD918DCFB3DF6E8EFF3AA5A7830C15D1026723FEFAFAC4A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C22472%2C14044&b=4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK%2CB57hgfW7sEkPTxH6H3t9t31GF4TeTGBUM&f=rDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd%2Cj83uEfZeSJEmTYHEH2tWCgmBuKTzTxJc9&c=728&d=90&e=KnVRbz8jl9YEznYcSjwwJZ72HxHdabap&g=caaffbd9786bdebbb9df2235e56e7848%2F3134790401295411739&i=22427%2C27323%2C25007&j=21%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1641262075795&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbp60ggmka43nh9mtdzzvjaza838cs8sp7qqy2jzqjdv3ndjbn9xkhmsggd6e8s8j5gxa8bamc7aazr6tgc8w911b3hxvzj7eq52am0mmz4azkqjek5ksvnaa69yx5e0b41cm9997vy5djgmtpsk8m3b3pkbqmrwke6kgs4wg06fkmvrjwa2e3ztp4xgq15x9b9jqznqrez32vr9jbt5tx67j3s137p1jgsj10apy9thgzknrmxs585eawqy14km0q4858t3mvqe83w1xgg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCAwtX-qvTYaKePMmMjuwP1J6gmA2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODKgAcKu6N0DyAEJqQJ9w9YDbfOyPuACAKgDAaoEjgJP0IUXK6aA44QNVbXIihgdZxPiq9xv4vpdQL5hNNZSsGa9GCJIcHnezFpd-l7p_bxxmqnzzRlb6mJuVOYrWV8M7DsfhNtZ-wTPSMxZVnQIZm7xu5nP5lir5UUM88z0lEEWEYA89goC8YtfPlk23M6at_zsDr8ikA7tHVCH3UC7OCo1-gxKmhVjWzDS7qYhQRciXs-z8w071Pv2QlXhPGY43lR7SuUs9-zvcC0sDeLfcRhniQovPUj38jtIEfp_YpqToBCbrEuxThk63mLB0DjSWZoRHKO8rLhUBGN3TM5m09QMKtiXbDgJZB_-ImdR9JlIdu1wfdD24kOGGGv1F_SCkfcuNOEBciuM82rWITPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2Rnk9uyla3lYMfMR0VcR5Dvy-7BA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb99807d9c2d9b98d417acd2a3e897a28cc0829d4815642cb9bd1ab640b98454

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=PRHAtQ==, md5=UfPUXNWo6kuI6N0malNepA==
date
Tue, 04 Jan 2022 02:07:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1212866
cf-polished
origFmt=png, origSize=74333
x-guploader-uploadid
ADPycduENR6wmRKlVtKzyNuSpqgyCfitO9DdzJL0tx4XFGN4RGWjjECDWEtXoa_5RqR1vLMUxedDrRP2LAC1iGr67Gs
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
47320
last-modified
Mon, 11 May 2020 10:44:44 GMT
server
cloudflare
etag
"51f3d45cd5a8ea4b88e8dd266a535ea4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XqhczrdK%2FooWoxwKqiwgpVA7TEPCgL3srTMdtFnJHESBAssGpW7kpAr1ukDw64MDdMe3n09VskVe6KgqOJnmLTrRYHFJ%2Fn6WA8mhtbvXTKF62gtJjWfQUfHE7CNyLvBRVD%2FjcTc14zz31L2Y"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1589193884048730
content-type
image/webp
expires
Wed, 05 Jan 2022 02:07:56 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
74333
accept-ranges
bytes
cf-ray
6c80ea870f8e4ec8-FRA
cf-bgj
imgq:85,h2pri
E158872B571029E3E20F7B79790588A099EC8F077F856868794A4EA52ED013FC9129FAD340A51F8CD7B6A46733F8D275D86DF117AF4AF8DD766F13FB8A4CAA9A
assets.ad4m.at/product_image/ Frame AAAD 		290 KB
291 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/E158872B571029E3E20F7B79790588A099EC8F077F856868794A4EA52ED013FC9129FAD340A51F8CD7B6A46733F8D275D86DF117AF4AF8DD766F13FB8A4CAA9A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C22472%2C14044&b=4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK%2CB57hgfW7sEkPTxH6H3t9t31GF4TeTGBUM&f=rDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd%2Cj83uEfZeSJEmTYHEH2tWCgmBuKTzTxJc9&c=728&d=90&e=KnVRbz8jl9YEznYcSjwwJZ72HxHdabap&g=caaffbd9786bdebbb9df2235e56e7848%2F3134790401295411739&i=22427%2C27323%2C25007&j=21%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1641262075795&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbp60ggmka43nh9mtdzzvjaza838cs8sp7qqy2jzqjdv3ndjbn9xkhmsggd6e8s8j5gxa8bamc7aazr6tgc8w911b3hxvzj7eq52am0mmz4azkqjek5ksvnaa69yx5e0b41cm9997vy5djgmtpsk8m3b3pkbqmrwke6kgs4wg06fkmvrjwa2e3ztp4xgq15x9b9jqznqrez32vr9jbt5tx67j3s137p1jgsj10apy9thgzknrmxs585eawqy14km0q4858t3mvqe83w1xgg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCAwtX-qvTYaKePMmMjuwP1J6gmA2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODKgAcKu6N0DyAEJqQJ9w9YDbfOyPuACAKgDAaoEjgJP0IUXK6aA44QNVbXIihgdZxPiq9xv4vpdQL5hNNZSsGa9GCJIcHnezFpd-l7p_bxxmqnzzRlb6mJuVOYrWV8M7DsfhNtZ-wTPSMxZVnQIZm7xu5nP5lir5UUM88z0lEEWEYA89goC8YtfPlk23M6at_zsDr8ikA7tHVCH3UC7OCo1-gxKmhVjWzDS7qYhQRciXs-z8w071Pv2QlXhPGY43lR7SuUs9-zvcC0sDeLfcRhniQovPUj38jtIEfp_YpqToBCbrEuxThk63mLB0DjSWZoRHKO8rLhUBGN3TM5m09QMKtiXbDgJZB_-ImdR9JlIdu1wfdD24kOGGGv1F_SCkfcuNOEBciuM82rWITPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2Rnk9uyla3lYMfMR0VcR5Dvy-7BA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46b98a3787c3de05a63a522c71300ef713f78660098ae524fda5e19bb8567a83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=PFtpQA==, md5=489woOXoZ5LkJrzz2r1hBQ==
date
Tue, 04 Jan 2022 02:07:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
299238
cf-polished
origFmt=png, origSize=489686
x-guploader-uploadid
ADPycdt4SnyU477JTZ9IoPJkdcsDTn7q1IcyL2L5_d5RTE8GpLtecmbHMRgftHs4oy23naihGlDNMWV6SrGRKDyV3OhPbyMxTw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
296674
last-modified
Tue, 17 Nov 2020 11:24:27 GMT
server
cloudflare
etag
"e3cf70a0e5e86792e426bcf3dabd6105"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0gS4K%2BEXH0wsbX9VDPMAcZGG8sb2tRxMtTGVCFI0JlTHHObzLX1MVAmNyXcB2FNGwmKKdf5XzGOKftMf8ii1PgBtWwyK4rPCjW4ScSUs2w7j%2F5u8yMmERX9MoGzkulvZtoNq5Sqxnr5ko9u"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1605612267020757
content-type
image/webp
expires
Wed, 05 Jan 2022 02:07:56 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
489686
accept-ranges
bytes
cf-ray
6c80ea872fc04ec8-FRA
cf-bgj
imgq:85,h2pri
87E4E9CEA9DBCB943231FCA0E0EED2695FFD0CFE5B3657F191EFCD5353EFB0D2EEFBED469066399720FE3CE85448BD83A1A4DA5EF1EE69B8FD90FD6DB460FA1B
assets.ad4m.at/logo/ Frame AAAD 		107 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/87E4E9CEA9DBCB943231FCA0E0EED2695FFD0CFE5B3657F191EFCD5353EFB0D2EEFBED469066399720FE3CE85448BD83A1A4DA5EF1EE69B8FD90FD6DB460FA1B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C22472%2C14044&b=4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK%2CB57hgfW7sEkPTxH6H3t9t31GF4TeTGBUM&f=rDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd%2Cj83uEfZeSJEmTYHEH2tWCgmBuKTzTxJc9&c=728&d=90&e=KnVRbz8jl9YEznYcSjwwJZ72HxHdabap&g=caaffbd9786bdebbb9df2235e56e7848%2F3134790401295411739&i=22427%2C27323%2C25007&j=21%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1641262075795&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbp60ggmka43nh9mtdzzvjaza838cs8sp7qqy2jzqjdv3ndjbn9xkhmsggd6e8s8j5gxa8bamc7aazr6tgc8w911b3hxvzj7eq52am0mmz4azkqjek5ksvnaa69yx5e0b41cm9997vy5djgmtpsk8m3b3pkbqmrwke6kgs4wg06fkmvrjwa2e3ztp4xgq15x9b9jqznqrez32vr9jbt5tx67j3s137p1jgsj10apy9thgzknrmxs585eawqy14km0q4858t3mvqe83w1xgg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCAwtX-qvTYaKePMmMjuwP1J6gmA2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODKgAcKu6N0DyAEJqQJ9w9YDbfOyPuACAKgDAaoEjgJP0IUXK6aA44QNVbXIihgdZxPiq9xv4vpdQL5hNNZSsGa9GCJIcHnezFpd-l7p_bxxmqnzzRlb6mJuVOYrWV8M7DsfhNtZ-wTPSMxZVnQIZm7xu5nP5lir5UUM88z0lEEWEYA89goC8YtfPlk23M6at_zsDr8ikA7tHVCH3UC7OCo1-gxKmhVjWzDS7qYhQRciXs-z8w071Pv2QlXhPGY43lR7SuUs9-zvcC0sDeLfcRhniQovPUj38jtIEfp_YpqToBCbrEuxThk63mLB0DjSWZoRHKO8rLhUBGN3TM5m09QMKtiXbDgJZB_-ImdR9JlIdu1wfdD24kOGGGv1F_SCkfcuNOEBciuM82rWITPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2Rnk9uyla3lYMfMR0VcR5Dvy-7BA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2b60331576d4c9bf51a6295ff4caa921ac1ca260e304106eca074f88e7c836e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=q4qNoA==, md5=JjQBPrEM0SwXOueegafmKA==
date
Tue, 04 Jan 2022 02:07:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1212892
cf-polished
origFmt=png, origSize=157449
x-guploader-uploadid
ADPycdtUXLgX2J9UIaA6DDaZ9rn82JDsgqBG519KGP_JpuGYL61cDd45epsFH3aTN3y-3stNX9TulDHb975ou49c1Vk
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
110040
last-modified
Thu, 11 Nov 2021 14:22:47 GMT
server
cloudflare
etag
"2634013eb10cd12c173ae79e81a7e628"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UpWAI7UCCAFBIdlRs2jCqHbV8cD%2FVt6Gt%2BX1AJjB%2BAD3HfKb95Z0s95W0gKKNJ4kHrRx02nTuyWisO4AKWscyTf2c7sbW5DdXKOTHMoR3hgxbbK3GEl%2BnScHLJvKWbb5hpexjLMqt5PjsHHi"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1636640567676756
content-type
image/webp
expires
Wed, 05 Jan 2022 02:07:56 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
157449
accept-ranges
bytes
cf-ray
6c80ea872fc24ec8-FRA
cf-bgj
imgq:85,h2pri
BC76DD0E919620099EE85B1BDE4022C4E2E111558142CE52A7FEF9001FC27649B8883EE48F8FD78E42741673890C9FCB712B21CE460E771077051351A3574B7A
assets.ad4m.at/product_image/ Frame AAAD 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/BC76DD0E919620099EE85B1BDE4022C4E2E111558142CE52A7FEF9001FC27649B8883EE48F8FD78E42741673890C9FCB712B21CE460E771077051351A3574B7A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C22472%2C14044&b=4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK%2CB57hgfW7sEkPTxH6H3t9t31GF4TeTGBUM&f=rDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd%2Cj83uEfZeSJEmTYHEH2tWCgmBuKTzTxJc9&c=728&d=90&e=KnVRbz8jl9YEznYcSjwwJZ72HxHdabap&g=caaffbd9786bdebbb9df2235e56e7848%2F3134790401295411739&i=22427%2C27323%2C25007&j=21%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1641262075795&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbp60ggmka43nh9mtdzzvjaza838cs8sp7qqy2jzqjdv3ndjbn9xkhmsggd6e8s8j5gxa8bamc7aazr6tgc8w911b3hxvzj7eq52am0mmz4azkqjek5ksvnaa69yx5e0b41cm9997vy5djgmtpsk8m3b3pkbqmrwke6kgs4wg06fkmvrjwa2e3ztp4xgq15x9b9jqznqrez32vr9jbt5tx67j3s137p1jgsj10apy9thgzknrmxs585eawqy14km0q4858t3mvqe83w1xgg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCAwtX-qvTYaKePMmMjuwP1J6gmA2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODKgAcKu6N0DyAEJqQJ9w9YDbfOyPuACAKgDAaoEjgJP0IUXK6aA44QNVbXIihgdZxPiq9xv4vpdQL5hNNZSsGa9GCJIcHnezFpd-l7p_bxxmqnzzRlb6mJuVOYrWV8M7DsfhNtZ-wTPSMxZVnQIZm7xu5nP5lir5UUM88z0lEEWEYA89goC8YtfPlk23M6at_zsDr8ikA7tHVCH3UC7OCo1-gxKmhVjWzDS7qYhQRciXs-z8w071Pv2QlXhPGY43lR7SuUs9-zvcC0sDeLfcRhniQovPUj38jtIEfp_YpqToBCbrEuxThk63mLB0DjSWZoRHKO8rLhUBGN3TM5m09QMKtiXbDgJZB_-ImdR9JlIdu1wfdD24kOGGGv1F_SCkfcuNOEBciuM82rWITPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2Rnk9uyla3lYMfMR0VcR5Dvy-7BA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a428978ac6d6e099ebe300a285fcd25f9bb91facf7210a830b5df228524b2bc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=XpYYSQ==, md5=hUTvKH3ITIHGC57UiHB42A==
date
Tue, 04 Jan 2022 02:07:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1653285
cf-polished
qual=85, origFmt=jpeg, origSize=91728
x-guploader-uploadid
ADPycds3VZBlg6SnW6KH9hJGxbl7uA5rhILT3Jgmxn9BSQ4fV4jSuHwrwr7Inim2u8Zeg-bTcQL5rIKCdReuw92IxIA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
33156
last-modified
Wed, 25 Mar 2020 13:46:38 GMT
server
cloudflare
etag
"8544ef287dc84c81c60b9ed4887078d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wp4gANI1wLIsi52Hvknz7mApihOtp2epgVPSklPPxoS1GOp31iTz71u%2BNL1GqqY0LWjwkG1eanj%2BzuieTeqpcia7u4H6JvzIizbBvkRRj4avlfNyxuPEAUyaFEq44k4FNIC5%2B73dQOjPs7F%2F"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1585143998277875
content-type
image/webp
expires
Wed, 05 Jan 2022 02:07:56 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
91728
accept-ranges
bytes
cf-ray
6c80ea873fc84ec8-FRA
cf-bgj
imgq:85,h2pri
B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame AAAD 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C22472%2C14044&b=4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK%2CB57hgfW7sEkPTxH6H3t9t31GF4TeTGBUM&f=rDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd%2Cj83uEfZeSJEmTYHEH2tWCgmBuKTzTxJc9&c=728&d=90&e=KnVRbz8jl9YEznYcSjwwJZ72HxHdabap&g=caaffbd9786bdebbb9df2235e56e7848%2F3134790401295411739&i=22427%2C27323%2C25007&j=21%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1641262075795&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbp60ggmka43nh9mtdzzvjaza838cs8sp7qqy2jzqjdv3ndjbn9xkhmsggd6e8s8j5gxa8bamc7aazr6tgc8w911b3hxvzj7eq52am0mmz4azkqjek5ksvnaa69yx5e0b41cm9997vy5djgmtpsk8m3b3pkbqmrwke6kgs4wg06fkmvrjwa2e3ztp4xgq15x9b9jqznqrez32vr9jbt5tx67j3s137p1jgsj10apy9thgzknrmxs585eawqy14km0q4858t3mvqe83w1xgg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCAwtX-qvTYaKePMmMjuwP1J6gmA2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODKgAcKu6N0DyAEJqQJ9w9YDbfOyPuACAKgDAaoEjgJP0IUXK6aA44QNVbXIihgdZxPiq9xv4vpdQL5hNNZSsGa9GCJIcHnezFpd-l7p_bxxmqnzzRlb6mJuVOYrWV8M7DsfhNtZ-wTPSMxZVnQIZm7xu5nP5lir5UUM88z0lEEWEYA89goC8YtfPlk23M6at_zsDr8ikA7tHVCH3UC7OCo1-gxKmhVjWzDS7qYhQRciXs-z8w071Pv2QlXhPGY43lR7SuUs9-zvcC0sDeLfcRhniQovPUj38jtIEfp_YpqToBCbrEuxThk63mLB0DjSWZoRHKO8rLhUBGN3TM5m09QMKtiXbDgJZB_-ImdR9JlIdu1wfdD24kOGGGv1F_SCkfcuNOEBciuM82rWITPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2Rnk9uyla3lYMfMR0VcR5Dvy-7BA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date
Tue, 04 Jan 2022 02:07:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1654800
cf-polished
origFmt=png, origSize=35453
x-guploader-uploadid
ADPycdsp-WIdFxzx4XvLNxY_ulV3dG0TRkWwTj8dvBB_qfQQObj2tB8bLUU5MkQJrTxWQzm0RPHbnCEZT5hgaNJBstQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18872
last-modified
Mon, 18 May 2020 12:30:29 GMT
server
cloudflare
etag
"e18c9634cdd319e69c2765475f29cd13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sm622%2BlvLhFTrfR6QqoiffuBRJjKayVPxNnSIEcrLWpUIjpIAaUPAtIvRy4oiKKrFVmmjl7J5Gf%2F0812g9GwZ2kqRSxEVSlQSX8Q8cD2g60VA%2BaglnBMMP%2BiyQtjJN%2BIgOxKfP%2Bw5RqBIpit"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1589805029334103
content-type
image/webp
expires
Wed, 05 Jan 2022 02:07:56 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
35453
accept-ranges
bytes
cf-ray
6c80ea873fca4ec8-FRA
cf-bgj
imgq:85,h2pri
285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
assets.ad4m.at/product_image/ Frame AAAD 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C22472%2C14044&b=4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK%2CB57hgfW7sEkPTxH6H3t9t31GF4TeTGBUM&f=rDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd%2Cj83uEfZeSJEmTYHEH2tWCgmBuKTzTxJc9&c=728&d=90&e=KnVRbz8jl9YEznYcSjwwJZ72HxHdabap&g=caaffbd9786bdebbb9df2235e56e7848%2F3134790401295411739&i=22427%2C27323%2C25007&j=21%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1641262075795&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbp60ggmka43nh9mtdzzvjaza838cs8sp7qqy2jzqjdv3ndjbn9xkhmsggd6e8s8j5gxa8bamc7aazr6tgc8w911b3hxvzj7eq52am0mmz4azkqjek5ksvnaa69yx5e0b41cm9997vy5djgmtpsk8m3b3pkbqmrwke6kgs4wg06fkmvrjwa2e3ztp4xgq15x9b9jqznqrez32vr9jbt5tx67j3s137p1jgsj10apy9thgzknrmxs585eawqy14km0q4858t3mvqe83w1xgg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCAwtX-qvTYaKePMmMjuwP1J6gmA2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODKgAcKu6N0DyAEJqQJ9w9YDbfOyPuACAKgDAaoEjgJP0IUXK6aA44QNVbXIihgdZxPiq9xv4vpdQL5hNNZSsGa9GCJIcHnezFpd-l7p_bxxmqnzzRlb6mJuVOYrWV8M7DsfhNtZ-wTPSMxZVnQIZm7xu5nP5lir5UUM88z0lEEWEYA89goC8YtfPlk23M6at_zsDr8ikA7tHVCH3UC7OCo1-gxKmhVjWzDS7qYhQRciXs-z8w071Pv2QlXhPGY43lR7SuUs9-zvcC0sDeLfcRhniQovPUj38jtIEfp_YpqToBCbrEuxThk63mLB0DjSWZoRHKO8rLhUBGN3TM5m09QMKtiXbDgJZB_-ImdR9JlIdu1wfdD24kOGGGv1F_SCkfcuNOEBciuM82rWITPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2Rnk9uyla3lYMfMR0VcR5Dvy-7BA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=FPfkEg==, md5=cNeMaybSTgOMvyODLhu1OA==
date
Tue, 04 Jan 2022 02:07:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1212889
cf-polished
qual=85, origFmt=jpeg, origSize=83479
x-guploader-uploadid
ADPycdvonTPTeelpSh9UrpKdQKcIU6HI4o8jpVZe5cRY8wKwprrsNCLE79egQfxbpHUrq88my24TlmY1SW0sgEEroQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9260
last-modified
Mon, 29 Nov 2021 15:03:15 GMT
server
cloudflare
etag
"70d78c6b26d24e038cbf23832e1bb538"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3CEDDfRsHfhAz3wZYppzTlNHIFTZvhpcGeB9Afvw0uKMs7SpCJt0mK3W72wBgOCz%2FNRowTTt9c9URyJFcctFtDZor4SXEuoKje0x4G1EKa3r7FnHju29SeuGTGhimSMcdMHdmQh3JZtKY4pJ"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1638198195167024
content-type
image/webp
expires
Wed, 05 Jan 2022 02:07:56 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
83479
accept-ranges
bytes
cf-ray
6c80ea873fcb4ec8-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame AAAD 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidB57hgfW7sEkPTxH6H3t9t31GF4TeTGBUMoneid__asuidKnVRbz8jl9YEznYcSjwwJZ72HxHdabapasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C22472%2C14044&b=4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK%2CB57hgfW7sEkPTxH6H3t9t31GF4TeTGBUM&f=rDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd%2Cj83uEfZeSJEmTYHEH2tWCgmBuKTzTxJc9&c=728&d=90&e=KnVRbz8jl9YEznYcSjwwJZ72HxHdabap&g=caaffbd9786bdebbb9df2235e56e7848%2F3134790401295411739&i=22427%2C27323%2C25007&j=21%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1641262075795&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbp60ggmka43nh9mtdzzvjaza838cs8sp7qqy2jzqjdv3ndjbn9xkhmsggd6e8s8j5gxa8bamc7aazr6tgc8w911b3hxvzj7eq52am0mmz4azkqjek5ksvnaa69yx5e0b41cm9997vy5djgmtpsk8m3b3pkbqmrwke6kgs4wg06fkmvrjwa2e3ztp4xgq15x9b9jqznqrez32vr9jbt5tx67j3s137p1jgsj10apy9thgzknrmxs585eawqy14km0q4858t3mvqe83w1xgg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCAwtX-qvTYaKePMmMjuwP1J6gmA2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODKgAcKu6N0DyAEJqQJ9w9YDbfOyPuACAKgDAaoEjgJP0IUXK6aA44QNVbXIihgdZxPiq9xv4vpdQL5hNNZSsGa9GCJIcHnezFpd-l7p_bxxmqnzzRlb6mJuVOYrWV8M7DsfhNtZ-wTPSMxZVnQIZm7xu5nP5lir5UUM88z0lEEWEYA89goC8YtfPlk23M6at_zsDr8ikA7tHVCH3UC7OCo1-gxKmhVjWzDS7qYhQRciXs-z8w071Pv2QlXhPGY43lR7SuUs9-zvcC0sDeLfcRhniQovPUj38jtIEfp_YpqToBCbrEuxThk63mLB0DjSWZoRHKO8rLhUBGN3TM5m09QMKtiXbDgJZB_-ImdR9JlIdu1wfdD24kOGGGv1F_SCkfcuNOEBciuM82rWITPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2Rnk9uyla3lYMfMR0VcR5Dvy-7BA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 02:07:56 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
ev1
eb2.3lift.com/ Frame 5E8F 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev1?inv_code=JuiceBarAds_SHA_RON_EB_HDX&aid=47677051723035161120&rev=c0c4269&ss=5&bc=0.062&pr=YdOr-wAC3j8Hg4LVAApolSQF2pNwtVan8TNb9Q&brid=168917&bmid=5989&biid=6021&bcud=62&sid=142837&ts=1641262075&caid=0&unid=0&cepos=0&ceid=0&cb=50752
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame D4F5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXx0L-6vTYei0C_6O9u8PpcGDSAAAAAA4AeAEAg&bg=!PzylPHjNAAZKWFskSlg7ACkAdvg8WlIDtQ7pHvcCZCW_BFIz_O9mpiG9QKI87OkQ4EA1X8yHWjubqwIAAADfUgAAAHhoAQeZAxja3YmQWq2uRwcP_DMG5fARnmJ7F-eGKXT0Y8QQVGQ0AUFXEM90xvIABZeA71T4PhCsoLvZz7WoJ7015AjZK0zckJ3pSzbvgRjL-yEhEEEKmPxsuhiEOfozIqSjm38-9kGR3jJV7EmodT-IFL17_A-BrKC3AIuCKIM17KvLNIdGJWuKSsJlQbky3LaMWKngP7JWcrK5Lj5dysDMECQHW0zZoOZncs1ONRs8n8xFCdhKsFMsLAxA7GapXOxXDnY-0T7YjpoRzdnHpRH_nHFkAKYBVmYmE5uQX5TXD76otfLubIflU4AGiMYZ1bgqLbgoqCdA5yKeArMcMbTeXNeNQKbqZ9zYLMoZh6MpmKGW7Cx9MstuQdpdNkI4HHno-VKxXMHcOT47FQ8j8OV8AKX2g8c0LIVrYz5c9G4_Q-ZY-6FUm_xCPIfH0GQZFHVrGkkVxncEXSh-LUm_3ICMnGE78s1ZYEXuVCEsVcqFUWVixF_I2vjNzS9ZBG2R6GQ6nXaPSKajHRJPY9Q6Oiz1J-yMKtCeR0ViR6ymiQyi8EPky-PewAwWmHsakHxCSP1lfsSWhaxREi5muQPDfDzXpigzg-PSiPOFw3vxofs5radTwwlktxY5ZfHXaRhkgHHroUMwMF1OGZ8ukiQku2OxZBFb2C4xqgs3U8aY9bUvJjcSgSUtHO9mZqStNidF_-Dqy08viHhqzPwjUkZtB8lfr1anfvpPwkI8Qlec6AGZh9TzXTt1nzX3NIK4MXwQymMS0t84jpa4mItXH8eOiO0fGd7xQI-Wofu8ozkA3Ha64dDZpmuyYJvRKjrmtW9TtjbVLKKO19F6x8exc6G_6MLSwqlg8S878KGHceLhs5y-pC6v7sa6bNzTV2yc4l97UQ2OrBcyBE_USxEwmkBNBo3bmIq58ShZgWj3806TyhJSj6EoKAQsOAZ19TBLTFkO74nvGLXsjlDdXA5nfIEzoLpUthhNFN8uKpmW5tq8_O7lgEQd3llIgtqfbZltJ7uktPDQiAjms9MBWafvH6VMPpFbbNzOfTo7dwd36rz0E9U
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8866 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 04 Jan 2022 02:07:54 GMT
expires
Wed, 04 Jan 2023 02:07:54 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 86AB 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_V_pcrBp7JHbBiqZBNPanXO9ft1RXnSqR4by2J1ZbgNkUXtXu4_sGa62tuqOd2Prer8Xfzgbo1b_r0D3VGRdHTl6o37QedasWYxgFRj2DT_hpUK8ipQG0lyMbF12mCaNzglZ5opC3pjXrj70Rxhyfc4aang&cry=1&dbm_d=AKAmf-AalB1F_zaAZwpj3l3zKB3N70tz8lXQ_M9mm0j6BTAfw6TtihfRwyBsEUBirCkSJOJ4eItjCqQgElYSta1zLI8qGCafN3Cnl6arabNjREnq_Dd3u0T0t43IYlSdUTAznaZCxNQYVvPiPwLvgesxk8dRZLcpgQm-2Se5d2RLPHMHA2uulWt39y7qO6ae7-VLzm1QAiwDTYLqS99oa03QicdIozXr3uh4ntrNYmYt00rUaHZembc0iC7D8C1ny6ZTh6RtXUniHFtH7vd8bIbcMMoUE8NLqlGf_UtJ2y4N4XZg9kA5GVU9gEC4QuRIummNdgnrMeVtXdkc_-yzmVQsBh3eP_DKAPNmSuZE0dS8DVemmWh0I1dI3BKEsWGZSNbmO8c1wLeX5jmJvYSAZ3hOHOaZ3509-PbYLsfPTn5rloqXbWfh7XH9FQO5pSVrzvTRVihX2-FaQlMFcw_ysbUchV6UIVT2ZcOF0CpyHPmWP8DD4li7mrmr5weamEmUwx-ctdUVdIXmMTJRaTIafbYfQ0svJ810lCi0YdDc9iNYhcQ4QatD5nNjakJGL5LuBYClN1Yjez6uiXgOimjtvz_g8JeI1FuGWwTCEPsZa0b0Sk93X5FBjOk-ItopdmsGfAoXxMQehdt2y3j4UdI0HmSIoQTS81uZxb8SrzrSeftuSXcFsUwApwYzsTu8sCgMcjkzqQZFXCQnWQOm_bHBDMQ2jJHW8hQoUc6hmZsep7oyt8-xMgyzxVK7G9faKnHoGBC84UFKDS2RjH63f5TF1QyE9FxDuV3UGxZ5iy11x0URsVOZdMlVmGrPwsiVA1w9dJ2_SzLezj4dNpiQOADuLWS8BIz645p56qxRGZBGW4uKYJ6Gkv_pONI1t82usd1ZBkY-Vtl08CFt82BBTEpH-O_up3yfgidKegIiZVn9p7VIl_gxF8xUxR-UzpqCnS65mqc4Uvy4aFWW_fKdTjhxjhPBi8dYC3d5pLDLbkz1yXK2tvcD4cPv7Oa8BtoQlw4JesTekKq9ulXKsQnPCcH_A_wQ9cX0myG86iKORn62bsAWhM3tLNFPUGLCg3iBwg_BbkDio6Cb0l1xG9gDJnzTiFVErtUCPQmoeu6ubJNKaqsSlwIZxFJdVfdgzrNNT-cBEhO76ouZMEVymdb7Ft2GxtgMtcBenMH-cw-r99rF2-MVF6xLwYgULkUWKQ6-ysxeKm8STfDtHIlH5kflwqhIqESZLstpF1EK4fMIeEbCpVDwa3H1ZVKhbgbCDt-M0M77idZxdznSvwQ8wyD5Stg1dfq28dC5Sf16EBjr5iG00U2R4kSs48evgSKXii6MEFkEn0AZ2tTLjeLuAGuKms_zm49TFgYgFYV2HPoqsL_6n-B5P0oLv1wuBJiw7A5EUMrhJ9YwlRxFH2P_s_r2dcxodMz8qyhBS0wPKT0htXGM-3whtXF093SgRs1Ekn8vzfwbE3wcYm6c4NnFhnzOOgtfp7oUZa09WirGDnpdyeVH5azX-sxsJ1okeA_sID43qhqMQTfLPpijlaQwLOXdfhYBjVsI2sz7jfgtZCL0Yqm33EYqIXNdRtn9xsSsTmQ4RLyFedQwda35VKpS5KMjcfm-KbmvwaE3PAoMOnMdpn7iHncZLjQcWgQ6Lg-MUFI7XTot3Sbd43UMpJlQc2ZL9hLTGNJypCJmMaGVwW276n8f1AGTBVeLHAb5OnzS6m3wbponLahHIx4vy4D-xe7XyrPtomcpzxnqyL54FN_XKKnXWDcxKcijh2ITVvI8-ush4JcNyg0Dr72XQSEWCpo6MiqnywYRCBdZrIX3tv-B9vAvLBgcSJ63wGXsnXZ6cvqPsP61HUUfpIx-DwbCcVujLoRHAmBl7DfWeMT408WWXQjmf6-ne8esqczR8iiAqlqAKnlOH9rCPoaWpRFRnDRAD6FlyVA1eOTHV_uhlwyrbQvwTcjOPOFGLdDkobUmEpFItmrtkpSr26L1B6MNadvZDYY4vTUI6HgIlih4GhMm9j2yi6fk5t3UM4L5x0tZkb2eCy32BTG7OAx37ug-u-4u3rCHoYDV6J_6huxhLXQmZtVPk9IABYAk7zWbxYWmcgfqd9Xct-vAZBf_PL70SFl0qtRTwAdOOyMurQHGCv65GUPWQfi2yx2UDJ-8h7H4qTyCIjzhcMecM_XGQhuHW7L1JEMjihMudRFTKfEIyYKUm1l_UO4ObIoJvMZf7OrJWBl13MHmgYGPwo6Al6PPeIcUqa3SkFfZOqK8jV43O14ziyW-ut9Ew4BSjLyn6W3rY-HFsSnSSeNzOoIvQDl6K26HJjbJeotDVUO6iONW8_XRb1gIzLc1mB_maX64FGkM2azT588rTt49w15j9KKwz-kiAPcWMbyLEtcoHilHpSbW6WXTkaXiZFaW56T18k_LSiCiCKQwrZgZ-Xi3dSKJdembPxIal50L19DXWRCpUfuPWPCqXnrHdi744z2UCkCmb-PuGOkvt-aWkJR7htUzhusJrer3VOuZ5F5RrWMn47BlUH_kucbu3Xp6d1gKZ0BTOL_RSiGWUZTQrI6woczwqFrxcvQF53XxOAQfkNot_B-mafyMLBUpvhQesBS1vzuq676YfWOzQHIdGNloG3SKtzaIucyIVSgqQBSmBHkVW-wC5S8XemokLE-QAY87oYoB3vyLHaz3LE6Z98e4KZ39mGTDVx3lD9gDFanUdVB4L2dpOBPlL0s0N3ptZLdfW-SwswtzTmd4j9VEUbPRVGEZ4lExgbaP6MSm214IqcYSIlJxtIcusQq1Gar0EuVFaMoTSbNQx7srYUIGDZ7s2VwhWItvrR_pdOjmaK_p2IY8-nF99HWaLrziUfDljV7BMfruDtrIMGuRQr1ZIk0IB44V9csQU6J15TyoN1ALoij0LtvEEuQq1FsHUgsKQeopRC4qEJ5EeVt7ZXJAyTIRnChYSi7xpDdqfHkd0REmmrWUFTbBs_nliOkpH0A4qGq_CJ-ogIX4TVJYF8pDkp3syeSazzwEIPwhWz44rtJzZQ-Eg-D1SsFuupUDKUqxlZ2X44H5NUIq2kW_cBcQDqLB65lhUQ95LMYyPZuikHJlG8UO0-XQwwDF4vz081R5VNJKfnlNztv7cSsvnpd4W6Dsa0VSFym--_V_tZRao910nuIA0g&pr=96:0.062&cid=CAASBORogG4&xfc=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3DJuiceBarAds_SHA_RON_EB_HDX%26aid%3D47677051723035161120%26rev%3Dc0c4269%26ss%3D5%26bc%3D0.062%26pr%3DYdOr-wAC3j8Hg4LVAApolSQF2pNwtVan8TNb9Q%26brid%3D168917%26bmid%3D5989%26biid%3D6021%26bcud%3D62%26sid%3D142837%26ts%3D1641262075%26caid%3D0%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D60829%26rdir%3D&rfl=2%2Chttps%253A%252F%252Fwww.controle.diarioceleste.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:00:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
475
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9516
x-xss-protection
0
server
cafe
etag
14328493792227503680
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Jan 2022 02:00:01 GMT
7759492618827103432
s0.2mdn.net/simgad/ Frame 86AB 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/7759492618827103432
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_V_pcrBp7JHbBiqZBNPanXO9ft1RXnSqR4by2J1ZbgNkUXtXu4_sGa62tuqOd2Prer8Xfzgbo1b_r0D3VGRdHTl6o37QedasWYxgFRj2DT_hpUK8ipQG0lyMbF12mCaNzglZ5opC3pjXrj70Rxhyfc4aang&cry=1&dbm_d=AKAmf-AalB1F_zaAZwpj3l3zKB3N70tz8lXQ_M9mm0j6BTAfw6TtihfRwyBsEUBirCkSJOJ4eItjCqQgElYSta1zLI8qGCafN3Cnl6arabNjREnq_Dd3u0T0t43IYlSdUTAznaZCxNQYVvPiPwLvgesxk8dRZLcpgQm-2Se5d2RLPHMHA2uulWt39y7qO6ae7-VLzm1QAiwDTYLqS99oa03QicdIozXr3uh4ntrNYmYt00rUaHZembc0iC7D8C1ny6ZTh6RtXUniHFtH7vd8bIbcMMoUE8NLqlGf_UtJ2y4N4XZg9kA5GVU9gEC4QuRIummNdgnrMeVtXdkc_-yzmVQsBh3eP_DKAPNmSuZE0dS8DVemmWh0I1dI3BKEsWGZSNbmO8c1wLeX5jmJvYSAZ3hOHOaZ3509-PbYLsfPTn5rloqXbWfh7XH9FQO5pSVrzvTRVihX2-FaQlMFcw_ysbUchV6UIVT2ZcOF0CpyHPmWP8DD4li7mrmr5weamEmUwx-ctdUVdIXmMTJRaTIafbYfQ0svJ810lCi0YdDc9iNYhcQ4QatD5nNjakJGL5LuBYClN1Yjez6uiXgOimjtvz_g8JeI1FuGWwTCEPsZa0b0Sk93X5FBjOk-ItopdmsGfAoXxMQehdt2y3j4UdI0HmSIoQTS81uZxb8SrzrSeftuSXcFsUwApwYzsTu8sCgMcjkzqQZFXCQnWQOm_bHBDMQ2jJHW8hQoUc6hmZsep7oyt8-xMgyzxVK7G9faKnHoGBC84UFKDS2RjH63f5TF1QyE9FxDuV3UGxZ5iy11x0URsVOZdMlVmGrPwsiVA1w9dJ2_SzLezj4dNpiQOADuLWS8BIz645p56qxRGZBGW4uKYJ6Gkv_pONI1t82usd1ZBkY-Vtl08CFt82BBTEpH-O_up3yfgidKegIiZVn9p7VIl_gxF8xUxR-UzpqCnS65mqc4Uvy4aFWW_fKdTjhxjhPBi8dYC3d5pLDLbkz1yXK2tvcD4cPv7Oa8BtoQlw4JesTekKq9ulXKsQnPCcH_A_wQ9cX0myG86iKORn62bsAWhM3tLNFPUGLCg3iBwg_BbkDio6Cb0l1xG9gDJnzTiFVErtUCPQmoeu6ubJNKaqsSlwIZxFJdVfdgzrNNT-cBEhO76ouZMEVymdb7Ft2GxtgMtcBenMH-cw-r99rF2-MVF6xLwYgULkUWKQ6-ysxeKm8STfDtHIlH5kflwqhIqESZLstpF1EK4fMIeEbCpVDwa3H1ZVKhbgbCDt-M0M77idZxdznSvwQ8wyD5Stg1dfq28dC5Sf16EBjr5iG00U2R4kSs48evgSKXii6MEFkEn0AZ2tTLjeLuAGuKms_zm49TFgYgFYV2HPoqsL_6n-B5P0oLv1wuBJiw7A5EUMrhJ9YwlRxFH2P_s_r2dcxodMz8qyhBS0wPKT0htXGM-3whtXF093SgRs1Ekn8vzfwbE3wcYm6c4NnFhnzOOgtfp7oUZa09WirGDnpdyeVH5azX-sxsJ1okeA_sID43qhqMQTfLPpijlaQwLOXdfhYBjVsI2sz7jfgtZCL0Yqm33EYqIXNdRtn9xsSsTmQ4RLyFedQwda35VKpS5KMjcfm-KbmvwaE3PAoMOnMdpn7iHncZLjQcWgQ6Lg-MUFI7XTot3Sbd43UMpJlQc2ZL9hLTGNJypCJmMaGVwW276n8f1AGTBVeLHAb5OnzS6m3wbponLahHIx4vy4D-xe7XyrPtomcpzxnqyL54FN_XKKnXWDcxKcijh2ITVvI8-ush4JcNyg0Dr72XQSEWCpo6MiqnywYRCBdZrIX3tv-B9vAvLBgcSJ63wGXsnXZ6cvqPsP61HUUfpIx-DwbCcVujLoRHAmBl7DfWeMT408WWXQjmf6-ne8esqczR8iiAqlqAKnlOH9rCPoaWpRFRnDRAD6FlyVA1eOTHV_uhlwyrbQvwTcjOPOFGLdDkobUmEpFItmrtkpSr26L1B6MNadvZDYY4vTUI6HgIlih4GhMm9j2yi6fk5t3UM4L5x0tZkb2eCy32BTG7OAx37ug-u-4u3rCHoYDV6J_6huxhLXQmZtVPk9IABYAk7zWbxYWmcgfqd9Xct-vAZBf_PL70SFl0qtRTwAdOOyMurQHGCv65GUPWQfi2yx2UDJ-8h7H4qTyCIjzhcMecM_XGQhuHW7L1JEMjihMudRFTKfEIyYKUm1l_UO4ObIoJvMZf7OrJWBl13MHmgYGPwo6Al6PPeIcUqa3SkFfZOqK8jV43O14ziyW-ut9Ew4BSjLyn6W3rY-HFsSnSSeNzOoIvQDl6K26HJjbJeotDVUO6iONW8_XRb1gIzLc1mB_maX64FGkM2azT588rTt49w15j9KKwz-kiAPcWMbyLEtcoHilHpSbW6WXTkaXiZFaW56T18k_LSiCiCKQwrZgZ-Xi3dSKJdembPxIal50L19DXWRCpUfuPWPCqXnrHdi744z2UCkCmb-PuGOkvt-aWkJR7htUzhusJrer3VOuZ5F5RrWMn47BlUH_kucbu3Xp6d1gKZ0BTOL_RSiGWUZTQrI6woczwqFrxcvQF53XxOAQfkNot_B-mafyMLBUpvhQesBS1vzuq676YfWOzQHIdGNloG3SKtzaIucyIVSgqQBSmBHkVW-wC5S8XemokLE-QAY87oYoB3vyLHaz3LE6Z98e4KZ39mGTDVx3lD9gDFanUdVB4L2dpOBPlL0s0N3ptZLdfW-SwswtzTmd4j9VEUbPRVGEZ4lExgbaP6MSm214IqcYSIlJxtIcusQq1Gar0EuVFaMoTSbNQx7srYUIGDZ7s2VwhWItvrR_pdOjmaK_p2IY8-nF99HWaLrziUfDljV7BMfruDtrIMGuRQr1ZIk0IB44V9csQU6J15TyoN1ALoij0LtvEEuQq1FsHUgsKQeopRC4qEJ5EeVt7ZXJAyTIRnChYSi7xpDdqfHkd0REmmrWUFTbBs_nliOkpH0A4qGq_CJ-ogIX4TVJYF8pDkp3syeSazzwEIPwhWz44rtJzZQ-Eg-D1SsFuupUDKUqxlZ2X44H5NUIq2kW_cBcQDqLB65lhUQ95LMYyPZuikHJlG8UO0-XQwwDF4vz081R5VNJKfnlNztv7cSsvnpd4W6Dsa0VSFym--_V_tZRao910nuIA0g&pr=96:0.062&cid=CAASBORogG4&xfc=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3DJuiceBarAds_SHA_RON_EB_HDX%26aid%3D47677051723035161120%26rev%3Dc0c4269%26ss%3D5%26bc%3D0.062%26pr%3DYdOr-wAC3j8Hg4LVAApolSQF2pNwtVan8TNb9Q%26brid%3D168917%26bmid%3D5989%26biid%3D6021%26bcud%3D62%26sid%3D142837%26ts%3D1641262075%26caid%3D0%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D60829%26rdir%3D&rfl=2%2Chttps%253A%252F%252Fwww.controle.diarioceleste.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20559f1422350a5a49f7b28d7c7319a685c307d0c6dbe430b4562881dc96f4fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 08:56:11 GMT
x-content-type-options
nosniff
age
148305
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37873
x-xss-protection
0
last-modified
Sun, 02 Jan 2022 06:40:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 Jan 2023 08:56:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 86AB 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_V_pcrBp7JHbBiqZBNPanXO9ft1RXnSqR4by2J1ZbgNkUXtXu4_sGa62tuqOd2Prer8Xfzgbo1b_r0D3VGRdHTl6o37QedasWYxgFRj2DT_hpUK8ipQG0lyMbF12mCaNzglZ5opC3pjXrj70Rxhyfc4aang&cry=1&dbm_d=AKAmf-AalB1F_zaAZwpj3l3zKB3N70tz8lXQ_M9mm0j6BTAfw6TtihfRwyBsEUBirCkSJOJ4eItjCqQgElYSta1zLI8qGCafN3Cnl6arabNjREnq_Dd3u0T0t43IYlSdUTAznaZCxNQYVvPiPwLvgesxk8dRZLcpgQm-2Se5d2RLPHMHA2uulWt39y7qO6ae7-VLzm1QAiwDTYLqS99oa03QicdIozXr3uh4ntrNYmYt00rUaHZembc0iC7D8C1ny6ZTh6RtXUniHFtH7vd8bIbcMMoUE8NLqlGf_UtJ2y4N4XZg9kA5GVU9gEC4QuRIummNdgnrMeVtXdkc_-yzmVQsBh3eP_DKAPNmSuZE0dS8DVemmWh0I1dI3BKEsWGZSNbmO8c1wLeX5jmJvYSAZ3hOHOaZ3509-PbYLsfPTn5rloqXbWfh7XH9FQO5pSVrzvTRVihX2-FaQlMFcw_ysbUchV6UIVT2ZcOF0CpyHPmWP8DD4li7mrmr5weamEmUwx-ctdUVdIXmMTJRaTIafbYfQ0svJ810lCi0YdDc9iNYhcQ4QatD5nNjakJGL5LuBYClN1Yjez6uiXgOimjtvz_g8JeI1FuGWwTCEPsZa0b0Sk93X5FBjOk-ItopdmsGfAoXxMQehdt2y3j4UdI0HmSIoQTS81uZxb8SrzrSeftuSXcFsUwApwYzsTu8sCgMcjkzqQZFXCQnWQOm_bHBDMQ2jJHW8hQoUc6hmZsep7oyt8-xMgyzxVK7G9faKnHoGBC84UFKDS2RjH63f5TF1QyE9FxDuV3UGxZ5iy11x0URsVOZdMlVmGrPwsiVA1w9dJ2_SzLezj4dNpiQOADuLWS8BIz645p56qxRGZBGW4uKYJ6Gkv_pONI1t82usd1ZBkY-Vtl08CFt82BBTEpH-O_up3yfgidKegIiZVn9p7VIl_gxF8xUxR-UzpqCnS65mqc4Uvy4aFWW_fKdTjhxjhPBi8dYC3d5pLDLbkz1yXK2tvcD4cPv7Oa8BtoQlw4JesTekKq9ulXKsQnPCcH_A_wQ9cX0myG86iKORn62bsAWhM3tLNFPUGLCg3iBwg_BbkDio6Cb0l1xG9gDJnzTiFVErtUCPQmoeu6ubJNKaqsSlwIZxFJdVfdgzrNNT-cBEhO76ouZMEVymdb7Ft2GxtgMtcBenMH-cw-r99rF2-MVF6xLwYgULkUWKQ6-ysxeKm8STfDtHIlH5kflwqhIqESZLstpF1EK4fMIeEbCpVDwa3H1ZVKhbgbCDt-M0M77idZxdznSvwQ8wyD5Stg1dfq28dC5Sf16EBjr5iG00U2R4kSs48evgSKXii6MEFkEn0AZ2tTLjeLuAGuKms_zm49TFgYgFYV2HPoqsL_6n-B5P0oLv1wuBJiw7A5EUMrhJ9YwlRxFH2P_s_r2dcxodMz8qyhBS0wPKT0htXGM-3whtXF093SgRs1Ekn8vzfwbE3wcYm6c4NnFhnzOOgtfp7oUZa09WirGDnpdyeVH5azX-sxsJ1okeA_sID43qhqMQTfLPpijlaQwLOXdfhYBjVsI2sz7jfgtZCL0Yqm33EYqIXNdRtn9xsSsTmQ4RLyFedQwda35VKpS5KMjcfm-KbmvwaE3PAoMOnMdpn7iHncZLjQcWgQ6Lg-MUFI7XTot3Sbd43UMpJlQc2ZL9hLTGNJypCJmMaGVwW276n8f1AGTBVeLHAb5OnzS6m3wbponLahHIx4vy4D-xe7XyrPtomcpzxnqyL54FN_XKKnXWDcxKcijh2ITVvI8-ush4JcNyg0Dr72XQSEWCpo6MiqnywYRCBdZrIX3tv-B9vAvLBgcSJ63wGXsnXZ6cvqPsP61HUUfpIx-DwbCcVujLoRHAmBl7DfWeMT408WWXQjmf6-ne8esqczR8iiAqlqAKnlOH9rCPoaWpRFRnDRAD6FlyVA1eOTHV_uhlwyrbQvwTcjOPOFGLdDkobUmEpFItmrtkpSr26L1B6MNadvZDYY4vTUI6HgIlih4GhMm9j2yi6fk5t3UM4L5x0tZkb2eCy32BTG7OAx37ug-u-4u3rCHoYDV6J_6huxhLXQmZtVPk9IABYAk7zWbxYWmcgfqd9Xct-vAZBf_PL70SFl0qtRTwAdOOyMurQHGCv65GUPWQfi2yx2UDJ-8h7H4qTyCIjzhcMecM_XGQhuHW7L1JEMjihMudRFTKfEIyYKUm1l_UO4ObIoJvMZf7OrJWBl13MHmgYGPwo6Al6PPeIcUqa3SkFfZOqK8jV43O14ziyW-ut9Ew4BSjLyn6W3rY-HFsSnSSeNzOoIvQDl6K26HJjbJeotDVUO6iONW8_XRb1gIzLc1mB_maX64FGkM2azT588rTt49w15j9KKwz-kiAPcWMbyLEtcoHilHpSbW6WXTkaXiZFaW56T18k_LSiCiCKQwrZgZ-Xi3dSKJdembPxIal50L19DXWRCpUfuPWPCqXnrHdi744z2UCkCmb-PuGOkvt-aWkJR7htUzhusJrer3VOuZ5F5RrWMn47BlUH_kucbu3Xp6d1gKZ0BTOL_RSiGWUZTQrI6woczwqFrxcvQF53XxOAQfkNot_B-mafyMLBUpvhQesBS1vzuq676YfWOzQHIdGNloG3SKtzaIucyIVSgqQBSmBHkVW-wC5S8XemokLE-QAY87oYoB3vyLHaz3LE6Z98e4KZ39mGTDVx3lD9gDFanUdVB4L2dpOBPlL0s0N3ptZLdfW-SwswtzTmd4j9VEUbPRVGEZ4lExgbaP6MSm214IqcYSIlJxtIcusQq1Gar0EuVFaMoTSbNQx7srYUIGDZ7s2VwhWItvrR_pdOjmaK_p2IY8-nF99HWaLrziUfDljV7BMfruDtrIMGuRQr1ZIk0IB44V9csQU6J15TyoN1ALoij0LtvEEuQq1FsHUgsKQeopRC4qEJ5EeVt7ZXJAyTIRnChYSi7xpDdqfHkd0REmmrWUFTbBs_nliOkpH0A4qGq_CJ-ogIX4TVJYF8pDkp3syeSazzwEIPwhWz44rtJzZQ-Eg-D1SsFuupUDKUqxlZ2X44H5NUIq2kW_cBcQDqLB65lhUQ95LMYyPZuikHJlG8UO0-XQwwDF4vz081R5VNJKfnlNztv7cSsvnpd4W6Dsa0VSFym--_V_tZRao910nuIA0g&pr=96:0.062&cid=CAASBORogG4&xfc=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3DJuiceBarAds_SHA_RON_EB_HDX%26aid%3D47677051723035161120%26rev%3Dc0c4269%26ss%3D5%26bc%3D0.062%26pr%3DYdOr-wAC3j8Hg4LVAApolSQF2pNwtVan8TNb9Q%26brid%3D168917%26bmid%3D5989%26biid%3D6021%26bcud%3D62%26sid%3D142837%26ts%3D1641262075%26caid%3D0%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D60829%26rdir%3D&rfl=2%2Chttps%253A%252F%252Fwww.controle.diarioceleste.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 04 Jan 2022 02:07:56 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame 86AB 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_V_pcrBp7JHbBiqZBNPanXO9ft1RXnSqR4by2J1ZbgNkUXtXu4_sGa62tuqOd2Prer8Xfzgbo1b_r0D3VGRdHTl6o37QedasWYxgFRj2DT_hpUK8ipQG0lyMbF12mCaNzglZ5opC3pjXrj70Rxhyfc4aang&cry=1&dbm_d=AKAmf-AalB1F_zaAZwpj3l3zKB3N70tz8lXQ_M9mm0j6BTAfw6TtihfRwyBsEUBirCkSJOJ4eItjCqQgElYSta1zLI8qGCafN3Cnl6arabNjREnq_Dd3u0T0t43IYlSdUTAznaZCxNQYVvPiPwLvgesxk8dRZLcpgQm-2Se5d2RLPHMHA2uulWt39y7qO6ae7-VLzm1QAiwDTYLqS99oa03QicdIozXr3uh4ntrNYmYt00rUaHZembc0iC7D8C1ny6ZTh6RtXUniHFtH7vd8bIbcMMoUE8NLqlGf_UtJ2y4N4XZg9kA5GVU9gEC4QuRIummNdgnrMeVtXdkc_-yzmVQsBh3eP_DKAPNmSuZE0dS8DVemmWh0I1dI3BKEsWGZSNbmO8c1wLeX5jmJvYSAZ3hOHOaZ3509-PbYLsfPTn5rloqXbWfh7XH9FQO5pSVrzvTRVihX2-FaQlMFcw_ysbUchV6UIVT2ZcOF0CpyHPmWP8DD4li7mrmr5weamEmUwx-ctdUVdIXmMTJRaTIafbYfQ0svJ810lCi0YdDc9iNYhcQ4QatD5nNjakJGL5LuBYClN1Yjez6uiXgOimjtvz_g8JeI1FuGWwTCEPsZa0b0Sk93X5FBjOk-ItopdmsGfAoXxMQehdt2y3j4UdI0HmSIoQTS81uZxb8SrzrSeftuSXcFsUwApwYzsTu8sCgMcjkzqQZFXCQnWQOm_bHBDMQ2jJHW8hQoUc6hmZsep7oyt8-xMgyzxVK7G9faKnHoGBC84UFKDS2RjH63f5TF1QyE9FxDuV3UGxZ5iy11x0URsVOZdMlVmGrPwsiVA1w9dJ2_SzLezj4dNpiQOADuLWS8BIz645p56qxRGZBGW4uKYJ6Gkv_pONI1t82usd1ZBkY-Vtl08CFt82BBTEpH-O_up3yfgidKegIiZVn9p7VIl_gxF8xUxR-UzpqCnS65mqc4Uvy4aFWW_fKdTjhxjhPBi8dYC3d5pLDLbkz1yXK2tvcD4cPv7Oa8BtoQlw4JesTekKq9ulXKsQnPCcH_A_wQ9cX0myG86iKORn62bsAWhM3tLNFPUGLCg3iBwg_BbkDio6Cb0l1xG9gDJnzTiFVErtUCPQmoeu6ubJNKaqsSlwIZxFJdVfdgzrNNT-cBEhO76ouZMEVymdb7Ft2GxtgMtcBenMH-cw-r99rF2-MVF6xLwYgULkUWKQ6-ysxeKm8STfDtHIlH5kflwqhIqESZLstpF1EK4fMIeEbCpVDwa3H1ZVKhbgbCDt-M0M77idZxdznSvwQ8wyD5Stg1dfq28dC5Sf16EBjr5iG00U2R4kSs48evgSKXii6MEFkEn0AZ2tTLjeLuAGuKms_zm49TFgYgFYV2HPoqsL_6n-B5P0oLv1wuBJiw7A5EUMrhJ9YwlRxFH2P_s_r2dcxodMz8qyhBS0wPKT0htXGM-3whtXF093SgRs1Ekn8vzfwbE3wcYm6c4NnFhnzOOgtfp7oUZa09WirGDnpdyeVH5azX-sxsJ1okeA_sID43qhqMQTfLPpijlaQwLOXdfhYBjVsI2sz7jfgtZCL0Yqm33EYqIXNdRtn9xsSsTmQ4RLyFedQwda35VKpS5KMjcfm-KbmvwaE3PAoMOnMdpn7iHncZLjQcWgQ6Lg-MUFI7XTot3Sbd43UMpJlQc2ZL9hLTGNJypCJmMaGVwW276n8f1AGTBVeLHAb5OnzS6m3wbponLahHIx4vy4D-xe7XyrPtomcpzxnqyL54FN_XKKnXWDcxKcijh2ITVvI8-ush4JcNyg0Dr72XQSEWCpo6MiqnywYRCBdZrIX3tv-B9vAvLBgcSJ63wGXsnXZ6cvqPsP61HUUfpIx-DwbCcVujLoRHAmBl7DfWeMT408WWXQjmf6-ne8esqczR8iiAqlqAKnlOH9rCPoaWpRFRnDRAD6FlyVA1eOTHV_uhlwyrbQvwTcjOPOFGLdDkobUmEpFItmrtkpSr26L1B6MNadvZDYY4vTUI6HgIlih4GhMm9j2yi6fk5t3UM4L5x0tZkb2eCy32BTG7OAx37ug-u-4u3rCHoYDV6J_6huxhLXQmZtVPk9IABYAk7zWbxYWmcgfqd9Xct-vAZBf_PL70SFl0qtRTwAdOOyMurQHGCv65GUPWQfi2yx2UDJ-8h7H4qTyCIjzhcMecM_XGQhuHW7L1JEMjihMudRFTKfEIyYKUm1l_UO4ObIoJvMZf7OrJWBl13MHmgYGPwo6Al6PPeIcUqa3SkFfZOqK8jV43O14ziyW-ut9Ew4BSjLyn6W3rY-HFsSnSSeNzOoIvQDl6K26HJjbJeotDVUO6iONW8_XRb1gIzLc1mB_maX64FGkM2azT588rTt49w15j9KKwz-kiAPcWMbyLEtcoHilHpSbW6WXTkaXiZFaW56T18k_LSiCiCKQwrZgZ-Xi3dSKJdembPxIal50L19DXWRCpUfuPWPCqXnrHdi744z2UCkCmb-PuGOkvt-aWkJR7htUzhusJrer3VOuZ5F5RrWMn47BlUH_kucbu3Xp6d1gKZ0BTOL_RSiGWUZTQrI6woczwqFrxcvQF53XxOAQfkNot_B-mafyMLBUpvhQesBS1vzuq676YfWOzQHIdGNloG3SKtzaIucyIVSgqQBSmBHkVW-wC5S8XemokLE-QAY87oYoB3vyLHaz3LE6Z98e4KZ39mGTDVx3lD9gDFanUdVB4L2dpOBPlL0s0N3ptZLdfW-SwswtzTmd4j9VEUbPRVGEZ4lExgbaP6MSm214IqcYSIlJxtIcusQq1Gar0EuVFaMoTSbNQx7srYUIGDZ7s2VwhWItvrR_pdOjmaK_p2IY8-nF99HWaLrziUfDljV7BMfruDtrIMGuRQr1ZIk0IB44V9csQU6J15TyoN1ALoij0LtvEEuQq1FsHUgsKQeopRC4qEJ5EeVt7ZXJAyTIRnChYSi7xpDdqfHkd0REmmrWUFTbBs_nliOkpH0A4qGq_CJ-ogIX4TVJYF8pDkp3syeSazzwEIPwhWz44rtJzZQ-Eg-D1SsFuupUDKUqxlZ2X44H5NUIq2kW_cBcQDqLB65lhUQ95LMYyPZuikHJlG8UO0-XQwwDF4vz081R5VNJKfnlNztv7cSsvnpd4W6Dsa0VSFym--_V_tZRao910nuIA0g&pr=96:0.062&cid=CAASBORogG4&xfc=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3DJuiceBarAds_SHA_RON_EB_HDX%26aid%3D47677051723035161120%26rev%3Dc0c4269%26ss%3D5%26bc%3D0.062%26pr%3DYdOr-wAC3j8Hg4LVAApolSQF2pNwtVan8TNb9Q%26brid%3D168917%26bmid%3D5989%26biid%3D6021%26bcud%3D62%26sid%3D142837%26ts%3D1641262075%26caid%3D0%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D60829%26rdir%3D&rfl=2%2Chttps%253A%252F%252Fwww.controle.diarioceleste.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 00:21:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6402
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Jan 2022 00:21:14 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 86AB 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvwsHIfVFuJjmISygfl17V5UQHA6d8Ihvx3lfJYR1EeHeM5b33_gt4Kbmz_4_16n9m2nYbl9SdoQxWOMrkSKM0JNlZs3H28GsoHkaG5UAHZEpUcQhAoSIpad4p_dzejRYNoVJhCpnDhknvJzkiRFViG24YGQgmc97O1fDTgxirArmyNuurGJh-_rFLjju-Y8JXdM07Q6A8UphJPAIhT0ipPmqPD7SD8CYJi01qoy-aWWOLnK8Uc7FbEWzh5m-aBcnFis4jSH-s7hlQrxE786ONA7ycd3HeePPV6hkv1Hy2lxGbnibwzOool30qicnuQRk2rmkvVVUpx7LdheRLKhuMVfklFjp3j4eBNWTH1nn_FUmDaA7lrTeZqLjoupqfGxo4GPKXFVA6Lps-3Z4IQbI-y9ah2_8XsqOyNp0HEMtk8ijA24q5AhuVDHRUsNAl9R7c5LmbUFeumNdMCD-tBznWLa8TNSR-P76qrQ9DA6e5O7cskvAz-WypW_PRUfhHhInsm_wXQ_ao1gYqy977cr8IL1syrrKIpNNMKrIpo0Ea5JdvgvretDtSecqfxDPjfSO6lh4FR9NyYQPAwjT29YmFcqB6EArFBoUGOUwpxDQImAGVoXSjH6QElzYS1_qqMB_IsrkluVHsPmTzf8mXbj3NgibAAff8zih0fxlzLmtcvmXWvbg4EOdgBpYWNcJNutSd-CZMbNi5saCov9Qt8dU2ErgG3vUZWpPCfG31UhXe1BmQJOuhF50rVK_tiHGzWvteDn-ooqKT406UU8Cm5oFlIXHIAKnBXRjwD4lYjKZJOURfnSig4r3ap091WcoKqHEWNkRFRFxNLy0SEPrdO6oWIuovHxxTeIkvxfPWqnhJBFj8Ud0C3rLbmptn9O7iVrKatX_1gfqaAleIy0V-z0X7U7Hvef2T_qq1eAajsWz207rRpucLU55_-KOv3oahQtWfX5zVyhIbo5Ygc2C6XQhUWOW5264ejRnXy6EeZGOb8x157ryFaog3WZHSvkohAmvfWjxS1IJSeRAFnr7Iaa79pFyZS35OJDsxA5dNDjlcEJkOrFgDY-FdJ2hIPWT-vzhYR7f4sBo21_lKQOEgLGZzsJL7yQJBbLJ11N45S5UY&sai=AMfl-YSJ7zqiBzQzXFDkLM7MefgUgS9leuuX6cIHRnGNP6i_BK_wLlGaPBGFxmocTq0ek76h9HiCLkT0Bo4WEPBUTK8Fya6nOw52X9LCa2D8KUzsZLco4zUCRsbNvSM5r0FQJ8yu&sig=Cg0ArKJSzLBezteuv3o2EAE&uach_m=[UACH]&pr=96:0.062&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211207.86167&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_V_pcrBp7JHbBiqZBNPanXO9ft1RXnSqR4by2J1ZbgNkUXtXu4_sGa62tuqOd2Prer8Xfzgbo1b_r0D3VGRdHTl6o37QedasWYxgFRj2DT_hpUK8ipQG0lyMbF12mCaNzglZ5opC3pjXrj70Rxhyfc4aang&cry=1&dbm_d=AKAmf-AalB1F_zaAZwpj3l3zKB3N70tz8lXQ_M9mm0j6BTAfw6TtihfRwyBsEUBirCkSJOJ4eItjCqQgElYSta1zLI8qGCafN3Cnl6arabNjREnq_Dd3u0T0t43IYlSdUTAznaZCxNQYVvPiPwLvgesxk8dRZLcpgQm-2Se5d2RLPHMHA2uulWt39y7qO6ae7-VLzm1QAiwDTYLqS99oa03QicdIozXr3uh4ntrNYmYt00rUaHZembc0iC7D8C1ny6ZTh6RtXUniHFtH7vd8bIbcMMoUE8NLqlGf_UtJ2y4N4XZg9kA5GVU9gEC4QuRIummNdgnrMeVtXdkc_-yzmVQsBh3eP_DKAPNmSuZE0dS8DVemmWh0I1dI3BKEsWGZSNbmO8c1wLeX5jmJvYSAZ3hOHOaZ3509-PbYLsfPTn5rloqXbWfh7XH9FQO5pSVrzvTRVihX2-FaQlMFcw_ysbUchV6UIVT2ZcOF0CpyHPmWP8DD4li7mrmr5weamEmUwx-ctdUVdIXmMTJRaTIafbYfQ0svJ810lCi0YdDc9iNYhcQ4QatD5nNjakJGL5LuBYClN1Yjez6uiXgOimjtvz_g8JeI1FuGWwTCEPsZa0b0Sk93X5FBjOk-ItopdmsGfAoXxMQehdt2y3j4UdI0HmSIoQTS81uZxb8SrzrSeftuSXcFsUwApwYzsTu8sCgMcjkzqQZFXCQnWQOm_bHBDMQ2jJHW8hQoUc6hmZsep7oyt8-xMgyzxVK7G9faKnHoGBC84UFKDS2RjH63f5TF1QyE9FxDuV3UGxZ5iy11x0URsVOZdMlVmGrPwsiVA1w9dJ2_SzLezj4dNpiQOADuLWS8BIz645p56qxRGZBGW4uKYJ6Gkv_pONI1t82usd1ZBkY-Vtl08CFt82BBTEpH-O_up3yfgidKegIiZVn9p7VIl_gxF8xUxR-UzpqCnS65mqc4Uvy4aFWW_fKdTjhxjhPBi8dYC3d5pLDLbkz1yXK2tvcD4cPv7Oa8BtoQlw4JesTekKq9ulXKsQnPCcH_A_wQ9cX0myG86iKORn62bsAWhM3tLNFPUGLCg3iBwg_BbkDio6Cb0l1xG9gDJnzTiFVErtUCPQmoeu6ubJNKaqsSlwIZxFJdVfdgzrNNT-cBEhO76ouZMEVymdb7Ft2GxtgMtcBenMH-cw-r99rF2-MVF6xLwYgULkUWKQ6-ysxeKm8STfDtHIlH5kflwqhIqESZLstpF1EK4fMIeEbCpVDwa3H1ZVKhbgbCDt-M0M77idZxdznSvwQ8wyD5Stg1dfq28dC5Sf16EBjr5iG00U2R4kSs48evgSKXii6MEFkEn0AZ2tTLjeLuAGuKms_zm49TFgYgFYV2HPoqsL_6n-B5P0oLv1wuBJiw7A5EUMrhJ9YwlRxFH2P_s_r2dcxodMz8qyhBS0wPKT0htXGM-3whtXF093SgRs1Ekn8vzfwbE3wcYm6c4NnFhnzOOgtfp7oUZa09WirGDnpdyeVH5azX-sxsJ1okeA_sID43qhqMQTfLPpijlaQwLOXdfhYBjVsI2sz7jfgtZCL0Yqm33EYqIXNdRtn9xsSsTmQ4RLyFedQwda35VKpS5KMjcfm-KbmvwaE3PAoMOnMdpn7iHncZLjQcWgQ6Lg-MUFI7XTot3Sbd43UMpJlQc2ZL9hLTGNJypCJmMaGVwW276n8f1AGTBVeLHAb5OnzS6m3wbponLahHIx4vy4D-xe7XyrPtomcpzxnqyL54FN_XKKnXWDcxKcijh2ITVvI8-ush4JcNyg0Dr72XQSEWCpo6MiqnywYRCBdZrIX3tv-B9vAvLBgcSJ63wGXsnXZ6cvqPsP61HUUfpIx-DwbCcVujLoRHAmBl7DfWeMT408WWXQjmf6-ne8esqczR8iiAqlqAKnlOH9rCPoaWpRFRnDRAD6FlyVA1eOTHV_uhlwyrbQvwTcjOPOFGLdDkobUmEpFItmrtkpSr26L1B6MNadvZDYY4vTUI6HgIlih4GhMm9j2yi6fk5t3UM4L5x0tZkb2eCy32BTG7OAx37ug-u-4u3rCHoYDV6J_6huxhLXQmZtVPk9IABYAk7zWbxYWmcgfqd9Xct-vAZBf_PL70SFl0qtRTwAdOOyMurQHGCv65GUPWQfi2yx2UDJ-8h7H4qTyCIjzhcMecM_XGQhuHW7L1JEMjihMudRFTKfEIyYKUm1l_UO4ObIoJvMZf7OrJWBl13MHmgYGPwo6Al6PPeIcUqa3SkFfZOqK8jV43O14ziyW-ut9Ew4BSjLyn6W3rY-HFsSnSSeNzOoIvQDl6K26HJjbJeotDVUO6iONW8_XRb1gIzLc1mB_maX64FGkM2azT588rTt49w15j9KKwz-kiAPcWMbyLEtcoHilHpSbW6WXTkaXiZFaW56T18k_LSiCiCKQwrZgZ-Xi3dSKJdembPxIal50L19DXWRCpUfuPWPCqXnrHdi744z2UCkCmb-PuGOkvt-aWkJR7htUzhusJrer3VOuZ5F5RrWMn47BlUH_kucbu3Xp6d1gKZ0BTOL_RSiGWUZTQrI6woczwqFrxcvQF53XxOAQfkNot_B-mafyMLBUpvhQesBS1vzuq676YfWOzQHIdGNloG3SKtzaIucyIVSgqQBSmBHkVW-wC5S8XemokLE-QAY87oYoB3vyLHaz3LE6Z98e4KZ39mGTDVx3lD9gDFanUdVB4L2dpOBPlL0s0N3ptZLdfW-SwswtzTmd4j9VEUbPRVGEZ4lExgbaP6MSm214IqcYSIlJxtIcusQq1Gar0EuVFaMoTSbNQx7srYUIGDZ7s2VwhWItvrR_pdOjmaK_p2IY8-nF99HWaLrziUfDljV7BMfruDtrIMGuRQr1ZIk0IB44V9csQU6J15TyoN1ALoij0LtvEEuQq1FsHUgsKQeopRC4qEJ5EeVt7ZXJAyTIRnChYSi7xpDdqfHkd0REmmrWUFTbBs_nliOkpH0A4qGq_CJ-ogIX4TVJYF8pDkp3syeSazzwEIPwhWz44rtJzZQ-Eg-D1SsFuupUDKUqxlZ2X44H5NUIq2kW_cBcQDqLB65lhUQ95LMYyPZuikHJlG8UO0-XQwwDF4vz081R5VNJKfnlNztv7cSsvnpd4W6Dsa0VSFym--_V_tZRao910nuIA0g&pr=96:0.062&cid=CAASBORogG4&xfc=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3DJuiceBarAds_SHA_RON_EB_HDX%26aid%3D47677051723035161120%26rev%3Dc0c4269%26ss%3D5%26bc%3D0.062%26pr%3DYdOr-wAC3j8Hg4LVAApolSQF2pNwtVan8TNb9Q%26brid%3D168917%26bmid%3D5989%26biid%3D6021%26bcud%3D62%26sid%3D142837%26ts%3D1641262075%26caid%3D0%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D60829%26rdir%3D&rfl=2%2Chttps%253A%252F%252Fwww.controle.diarioceleste.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 04 Jan 2022 02:07:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 86AB 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_V_pcrBp7JHbBiqZBNPanXO9ft1RXnSqR4by2J1ZbgNkUXtXu4_sGa62tuqOd2Prer8Xfzgbo1b_r0D3VGRdHTl6o37QedasWYxgFRj2DT_hpUK8ipQG0lyMbF12mCaNzglZ5opC3pjXrj70Rxhyfc4aang&cry=1&dbm_d=AKAmf-AalB1F_zaAZwpj3l3zKB3N70tz8lXQ_M9mm0j6BTAfw6TtihfRwyBsEUBirCkSJOJ4eItjCqQgElYSta1zLI8qGCafN3Cnl6arabNjREnq_Dd3u0T0t43IYlSdUTAznaZCxNQYVvPiPwLvgesxk8dRZLcpgQm-2Se5d2RLPHMHA2uulWt39y7qO6ae7-VLzm1QAiwDTYLqS99oa03QicdIozXr3uh4ntrNYmYt00rUaHZembc0iC7D8C1ny6ZTh6RtXUniHFtH7vd8bIbcMMoUE8NLqlGf_UtJ2y4N4XZg9kA5GVU9gEC4QuRIummNdgnrMeVtXdkc_-yzmVQsBh3eP_DKAPNmSuZE0dS8DVemmWh0I1dI3BKEsWGZSNbmO8c1wLeX5jmJvYSAZ3hOHOaZ3509-PbYLsfPTn5rloqXbWfh7XH9FQO5pSVrzvTRVihX2-FaQlMFcw_ysbUchV6UIVT2ZcOF0CpyHPmWP8DD4li7mrmr5weamEmUwx-ctdUVdIXmMTJRaTIafbYfQ0svJ810lCi0YdDc9iNYhcQ4QatD5nNjakJGL5LuBYClN1Yjez6uiXgOimjtvz_g8JeI1FuGWwTCEPsZa0b0Sk93X5FBjOk-ItopdmsGfAoXxMQehdt2y3j4UdI0HmSIoQTS81uZxb8SrzrSeftuSXcFsUwApwYzsTu8sCgMcjkzqQZFXCQnWQOm_bHBDMQ2jJHW8hQoUc6hmZsep7oyt8-xMgyzxVK7G9faKnHoGBC84UFKDS2RjH63f5TF1QyE9FxDuV3UGxZ5iy11x0URsVOZdMlVmGrPwsiVA1w9dJ2_SzLezj4dNpiQOADuLWS8BIz645p56qxRGZBGW4uKYJ6Gkv_pONI1t82usd1ZBkY-Vtl08CFt82BBTEpH-O_up3yfgidKegIiZVn9p7VIl_gxF8xUxR-UzpqCnS65mqc4Uvy4aFWW_fKdTjhxjhPBi8dYC3d5pLDLbkz1yXK2tvcD4cPv7Oa8BtoQlw4JesTekKq9ulXKsQnPCcH_A_wQ9cX0myG86iKORn62bsAWhM3tLNFPUGLCg3iBwg_BbkDio6Cb0l1xG9gDJnzTiFVErtUCPQmoeu6ubJNKaqsSlwIZxFJdVfdgzrNNT-cBEhO76ouZMEVymdb7Ft2GxtgMtcBenMH-cw-r99rF2-MVF6xLwYgULkUWKQ6-ysxeKm8STfDtHIlH5kflwqhIqESZLstpF1EK4fMIeEbCpVDwa3H1ZVKhbgbCDt-M0M77idZxdznSvwQ8wyD5Stg1dfq28dC5Sf16EBjr5iG00U2R4kSs48evgSKXii6MEFkEn0AZ2tTLjeLuAGuKms_zm49TFgYgFYV2HPoqsL_6n-B5P0oLv1wuBJiw7A5EUMrhJ9YwlRxFH2P_s_r2dcxodMz8qyhBS0wPKT0htXGM-3whtXF093SgRs1Ekn8vzfwbE3wcYm6c4NnFhnzOOgtfp7oUZa09WirGDnpdyeVH5azX-sxsJ1okeA_sID43qhqMQTfLPpijlaQwLOXdfhYBjVsI2sz7jfgtZCL0Yqm33EYqIXNdRtn9xsSsTmQ4RLyFedQwda35VKpS5KMjcfm-KbmvwaE3PAoMOnMdpn7iHncZLjQcWgQ6Lg-MUFI7XTot3Sbd43UMpJlQc2ZL9hLTGNJypCJmMaGVwW276n8f1AGTBVeLHAb5OnzS6m3wbponLahHIx4vy4D-xe7XyrPtomcpzxnqyL54FN_XKKnXWDcxKcijh2ITVvI8-ush4JcNyg0Dr72XQSEWCpo6MiqnywYRCBdZrIX3tv-B9vAvLBgcSJ63wGXsnXZ6cvqPsP61HUUfpIx-DwbCcVujLoRHAmBl7DfWeMT408WWXQjmf6-ne8esqczR8iiAqlqAKnlOH9rCPoaWpRFRnDRAD6FlyVA1eOTHV_uhlwyrbQvwTcjOPOFGLdDkobUmEpFItmrtkpSr26L1B6MNadvZDYY4vTUI6HgIlih4GhMm9j2yi6fk5t3UM4L5x0tZkb2eCy32BTG7OAx37ug-u-4u3rCHoYDV6J_6huxhLXQmZtVPk9IABYAk7zWbxYWmcgfqd9Xct-vAZBf_PL70SFl0qtRTwAdOOyMurQHGCv65GUPWQfi2yx2UDJ-8h7H4qTyCIjzhcMecM_XGQhuHW7L1JEMjihMudRFTKfEIyYKUm1l_UO4ObIoJvMZf7OrJWBl13MHmgYGPwo6Al6PPeIcUqa3SkFfZOqK8jV43O14ziyW-ut9Ew4BSjLyn6W3rY-HFsSnSSeNzOoIvQDl6K26HJjbJeotDVUO6iONW8_XRb1gIzLc1mB_maX64FGkM2azT588rTt49w15j9KKwz-kiAPcWMbyLEtcoHilHpSbW6WXTkaXiZFaW56T18k_LSiCiCKQwrZgZ-Xi3dSKJdembPxIal50L19DXWRCpUfuPWPCqXnrHdi744z2UCkCmb-PuGOkvt-aWkJR7htUzhusJrer3VOuZ5F5RrWMn47BlUH_kucbu3Xp6d1gKZ0BTOL_RSiGWUZTQrI6woczwqFrxcvQF53XxOAQfkNot_B-mafyMLBUpvhQesBS1vzuq676YfWOzQHIdGNloG3SKtzaIucyIVSgqQBSmBHkVW-wC5S8XemokLE-QAY87oYoB3vyLHaz3LE6Z98e4KZ39mGTDVx3lD9gDFanUdVB4L2dpOBPlL0s0N3ptZLdfW-SwswtzTmd4j9VEUbPRVGEZ4lExgbaP6MSm214IqcYSIlJxtIcusQq1Gar0EuVFaMoTSbNQx7srYUIGDZ7s2VwhWItvrR_pdOjmaK_p2IY8-nF99HWaLrziUfDljV7BMfruDtrIMGuRQr1ZIk0IB44V9csQU6J15TyoN1ALoij0LtvEEuQq1FsHUgsKQeopRC4qEJ5EeVt7ZXJAyTIRnChYSi7xpDdqfHkd0REmmrWUFTbBs_nliOkpH0A4qGq_CJ-ogIX4TVJYF8pDkp3syeSazzwEIPwhWz44rtJzZQ-Eg-D1SsFuupUDKUqxlZ2X44H5NUIq2kW_cBcQDqLB65lhUQ95LMYyPZuikHJlG8UO0-XQwwDF4vz081R5VNJKfnlNztv7cSsvnpd4W6Dsa0VSFym--_V_tZRao910nuIA0g&pr=96:0.062&cid=CAASBORogG4&xfc=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3DJuiceBarAds_SHA_RON_EB_HDX%26aid%3D47677051723035161120%26rev%3Dc0c4269%26ss%3D5%26bc%3D0.062%26pr%3DYdOr-wAC3j8Hg4LVAApolSQF2pNwtVan8TNb9Q%26brid%3D168917%26bmid%3D5989%26biid%3D6021%26bcud%3D62%26sid%3D142837%26ts%3D1641262075%26caid%3D0%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D60829%26rdir%3D&rfl=2%2Chttps%253A%252F%252Fwww.controle.diarioceleste.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 20:54:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18777
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Jan 2023 20:54:59 GMT
m
ad.yieldlab.net/ Frame 9B18
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEJpueM0Qha4kIxrCuZbvfps&google_cver=1
0
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEJpueM0Qha4kIxrCuZbvfps&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHR6uYCEMHGmI0DGOTo5b4BMAE&v=APEucNUzRuzmFjj1G_UbW5DCuCSUFoIXkL41sPDsNC4-W9Apn1T6P7fQE-kmQBNdUenz3-hRa_cAses6yyo3PNP_Z7uUU32dwVlLbYylH3JQq54QZxU5AX3ZXO4g5HCB8mpUhl10BOKRJHDDc99l6XsJqI0JuB1yv6YZLTxxZ0-KOcFbUIPDVe8
Protocol
HTTP/1.1
Server
104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-218-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 02:07:56 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Mon, 03 Jan 2022 02:07:56 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEJpueM0Qha4kIxrCuZbvfps&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.adform.net/ Frame 9B18
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEIP0gxN0bfPMM0n_lprOzJo&google_cver=1&adform_v=1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEIP0gxN0bfPMM0n_lprOzJo&google_cver=1&adform_v=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHR6uYCEMHGmI0DGOTo5b4BMAE&v=APEucNUzRuzmFjj1G_UbW5DCuCSUFoIXkL41sPDsNC4-W9Apn1T6P7fQE-kmQBNdUenz3-hRa_cAses6yyo3PNP_Z7uUU32dwVlLbYylH3JQq54QZxU5AX3ZXO4g5HCB8mpUhl10BOKRJHDDc99l6XsJqI0JuB1yv6YZLTxxZ0-KOcFbUIPDVe8
Protocol
H2
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEIP0gxN0bfPMM0n_lprOzJo&google_cver=1&adform_v=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/adfserve/ Frame 5840 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=46122647;rtbwp=YdOr-wAIjIMKd_lDAA2_xqGPYiWTX0sSmjic_w;rtbdata=sE7aJDcJuegdKCn7zHyi9_FRUR4GSi6IDJGX4Ff6Dv-e9fWGgeG7KQ6lzVbaIVSCIspSLvWTteuSuqkhLpZinfTVqV7K2UCDyk4duVUUcw0SxFA_n3xXpRmQZP2mOwfaaMwOE8Kw1NgddDWXC0o5AR36NRsXaTPpY9LqVqr5u7004_0ID0LYS7PRkeAURXdVuSjuJH3O9LopifyFOpkPMqGloshJgAGNGryWsoEKSI65ulHu_8-bIsbk21oTzP-01ejLGfZaMtplGmNzwd-hVpOYdiw-7pVO3i3IlGDfNRRpsHQDE1RBHrNOUs5OeowVIpE1YpJauBBue6m5mETywErzvcOouG350;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CRJM_-6vTYYOZIsPy3wPG_7bIBei-mJRcoKWzyf0IwI23ARABIABglQKCARdjYS1wdWItMjg0NTQ2MzQzODE1Mzc4MsgBCakCevVkqEZihD7gAgCoAwGqBIwCT9AJKuD4FbV7reDOuuF8wyKiE4vKI38C99_WbWOKjiILIYLZRf-XSdQDdY7fsIjukcgNzUSdz1mYwlPiW7hFpw37LX0vlpDvuKsVfd-pY-lq3dZbSxE68fEuO5zgLnES_3ahpnNj5IsC76l7uRBwJM6mEZ55R0iSvU3N7xjj0zp8EJZnQ-V2tP_CvT4-z7vH1_hkdfr4trbePgGJDGKg2fVJMzqdHW-1ZBcdQBMGhy2ChIk1xm3s_KBrXLi3COsJs9Gb-e85WpfKjNHaI56dJcpB_k3gKfi1jsk0BJL9HtITEhRbjRn3ZjpOnGZgmDqQA-BV8XWqBItFn020rOXKmzwxy80LV5LMwjuE1OAEAYAG95222qfVjssfoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_2emQ8kNBYd5iy64LXmrahSGoEO6A&client=ca-pub-2845463438153782&adurl=;js=1;adfxid=2x;215;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.controle.diarioceleste.com.br
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cb0d491460eeecb7481f7bb38feb7d90c0d6a0321c1573629de5b6281b113fc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
3290
expires
-1
pixel
cm.g.doubleclick.net/ Frame E85C
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIRSywS_-xussfrMPONjpoc&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=REpaam5rS3YxTjR6ZVg1&google_gid=CAESEIRSywS_-xussfrMPONjpoc&google_cver=1&google_push=AYg5qPIUQPO6M9MvPQxtIqbMyoFIdX6f_ym8GPUV8aldvPV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=REpaam5rS3YxTjR6ZVg1&google_gid=CAESEIRSywS_-xussfrMPONjpoc&google_cver=1&google_push=AYg5qPIUQPO6M9MvPQxtIqbMyoFIdX6f_ym8GPUV8aldvPViL5sq5k6J1LBeCOz-o3C9K4hEMIoqSs-33hlMELIvpqfLTP7ttA
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 02:07:55 GMT
Server
PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-007d40ea11cf721ba@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=REpaam5rS3YxTjR6ZVg1&google_gid=CAESEIRSywS_-xussfrMPONjpoc&google_cver=1&google_push=AYg5qPIUQPO6M9MvPQxtIqbMyoFIdX6f_ym8GPUV8aldvPViL5sq5k6J1LBeCOz-o3C9K4hEMIoqSs-33hlMELIvpqfLTP7ttA
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame E85C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPIPCclzr-6NhNgEqBhwFsM&google_cver=1&google_push=AYg5qPLiDFLaotD2Xff2xAlIN6JqnZ375ufA3y9t24Z2xAEy7vuNK1DSSqr3pxm7rWz3axSqQMmKqRM-jYjYR6Qrv30xLMJ8Lw
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dot.gif
s0.2mdn.net/ Frame E85C 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEArx2maB1MtyzBF6TDVwabQ&google_cver=1&google_push=AYg5qPJecW6KSFC1_1wP3q5kNbXSXhylYKdyg8cxgoi5ai01A4JjMHxOu7lqv3UXLhA8a8Xu4-g_8Fw6USoa0B5VHd8v7H1lVg
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 05 Jan 2022 02:07:56 GMT
dds
rtb.openx.net/sync/ Frame E85C 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEBnlGPMwRkjEfh4ir4Y-Hf8&google_cver=1&google_push=AYg5qPLtOPLaukAK2-ngQ48_zK4IxZwhRtq5QpnE20qC0SIHpI13Mlk0cFGIX16GPP82DDXAnHP0PAxujAAtsMRGyiRPgiZRl6k
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
3kvclqpu6icpo119p2j3pl0khdjtv1tq
pixel
cm.g.doubleclick.net/ Frame E85C
Redirect Chain
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESELqZtgtB5nHPum18F-0Bl-o&google_cver=1&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw
0
0
pixel
cm.g.doubleclick.net/ Frame E85C
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEGv5tNs5HXur3ARTCrfWOzw&google_cver=1&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5xXXrzmw...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5...
0
0
pixel
cm.g.doubleclick.net/ Frame E85C
Redirect Chain
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEAYvf2Cct27_wl1eSsnqHYA&google_cver=1&google_push=AYg5qPKyVQXANDF3eSLR6npezS1isCTL36QuLexbnsE5riZaDb3r_TzO...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEAYvf2Cct27_wl1eSsnqHYA&google_cver=1&google_push=AYg5qPKyVQXANDF3eSLR6npezS1isCTL36QuLexbnsE5riZaDb3r_T...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyMTZhMzJlOS02ZDAzLTExZWMtOTI2OS0wMmRmZTExNWRhNGM%3D&google_push=AYg5qPKyVQXANDF3eSLR6npezS1isCTL36QuLexbnsE5riZaDb3r_TzOOnUyy3vVcg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyMTZhMzJlOS02ZDAzLTExZWMtOTI2OS0wMmRmZTExNWRhNGM%3D&google_push=AYg5qPKyVQXANDF3eSLR6npezS1isCTL36QuLexbnsE5riZaDb3r_TzOOnUyy3vVcguumhPyRHr8_bS3ueZiZe1VuxMnBLdGVl8s
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyMTZhMzJlOS02ZDAzLTExZWMtOTI2OS0wMmRmZTExNWRhNGM%3D&google_push=AYg5qPKyVQXANDF3eSLR6npezS1isCTL36QuLexbnsE5riZaDb3r_TzOOnUyy3vVcguumhPyRHr8_bS3ueZiZe1VuxMnBLdGVl8s
date
Tue, 04 Jan 2022 02:07:56 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame E85C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JQwN_m_PhomRqfrCNPG1CVxtQsE2awXcUAfM4RfnyQyNXK_51i0WXz-SVDCgF2d1C1DrOxmQ
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
link.html
track.webgains.com/ Frame AAAD 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2647615&wgcampaignid=205795&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ghjndfq4s1wn1mq6vr5nbkkjbqtv80hdtqs73n5da3wpjpf83n9fb17678af8tefw5z5emh8p5k0dyex4ngp1pe6gqs6k3ksk4mvvph5aw14p5qgpz2f76ssa0xp2zheyx7ga1brj8syrnqd2qpbz0aye18gqtmm0vw8jpckbcwqy6qyddd8hm1fk68jk1zhydj5n1774zygk7vztcqkdbfm2be6ddmahqv4y6bhbd7ph8ejfknz0sczvrwpzdf1mdpzsvta91a5t1n88jyjy2exhhqsywf52c6hfb6n1nbj8j9m37et%26a%3D&clickref=oneidrDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fdoneid__asuidKnVRbz8jl9YEznYcSjwwJZ72HxHdabapasuid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneid4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHKoneid__asuidKnVRbz8jl9YEznYcSjwwJZ72HxHdabapasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C22472%2C14044&b=4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK%2CB57hgfW7sEkPTxH6H3t9t31GF4TeTGBUM&f=rDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd%2Cj83uEfZeSJEmTYHEH2tWCgmBuKTzTxJc9&c=728&d=90&e=KnVRbz8jl9YEznYcSjwwJZ72HxHdabap&g=caaffbd9786bdebbb9df2235e56e7848%2F3134790401295411739&i=22427%2C27323%2C25007&j=21%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1641262075795&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbp60ggmka43nh9mtdzzvjaza838cs8sp7qqy2jzqjdv3ndjbn9xkhmsggd6e8s8j5gxa8bamc7aazr6tgc8w911b3hxvzj7eq52am0mmz4azkqjek5ksvnaa69yx5e0b41cm9997vy5djgmtpsk8m3b3pkbqmrwke6kgs4wg06fkmvrjwa2e3ztp4xgq15x9b9jqznqrez32vr9jbt5tx67j3s137p1jgsj10apy9thgzknrmxs585eawqy14km0q4858t3mvqe83w1xgg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCAwtX-qvTYaKePMmMjuwP1J6gmA2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODKgAcKu6N0DyAEJqQJ9w9YDbfOyPuACAKgDAaoEjgJP0IUXK6aA44QNVbXIihgdZxPiq9xv4vpdQL5hNNZSsGa9GCJIcHnezFpd-l7p_bxxmqnzzRlb6mJuVOYrWV8M7DsfhNtZ-wTPSMxZVnQIZm7xu5nP5lir5UUM88z0lEEWEYA89goC8YtfPlk23M6at_zsDr8ikA7tHVCH3UC7OCo1-gxKmhVjWzDS7qYhQRciXs-z8w071Pv2QlXhPGY43lR7SuUs9-zvcC0sDeLfcRhniQovPUj38jtIEfp_YpqToBCbrEuxThk63mLB0DjSWZoRHKO8rLhUBGN3TM5m09QMKtiXbDgJZB_-ImdR9JlIdu1wfdD24kOGGGv1F_SCkfcuNOEBciuM82rWITPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2Rnk9uyla3lYMfMR0VcR5Dvy-7BA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
ae29d756b2b021ca008f6ba08995e46855bad39e915c4162211060ce2d6325c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 02:07:56 GMT
Last-Modified
Tue, 04 Jan 2022 02:07:56 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1474
Expires
Mon, 26 Jul 1997 05:00:00 GMT
/
www.autohaus-koenig.de/htlp/ Frame 78CB
Redirect Chain
  • https://campaign.mobility-ads.de/highTrafficUrl/1.html?idPartner=39&idCampaignAd=0&subId=&subIdentifier=oneid4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHKoneid__asuidKnVRbz8jl9YEznYcSjwwJZ72HxHdabapasuid__suit...
  • https://www.autohaus-koenig.de/htlp?coyotetrackingid=483566946
  • https://www.autohaus-koenig.de/htlp/?coyotetrackingid=483566946
531 B
420 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.autohaus-koenig.de/htlp/?coyotetrackingid=483566946
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C22472%2C14044&b=4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK%2CB57hgfW7sEkPTxH6H3t9t31GF4TeTGBUM&f=rDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd%2Cj83uEfZeSJEmTYHEH2tWCgmBuKTzTxJc9&c=728&d=90&e=KnVRbz8jl9YEznYcSjwwJZ72HxHdabap&g=caaffbd9786bdebbb9df2235e56e7848%2F3134790401295411739&i=22427%2C27323%2C25007&j=21%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1641262075795&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbp60ggmka43nh9mtdzzvjaza838cs8sp7qqy2jzqjdv3ndjbn9xkhmsggd6e8s8j5gxa8bamc7aazr6tgc8w911b3hxvzj7eq52am0mmz4azkqjek5ksvnaa69yx5e0b41cm9997vy5djgmtpsk8m3b3pkbqmrwke6kgs4wg06fkmvrjwa2e3ztp4xgq15x9b9jqznqrez32vr9jbt5tx67j3s137p1jgsj10apy9thgzknrmxs585eawqy14km0q4858t3mvqe83w1xgg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCAwtX-qvTYaKePMmMjuwP1J6gmA2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODKgAcKu6N0DyAEJqQJ9w9YDbfOyPuACAKgDAaoEjgJP0IUXK6aA44QNVbXIihgdZxPiq9xv4vpdQL5hNNZSsGa9GCJIcHnezFpd-l7p_bxxmqnzzRlb6mJuVOYrWV8M7DsfhNtZ-wTPSMxZVnQIZm7xu5nP5lir5UUM88z0lEEWEYA89goC8YtfPlk23M6at_zsDr8ikA7tHVCH3UC7OCo1-gxKmhVjWzDS7qYhQRciXs-z8w071Pv2QlXhPGY43lR7SuUs9-zvcC0sDeLfcRhniQovPUj38jtIEfp_YpqToBCbrEuxThk63mLB0DjSWZoRHKO8rLhUBGN3TM5m09QMKtiXbDgJZB_-ImdR9JlIdu1wfdD24kOGGGv1F_SCkfcuNOEBciuM82rWITPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2Rnk9uyla3lYMfMR0VcR5Dvy-7BA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.69.159.132 Hobstin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.132.159.69.159.clients.your-server.de
Software
nginx/1.20.2 /
Resource Hash
4e731469b10709f2b3ce4441b36166dd5f47be2c03a53e99b5d35f769a1a255b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx/1.20.2
date
Tue, 04 Jan 2022 02:07:56 GMT
content-type
text/html
content-encoding
gzip

Redirect headers

server
nginx/1.20.2
date
Tue, 04 Jan 2022 02:07:56 GMT
content-type
text/html
content-length
169
location
https://www.autohaus-koenig.de/htlp/?coyotetrackingid=483566946
view
googleads4.g.doubleclick.net/pcs/ Frame 86AB 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvwsHIfVFuJjmISygfl17V5UQHA6d8Ihvx3lfJYR1EeHeM5b33_gt4Kbmz_4_16n9m2nYbl9SdoQxWOMrkSKM0JNlZs3H28GsoHkaG5UAHZEpUcQhAoSIpad4p_dzejRYNoVJhCpnDhknvJzkiRFViG24YGQgmc97O1fDTgxirArmyNuurGJh-_rFLjju-Y8JXdM07Q6A8UphJPAIhT0ipPmqPD7SD8CYJi01qoy-aWWOLnK8Uc7FbEWzh5m-aBcnFis4jSH-s7hlQrxE786ONA7ycd3HeePPV6hkv1Hy2lxGbnibwzOool30qicnuQRk2rmkvVVUpx7LdheRLKhuMVfklFjp3j4eBNWTH1nn_FUmDaA7lrTeZqLjoupqfGxo4GPKXFVA6Lps-3Z4IQbI-y9ah2_8XsqOyNp0HEMtk8ijA24q5AhuVDHRUsNAl9R7c5LmbUFeumNdMCD-tBznWLa8TNSR-P76qrQ9DA6e5O7cskvAz-WypW_PRUfhHhInsm_wXQ_ao1gYqy977cr8IL1syrrKIpNNMKrIpo0Ea5JdvgvretDtSecqfxDPjfSO6lh4FR9NyYQPAwjT29YmFcqB6EArFBoUGOUwpxDQImAGVoXSjH6QElzYS1_qqMB_IsrkluVHsPmTzf8mXbj3NgibAAff8zih0fxlzLmtcvmXWvbg4EOdgBpYWNcJNutSd-CZMbNi5saCov9Qt8dU2ErgG3vUZWpPCfG31UhXe1BmQJOuhF50rVK_tiHGzWvteDn-ooqKT406UU8Cm5oFlIXHIAKnBXRjwD4lYjKZJOURfnSig4r3ap091WcoKqHEWNkRFRFxNLy0SEPrdO6oWIuovHxxTeIkvxfPWqnhJBFj8Ud0C3rLbmptn9O7iVrKatX_1gfqaAleIy0V-z0X7U7Hvef2T_qq1eAajsWz207rRpucLU55_-KOv3oahQtWfX5zVyhIbo5Ygc2C6XQhUWOW5264ejRnXy6EeZGOb8x157ryFaog3WZHSvkohAmvfWjxS1IJSeRAFnr7Iaa79pFyZS35OJDsxA5dNDjlcEJkOrFgDY-FdJ2hIPWT-vzhYR7f4sBo21_lKQOEgLGZzsJL7yQJBbLJ11N45S5UY&sai=AMfl-YSJ7zqiBzQzXFDkLM7MefgUgS9leuuX6cIHRnGNP6i_BK_wLlGaPBGFxmocTq0ek76h9HiCLkT0Bo4WEPBUTK8Fya6nOw52X9LCa2D8KUzsZLco4zUCRsbNvSM5r0FQJ8yu&sig=Cg0ArKJSzLBezteuv3o2EAE&uach_m=[UACH]&pr=96:0.062&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=37&vt=11&dtpt=36&dett=2&cstd=0&cisv=r20211207.86167&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_V_pcrBp7JHbBiqZBNPanXO9ft1RXnSqR4by2J1ZbgNkUXtXu4_sGa62tuqOd2Prer8Xfzgbo1b_r0D3VGRdHTl6o37QedasWYxgFRj2DT_hpUK8ipQG0lyMbF12mCaNzglZ5opC3pjXrj70Rxhyfc4aang&cry=1&dbm_d=AKAmf-AalB1F_zaAZwpj3l3zKB3N70tz8lXQ_M9mm0j6BTAfw6TtihfRwyBsEUBirCkSJOJ4eItjCqQgElYSta1zLI8qGCafN3Cnl6arabNjREnq_Dd3u0T0t43IYlSdUTAznaZCxNQYVvPiPwLvgesxk8dRZLcpgQm-2Se5d2RLPHMHA2uulWt39y7qO6ae7-VLzm1QAiwDTYLqS99oa03QicdIozXr3uh4ntrNYmYt00rUaHZembc0iC7D8C1ny6ZTh6RtXUniHFtH7vd8bIbcMMoUE8NLqlGf_UtJ2y4N4XZg9kA5GVU9gEC4QuRIummNdgnrMeVtXdkc_-yzmVQsBh3eP_DKAPNmSuZE0dS8DVemmWh0I1dI3BKEsWGZSNbmO8c1wLeX5jmJvYSAZ3hOHOaZ3509-PbYLsfPTn5rloqXbWfh7XH9FQO5pSVrzvTRVihX2-FaQlMFcw_ysbUchV6UIVT2ZcOF0CpyHPmWP8DD4li7mrmr5weamEmUwx-ctdUVdIXmMTJRaTIafbYfQ0svJ810lCi0YdDc9iNYhcQ4QatD5nNjakJGL5LuBYClN1Yjez6uiXgOimjtvz_g8JeI1FuGWwTCEPsZa0b0Sk93X5FBjOk-ItopdmsGfAoXxMQehdt2y3j4UdI0HmSIoQTS81uZxb8SrzrSeftuSXcFsUwApwYzsTu8sCgMcjkzqQZFXCQnWQOm_bHBDMQ2jJHW8hQoUc6hmZsep7oyt8-xMgyzxVK7G9faKnHoGBC84UFKDS2RjH63f5TF1QyE9FxDuV3UGxZ5iy11x0URsVOZdMlVmGrPwsiVA1w9dJ2_SzLezj4dNpiQOADuLWS8BIz645p56qxRGZBGW4uKYJ6Gkv_pONI1t82usd1ZBkY-Vtl08CFt82BBTEpH-O_up3yfgidKegIiZVn9p7VIl_gxF8xUxR-UzpqCnS65mqc4Uvy4aFWW_fKdTjhxjhPBi8dYC3d5pLDLbkz1yXK2tvcD4cPv7Oa8BtoQlw4JesTekKq9ulXKsQnPCcH_A_wQ9cX0myG86iKORn62bsAWhM3tLNFPUGLCg3iBwg_BbkDio6Cb0l1xG9gDJnzTiFVErtUCPQmoeu6ubJNKaqsSlwIZxFJdVfdgzrNNT-cBEhO76ouZMEVymdb7Ft2GxtgMtcBenMH-cw-r99rF2-MVF6xLwYgULkUWKQ6-ysxeKm8STfDtHIlH5kflwqhIqESZLstpF1EK4fMIeEbCpVDwa3H1ZVKhbgbCDt-M0M77idZxdznSvwQ8wyD5Stg1dfq28dC5Sf16EBjr5iG00U2R4kSs48evgSKXii6MEFkEn0AZ2tTLjeLuAGuKms_zm49TFgYgFYV2HPoqsL_6n-B5P0oLv1wuBJiw7A5EUMrhJ9YwlRxFH2P_s_r2dcxodMz8qyhBS0wPKT0htXGM-3whtXF093SgRs1Ekn8vzfwbE3wcYm6c4NnFhnzOOgtfp7oUZa09WirGDnpdyeVH5azX-sxsJ1okeA_sID43qhqMQTfLPpijlaQwLOXdfhYBjVsI2sz7jfgtZCL0Yqm33EYqIXNdRtn9xsSsTmQ4RLyFedQwda35VKpS5KMjcfm-KbmvwaE3PAoMOnMdpn7iHncZLjQcWgQ6Lg-MUFI7XTot3Sbd43UMpJlQc2ZL9hLTGNJypCJmMaGVwW276n8f1AGTBVeLHAb5OnzS6m3wbponLahHIx4vy4D-xe7XyrPtomcpzxnqyL54FN_XKKnXWDcxKcijh2ITVvI8-ush4JcNyg0Dr72XQSEWCpo6MiqnywYRCBdZrIX3tv-B9vAvLBgcSJ63wGXsnXZ6cvqPsP61HUUfpIx-DwbCcVujLoRHAmBl7DfWeMT408WWXQjmf6-ne8esqczR8iiAqlqAKnlOH9rCPoaWpRFRnDRAD6FlyVA1eOTHV_uhlwyrbQvwTcjOPOFGLdDkobUmEpFItmrtkpSr26L1B6MNadvZDYY4vTUI6HgIlih4GhMm9j2yi6fk5t3UM4L5x0tZkb2eCy32BTG7OAx37ug-u-4u3rCHoYDV6J_6huxhLXQmZtVPk9IABYAk7zWbxYWmcgfqd9Xct-vAZBf_PL70SFl0qtRTwAdOOyMurQHGCv65GUPWQfi2yx2UDJ-8h7H4qTyCIjzhcMecM_XGQhuHW7L1JEMjihMudRFTKfEIyYKUm1l_UO4ObIoJvMZf7OrJWBl13MHmgYGPwo6Al6PPeIcUqa3SkFfZOqK8jV43O14ziyW-ut9Ew4BSjLyn6W3rY-HFsSnSSeNzOoIvQDl6K26HJjbJeotDVUO6iONW8_XRb1gIzLc1mB_maX64FGkM2azT588rTt49w15j9KKwz-kiAPcWMbyLEtcoHilHpSbW6WXTkaXiZFaW56T18k_LSiCiCKQwrZgZ-Xi3dSKJdembPxIal50L19DXWRCpUfuPWPCqXnrHdi744z2UCkCmb-PuGOkvt-aWkJR7htUzhusJrer3VOuZ5F5RrWMn47BlUH_kucbu3Xp6d1gKZ0BTOL_RSiGWUZTQrI6woczwqFrxcvQF53XxOAQfkNot_B-mafyMLBUpvhQesBS1vzuq676YfWOzQHIdGNloG3SKtzaIucyIVSgqQBSmBHkVW-wC5S8XemokLE-QAY87oYoB3vyLHaz3LE6Z98e4KZ39mGTDVx3lD9gDFanUdVB4L2dpOBPlL0s0N3ptZLdfW-SwswtzTmd4j9VEUbPRVGEZ4lExgbaP6MSm214IqcYSIlJxtIcusQq1Gar0EuVFaMoTSbNQx7srYUIGDZ7s2VwhWItvrR_pdOjmaK_p2IY8-nF99HWaLrziUfDljV7BMfruDtrIMGuRQr1ZIk0IB44V9csQU6J15TyoN1ALoij0LtvEEuQq1FsHUgsKQeopRC4qEJ5EeVt7ZXJAyTIRnChYSi7xpDdqfHkd0REmmrWUFTbBs_nliOkpH0A4qGq_CJ-ogIX4TVJYF8pDkp3syeSazzwEIPwhWz44rtJzZQ-Eg-D1SsFuupUDKUqxlZ2X44H5NUIq2kW_cBcQDqLB65lhUQ95LMYyPZuikHJlG8UO0-XQwwDF4vz081R5VNJKfnlNztv7cSsvnpd4W6Dsa0VSFym--_V_tZRao910nuIA0g&pr=96:0.062&cid=CAASBORogG4&xfc=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3DJuiceBarAds_SHA_RON_EB_HDX%26aid%3D47677051723035161120%26rev%3Dc0c4269%26ss%3D5%26bc%3D0.062%26pr%3DYdOr-wAC3j8Hg4LVAApolSQF2pNwtVan8TNb9Q%26brid%3D168917%26bmid%3D5989%26biid%3D6021%26bcud%3D62%26sid%3D142837%26ts%3D1641262075%26caid%3D0%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D60829%26rdir%3D&rfl=2%2Chttps%253A%252F%252Fwww.controle.diarioceleste.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 04 Jan 2022 02:07:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8D06 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Mon, 03 Jan 2022 20:54:59 GMT
expires
Tue, 03 Jan 2023 20:54:59 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
18777
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame 8866 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CkM3t-6vTYaDILJXa3wOz0ZeoC-6StZNcv6KFx-QFwI23ARABIABglQKCARdjYS1wdWItMjg0NTQ2MzQzODE1Mzc4MsgBCeACAKgDAaoEjAJP0Ff7H87iG5fjVh-c8-qd2V1vtncbUmiNtRI1QRKZr2cxx6BkkiJRFwyTCJ3d8gNak16BkT1L3nWw_PGzNGv2Ag1eU0DHT9gRwYou0VAsnQK5_YU9V4HvpC4ophqIahGDhyk48Wbx6KXz3nSIOhvSRsKl7JPOqa8XjvCU0RkXXQ6lUIw5B9hHpaCfZ6Z8JOh35us7RYDzm-LvevGwtVFT_bWjs750SC7KxfJfk1-WNBNc3q3u9oiyFXwowSwuyM3utR3k9Rx6VyBvxqOqc5ZueH2hHOSw04n-L6Mvy6YDkl_gCZRQFDEmjKMv76Oup6OmKmCSptoeNyUQY_Dw2OjGyCIRDduegNVKChld4AQBgAaY94vj8tqf3ZcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMjg0NTQ2MzQzODE1Mzc4MhjP1Gk&sigh=WuXrkblHI3U&uach_m=[UACH]&cid=CAQSPACNIrLM6dnF6FxALWapVu3dQKw8KLrZq83jm1vBgOmgJvq2uBsrNPJV3OxL2nPtHXmyAC7Dfk6jDCTPexgB
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
ttj
ib.3lift.com/ Frame 8866 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/ttj?inv_code=JuiceBarAds_SHA_RON_EB_HDX
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-72.fra56.r.cloudfront.net
Software
/
Resource Hash
c67ccb06fe072838f5e17ccc12d9a54f76aeb3e359cfdd4c491d116bfe096520

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:02:09 GMT
via
1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
age
682
etag
"65cb7913fd29dc1a897df1c3b52cbd46"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-C2
content-encoding
gzip
content-length
2012
x-amz-cf-id
QnR4K6oqWDmVYypvqQ8eB8BMafPMD26sXQNOT7bt9o5pta20qv-LDA==
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 8866 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 01:37:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1825
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Jan 2022 01:37:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8866 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 04 Jan 2022 02:07:56 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 8866 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 01:26:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2483
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Jan 2022 01:26:33 GMT
l
www.google.com/ads/measurement/ Frame 8866 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTNZWsvcq5ylOKflrk22BWGSmIsVWcBo78tfqII9HsprSK6G57XmBS_x7F1NzfM66gTatZ-xIjYd9R_z4RoAXi-H-vsQw
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 8866 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 20:54:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18777
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 03 Jan 2023 20:54:59 GMT
notify
tlx.3lift.com/s2s/ Frame 8866 		37 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/s2s/notify?px=1&pr=YdOr-wALJCAKd-0VAAXos0R_y-u5iEcpdFQBhQ&ts=1641262075&aid=88150947195352729620&ec=2409_15064_70_52121887&n=GgDyArQBCAASFDg4MTUwOTQ3MTk1MzUyNzI5NjIwGAAgASjpEjDYdUABSABQAWAKaABw5ZIQkAEAmAEAqAEAsAE2uAEdwAEoyAE24AEn8AEA%2BAE2gAIoiAInkQIAAAAAAADwP5kCAAAAAAAA0D%2BhAgAAAAAAAPA%2FqAIAsAIAyAIE2AIA8QJmZmZmZmbmP%2FgC8CSAA9gFiANakAMAmAMAoAMAuAOXAsADAMgDANIDCzcwXzUyMTIxODg3%2BAIFiAMAkgMEZDNkMw%3D%3D
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.28.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-28-35.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
pe
eb2.3lift.com/ Frame 8866 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/pe?fid=10&peid=0&aid=88150947195352729620
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
container.html
2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 12A9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 04 Jan 2022 02:07:54 GMT
expires
Wed, 04 Jan 2023 02:07:54 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
track.adform.net/jsmetrics/ Frame 5840 		43 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/jsmetrics/?adfserve=75&asset=22&sid=276&rid=10478&cid=1764
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
last-modified
Tue, 22 May 2018 12:14:37 GMT
server
nginx
etag
"5b0409ad-2b"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
accept-ranges
bytes
content-length
43
bundle.js
ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/ Frame 8866 		246 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/bundle.js
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=JuiceBarAds_SHA_RON_EB_HDX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-72.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42bab28225b200fcaef4d6dc17379592c02c63daf49fea12450d9c66e4afa1c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 17:14:46 GMT
content-encoding
gzip
last-modified
Mon, 13 Dec 2021 17:10:39 GMT
server
AmazonS3
age
1846391
etag
"63ce70b8f5a8fd74fd206c097492fb0f"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
cache-control
max-age=31536000, immutable
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
79992
x-amz-cf-id
LBAuWdrLpbHWLLrOLF6N28_-mLoDd7gQT9Txs7o9wWqK9atsBjV1mg==
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 5840 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
1f647589f081c26a24954bf8f32fb7ea1b828fe3a41cebc760154191a167efea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 14:23:05 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 05 Jan 2022 05:23:36 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0608 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 03 Jan 2022 05:53:44 GMT
expires
Tue, 04 Jan 2022 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
72852
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 5840 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e35fbb7789e24b1023515cc76136352ee75002d2e8f59dc31877ad0cb642f548

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D0FF 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 03 Jan 2022 05:53:44 GMT
expires
Tue, 04 Jan 2022 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
72852
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 8866 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
64fd5d6287e3e81b4864ebdffbf56c844ef8f39ff774559cd90e6a297b724485

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame B9F1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuyqC81U8Bq49r6l2_iswsGebshRwk8ZWqXvMWx84ySdAIgm-RTbv1RYlaP8qRwN2O_zDHViuBCx5jXnggu2AD0tA&sig=Cg0ArKJSzJZVW4X9X6QKEAE&cid=CAASF-RodPtWBPJWPXge81U5W36dCdUSnFYe&id=lidar2&mcvt=1025&p=690,1022,940,1322&mtos=548,1025,1025,1025,1025&tos=548,477,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2676087603&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1641262074680&rpt=543&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 12A9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C_l4M-6vTYc6MNpuT3gOd8avgDu6StZNcv6KFx-QFwI23ARABIABglQKCARdjYS1wdWItMjg0NTQ2MzQzODE1Mzc4MsgBCeACAKgDAaoEjQJP0DFa470Oy218XH8XEL1YaVrmeieyzomtlNKnkZhkCJl6nCP__OCRy9sdy-w4J9azfoGEEekirVDcOYjyiTxhOizPUyBwWXHt_u-Y31ocTdmmRxa5cu5uACM6rqgxvWQpG3mMdpuU08MlRr0GeZLS_myfSLSdXu__L6QjJdaPGx1eLh8dRlyHOUugY5N39YCnqNwgEINpNaFxfKh781fsbxh3GzM_-bnz2eeFgqJ7pk6i_FGuLbcOrALbc-6GHmUiJ1santVfWxgoFQkv44gdTqIdb_XSpHX2t21alEKbSl-nb4Vv5LLuDj6ujiUtNjIybkbs8DYampe2xox--IuI8fS1RkV9-iz1G_OeauAEAYAG4bv--s_yp6wsoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMjg0NTQ2MzQzODE1Mzc4MhjP1Gk&sigh=0v1mwuMzz0s&uach_m=[UACH]&cid=CAQSPACNIrLMZD24qq-kFvqUWYAq5gpAFP-LgsCdFbQrWYsOevfpLb4EoAsgKR8GFbFMSf0B_WjPZQPmOM1nlhgB
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
ttj
ib.3lift.com/ Frame 12A9 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/ttj?inv_code=JuiceBarAds_SHA_RON_EB_HDX
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-72.fra56.r.cloudfront.net
Software
/
Resource Hash
c67ccb06fe072838f5e17ccc12d9a54f76aeb3e359cfdd4c491d116bfe096520

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:02:09 GMT
via
1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
age
682
etag
"65cb7913fd29dc1a897df1c3b52cbd46"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-C2
content-encoding
gzip
content-length
2012
x-amz-cf-id
GgD6XYQrDFA--1R7x9SPhlUvheT7nryOuXVsnlJ0sugpF2VkLbFSFg==
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 12A9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 01:37:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1825
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Jan 2022 01:37:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 12A9 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 04 Jan 2022 02:07:56 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 12A9 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 01:26:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2483
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Jan 2022 01:26:33 GMT
l
www.google.com/ads/measurement/ Frame 12A9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQS8agdvin1CcI4Mayvm0x-y_XikbbWQc2DYCFMLSXwkjdCGRqEqtcZLG_DQ-dV4xPyNeBh3pUT4mu1oZv4meP8x1cD3Q
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 12A9 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 20:54:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18777
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 03 Jan 2023 20:54:59 GMT
notify
tlx.3lift.com/s2s/ Frame 12A9 		37 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/s2s/notify?px=1&pr=YdOr-wANhk4Kd4mbAAr4nSKge0bX5l59enZdrA&ts=1641262075&aid=157011991913395452870&ec=2409_15064_70_51750730&n=GgDyArYBCAASFTE1NzAxMTk5MTkxMzM5NTQ1Mjg3MBgAIAEo6RIw2HVAAUgAUAFgCmgAcOWSEJABAJgBAKgBALABP7gBHcABL8gBP%2BABJ%2FABAPgBP4ACL4gCJ5ECAAAAAAAA8D%2BZAgAAAAAAANA%2FoQIAAAAAAADwP6gCALACAMgCBNgCAPECZmZmZmZm5j%2F4AvAkgAOsAogD%2BgGQAwCYAwCgAwC4A5cCwAMAyAMA0gMLNzBfNTE3NTA3MzD4AgWIAwCSAwRkM2Qz
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.28.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-28-35.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
pe
eb2.3lift.com/ Frame 12A9 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/pe?fid=10&peid=0&aid=157011991913395452870
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
dyn
eb2.3lift.com/ Frame 8866 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/dyn?long1=60003&long2=91.80000114440918&long3=0&string1=88150947195352729620&string2=c0c4269&string3=headerBundleLoadTime&cb=43522
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
perf
eb2.3lift.com/ Frame 8866 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/perf?rev=c0c4269&type=bundleLoadTime&time_since_start=91.80000114440918&time_since_last=0&client_side_auction=0&fid=10&cb=74056
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
notify
tlx.3lift.com/s2s/ Frame 8866 		37 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/s2s/notify?px=1&pr=YdOr-wALJCAKd-0VAAXos0R_y-u5iEcpdFQBhQ&ts=1641262075&aid=88150947195352729620&ec=2409_15064_70_52121887&n=GgDyArQBCAASFDg4MTUwOTQ3MTk1MzUyNzI5NjIwGAAgASjpEjDYdUABSABQAWAKaABw5ZIQkAEAmAEAqAEAsAE2uAEdwAEoyAE24AEn8AEA%2BAE2gAIoiAInkQIAAAAAAADwP5kCAAAAAAAA0D%2BhAgAAAAAAAPA%2FqAIAsAIAyAIE2AIA8QJmZmZmZmbmP%2FgC8CSAA9gFiANakAMAmAMAoAMAuAOXAsADAMgDANIDCzcwXzUyMTIxODg3%2BAIFiAMAkgMEZDNkMw%3D%3D&b=1
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.28.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-28-35.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
dyn
eb2.3lift.com/ Frame 8866 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/dyn?long1=60003&long2=100.10000038146973&long3=8.299999237060547&string1=88150947195352729620&string2=c0c4269&string3=headerRender&cb=60567
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
perf
eb2.3lift.com/ Frame 8866 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/perf?rev=c0c4269&type=render&time_since_start=100.10000038146973&time_since_last=8.299999237060547&client_side_auction=0&fid=10&cb=52923
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
r
eb2.3lift.com/ Frame 8866 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/r?inv_code=JuiceBarAds_SHA_RON_EB_HDX&aid=88150947195352729620&rev=c0c4269&ss=5&bc=0.054&pr=can%27t%2520access%2520top%2520document&brid=264549&bmid=2409&biid=4720&bcud=54&sid=15064&ts=1641262075&caid=0&unid=0&domain=2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com&ref=https%253A%252F%252Fwww.controle.diarioceleste.com.br%252F&rr=creative&fid=10&rb=0&g=0&cb=64952
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 8866 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-72.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 07:26:46 GMT
via
1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:36 GMT
server
AmazonS3
age
585671
etag
"ddf020e069f1706b72b7698b28fede09"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
3125
x-amz-cf-id
QD5WyTobzI6-6x4Aq5wtmB5mhPN5p8R7pI_0z9eJsbsbeMNCpwTeSA==
OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 8866 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-72.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 17:17:10 GMT
via
1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:31 GMT
server
AmazonS3
age
31847
etag
"7ceab27af00fa466072a3c3360041755"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
3518
x-amz-cf-id
7y8hN3wa-SatE7SaSkIV8qqDAETMJwAZWc9in655QRFXPdeDcF9uRQ==
truncated
/ Frame 0545 		26 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/gif
/
track.adform.net/adfscript/ Frame 3C61
Redirect Chain
  • https://aws-fr.bidswitch.net/imp/0.054/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R52121887_Qrtbwp_R_I_WAUCTION__PRICE_X-oLXRwAwHMq-irB7MNufUbuOsfis-yQcy0_Qrtbdata_R2YxAY0WAPhb9bTdFbXjHIilwj3W...
  • https://track.adform.net/adfscript/?bn=52121887;rtbwp=0.05778-oLXRwAwHMq-irB7MNufUbuOsfis-yQcy0;rtbdata=2YxAY0WAPhb9bTdFbXjHIilwj3W__cFjJT1Z4Xt8je6Kmj3iR651e0KlUVRIefAePSMDQbIenuxhNyorT08VLdTxQuBcy...
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=52121887;rtbwp=0.05778-oLXRwAwHMq-irB7MNufUbuOsfis-yQcy0;rtbdata=2YxAY0WAPhb9bTdFbXjHIilwj3W__cFjJT1Z4Xt8je6Kmj3iR651e0KlUVRIefAePSMDQbIenuxhNyorT08VLdTxQuBcys3GOvhk9rjteZeT4ikbpymT6GKqHA4KRUlqTT3a49TMOD13_r0iKtiJjMavZnGsv4TcTO2ILPQaxpWpzAsQ_Swzv7hq0E4gBh3vCX-3tzGqmdTS0LRdLK0ZAATDctcH2QbecBi0W-VH5Rg3R6Yx3QD3bTb_119wm4vv0x3B-KWmWKSAiMRMx8y_nw2;OOBClickTrack=
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b7863c103337dc175e84bb448740615f0b3f336ce70fdc4603bb315608a44541
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
903
expires
-1

Redirect headers

location
https://track.adform.net/adfscript/?bn=52121887;rtbwp=0.05778-oLXRwAwHMq-irB7MNufUbuOsfis-yQcy0;rtbdata=2YxAY0WAPhb9bTdFbXjHIilwj3W__cFjJT1Z4Xt8je6Kmj3iR651e0KlUVRIefAePSMDQbIenuxhNyorT08VLdTxQuBcys3GOvhk9rjteZeT4ikbpymT6GKqHA4KRUlqTT3a49TMOD13_r0iKtiJjMavZnGsv4TcTO2ILPQaxpWpzAsQ_Swzv7hq0E4gBh3vCX-3tzGqmdTS0LRdLK0ZAATDctcH2QbecBi0W-VH5Rg3R6Yx3QD3bTb_119wm4vv0x3B-KWmWKSAiMRMx8y_nw2;OOBClickTrack=
date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
dyn
eb2.3lift.com/ Frame 8866 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/dyn?long1=60003&long2=115&long3=14.899999618530273&string1=88150947195352729620&string2=c0c4269&string3=headerAdOnPage&cb=33537
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
perf
eb2.3lift.com/ Frame 8866 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/perf?rev=c0c4269&type=adOnPage&time_since_start=115&time_since_last=14.899999618530273&client_side_auction=0&fid=10&cb=66941
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
aop
eb2.3lift.com/ Frame 8866 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/aop?inv_code=JuiceBarAds_SHA_RON_EB_HDX&aid=88150947195352729620&rev=c0c4269&ss=5&bc=0.054&pr=can%27t%2520access%2520top%2520document&brid=264549&bmid=2409&biid=4720&bcud=54&sid=15064&ts=1641262075&caid=0&unid=0&domain=2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com&ref=https%253A%252F%252Fwww.controle.diarioceleste.com.br%252F&rr=creative&fid=10&rb=0&g=0&cb=96518
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
eb2.3lift.com/ Frame 1665
Redirect Chain
  • https://eb2.3lift.com/sync?max=10&cb=10004
  • https://eb2.3lift.com/sync?max=10&cb=10004&ld=1
1 KB
1023 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?max=10&cb=10004&ld=1
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
6280d6395aacbb3754ca67c37b062ffc2de7e3d360e1d8a9b1e30107a179da95

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
content-type
text/html; charset=utf-8
content-length
459
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Tue, 04 Jan 2022 02:07:56 GMT
content-length
0
location
/sync?max=10&cb=10004&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
track.adform.net/csimpr/ Frame 5840 		35 B
502 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=46122647&csi=InNB3Q4zdxdfM_EooCnRZHis_uFCKwwUb8rErFiIhYwJDwKV3Zer3L_ZqrrjE4cspym8lEzREt21GprPFYBiA2QBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
45221360.png
s1.adform.net/Banners/45221360/ Frame 5840 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/45221360/45221360.png?bv=2
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
65bc2a61e4c5b633b53209ca0e7a8a2a8b0329a45df6fc1ab306cea108dff561
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
last-modified
Mon, 17 May 2021 10:36:53 GMT
server
nginx
etag
"60a24745-bca7"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
48295
js
www.googletagmanager.com/gtag/ Frame 78CB 		90 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-56263170-1
Requested by
Host: www.autohaus-koenig.de
URL: https://www.autohaus-koenig.de/htlp/?coyotetrackingid=483566946
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cb6f6531c1b1d51284affcee85675983718a63092385cd5987462166c587598e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.autohaus-koenig.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36254
x-xss-protection
0
last-modified
Tue, 04 Jan 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 04 Jan 2022 02:07:56 GMT
218945
search.spotxchange.com/vast/2.0/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&cb=627262048&player_width=400&player_height=225&regs[gdpr]=0&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C3605204874827793032148058404%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 02:07:56 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000302
X-SpotX-Timing-SpotMarket
0.006310
X-SpotX-Timing-Page-Mux
0.000223
X-SpotX-Timing-Page-Require
0.000311
X-fe
028
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000027
Content-Length
77
X-SpotX-Timing-Page
0.010542
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000307
Last-Modified
Tue, 04 Jan 2022 02:07:56 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.006310
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.controle.diarioceleste.com.br
X-SpotX-Timing-Page-Misc
0.003052
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000010
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
av
vidoomy-d.openx.net/v/1.0/ 		48 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&cb=1262880998&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C36052048748277930322001275852,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.controle.diarioceleste.com.br
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
rtb
a.vidoomy.com/api/rtbserver/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.vidoomy.com/api/rtbserver/rtb?id=1976253098&w=400&h=225&skip=1&req_type=1&req_type=1&ip=&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F96.0.4664.93%20Safari%2F537.36&l=EN&dt=2&c=DE&pid=52453&sid=&sname=&d=diarioceleste.com.br&sp=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&coppa=&gdpr=0&gdprcs=&vpaid=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.61.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-61-12.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
https://www.controle.diarioceleste.com.br
date
Tue, 04 Jan 2022 02:07:56 GMT
access-control-allow-credentials
true
vary
Origin
access-control-expose-headers
X-Vd-C
218945
search.spotxchange.com/vast/2.0/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&cb=697323495&player_width=400&player_height=225&regs[gdpr]=0&user[consent]=&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C21356249553605204874827793032%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 02:07:56 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000263
X-SpotX-Timing-SpotMarket
0.005806
X-SpotX-Timing-Page-Mux
0.000242
X-SpotX-Timing-Page-Require
0.000365
X-fe
005
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000022
Content-Length
77
X-SpotX-Timing-Page
0.009717
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000310
Last-Modified
Tue, 04 Jan 2022 02:07:56 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.005806
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.controle.diarioceleste.com.br
X-SpotX-Timing-Page-Misc
0.002697
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000011
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
88k_nHSg_6XSp1263gyM+iSSVC+nZNMH
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=294423215&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=2...
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=294423215&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&p...
249 B
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=294423215&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1&a.y_rid=e351206d-1d7a-4b57-a07a-ef63f07f6142&a.is_yahoo=3&redirect_y=dHM9MTY0MTI2MjA3NjQwNy4zNDU3MDM6YXBpZD1VUDIxNmEzMmU5LTZkMDMtMTFlYy05MjY5LTAyZGZlMTE1ZGE0YzpyZXF1ZXN0X2lkPWUzNTEyMDZkLTFkN2EtNGI1Ny1hMDdhLWVmNjNmMDdmNjE0Mg==
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
HTTP/1.1
Server
18.194.21.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-21-212.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 04 Jan 2022 02:07:56 GMT
content-encoding
gzip
server
ATS/9.1.0.33
Age
0
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://www.controle.diarioceleste.com.br
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=294423215&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1&a.y_rid=e351206d-1d7a-4b57-a07a-ef63f07f6142&a.is_yahoo=3&redirect_y=dHM9MTY0MTI2MjA3NjQwNy4zNDU3MDM6YXBpZD1VUDIxNmEzMmU5LTZkMDMtMTFlYy05MjY5LTAyZGZlMTE1ZGE0YzpyZXF1ZXN0X2lkPWUzNTEyMDZkLTFkN2EtNGI1Ny1hMDdhLWVmNjNmMDdmNjE0Mg==
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
88k_nHSg_6XSp1263gyM+iSSVC+nZNMH
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1622453941&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=...
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1622453941&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&...
249 B
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1622453941&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1&a.y_rid=e41a0d03-6fc5-43c8-ac20-b28c0e42eacc&a.is_yahoo=3&redirect_y=dHM9MTY0MTI2MjA3NjQwNi42MjA2MDU6YXBpZD1VUDIxNmEzMmU5LTZkMDMtMTFlYy05MjY5LTAyZGZlMTE1ZGE0YzpyZXF1ZXN0X2lkPWU0MWEwZDAzLTZmYzUtNDNjOC1hYzIwLWIyOGMwZTQyZWFjYw==
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
HTTP/1.1
Server
18.194.21.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-21-212.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 04 Jan 2022 02:07:56 GMT
content-encoding
gzip
server
ATS/9.1.0.33
Age
0
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://www.controle.diarioceleste.com.br
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1622453941&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1&a.y_rid=e41a0d03-6fc5-43c8-ac20-b28c0e42eacc&a.is_yahoo=3&redirect_y=dHM9MTY0MTI2MjA3NjQwNi42MjA2MDU6YXBpZD1VUDIxNmEzMmU5LTZkMDMtMTFlYy05MjY5LTAyZGZlMTE1ZGE0YzpyZXF1ZXN0X2lkPWU0MWEwZDAzLTZmYzUtNDNjOC1hYzIwLWIyOGMwZTQyZWFjYw==
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=61487399&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&p...
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=61487399&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.wi...
249 B
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=61487399&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1&a.y_rid=22a5e54d-6837-4bfe-8ce8-99b8f143ebba&a.is_yahoo=3&redirect_y=dHM9MTY0MTI2MjA3NjQwNy42NDUyNjQ6YXBpZD1VUDIxNmEzMmU5LTZkMDMtMTFlYy05MjY5LTAyZGZlMTE1ZGE0YzpyZXF1ZXN0X2lkPTIyYTVlNTRkLTY4MzctNGJmZS04Y2U4LTk5YjhmMTQzZWJiYQ==
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
HTTP/1.1
Server
18.194.21.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-21-212.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 04 Jan 2022 02:07:56 GMT
content-encoding
gzip
server
ATS/9.1.0.33
Age
0
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://www.controle.diarioceleste.com.br
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=61487399&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1&a.y_rid=22a5e54d-6837-4bfe-8ce8-99b8f143ebba&a.is_yahoo=3&redirect_y=dHM9MTY0MTI2MjA3NjQwNy42NDUyNjQ6YXBpZD1VUDIxNmEzMmU5LTZkMDMtMTFlYy05MjY5LTAyZGZlMTE1ZGE0YzpyZXF1ZXN0X2lkPTIyYTVlNTRkLTY4MzctNGJmZS04Y2U4LTk5YjhmMTQzZWJiYQ==
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=889970178&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&...
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=889970178&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.w...
249 B
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=889970178&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=155a6256-5304-42df-aa43-1173d4af6acc&a.is_yahoo=3&redirect_y=dHM9MTY0MTI2MjA3NjQwNy40MjQ1NjE6YXBpZD1VUDIxNmEzMmU5LTZkMDMtMTFlYy05MjY5LTAyZGZlMTE1ZGE0YzpyZXF1ZXN0X2lkPTE1NWE2MjU2LTUzMDQtNDJkZi1hYTQzLTExNzNkNGFmNmFjYw==
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
HTTP/1.1
Server
18.194.21.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-21-212.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 04 Jan 2022 02:07:56 GMT
content-encoding
gzip
server
ATS/9.1.0.33
Age
0
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://www.controle.diarioceleste.com.br
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=889970178&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=155a6256-5304-42df-aa43-1173d4af6acc&a.is_yahoo=3&redirect_y=dHM9MTY0MTI2MjA3NjQwNy40MjQ1NjE6YXBpZD1VUDIxNmEzMmU5LTZkMDMtMTFlYy05MjY5LTAyZGZlMTE1ZGE0YzpyZXF1ZXN0X2lkPTE1NWE2MjU2LTUzMDQtNDJkZi1hYTQzLTExNzNkNGFmNmFjYw==
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
737 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C36052048748277930321468792762,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 02:07:56 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.controle.diarioceleste.com.br
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1641262075474086-590
Expires
Tue, 04 Jan 2022 02:07:56 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1006 B
887 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C3605204874827793032372152251%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e0e9579913012fe1b131dce9b785608a2a459328312ec0a2dfeccbb21cef0dbd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.controle.diarioceleste.com.br
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
617
expires
Tue, 04 Jan 2022 02:07:56 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1006 B
889 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C2106135853605204874827793032%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
11a65c014503faa8bee61848876af88e39ace7edbd48fd2728b5e0c0aecd2554

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.controle.diarioceleste.com.br
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
619
expires
Tue, 04 Jan 2022 02:07:56 GMT
88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1433020603&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov...
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1433020603&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi....
249 B
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1433020603&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1&a.y_rid=ce930f20-4194-45f6-831d-6f6e715eaef4&a.is_yahoo=3&redirect_y=dHM9MTY0MTI2MjA3NjQwOC42MjY0NjU6YXBpZD1VUDIxNmEzMmU5LTZkMDMtMTFlYy05MjY5LTAyZGZlMTE1ZGE0YzpyZXF1ZXN0X2lkPWNlOTMwZjIwLTQxOTQtNDVmNi04MzFkLTZmNmU3MTVlYWVmNA==
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
HTTP/1.1
Server
18.194.21.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-21-212.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 04 Jan 2022 02:07:56 GMT
content-encoding
gzip
server
ATS/9.1.0.33
Age
0
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://www.controle.diarioceleste.com.br
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1433020603&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1&a.y_rid=ce930f20-4194-45f6-831d-6f6e715eaef4&a.is_yahoo=3&redirect_y=dHM9MTY0MTI2MjA3NjQwOC42MjY0NjU6YXBpZD1VUDIxNmEzMmU5LTZkMDMtMTFlYy05MjY5LTAyZGZlMTE1ZGE0YzpyZXF1ZXN0X2lkPWNlOTMwZjIwLTQxOTQtNDVmNi04MzFkLTZmNmU3MTVlYWVmNA==
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C12894487933605204874827793032,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
337c5b96de781a5c61cec0482330949b7ba5b468265f09bbe332e95493513c8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 02:07:56 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://www.controle.diarioceleste.com.br
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1158
x-sticky-vk
1641262076330006-359
Expires
Tue, 04 Jan 2022 02:07:56 GMT
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=734672147&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&...
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=734672147&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.w...
249 B
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=734672147&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1&a.y_rid=9e9e817c-f83f-4836-b85f-6ab496cbecef&a.is_yahoo=3&redirect_y=dHM9MTY0MTI2MjA3NjQwOC45Mzk0NTM6YXBpZD1VUDIxNmEzMmU5LTZkMDMtMTFlYy05MjY5LTAyZGZlMTE1ZGE0YzpyZXF1ZXN0X2lkPTllOWU4MTdjLWY4M2YtNDgzNi1iODVmLTZhYjQ5NmNiZWNlZg==
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
HTTP/1.1
Server
18.194.21.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-21-212.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 04 Jan 2022 02:07:56 GMT
content-encoding
gzip
server
ATS/9.1.0.33
Age
0
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://www.controle.diarioceleste.com.br
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=734672147&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1&a.y_rid=9e9e817c-f83f-4836-b85f-6ab496cbecef&a.is_yahoo=3&redirect_y=dHM9MTY0MTI2MjA3NjQwOC45Mzk0NTM6YXBpZD1VUDIxNmEzMmU5LTZkMDMtMTFlYy05MjY5LTAyZGZlMTE1ZGE0YzpyZXF1ZXN0X2lkPTllOWU4MTdjLWY4M2YtNDgzNi1iODVmLTZhYjQ5NmNiZWNlZg==
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
pagead2.googlesyndication.com/bg/ Frame 8D06 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 20:54:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
18777
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13555
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Jan 2023 20:54:59 GMT
bundle.js
ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/ Frame 12A9 		246 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/bundle.js
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=JuiceBarAds_SHA_RON_EB_HDX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-72.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42bab28225b200fcaef4d6dc17379592c02c63daf49fea12450d9c66e4afa1c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 17:14:46 GMT
content-encoding
gzip
last-modified
Mon, 13 Dec 2021 17:10:39 GMT
server
AmazonS3
age
1846391
etag
"63ce70b8f5a8fd74fd206c097492fb0f"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
cache-control
max-age=31536000, immutable
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
79992
x-amz-cf-id
JDbyY0MRUvG1TEy1-vyyoKeTLvA44sTmZZ2Ue_PC7yMeD_q6s8byOQ==
pixel
cm.g.doubleclick.net/ Frame 0608
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEET0uMNU7U3Xt-RbCNPCQ9Q&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=REpaam5rS3YxTjR6ZVg1&google_gid=CAESEET0uMNU7U3Xt-RbCNPCQ9Q&google_cver=1&google_push=AYg5qPKYG9HJ3vnEudsAfM0zcDzbX1C0hLXVanoOEn8LNB1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=REpaam5rS3YxTjR6ZVg1&google_gid=CAESEET0uMNU7U3Xt-RbCNPCQ9Q&google_cver=1&google_push=AYg5qPKYG9HJ3vnEudsAfM0zcDzbX1C0hLXVanoOEn8LNB1ShCTNc_qDiKGeMd-jlUAoSVDT4ByZZG3Ckz7MFYmR1-KGLDFXaPrx
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 02:07:55 GMT
Server
PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-007d40ea11cf721ba@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=REpaam5rS3YxTjR6ZVg1&google_gid=CAESEET0uMNU7U3Xt-RbCNPCQ9Q&google_cver=1&google_push=AYg5qPKYG9HJ3vnEudsAfM0zcDzbX1C0hLXVanoOEn8LNB1ShCTNc_qDiKGeMd-jlUAoSVDT4ByZZG3Ckz7MFYmR1-KGLDFXaPrx
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 0608 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEK3D_sXY_2jxTC84r2N43Qk&google_cver=1&google_push=AYg5qPIV5V4Boc8yAlAFFnie4VdxilsmEP6VYHvPynVysgFqduNu_ld-SE5Vb9pUarBJt1O3XFRTkweqxCUeO2b_bdf9NufYA9UO
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dot.gif
s0.2mdn.net/ Frame 0608 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEJnIH1iwmpZ2JtXlFOQtemc&google_cver=1&google_push=AYg5qPJfRbIUa1zvpGtUj2DL7p4i7ALKLVAFLUyqNVMOL5siIzIuIrIbVmaQVu8UaJukmrFcbe4Cdh60ofO0g-kju1xqpnCJe-YR
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 05 Jan 2022 02:07:56 GMT
pixel
cm.g.doubleclick.net/ Frame 0608
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8XvUfHLYRG2YMG6zqp3CjQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8XvUfHLYRG2YMG6zqp3CjQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLaI7cKdwoapwyUbHNakKy1JsiDvZGQyCPvgr9MoZWZ9JbQ4bSmnLAWRSW4831hHVyvNjSFpfIko5pw6PwBWqTeFNzaAco
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8XvUfHLYRG2YMG6zqp3CjQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLaI7cKdwoapwyUbHNakKy1JsiDvZGQyCPvgr9MoZWZ9JbQ4bSmnLAWRSW4831hHVyvNjSFpfIko5pw6PwBWqTeFNzaAco
date
Tue, 04 Jan 2022 02:07:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 0608
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKYRFZ2w69BWZdS54AKrZnM&google_cver=1&google_push=AYg5qPJKrreN6lYg3dvNmdkVYuixXz8oyIaTiUEnGCEfJYx7a4PwbzZJgMZHA4EW7s4Au5iZO4YgUKGULiY-FjZA...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJKrreN6lYg3dvNmdkVYuixXz8oyIaTiUEnGCEfJYx7a4PwbzZJgMZHA4EW7s4Au5iZO4YgUKGULiY-FjZASP56Uyy7B8LD
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJKrreN6lYg3dvNmdkVYuixXz8oyIaTiUEnGCEfJYx7a4PwbzZJgMZHA4EW7s4Au5iZO4YgUKGULiY-FjZASP56Uyy7B8LD
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 04 Jan 2022 02:07:56 GMT
via
1.1 07fbd2276304c86925071791c7032951.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJKrreN6lYg3dvNmdkVYuixXz8oyIaTiUEnGCEfJYx7a4PwbzZJgMZHA4EW7s4Au5iZO4YgUKGULiY-FjZASP56Uyy7B8LD
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
S2o_LhLUx3-lI5bWPH7TbaYT3cdlPHTP8wtZJ2AqwiQ4jKJkFLdKGQ==
pixel
cm.g.doubleclick.net/ Frame 0608
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDgRbjrVCGBYpvhBNQkjo4M&google_cver=1&google_push=AYg5qPIgMj10EYfITPQcPtYBHcubT_83SFOBunIsLFbFkv-jtWL0dN4tnUvg762rsZA4eGrFXqsuDfNpy_sR6Wkrqlq3I_VGncw
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTMzOTU2Mzc3NTc1NjQ3MjQ5NDY%3D&google_push=AYg5qPIgMj10EYfITPQcPtYBHcubT_83SFOBunIsLFbFkv-jtWL0dN4tnUvg76...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTMzOTU2Mzc3NTc1NjQ3MjQ5NDY%3D&google_push=AYg5qPIgMj10EYfITPQcPtYBHcubT_83SFOBunIsLFbFkv-jtWL0dN4tnUvg762rsZA4eGrFXqsuDfNpy_sR6Wkrqlq3I_VGncw
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTMzOTU2Mzc3NTc1NjQ3MjQ5NDY%3D&google_push=AYg5qPIgMj10EYfITPQcPtYBHcubT_83SFOBunIsLFbFkv-jtWL0dN4tnUvg762rsZA4eGrFXqsuDfNpy_sR6Wkrqlq3I_VGncw
date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 0608
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKOOqJW0NxlFU8cRd_wa7uY&google_cver=1&google_push=AYg5qPILwfiEzZah8a6Dg_7gRUICyL_vPtXGvpvB8tra05rxylML0K-ItKRvw-nI8grxKZl1fh...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1ELkJ3Uy5GRTJ1SEIyYWkwRExqNkEyM0kwMHNtQjM4eX5B&google_push=AYg5qPILwfiEzZah8a6Dg_7gRUICyL_vPtXGvpvB8tra05rxylML0K-It...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1ELkJ3Uy5GRTJ1SEIyYWkwRExqNkEyM0kwMHNtQjM4eX5B&google_push=AYg5qPILwfiEzZah8a6Dg_7gRUICyL_vPtXGvpvB8tra05rxylML0K-ItKRvw-nI8grxKZl1fhCKVEx9KP2os4c9oeUs1IC0HhObbg
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1ELkJ3Uy5GRTJ1SEIyYWkwRExqNkEyM0kwMHNtQjM4eX5B&google_push=AYg5qPILwfiEzZah8a6Dg_7gRUICyL_vPtXGvpvB8tra05rxylML0K-ItKRvw-nI8grxKZl1fhCKVEx9KP2os4c9oeUs1IC0HhObbg
date
Tue, 04 Jan 2022 02:07:56 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 0608 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LaWOWGp0b-Fkbsxsv-ez0NJaSLiDXwYW4SZ1478Q2wT8CmUvE32-TkSbkOHv9tNYd_ZIBmxQ
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 274F 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 03 Jan 2022 05:53:44 GMT
expires
Tue, 04 Jan 2022 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
72852
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 12A9 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9acbd280d7ddd0cabdc1911d2a7dce1405787fb121f880904a6a197e60d3babf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
/
google2waycm.netmng.com/cm/ Frame D0FF 		0
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame D0FF
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESED10LRRhgdIFwuZPTqTZ3P0&google_cver=1&google_push=AYg5qPKnIWJUiXUZ2-ahlfh5Pp2qhaJS3nX2RGUFcSp7m356k_MHV1IATc0BiwAfvOhFHcvx-tUh4NiXuHa6aLOj6irfLj57M3nf
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDM5MjE5NDI2Nzc2NjA0ODkxMg==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELC128047bh_Lgt0Y-yXAzE&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELC128047bh_Lgt0Y-yXAzE&google_cver=1
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELC128047bh_Lgt0Y-yXAzE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D0FF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WWRPcl93QUM4WERvaEFBbQ==&google_gid=CAESEJWAsqHYSX4CbJdjk9lKWoE&google_cver=1&google_push=AYg5qPIMvbvuMnMADMWoGjRot1_nCL5T-J...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WWRPcl93QUM4WERvaEFBbQ==&google_gid=CAESEJWAsqHYSX4CbJdjk9lKWoE&google_cver=1&google_push=AYg5qPIMvbvuMnMADMWoGjRot1_nCL5T-JWoHccF8fhG7DsTKajCEMtCkXgKc7yu_K_dtE-vHsgPbYx5I-umIXHL5VEACbIKu1w
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
via
1.1 varnish
server
Varnish
x-timer
S1641262076.399965,VS0,VE0
x-served-by
cache-fra19157-FRA
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WWRPcl93QUM4WERvaEFBbQ==&google_gid=CAESEJWAsqHYSX4CbJdjk9lKWoE&google_cver=1&google_push=AYg5qPIMvbvuMnMADMWoGjRot1_nCL5T-JWoHccF8fhG7DsTKajCEMtCkXgKc7yu_K_dtE-vHsgPbYx5I-umIXHL5VEACbIKu1w
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame D0FF 		0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESENT0FpXONqHibAUP87NMNFM&google_cver=1&google_push=AYg5qPLheDwcClvWtd1TTjixnmUwnGyDUc7hx92a-JQgcoOmMFZsjQPFgc_2uUd-64GL9VmuCwoRv_kUKWgTM5lHGVWGri9zXhCR
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
via
1.1 google
alt-svc
clear
pixel
cm.g.doubleclick.net/ Frame D0FF
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPZyrGozP9a5TNJlV0Ej-y4&google_cver=1&google_push=AYg5qPKmQ0VYcgs-9vBm7BTnI-YdsUQMYx50vZV7niOrcgohsYC4xp9LRMYUtq7HeZqq6M9z3re9w0js5lV_nh4aYF5ruM5...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKmQ0VYcgs-9vBm7BTnI-YdsUQMYx50vZV7niOrcgohsYC4xp9LRMYUtq7HeZqq6M9z3re9w0js5lV_nh4aYF5ruM5SzQKa&google_hm=NTgxNjY2NDc0MzA4NjY5ND...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKmQ0VYcgs-9vBm7BTnI-YdsUQMYx50vZV7niOrcgohsYC4xp9LRMYUtq7HeZqq6M9z3re9w0js5lV_nh4aYF5ruM5SzQKa&google_hm=NTgxNjY2NDc0MzA4NjY5NDY0NQ%3D%3D
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 04 Jan 2022 02:07:56 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKmQ0VYcgs-9vBm7BTnI-YdsUQMYx50vZV7niOrcgohsYC4xp9LRMYUtq7HeZqq6M9z3re9w0js5lV_nh4aYF5ruM5SzQKa&google_hm=NTgxNjY2NDc0MzA4NjY5NDY0NQ%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame D0FF
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEOvF-zha8lOgTK2lINm8XiU&google_cver=1&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6bzT_RYW2...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6b...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6b...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6b...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6b...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6b...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6b...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6b...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6b...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6b...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6b...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6b...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6b...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6b...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6b...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6b...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6b...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6b...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6b...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6b...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6b...
0
0
pixel
cm.g.doubleclick.net/ Frame D0FF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDEKy2hjjGuAV1CoWIXn-ls&google_cver=1&google_push=AYg5qPKI0WwmMv-YXXaIJ3UYYnJARH8XIPLRL4ue5ZOjVZXsnX52AAylDYJnVe31bHvPxHSkBk...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1ELkJ3Uy5GRTJ1SEIyYWkwRExqNkEyM0kwMHNtQjM4eX5B&google_push=AYg5qPKI0WwmMv-YXXaIJ3UYYnJARH8XIPLRL4ue5ZOjVZXsnX52AAylD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1ELkJ3Uy5GRTJ1SEIyYWkwRExqNkEyM0kwMHNtQjM4eX5B&google_push=AYg5qPKI0WwmMv-YXXaIJ3UYYnJARH8XIPLRL4ue5ZOjVZXsnX52AAylDYJnVe31bHvPxHSkBkV_r_g0guJW3crNluYnlRoHP6WpFA
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1ELkJ3Uy5GRTJ1SEIyYWkwRExqNkEyM0kwMHNtQjM4eX5B&google_push=AYg5qPKI0WwmMv-YXXaIJ3UYYnJARH8XIPLRL4ue5ZOjVZXsnX52AAylDYJnVe31bHvPxHSkBkV_r_g0guJW3crNluYnlRoHP6WpFA
date
Tue, 04 Jan 2022 02:07:56 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame D0FF 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IoKdWe1msO0tZNH-rrkMaZ98viEvJMRUc7a7TjN9qCCnAC5y7ZrB8-mhBnYXkWUK1EKwJ_4A
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pvClk.min.js
analytics.webgains.io/ Frame AAAD 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2647615&wgcampaignid=205795&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ghjndfq4s1wn1mq6vr5nbkkjbqtv80hdtqs73n5da3wpjpf83n9fb17678af8tefw5z5emh8p5k0dyex4ngp1pe6gqs6k3ksk4mvvph5aw14p5qgpz2f76ssa0xp2zheyx7ga1brj8syrnqd2qpbz0aye18gqtmm0vw8jpckbcwqy6qyddd8hm1fk68jk1zhydj5n1774zygk7vztcqkdbfm2be6ddmahqv4y6bhbd7ph8ejfknz0sczvrwpzdf1mdpzsvta91a5t1n88jyjy2exhhqsywf52c6hfb6n1nbj8j9m37et%26a%3D&clickref=oneidrDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fdoneid__asuidKnVRbz8jl9YEznYcSjwwJZ72HxHdabapasuid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneid4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHKoneid__asuidKnVRbz8jl9YEznYcSjwwJZ72HxHdabapasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-68.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
8604
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 04 Jan 2022 01:39:57 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
dWXK_ynF69BcbiJHBubtMNsxTgwcu3-QGMAXkV8ZlSJcH_c-NI449w==
link.html
track.webgains.com/ Frame AAAD 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=205795&viewref=oneid6eYfef4bwS99jxfkCmHYtktKXVT2T1T2XpU7oneid__asuidaB1cm-Q9R7WvPBWh6WwdumYvSS9-DJ5hasuid__suite_Mweb_Netmix_Reach103_TopRotaMonth&wglinkid=2647615
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C22472%2C14044&b=4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK%2CB57hgfW7sEkPTxH6H3t9t31GF4TeTGBUM&f=rDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd%2Cj83uEfZeSJEmTYHEH2tWCgmBuKTzTxJc9&c=728&d=90&e=KnVRbz8jl9YEznYcSjwwJZ72HxHdabap&g=caaffbd9786bdebbb9df2235e56e7848%2F3134790401295411739&i=22427%2C27323%2C25007&j=21%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1641262075795&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbp60ggmka43nh9mtdzzvjaza838cs8sp7qqy2jzqjdv3ndjbn9xkhmsggd6e8s8j5gxa8bamc7aazr6tgc8w911b3hxvzj7eq52am0mmz4azkqjek5ksvnaa69yx5e0b41cm9997vy5djgmtpsk8m3b3pkbqmrwke6kgs4wg06fkmvrjwa2e3ztp4xgq15x9b9jqznqrez32vr9jbt5tx67j3s137p1jgsj10apy9thgzknrmxs585eawqy14km0q4858t3mvqe83w1xgg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCAwtX-qvTYaKePMmMjuwP1J6gmA2Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTI4NDU0NjM0MzgxNTM3ODKgAcKu6N0DyAEJqQJ9w9YDbfOyPuACAKgDAaoEjgJP0IUXK6aA44QNVbXIihgdZxPiq9xv4vpdQL5hNNZSsGa9GCJIcHnezFpd-l7p_bxxmqnzzRlb6mJuVOYrWV8M7DsfhNtZ-wTPSMxZVnQIZm7xu5nP5lir5UUM88z0lEEWEYA89goC8YtfPlk23M6at_zsDr8ikA7tHVCH3UC7OCo1-gxKmhVjWzDS7qYhQRciXs-z8w071Pv2QlXhPGY43lR7SuUs9-zvcC0sDeLfcRhniQovPUj38jtIEfp_YpqToBCbrEuxThk63mLB0DjSWZoRHKO8rLhUBGN3TM5m09QMKtiXbDgJZB_-ImdR9JlIdu1wfdD24kOGGGv1F_SCkfcuNOEBciuM82rWITPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2Rnk9uyla3lYMfMR0VcR5Dvy-7BA%252526client%25253Dca-pub-2845463438153782%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
810293324e0d2bbf0a8713f573d6215398731cd38076b6e8f3d84aa877aa3635

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 02:07:56 GMT
Last-Modified
Tue, 04 Jan 2022 02:07:56 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 1665 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=10004&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuidmid=7976&xuid=o8RAfubfp&dongle=u6nf
eb2.3lift.com/ Frame 1665
Redirect Chain
  • https://ad.mrtnsvr.com/sync/triplelift
  • https://eb2.3lift.com/xuidmid=7976&xuid=o8RAfubfp&dongle=u6nf
37 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuidmid=7976&xuid=o8RAfubfp&dongle=u6nf
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=10004&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
x-error
Not Found
content-length
37
content-type
image/gif

Redirect headers

location
https://eb2.3lift.com/xuidmid=7976&xuid=o8RAfubfp&dongle=u6nf
date
Tue, 04 Jan 2022 02:07:56 GMT
via
1.1 google
alt-svc
clear
content-length
92
vary
Origin
content-type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 1665
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGwKA9AtvoYH5vvv86goqx4&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGwKA9AtvoYH5vvv86goqx4&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=10004&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGwKA9AtvoYH5vvv86goqx4&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1665
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTMzOTU2Mzc3NTc1NjQ3MjQ5NDY%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTMzOTU2Mzc3NTc1NjQ3MjQ5NDY%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=10004&ld=1
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTMzOTU2Mzc3NTc1NjQ3MjQ5NDY%3D
date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 1665 		0
706 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=13395637757564724946&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=10004&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:55 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: E0F3402D1A664C3FA4C31F535B31A7BB Ref B: FRAEDGE1510 Ref C: 2022-01-04T02:07:56Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXUuBsNvc6iGFalv3+pPQ==
xuid
eb2.3lift.com/ Frame 1665
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/13395637757564724946?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-86iGP3RE2oQ7zxhfGm_90ZrqA_FVX7V..TuCLCySng--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-86iGP3RE2oQ7zxhfGm_90ZrqA_FVX7V..TuCLCySng--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=10004&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 04 Jan 2022 02:07:56 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-86iGP3RE2oQ7zxhfGm_90ZrqA_FVX7V..TuCLCySng--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
sync
x.bidswitch.net/ Frame 1665 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=13395637757564724946&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=10004&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.252.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-252-3.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 02:07:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame 1665 		42 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=13395637757564724946&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=10004&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
etag
"f95a3e4769d2d71:0"
last-modified
Fri, 05 Nov 2021 17:19:23 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C4BDE0B879B743AB97EA5AB3FD2A2414 Ref B: FRAEDGE1416 Ref C: 2022-01-04T02:07:56Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame 1665
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=13395637757564724946
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=13395637757564724946&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=13395637757564724946&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=10004&ld=1
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 02:07:56 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
CQN56TG370G92JNGF928
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=13395637757564724946&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 1665
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=10004&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Tue, 04 Jan 2022 02:07:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
analytics.js
www.google-analytics.com/ Frame 78CB 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-56263170-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.autohaus-koenig.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1982
date
Tue, 04 Jan 2022 01:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 04 Jan 2022 03:34:54 GMT
notify
tlx.3lift.com/s2s/ Frame 12A9 		37 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/s2s/notify?px=1&pr=YdOr-wANhk4Kd4mbAAr4nSKge0bX5l59enZdrA&ts=1641262075&aid=157011991913395452870&ec=2409_15064_70_51750730&n=GgDyArYBCAASFTE1NzAxMTk5MTkxMzM5NTQ1Mjg3MBgAIAEo6RIw2HVAAUgAUAFgCmgAcOWSEJABAJgBAKgBALABP7gBHcABL8gBP%2BABJ%2FABAPgBP4ACL4gCJ5ECAAAAAAAA8D%2BZAgAAAAAAANA%2FoQIAAAAAAADwP6gCALACAMgCBNgCAPECZmZmZmZm5j%2F4AvAkgAOsAogD%2BgGQAwCYAwCgAwC4A5cCwAMAyAMA0gMLNzBfNTE3NTA3MzD4AgWIAwCSAwRkM2Qz&b=1
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.28.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-28-35.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
r
eb2.3lift.com/ Frame 12A9 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/r?inv_code=JuiceBarAds_SHA_RON_EB_HDX&aid=157011991913395452870&rev=c0c4269&ss=5&bc=0.063&pr=can%27t%2520access%2520top%2520document&brid=264549&bmid=2409&biid=4720&bcud=63&sid=15064&ts=1641262075&caid=0&unid=0&domain=2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com&ref=https%253A%252F%252Fwww.controle.diarioceleste.com.br%252F&rr=creative&fid=10&rb=0&g=0&cb=15731
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 12A9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-72.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 07:26:46 GMT
via
1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:36 GMT
server
AmazonS3
age
585671
etag
"ddf020e069f1706b72b7698b28fede09"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
3125
x-amz-cf-id
kaohrjv4Jz4GIH6VFhhUtVPhknYrabaYtirwTKMPRDrWISTZyYmbBg==
OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 12A9 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-72.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 17:17:10 GMT
via
1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:31 GMT
server
AmazonS3
age
31847
etag
"7ceab27af00fa466072a3c3360041755"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
3518
x-amz-cf-id
y3zMdjfqYMorwrgNAnuqfBeGdpntsoG_bd4CW29RLMcd17p3a7RUww==
truncated
/ Frame EE5F 		26 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/gif
/
track.adform.net/adfscript/ Frame 8743
Redirect Chain
  • https://aws-fr.bidswitch.net/imp/0.063/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R51750730_Qrtbwp_R_I_WAUCTION__PRICE_X-0dP11m5FSngPOLOUwRTDfbIPKv01adQy0_Qrtbdata_RYyqrLJEYr-jsoKEwUKRyovlgeHi...
  • https://track.adform.net/adfscript/?bn=51750730;rtbwp=0.06741-0dP11m5FSngPOLOUwRTDfbIPKv01adQy0;rtbdata=YyqrLJEYr-jsoKEwUKRyovlgeHiGGJ_ew4YzOb4p1A10EboH77V5F0t6cVckA6yaPSMDQbIenuxhNyorT08VLdTxQuBcy...
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=51750730;rtbwp=0.06741-0dP11m5FSngPOLOUwRTDfbIPKv01adQy0;rtbdata=YyqrLJEYr-jsoKEwUKRyovlgeHiGGJ_ew4YzOb4p1A10EboH77V5F0t6cVckA6yaPSMDQbIenuxhNyorT08VLdTxQuBcys3GOvhk9rjteZeT4ikbpymT6GKqHA4KRUlqTT3a49TMOD13_r0iKtiJjMavZnGsv4TcTO2ILPQaxpWpzAsQ_Swzv7hq0E4gBh3vIdcT4zbrTn7S50APILNxHfWRaRip_E4LZ8ae_TYZFRrXPRQWRw2PMWhFsPeI52QudzxMjyqqe5u--Ts_ibrZrw2;OOBClickTrack=
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
310b9c591be70a73b0c75662b095873612e50e6b1392a36734bef11e884e54a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
898
expires
-1

Redirect headers

location
https://track.adform.net/adfscript/?bn=51750730;rtbwp=0.06741-0dP11m5FSngPOLOUwRTDfbIPKv01adQy0;rtbdata=YyqrLJEYr-jsoKEwUKRyovlgeHiGGJ_ew4YzOb4p1A10EboH77V5F0t6cVckA6yaPSMDQbIenuxhNyorT08VLdTxQuBcys3GOvhk9rjteZeT4ikbpymT6GKqHA4KRUlqTT3a49TMOD13_r0iKtiJjMavZnGsv4TcTO2ILPQaxpWpzAsQ_Swzv7hq0E4gBh3vIdcT4zbrTn7S50APILNxHfWRaRip_E4LZ8ae_TYZFRrXPRQWRw2PMWhFsPeI52QudzxMjyqqe5u--Ts_ibrZrw2;OOBClickTrack=
date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
aop
eb2.3lift.com/ Frame 12A9 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/aop?inv_code=JuiceBarAds_SHA_RON_EB_HDX&aid=157011991913395452870&rev=c0c4269&ss=5&bc=0.063&pr=can%27t%2520access%2520top%2520document&brid=264549&bmid=2409&biid=4720&bcud=63&sid=15064&ts=1641262075&caid=0&unid=0&domain=2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com&ref=https%253A%252F%252Fwww.controle.diarioceleste.com.br%252F&rr=creative&fid=10&rb=0&g=0&cb=97145
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 3C61 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: aws-fr.bidswitch.net
URL: https://aws-fr.bidswitch.net/imp/0.054/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R52121887_Qrtbwp_R_I_WAUCTION__PRICE_X-oLXRwAwHMq-irB7MNufUbuOsfis-yQcy0_Qrtbdata_R2YxAY0WAPhb9bTdFbXjHIilwj3W____cFjJT1Z4Xt8je6Kmj3iR651e0KlUVRIefAePSMDQbIenuxhNyorT08VLdTxQuBcys3GOvhk9rjteZeT4ikbpymT6GKqHA4KRUlqTT3a49TMOD13__r0iKtiJjMavZnGsv4TcTO2ILPQaxpWpzAsQ__Swzv7hq0E4gBh3vCX-3tzGqmdTS0LRdLK0ZAATDctcH2QbecBi0W-VH5Rg3R6Yx3QD3bTb__119wm4vv0x3B-KWmWKSAiMRMx8y__nw2_QOOBClickTrack_R_I_WCLICK__URL_AURLENCODE_X/Ibpz3iwBtJbiBPourQOBQV0JD8RYwnTixoCawmozBG4s9QLV_3dD6LKPyEXHT7zKeFBohnZrRPN-phelA-DJau00opetz3zlsNRvO5rSeY4_qQr8DFzZvjijyUXK9GTKN_K9s-lZwmf8-ZW28HCZHQO3i6kE1l_PdRRv29yfoCGPJ76JC1OfJHINVFpxshtoY7iNxEzzFRD72jehCHjwFJWXmmhqm1cVDQtUVDLzXUR2p8RjVbq9PdPRcWz22bYfTIFg-U7_-9ehsO3MKMDdupwnKsvl1TNIj8TF5XbVin1SDOZO9-umys1cOYckNTd2NXSYfZmnJ9FmLXXJrJFEru8ixW4RcDHP_tG22YXYGL-Sd8bdMdX_iLjzNfB48QEta6D4cx7Nvdqy48JD4W75kVG0VD1QBEbarDTMOONlHLuXXzW1kgmT3-VtqM1UetPeqcjDoAfjTa9X0sbFXI1nvWwVo8s-0P7g6cTlSFADLqYi05GOHD4ufjUy41A2kKmq4kQBXaFa8ttYTVFucKP-qreH2xovub7HUdZ7PM7q6W9gx9Z_XCoBCFcCefQidPpeyKrBJMWjqgQhPaaM6NYAptieEhnhIYNAwE_pRDWDULjNCDaMYRG5jVtx_SXafW3SIgUO0ivkibD8QPuzpApKpasOj1Kjyuc81jX65kuvgjQM3rqqSgd5pje314WBxQovg-ROzcqyEoNMUUQiCRrhHEOHEgcUC03bijHYuGvu6cB7YMtwNNggKTr7Nya06dVZfhOeC3tknhzh7ftdk9CzAYb7U-4QDUxT_ZIjXaS9viPXjkB2DhAsCLnlqryRBq-CD5XDFuKNCGf0_NUpcOom6vHPdsRoTwwAfSS4EwYalGPImdKH6ZYZyxP5wNdP9OoEUdfbaTk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
30d2143e5e0ad4af94bf25a55ea17ac1451f5f8b91ff96dc4a32b4791aaeeab8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 14:23:05 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 05 Jan 2022 05:22:52 GMT
ca
choices.trustarc.com/ Frame 4661 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=r9vak6v_5llqzru_cx40n3a0&w=728&h=90&c=tradedesk01cont1&js=pmw1&base=te-clr1-9486e72b-3dc2-4a4f-adf4-c3be143beb25&sid=0
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=r9vak6v_5llqzru_cx40n3a0&c=tradedesk01cont1&js=pmw0&w=728&h=90&sid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-104.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
bfe3e40b003948a2278e4ec9481f5e59925078a9c572fd8fd8c9e299be5d6a75

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
FRA6-C1
vary
Accept-Encoding, Origin
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
2415
x-amz-cf-id
q2ZZfxNByotREQluFE5eB0Mm16pliz3yXWITSMuO5CtkgMVUu-_QzA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame 4661 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=r9vak6v_5llqzru_cx40n3a0&w=728&h=90&c=tradedesk01cont1&js=pmw2
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=r9vak6v_5llqzru_cx40n3a0&c=tradedesk01cont1&js=pmw0&w=728&h=90&sid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-104.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 01:43:19 GMT
content-encoding
gzip
server
nginx
age
1477
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
KYAGxlUnkWVQ6u5K6mkym3OKYTEURMusIn5yXmcQ6J8ISOaNeoN8eg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/ Frame 4661 		43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=tradedesk01&pid=tradedesk01&cid=r9vak6v_5llqzru_cx40n3a0&w=728&h=90&c=479b
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-104.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA6-C1
vary
Origin
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
x-amz-cf-id
tU01l_P4o90N4A6TLZu8K9-NzNFvc4vd7-z8mWysJ1C4FyBHwFsn6w==
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 274F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESELC128047bh_Lgt0Y-yXAzE&google_cver=1&google_push=AYg5qPKAlQ2CI2MFEZQ6F_OL_TzUYBEKsa0mHX483LTJDTNQXzO7JRFluQVa7CLpCTKR3aUhxJUrg8FPNRNqYmdVw6pUrzvzEMtj
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDM5MjE5NDI2Nzc2NjA0ODkxMg==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELC128047bh_Lgt0Y-yXAzE&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELC128047bh_Lgt0Y-yXAzE&google_cver=1
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELC128047bh_Lgt0Y-yXAzE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 274F
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPL15170Ry18KGKNhCpWaGM&google_cver=1&google_push=AYg5qPKQCnaDNOhyZ55zf635a6Eh6Gl01hlUlPvvocRqMr3boPvqfcrPAI...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKQCnaDNOhyZ55zf635a6Eh6Gl01hlUlPvvocRqMr3boPvqfcrPAIE-izjRUwEv85VwK-v55gEHETUB7F7EPDO-iyQqPGHT&google_hm=D-Ckpe...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKQCnaDNOhyZ55zf635a6Eh6Gl01hlUlPvvocRqMr3boPvqfcrPAIE-izjRUwEv85VwK-v55gEHETUB7F7EPDO-iyQqPGHT&google_hm=D-CkpedODO9EuwWmJDGBUg
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKQCnaDNOhyZ55zf635a6Eh6Gl01hlUlPvvocRqMr3boPvqfcrPAIE-izjRUwEv85VwK-v55gEHETUB7F7EPDO-iyQqPGHT&google_hm=D-CkpedODO9EuwWmJDGBUg
pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 274F 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECrLyZPN4W_Y0i9ulGfmgLo&google_cver=1&google_push=AYg5qPJK76idOom4mIingZeH4N5kjvOA2TjEwl9Zo5ETVBek4APXVNKHX9b1JEAqPBWThn2CDIIyvciRU0ZYTOm8mWpFJyjFROTv
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 274F
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEIHOUvPMFY4nsmlFFIvhOdo&google_cver=1&google_push=AYg5qPIWKSkbcgz8xNWX4cqq8klukvPYh5BhmPe4lZJKwquv9Fl0cFOI2ZpklKHPJ12OyihAyiYr5tqYDDUyzJdVfebVKJtzAeI
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7509EDD89CD543279D0C21224FF946B8&google_push=AYg5qPIWKSkbcgz8xNWX4cqq8klukvPYh5BhmPe4lZJKwquv9Fl0cFOI2ZpklKHPJ12OyihAyiYr5tqYDDUyzJd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7509EDD89CD543279D0C21224FF946B8&google_push=AYg5qPIWKSkbcgz8xNWX4cqq8klukvPYh5BhmPe4lZJKwquv9Fl0cFOI2ZpklKHPJ12OyihAyiYr5tqYDDUyzJdVfebVKJtzAeI
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 04 Jan 2022 02:07:56 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7509EDD89CD543279D0C21224FF946B8&google_push=AYg5qPIWKSkbcgz8xNWX4cqq8klukvPYh5BhmPe4lZJKwquv9Fl0cFOI2ZpklKHPJ12OyihAyiYr5tqYDDUyzJdVfebVKJtzAeI
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Mon, 03 Jan 2022 02:07:56 GMT
google
match.adsrvr.org/track/cmf/ Frame 274F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGIDMPoWm6oMxYU878Neqi0&google_cver=1&google_push=AYg5qPK6OJ9V_-nWKSrI869sIHhGgxzPYKj-bT4j0S0j_KMGMtFl27g2KU7k7Awwrfxz6fIU6E7Q-SovPH--UrwKKACwodLTM1lG
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 274F
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEBmA9O6DjqU1cAIikW9VmaM&google_cver=1&google_push=AYg5qPIynYcpisrELU5bUqD8j_zdovXccftAxa9NBHOu4Uj_VpivqhGmJBnoVUw_eiDD8JcgWcksm_j6efTGoC...
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPIynYcpisrELU5bUqD8j_zdovXccftAxa9NBHOu4Uj_VpivqhGmJBnoVUw_eiDD8JcgWcksm_j6efTGoCJoCkFYSwKWUqX4&google_hm=hmHTq_wF5XzlRpPBT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPIynYcpisrELU5bUqD8j_zdovXccftAxa9NBHOu4Uj_VpivqhGmJBnoVUw_eiDD8JcgWcksm_j6efTGoCJoCkFYSwKWUqX4&google_hm=hmHTq_wF5XzlRpPBTQ&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D61D3ABFC05E57CE54693C14DBLIS
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPIynYcpisrELU5bUqD8j_zdovXccftAxa9NBHOu4Uj_VpivqhGmJBnoVUw_eiDD8JcgWcksm_j6efTGoCJoCkFYSwKWUqX4&google_hm=hmHTq_wF5XzlRpPBTQ&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D61D3ABFC05E57CE54693C14DBLIS
date
Tue, 04 Jan 2022 02:07:56 GMT
via
1.1 google
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame 274F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMu5zliAXqjRkbeW80QUtHA&google_cver=1&google_push=AYg5qPKd1DL9VuNdqct647Yi0p3cuCq9AWv4fHbUQVKDDGSNUyJsx-IdTLr7mL4hmKRmZOGd3j...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1ELkJ3Uy5GRTJ1SEIyYWkwRExqNkEyM0kwMHNtQjM4eX5B&google_push=AYg5qPKd1DL9VuNdqct647Yi0p3cuCq9AWv4fHbUQVKDDGSNUyJsx-IdT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1ELkJ3Uy5GRTJ1SEIyYWkwRExqNkEyM0kwMHNtQjM4eX5B&google_push=AYg5qPKd1DL9VuNdqct647Yi0p3cuCq9AWv4fHbUQVKDDGSNUyJsx-IdTLr7mL4hmKRmZOGd3j0geUu-VlKkECGn2IqQxUpcV0jn-w
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1ELkJ3Uy5GRTJ1SEIyYWkwRExqNkEyM0kwMHNtQjM4eX5B&google_push=AYg5qPKd1DL9VuNdqct647Yi0p3cuCq9AWv4fHbUQVKDDGSNUyJsx-IdTLr7mL4hmKRmZOGd3j0geUu-VlKkECGn2IqQxUpcV0jn-w
date
Tue, 04 Jan 2022 02:07:56 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 274F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LixWbMGqqKjMbn6BxFIEpL2Zn5nVPnumIS6Lr0-FzFZ-B4iMZODftww_S6lt7u_Gum1W6olQ
Requested by
Host: 2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
URL: https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
/
track.adform.net/adfserve/ Frame 3C61 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=52121887;rtbwp=0.05778-oLXRwAwHMq-irB7MNufUbuOsfis-yQcy0;rtbdata=2YxAY0WAPhb9bTdFbXjHIilwj3W__cFjJT1Z4Xt8je6Kmj3iR651e0KlUVRIefAePSMDQbIenuxhNyorT08VLdTxQuBcys3GOvhk9rjteZeT4ikbpymT6GKqHA4KRUlqTT3a49TMOD13_r0iKtiJjMavZnGsv4TcTO2ILPQaxpWpzAsQ_Swzv7hq0E4gBh3vCX-3tzGqmdTS0LRdLK0ZAATDctcH2QbecBi0W-VH5Rg3R6Yx3QD3bTb_119wm4vv0x3B-KWmWKSAiMRMx8y_nw2;oobclicktrack=;js=1;adfxid=3x;3747;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.controle.diarioceleste.com.br
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4c3343b0140e607c94911eda1c15c22fd1b7d61bb522f82ced66f4aee87d477c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2221
expires
-1
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 8743 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: aws-fr.bidswitch.net
URL: https://aws-fr.bidswitch.net/imp/0.063/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R51750730_Qrtbwp_R_I_WAUCTION__PRICE_X-0dP11m5FSngPOLOUwRTDfbIPKv01adQy0_Qrtbdata_RYyqrLJEYr-jsoKEwUKRyovlgeHiGGJ__ew4YzOb4p1A10EboH77V5F0t6cVckA6yaPSMDQbIenuxhNyorT08VLdTxQuBcys3GOvhk9rjteZeT4ikbpymT6GKqHA4KRUlqTT3a49TMOD13__r0iKtiJjMavZnGsv4TcTO2ILPQaxpWpzAsQ__Swzv7hq0E4gBh3vIdcT4zbrTn7S50APILNxHfWRaRip__E4LZ8ae__TYZFRrXPRQWRw2PMWhFsPeI52QudzxMjyqqe5u--Ts__ibrZrw2_QOOBClickTrack_R_I_WCLICK__URL_AURLENCODE_X/bzmViO7Z3gbxqWuvluOZQETC6pg0KPhgxbsh5fpKECLCYtmTQ1FjPYJKjpDWRgr9xYB7f0khNgroBQh_i-W8NPeBDG-zDKCI9ZETVMt_TNm_5wK4ZoYup26K7e9BkNXUMLMR_qv77onhsiuRRJdhZfkBZIgb1QgSSP2tJyx976rh0eIatF75eOQ6pE1gwvk-1GtHCQy0tdi44mXit-R9qGHrnCeU2tMgvdWITn0mEOex4bEjB4bzx__2z3muoNmwYl8NkloiqLIJAyqbxrge-sbISc9bool3B9fMbAwTCdSJExoBRHN5XxIik0nsPBAYUjN7qpCWZhIN-TR-AOIGRCMyNyRMfZx6QRd3P2G6WVvsG4WC8Tj7qsVW8yF3VZ-EozGX63Kk6-BNGAkDiqxo6jCPRAr1IUUgk8jPJNuRTaod7cYulUIRAaWbfA5CGNhfcbxKvVeJrj8i5qyMDX0ZXS38HHi2SQAACVFoSleBmfCY-6z3WDgzJRRR6mm9g0JQ90R8lyLsYNyS-XQiL758BKnX2V7goyUGRXSiU_pc6VPGUj-BL_cU7PeV_j-oYtlvz9_JB7Ue278zRr03vMQembWM3MKpC699yDPL_021iZBlzHktq-VM-KGYUfX-bLWHIxcpTY1nb8o8Y9e21-OEluQIhQqwAULJ9camcubsBO0KiRRyTMZQU3VTklFgVxDx0nS2Q5Cd_BGL_3OcjocMoeu_O45FCMK54olJUjRioH3hOYNArLLqYfyWo9lo-pyKvWmKCgnJEfstWSTVVdka_sub62ryKIYD4WK3tSfeA5vXV6O-gQDnlNmNUsmjexfoU09YdFWFYfJcO6tuMo8qxaecDkJMPUbULOSeuilmfnGEaqh_46ACGKs0e_utBWK9hK1BLP80lFwZHMCSxEcblzJ1_GICYfZWo2XEeZzw/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
30d2143e5e0ad4af94bf25a55ea17ac1451f5f8b91ff96dc4a32b4791aaeeab8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 14:23:05 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 05 Jan 2022 05:22:52 GMT
sync
eb2.3lift.com/ Frame B5C2 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?max=10&cb=16588
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
33d4081d713684a2d0427eeed7c9d8b332fbb57995c499e715367c54962a349c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
content-type
text/html; charset=utf-8
content-length
399
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
/
track.adform.net/adfserve/ Frame 8743 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=51750730;rtbwp=0.06741-0dP11m5FSngPOLOUwRTDfbIPKv01adQy0;rtbdata=YyqrLJEYr-jsoKEwUKRyovlgeHiGGJ_ew4YzOb4p1A10EboH77V5F0t6cVckA6yaPSMDQbIenuxhNyorT08VLdTxQuBcys3GOvhk9rjteZeT4ikbpymT6GKqHA4KRUlqTT3a49TMOD13_r0iKtiJjMavZnGsv4TcTO2ILPQaxpWpzAsQ_Swzv7hq0E4gBh3vIdcT4zbrTn7S50APILNxHfWRaRip_E4LZ8ae_TYZFRrXPRQWRw2PMWhFsPeI52QudzxMjyqqe5u--Ts_ibrZrw2;oobclicktrack=;js=1;adfxid=4x;866;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.controle.diarioceleste.com.br
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
dba4da34230832526244f052a5a2854d036dd6e63c26469f7f90a613bb075e62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2213
expires
-1
/
track.adform.net/serving/unload/ Frame B9F1 		35 B
502 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=4667613904866364743@@46747358,5336941599004773651,100|1065|0|0|0|0|0|0|0||41|1|1|61d3abfa00086c3c0a77d28ddf0e359d_1|||1|0|0|K_FEgU9mAyFX7EYoWZQhUfeUi95hLffWkcydlUK1-F5rJwW1B4mXWMkllzAqADQrA7z_uuw_WOM1|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame B9F1 		35 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/Serving/Event/?bn=46747358&event=178&time=1&baid=45757866&name=Viewable%20impressions&imprid=5336941599004773651&icid=4667613904866364743&eData=rPgXzHb8f96Wn7rJxwEnSkLefXOBh2p24fn4X_ACi5jqk7IvQlbLiY-Iq7i4m5Wocc-gtx8oRnwau94oJsHc8Q2&rtbdata=sE7aJDcJuehW4jG2InUKx2c2X04jNWPu2Khm8ptOI7mW9G6-kSd51g6lzVbaIVSCwP5mmb1ZEPnTmH0JRC7vPkbTgNHX2Gb2BSga_wqbXrUSxFA_n3xXpRmQZP2mOwfaaMwOE8Kw1NgddDWXC0o5AR36NRsXaTPpY9LqVqr5u73Ri7cYcyp-m7PRkeAURXdVuSjuJH3O9LopifyFOpkPMqGloshJgAGNhXtvFaTK2iS5ulHu_8-bIsbk21oTzP-01ejLGfZaMtplGmNzwd-hVpOYdiw-7pVO3i3IlGDfNRRpsHQDE1RBHrNOUs5OeowVIpE1YpJauBBue6m5mETywNZpSM_HdKpX0&rtbwp=YdOr-gAHeccHg4DUAA5mwhWPpdKmLV_s7Zu6SQ&rnd=260126763
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
xuid
eb2.3lift.com/ Frame B5C2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=4392194267766048912&dongle=d407
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=4392194267766048912&dongle=d407
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=16588
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=4392194267766048912&dongle=d407
pragma
no-cache
date
Tue, 04 Jan 2022 02:07:55 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
setuid
ib.adnxs.com/prebid/ Frame B5C2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=13395637757564724946
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=16588
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
setuid
ib.adnxs.com/prebid/ Frame B5C2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=13395637757564724946
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=16588
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame B5C2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=1%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3690&xuid=b1c861d3-abfb-4f00-82ea-782ebbdf8fa7&dongle=3995&gdpr=1&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3690&xuid=b1c861d3-abfb-4f00-82ea-782ebbdf8fa7&dongle=3995&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=16588
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Tue, 04 Jan 2022 02:07:56 GMT
Server
MT3 4133 baa842e master cdg-pixel-x16 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eb2.3lift.com/xuid?mid=3690&xuid=b1c861d3-abfb-4f00-82ea-782ebbdf8fa7&dongle=3995&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 04 Jan 2022 02:07:55 GMT
xuid
eb2.3lift.com/ Frame B5C2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=1%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3657&xuid=YdOr_wAC8XDohAAm&dongle=3c0a&gdpr=1&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3657&xuid=YdOr_wAC8XDohAAm&dongle=3c0a&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=16588
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1641262077.628086,VS0,VE89
x-served-by
cache-fra19157-FRA
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://eb2.3lift.com/xuid?mid=3657&xuid=YdOr_wAC8XDohAAm&dongle=3c0a&gdpr=1&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
xuid
eb2.3lift.com/ Frame B5C2
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=632072906110587084&dongle=4d58&gdpr=1&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=632072906110587084&dongle=4d58&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=16588
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 02:07:56 GMT
X-Proxy-Origin
91.199.118.155; 91.199.118.155; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
55f75a80-f44b-42d0-aaa8-cd5509bbf92c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=632072906110587084&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
eb2.3lift.com/ Frame 75C4 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?max=10&cb=79825
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/c0c42695359d47a3003f7e51db08efad70b63076/dist/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
977c9f3fc8540256afaa5f695a1373992b564027c3af0297fb63cd07e0e97c35

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
content-type
text/html; charset=utf-8
content-length
453
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 3C61 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8f19d8e2c2eec8941e3fb606ef52ad505d1de3b9681dd9c2ddc3d73abf4ef1b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 14:23:05 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 05 Jan 2022 05:26:11 GMT
xuid
eb2.3lift.com/ Frame 75C4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=632072906110587084&dongle=4d58&gdpr=1&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=632072906110587084&dongle=4d58&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=79825
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 02:07:56 GMT
X-Proxy-Origin
91.199.118.155; 91.199.118.155; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
d541ec41-4b60-46e1-979b-f8a12e428a42
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=632072906110587084&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ebda
eb2.3lift.com/ Frame 75C4
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTMzOTU2Mzc3NTc1NjQ3MjQ5NDY%3D
  • https://eb2.3lift.com/ebda?gdpr=1&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=79825
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/ebda?gdpr=1&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 75C4
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/trl
  • https://match.prod.bidr.io/cookie-sync/trl?_bee_ppp=1
  • https://eb2.3lift.com/xuid?mid=7255&xuid=ABG-OU7Dp1gAAEA59Q76GQ&dongle=bzwx
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7255&xuid=ABG-OU7Dp1gAAEA59Q76GQ&dongle=bzwx
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=79825
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7255&xuid=ABG-OU7Dp1gAAEA59Q76GQ&dongle=bzwx
Date
Tue, 04 Jan 2022 02:07:56 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
current
triplelift-match.dotomi.com/match/bounce/ Frame 75C4 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://triplelift-match.dotomi.com/match/bounce/current?networkId=74572&version=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=79825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
sync
x.bidswitch.net/ Frame 75C4 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=13395637757564724946&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=79825
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.252.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-252-3.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 02:07:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
xuid
eb2.3lift.com/ Frame 75C4
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3646&xuid=no-consent&dongle=1fa5&gdpr=1&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3646&xuid=no-consent&dongle=1fa5&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=79825
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://eb2.3lift.com/xuid?mid=3646&xuid=no-consent&dongle=1fa5&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
xuid
eb2.3lift.com/ Frame 75C4
Redirect Chain
  • https://sync.hgrtb.com/triplelift?redir=http%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D7666%26xuid%3Dmy_external_user_id%26dongle%3D8f7
  • https://eb2.3lift.com/xuid?mid=7666&xuid=b98b52f4-aa3b-4eb9-9dc9-b0c0787623fa&dongle=8f7
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7666&xuid=b98b52f4-aa3b-4eb9-9dc9-b0c0787623fa&dongle=8f7
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=79825
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
http://eb2.3lift.com/xuid?mid=7666&xuid=b98b52f4-aa3b-4eb9-9dc9-b0c0787623fa&dongle=8f7
date
Tue, 04 Jan 2022 02:07:57 GMT
content-length
118
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 75C4
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=1&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=triplelift&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4945&xuid=7c0e8899-e544-43dc-be4b-f8e6020c4dbd&dongle=31ac
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4945&xuid=7c0e8899-e544-43dc-be4b-f8e6020c4dbd&dongle=31ac
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=79825
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=4945&xuid=7c0e8899-e544-43dc-be4b-f8e6020c4dbd&dongle=31ac
Date
Tue, 04 Jan 2022 02:07:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 75C4
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-8ec1e53e-56b9-4f3b-5073-e9afbf915b6f$ip$91.199.118.155&dongle=4430
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2319&xuid=0-8ec1e53e-56b9-4f3b-5073-e9afbf915b6f$ip$91.199.118.155&dongle=4430
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=79825
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2319&xuid=0-8ec1e53e-56b9-4f3b-5073-e9afbf915b6f$ip$91.199.118.155&dongle=4430
Date
Tue, 04 Jan 2022 02:07:56 GMT
Connection
keep-alive
Content-Length
140
Content-Type
text/html; charset=utf-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8D06 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bners-6vTYfbuOsmQ3gPd-bLoAgAAAAA4AeAEAg&bg=!hoWlhcHNAAZKWFskSlg7ACkAdvg8Wus57LnmQ7NXUwR5zfCsXvD3EUij-NQv74qafPAroGBtJRkKMQIAAADSUgAAABZoAQeZA1wIjjsmGac7YxDaKczjxcQZtj4nFX3LB2HVoIDLMdY0EaffKmIA1q48BFlths6tEuCsCA7f7oQI6QhzcF7Pq4ui0AibhXKMk5EpT1y60G7zdfwpYq_CAQsbBLtS9FawtHJWMPrIBeYI2Zo5FcgYvFfvJJBtwpE_UHRe0ik_4k8Qk3D7f6ZOKw8_RgWRRHV2-zCP0rG1eRZxLA-FzIxLx_YBlhKBdmUkKP9IEihoFMShzBkzCu-lEI1a13FCuRJYlXNcdUmoFGURtqiakAL3YZ4G1SHOGBQFBRoPI-Qxwj5vJbqAOmYTeVh60iN06mQRLD-HlyIuBUb_MCAgJ0Y54B2zOTFzoWvZL4_Qnwx_dX82T9mYQKALZBgxZJZ0ORcAP-LVf100pB-hEaVHbp--62payefN9DWZX7sg2_YxOvEwSmhah84WtZ4MwUmiI84f5k-NSwXtbQ4JO721biyNBGR5h9wr_09CsViZ0oM1qlhdhnidFRwSUvR2-U9HD5yfc_4FN23sr87xu8ef6XAgYQnGBklr7lMEi3iHlMcZCPbu6KJZtQoS5GCA5jrUAaeGHAgsfOWwRtNaoq_xGmN9jd-93wNPpvW_j2-GjR9oMVxV4MnJHTAiTnFYeIgDKeLqjXav4s9egNaa8gxvP21wfstAQESxCvOg9GfdUMst830bEA9IobLTi8ljchA4HSVZefDGnTJ64kzJbgEEa9gMBH1__IHQvJr0Ldc1Nn25VfP_2mJMU_mMFVNNYc-XI3XlQgxLAXt-2aC9hObz9GNNFodPVsyDpLRr4cf_LsUU6bzxf3V84Zw9HivpMO6julygmkriGLN0S-_sDpQ0jR6tJqT5bPfNyHkYkVgN8hm3yYHGOiuzeNwh2eNv0Jgu8lAL6-XwpsLhDUCf-DEb2N1C2EKU9P0eHHWC3GDXTOTiQuhuQVimcBybaHMOHYYWA21FsRu28ey0DHeew5dSM07NwRVliukl3cq7C8KW-AtLqc7oZxJ41AhjpXq-SFcLQFtDnO0GHjWRT3mqO48hE13DUk8xyaxLEpxn31XomYWi9jCu091X3cSHwdTUDY3AKhBy-NfFSO1j4cr4iWxEScyBM1p27wd-6M2fUnC2ALRGDRHwQl4sr2u2_ML8-sUYVg
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
get
choices.trustarc.com/ Frame 4661 		287 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-104.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
public
date
Sun, 19 Dec 2021 06:27:51 GMT
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
server
nginx
age
1366805
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA6-C1
timing-allow-origin
*
content-length
287
x-amz-cf-id
_D-w_EWLHVWQmVqxgj2HcwIN4SXMvYEz2-BLYpCYYc5K3yar-w-ErA==
expires
Tue, 18 Jan 2022 06:27:51 GMT
/
track.adform.net/csimpr/ Frame 3C61 		35 B
502 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=52121887&csi=osoRcQq-8RF_zuqKy3vGystMKHKOxeS4-Q4UcwCyl5XZKGWOLEEutt6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
41371955.jpg
s1.adform.net/Banners/41371955/ Frame 3C61 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/41371955/41371955.jpg?bv=2
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d66cfa52063105bea54ef067d7b3aea76077aac4d4186c70994bb4bda29ee1c4
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
last-modified
Tue, 23 Nov 2021 14:59:57 GMT
server
nginx
etag
"619d01ed-c4ac"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
50348
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 8743 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8f19d8e2c2eec8941e3fb606ef52ad505d1de3b9681dd9c2ddc3d73abf4ef1b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 14:23:05 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 05 Jan 2022 05:26:11 GMT
/
track.adform.net/csimpr/ Frame 8743 		35 B
502 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=51750730&csi=XO5HfGlsv49sApdwPtRm2viSX61_EaAh-Q4UcwCyl5XZKGWOLEEutt6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:56 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
41371960.jpg
s1.adform.net/Banners/41371960/ Frame 8743 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/41371960/41371960.jpg?bv=2
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ef0d47f1af5311e6146277dab2fa8c51c84e11f116e593d6f082f55578a264a8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:56 GMT
last-modified
Tue, 23 Nov 2021 15:00:01 GMT
server
nginx
etag
"619d01f1-14201"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
82433
get
choices.trustarc.com/ Frame BCAB 		287 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=r9vak6v_5llqzru_cx40n3a0&w=728&h=90&c=tradedesk01cont1&js=pmw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-104.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
public
date
Sun, 19 Dec 2021 06:27:51 GMT
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
server
nginx
age
1366805
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA6-C1
timing-allow-origin
*
content-length
287
x-amz-cf-id
uqb3LZC39p-7Uw6OnlBWHTb5Ezl0l7V12irmVR2hKo-vsdE0USDzzw==
expires
Tue, 18 Jan 2022 06:27:51 GMT
get
choices.trustarc.com/ Frame BCAB 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tr.png
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-104.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
public
date
Mon, 13 Dec 2021 13:36:21 GMT
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
server
nginx
age
1859495
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA6-C1
timing-allow-origin
*
content-length
739
x-amz-cf-id
Sw69JKjFPszoa5DQ3gE0PSpowlcEE9ofvauwhlJ1nq0MMKXw5Y3GkA==
expires
Wed, 12 Jan 2022 13:36:21 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.controle.diarioceleste.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 04 Jan 2022 02:07:56 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.controle.diarioceleste.com.br
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.controle.diarioceleste.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 04 Jan 2022 02:07:56 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.controle.diarioceleste.com.br
t
t.lkqd.net/ Frame B245 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.controle.diarioceleste.com.br
date
Tue, 04 Jan 2022 02:07:57 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame B245 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.controle.diarioceleste.com.br
date
Tue, 04 Jan 2022 02:07:57 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
ev
eb2.3lift.com/ Frame 5E8F 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev?inv_code=JuiceBarAds_SHA_RON_EB_HDX&aid=47677051723035161120&rev=c0c4269&ss=5&bc=0.062&pr=YdOr-wAC3j8Hg4LVAApolSQF2pNwtVan8TNb9Q&brid=168917&bmid=5989&biid=6021&bcud=62&sid=142837&ts=1641262075&caid=0&unid=0&cepos=0&ceid=0&cb=80039
Requested by
Host: www.controle.diarioceleste.com.br
URL: https://www.controle.diarioceleste.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame 86AB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstu-cpND59pQBihAKC_7RNK-s5RrLP4QD-BEmCrrC6Re7Fl2Dug36ZDxQijhgh7SaCQxloPA_GUVUwaJqCXV-idu4w9faEPcWE&sig=Cg0ArKJSzNRq1raPrQlyEAE&id=lidar2&mcvt=1051&p=0,0,90,728&mtos=1051,1051,1051,1051,1051&tos=1051,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=32&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1641262075943&rpt=247&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame AAAD 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.87.88 -, , ASN (),
Reverse DNS
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 04 Jan 2022 02:07:57 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.87.88 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 04 Jan 2022 02:07:57 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
activeview
pagead2.googlesyndication.com/pcs/ Frame 5E8F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstLj57pg7njJuj0YV0qYy2jq88w-x_mnlrk3N78kFUdx5omiS5pEg4m-AM2qZ08tJkeZEQ3GpSB6pj84jNrZM1C1Q&sig=Cg0ArKJSzKFuoUCKI-VMEAE&cid=CAASF-Roo1q5BmJ2oPtt1imT6NgPhAaaUVh-&id=lidar2&mcvt=1000&p=1030,266,1120,994&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2750716817&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1641262075662&rpt=658&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5822243610880583&plah=www.controle.diarioceleste.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a570f39f08fbc76463f6d55329895fcd98ece70837283619827b80e8b058660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 04 Jan 2022 02:07:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8594
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 5840 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvhGq2pCeIIoZiwUGLX8FWw1YlazKUxkCgOGmq_XVYH-GOIeSoTy0VyafBPtk4b1Xlt0Eoyu6fttygpJ2kN61Ws6A&sig=Cg0ArKJSzKirgcq41DvBEAE&cid=CAASF-RoljkzzyE8lf9LjrktrXPJKYNmlFJd&id=lidar2&mcvt=1083&p=394,1022,644,1322&mtos=1083,1083,1083,1083,1083&tos=1083,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2676087602&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1641262075773&rpt=646&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/serving/unload/ Frame 5840 		35 B
502 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=4667613904866364743@@46122647,5694503731859509540,100|1021|0|0|0|0|0|0|0||40|1|1|61d3abfb0009941b0a77b392180d4b57_1|||1|0|0|-SF1w9n1jUO48M5tcwHHbfeUi95hLffWigMGBycXXmUyyyeLJVMihMkllzAqADQrA7z_uuw_WOM1|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:57 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame 5840 		35 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/Serving/Event/?bn=46122647&event=178&time=1&baid=45221360&name=Viewable%20impressions&imprid=5694503731859509540&icid=4667613904866364743&eData=InNB3Q4zdxciBdh7c15fJULefXOBh2p2YaJU2uM20Nnqk7IvQlbLiZ5ATmWbPc5flRj1PnmX78Mau94oJsHc8Q2&rtbdata=sE7aJDcJuegdKCn7zHyi9_FRUR4GSi6IDJGX4Ff6Dv-e9fWGgeG7KQ6lzVbaIVSCIspSLvWTteuSuqkhLpZinfTVqV7K2UCDyk4duVUUcw0SxFA_n3xXpRmQZP2mOwfaaMwOE8Kw1NgddDWXC0o5AR36NRsXaTPpY9LqVqr5u7004_0ID0LYS7PRkeAURXdVuSjuJH3O9LopifyFOpkPMqGloshJgAGNGryWsoEKSI65ulHu_8-bIsbk21oTzP-01ejLGfZaMtplGmNzwd-hVpOYdiw-7pVO3i3IlGDfNRRpsHQDE1RBHrNOUs5OeowVIpE1YpJauBBue6m5mETywErzvcOouG350&rtbwp=YdOr-wAIjIMKd_lDAA2_xqGPYiWTX0sSmjic_w&rnd=505147353
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:57 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
ad
v.lkqd.net/ Frame E96D 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1149535&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c5=&c6=52453&rnd=44402806&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.75 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
586ca6c15395979e6dbbc4b01dad042173b41f0c1b0bd9ec05e239b6901a0b5b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:57 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.controle.diarioceleste.com.br
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1364
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5822243610880583&plah=www.controle.diarioceleste.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
expires
Tue, 04 Jan 2022 02:07:57 GMT
vpaid.js
ad.lkqd.net/vpaid/ Frame 684E 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:57 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1641262077.cds025.ml1.hn,1641262077.cds020.ml1.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8C9D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Mon, 03 Jan 2022 23:46:15 GMT
expires
Tue, 03 Jan 2023 23:46:15 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
8502
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame C911 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
87b8894b1abee029c86ae3f9574382f4bf792245be7e4ceec899b2d45579fbad
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VrCbwEZ9dMoJn9g3+sQbyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 04 Jan 2022 02:07:57 GMT
date
Tue, 04 Jan 2022 02:07:57 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-VrCbwEZ9dMoJn9g3+sQbyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
pagead2.googlesyndication.com/bg/ Frame 8C9D 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 20:54:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
18778
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13555
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Jan 2023 20:54:59 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C911 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211207&jk=3369993781996694&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
usync.html
ad.lkqd.net/cookie-sync/ Frame F9D1 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 04 Jan 2022 02:07:57 GMT
content-encoding
gzip
content-length
1909
content-type
text/html
last-modified
Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges
bytes
etag
"10c6626c1705141142b0302e29b3bd0e"
cache-control
public, max-age=1209600
x-hw
1641262077.cds025.ml1.hn,1641262077.cds223.ml1.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 684E 		93 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1149535&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c5=&c6=52453&rnd=44402806&m=&rtv=1&thost=www.controle.diarioceleste.com.br
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.75 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
f0ea99ac8ea7baf92d119f7dba1fc62ec6b864cd2827fd530ac7adfdac2573ec

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 04 Jan 2022 02:07:57 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://www.controle.diarioceleste.com.br
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
5840
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1149535&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c5=&c6=52453&rnd=44402806&m=&rtv=1&thost=www.controle.diarioceleste.com.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.75 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.controle.diarioceleste.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 04 Jan 2022 02:07:57 GMT
content-length
0
access-control-allow-origin
https://www.controle.diarioceleste.com.br
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
cs
cs.lkqd.net/ Frame F9D1 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.185 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:57 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame F9D1 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.185 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:57 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame F9D1 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.185 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:57 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame F9D1 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.185 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:57 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame F9D1
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4392194267766048912
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4392194267766048912
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.185 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 02:07:57 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4392194267766048912
pragma
no-cache
date
Tue, 04 Jan 2022 02:07:57 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211207&jk=3369993781996694&bg=!W1ilWBzNAAZKWFskSlg7ACkAdvg8WpAYwJiPiYof4JSx5MOnDe33a_Lq3zM9jgItePHKej9qQKPDwgIAAABjUgAAAAdoAQeZArqCCcRriQksY5Eb0nkyY6qNX78gXP_58q1WnuwJzmR2aOET1SQj4trniNlYeArCbWr-8GHh5UdqwjSy722YAedlyD7JsUJgeVSq-ZDhYM0Empij7ozjIQ_g_0-Y8klFI11VbKwG_eJjhBhihL1TlIDtK-0JgMx9UrAS6eCJ1gHOc7m3nIRJk5_9mlvvQef9d3kwgwNyxtpZmzjImwW1gXnL2hgiYOCYlWTIZHQVPcpxCkiNGRuiWxHjDR3mGOz6P9R_nC9RW4oIRpGFLBp2zYI5BsznQAvE9uq3h3AXBMOa7tbvdsKdAy8BVeA_YnyKyYMKVDGxd-7ZjZhbWbgTQY2pdSmq2CXisvTX5pIuB7ifrPwcNjD74VEfucuONBpjYKICYw7aKhhfQN6twgIChZ3xVi7ODnlcADJNdjWB5XLBwiEndP0r6cCk3v9z329D3ZxKL4JFrav1onSkD7XzwnYxltUYFH5uL9BUmeo3wCiDVddtKtH4RGji_qBVSUh-xlVpC28qII5Qx2riVXyxEDgPshlRMF6YeDDYpVJzU9yhpf28e8B03Hx1bVtpBEyY_Of_EMEaPlhDjOJ1mhLO6_EwqdDzbmmLMWNwHKMwfggsuXghpyfmqE8HfsK75DcTuGC7VrAyfHiOZgLqaom76W1-66Yl7P78iD-W5AvJH2k5lpSmxZQLQAfFFODy5W2QPeZCn2XkfIOjbFyX4bgiCMK6OughArJYvEXqW4YKhb5FLT1q-Y7gGZHS5ukr3Y324Kj9dght0ImsbMXCwWTu6gyno_MJBknKhDJQ0MzaFJIFiaDj2jv3sbwe-fRpDTwRl4XAzFdCKVl9L3JcAZ6jxsYOjZTSZfpmzEApvd9HpfOhV4odFuE-FXKhHaZDsBE-VO0iOgPXiVB5xdCCZhDnwWxxIwi4f6hvUvrzCw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
t
t.lkqd.net/ Frame AB44 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.controle.diarioceleste.com.br
date
Tue, 04 Jan 2022 02:07:58 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.controle.diarioceleste.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 04 Jan 2022 02:07:58 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.controle.diarioceleste.com.br
218945
search.spotxchange.com/vast/2.0/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&cb=899682542&player_width=400&player_height=225&regs[gdpr]=0&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C16113071490637454312096165591%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 02:07:58 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000235
X-SpotX-Timing-SpotMarket
0.004939
X-SpotX-Timing-Page-Mux
0.000207
X-SpotX-Timing-Page-Require
0.000448
X-fe
099
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000021
Content-Length
77
X-SpotX-Timing-Page
0.009847
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000255
Last-Modified
Tue, 04 Jan 2022 02:07:58 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.004939
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.controle.diarioceleste.com.br
X-SpotX-Timing-Page-Misc
0.003731
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000010
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
av
vidoomy-d.openx.net/v/1.0/ 		48 B
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&cb=1163375124&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C1611307149063745431442737028,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:58 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.controle.diarioceleste.com.br
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
rtb
a.vidoomy.com/api/rtbserver/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.vidoomy.com/api/rtbserver/rtb?id=828056279&w=400&h=225&skip=1&req_type=1&req_type=1&ip=&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F96.0.4664.93%20Safari%2F537.36&l=EN&dt=2&c=DE&pid=52453&sid=&sname=&d=diarioceleste.com.br&sp=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&coppa=&gdpr=0&gdprcs=&vpaid=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.61.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-61-12.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
https://www.controle.diarioceleste.com.br
date
Tue, 04 Jan 2022 02:07:58 GMT
access-control-allow-credentials
true
vary
Origin
access-control-expose-headers
X-Vd-C
218945
search.spotxchange.com/vast/2.0/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&cb=1315485394&player_width=400&player_height=225&regs[gdpr]=0&user[consent]=&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C18283494621611307149063745431%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 02:07:58 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000253
X-SpotX-Timing-SpotMarket
0.006509
X-SpotX-Timing-Page-Mux
0.000233
X-SpotX-Timing-Page-Require
0.000306
X-fe
071
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000020
Content-Length
77
X-SpotX-Timing-Page
0.010670
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000297
Last-Modified
Tue, 04 Jan 2022 02:07:58 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.006509
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.controle.diarioceleste.com.br
X-SpotX-Timing-Page-Misc
0.003041
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000010
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=1421038697&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov...
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=1421038697&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi....
0
0
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=664264674&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&...
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=664264674&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.w...
0
0
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
737 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C16113071490637454311988178533,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 02:07:58 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.controle.diarioceleste.com.br
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1641262077628040-589
Expires
Tue, 04 Jan 2022 02:07:58 GMT
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=1879586745&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov...
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=1879586745&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi....
0
0
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1007 B
888 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C16113071490637454311205331865%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
196e696a9155c1d7c7b263a29d88c0f7bcd676e9200f24436f1f73593b0576f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:58 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.controle.diarioceleste.com.br
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
618
expires
Tue, 04 Jan 2022 02:07:58 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1007 B
888 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C13232801241611307149063745431%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4f9462175938b666185f315616e9936412b6509b7b72e72f5204245b48e9f518

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 02:07:58 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.controle.diarioceleste.com.br
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
618
expires
Tue, 04 Jan 2022 02:07:58 GMT
88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=2146436133&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov...
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=2146436133&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi....
0
0
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C19172890411611307149063745431,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1fcabdf3bbdecbc31985b860a287617a73a1296d5697cff54255aaf76b3cff33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.controle.diarioceleste.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 02:07:58 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://www.controle.diarioceleste.com.br
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1158
x-sticky-vk
1641262077027099-341
Expires
Tue, 04 Jan 2022 02:07:58 GMT
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=223944192&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&...
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=223944192&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.w...
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
controle.diarioceleste.com.br
URL
https://controle.diarioceleste.com.br/wp-content/themes/Newspaper/images/icons/newspaper.woff?19
Domain
controle.diarioceleste.com.br
URL
https://controle.diarioceleste.com.br/wp-content/plugins/td-composer/assets/fonts/font-awesome/fontawesome-webfont.woff2?v=4.7.0
Domain
controle.diarioceleste.com.br
URL
https://controle.diarioceleste.com.br/wp-content/themes/Newspaper/images/icons/newspaper.ttf?19
Domain
controle.diarioceleste.com.br
URL
https://controle.diarioceleste.com.br/wp-content/plugins/td-composer/assets/fonts/font-awesome/fontawesome-webfont.woff?v=4.7.0
Domain
controle.diarioceleste.com.br
URL
https://controle.diarioceleste.com.br/wp-content/plugins/td-composer/assets/fonts/font-awesome/fontawesome-webfont.ttf?v=4.7.0
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmhQVVgJa36ropE
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEBgCJVwgU7Cx5-0V9CnX2Ks&google_cver=1&google_push=AYg5qPLoWYLP-eOeofzHalDf-ThLV6TmZuCY2cighjh_de_JvSnLSc1eNwNHfOreqywSa2sD5HsNVS98jZBEsdy2Ve4Y2kjYTg
Domain
t.lkqd.net
URL
https://t.lkqd.net/t
Domain
controle.diarioceleste.com.br
URL
https://controle.diarioceleste.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-700.woff2
Domain
controle.diarioceleste.com.br
URL
https://controle.diarioceleste.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-regular.woff2
Domain
controle.diarioceleste.com.br
URL
https://controle.diarioceleste.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-700.woff
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkjbikCKXIg&google_cver=1&google_gid=CAESEEaALM6E714T4YCKFpxMgWk
Domain
controle.diarioceleste.com.br
URL
https://controle.diarioceleste.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-regular.woff
Domain
controle.diarioceleste.com.br
URL
https://controle.diarioceleste.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-700.ttf
Domain
controle.diarioceleste.com.br
URL
https://controle.diarioceleste.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-regular.ttf
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5xXXrzmwjAVVI
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEGsYAAVCrkgZSVmTT1Uj3Hc&google_cver=1&google_push=AYg5qPJXd6Tn-3ESmyDhjMeFEmK8H5N6AY4EZElUcQX4KCFPZR2MFHEWDPRtHhcEFvx6QzkM6KNZ62m-rLRBsq-WJ8_g6ya0f8w-
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6bzT_RYW2lSSubZ
Domain
ads-eu.v.ssp.yahoo.com
URL
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=1421038697&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1&a.y_rid=8fa92913-fb4a-4abc-ba2f-62a3b01abef8&a.is_yahoo=3&redirect_y=dHM9MTY0MTI2MjA3ODAyNy40MTA0MDA6YXBpZD1VUDIxNmEzMmU5LTZkMDMtMTFlYy05MjY5LTAyZGZlMTE1ZGE0YzptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPThmYTkyOTEzLWZiNGEtNGFiYy1iYTJmLTYyYTNiMDFhYmVmOA==
Domain
ads-eu.v.ssp.yahoo.com
URL
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=664264674&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1&a.y_rid=2aa6b271-99f5-4970-8de8-031c27fcf87e&a.is_yahoo=3&redirect_y=dHM9MTY0MTI2MjA3ODAyOC42MDcxNzg6YXBpZD1VUDIxNmEzMmU5LTZkMDMtMTFlYy05MjY5LTAyZGZlMTE1ZGE0YzptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPTJhYTZiMjcxLTk5ZjUtNDk3MC04ZGU4LTAzMWMyN2ZjZjg3ZQ==
Domain
ads-eu.v.ssp.yahoo.com
URL
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=1879586745&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=31a12392-7443-49a4-87db-7106ca3f3441&a.is_yahoo=3&redirect_y=dHM9MTY0MTI2MjA3ODAyOC44NzAzNjE6YXBpZD1VUDIxNmEzMmU5LTZkMDMtMTFlYy05MjY5LTAyZGZlMTE1ZGE0YzptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPTMxYTEyMzkyLTc0NDMtNDlhNC04N2RiLTcxMDZjYTNmMzQ0MQ==
Domain
ads-eu.v.ssp.yahoo.com
URL
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=2146436133&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1&a.y_rid=f1ef457c-7124-40f1-bf36-7acdf43309b0&a.is_yahoo=3&redirect_y=dHM9MTY0MTI2MjA3ODAzMC4xNzQ1NjE6YXBpZD1VUDIxNmEzMmU5LTZkMDMtMTFlYy05MjY5LTAyZGZlMTE1ZGE0YzptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPWYxZWY0NTdjLTcxMjQtNDBmMS1iZjM2LTdhY2RmNDMzMDliMA==
Domain
ads-eu.v.ssp.yahoo.com
URL
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=223944192&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.controle.diarioceleste.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1&a.y_rid=46f8b61c-d52b-4095-a165-115f469938f0&a.is_yahoo=3&redirect_y=dHM9MTY0MTI2MjA3ODAzMi4xMjAzNjE6YXBpZD1VUDIxNmEzMmU5LTZkMDMtMTFlYy05MjY5LTAyZGZlMTE1ZGE0YzptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPTQ2ZjhiNjFjLWQ1MmItNDA5NS1hMTY1LTExNWY0Njk5MzhmMA==

Verdicts & Comments Add Verdict or Comment

292 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 function| __awaiter function| __generator object| jbaMaps object| jbaBannersHome object| jbaBannersNoticia object| jbaBannersFeminino object| jbaBannersCruzeiro object| jbaBannersBlog object| jbaBannersTable object| jbaBannersCalendario object| jbaBannersCategoria object| jbaBannersPost object| jbaSpotConfig function| insertBanners object| style function| jbaInsHeader string| confirmSlider function| jbaHide function| jbaShowHide function| jbaCreateDivsParQuerySelector function| afterJbaCreateDivsParQuerySelector function| jbaQuerySelector function| replaceJbaQuerySelector function| afterJbaQuerySelector function| beforeJbaQuerySelector number| contaOverlay function| jbaInsAd2 function| jbaInsAd undefined| $ function| jQuery object| seoAutomatedLinkBuilding function| fbAsyncInit function| __extends function| setImmediate function| clearImmediate function| swal function| sweetAlert function| ps_html_decode function| ps_html_encode function| ps_validate_survey function| ps_form_array_to_object function| ps_survey_reload function| ps_ajax_get function| ps_ajax_post function| ps_ajax object| tdb_globals object| tdwGlobal object| tdaGlobal object| wp_post string| ajaxurl function| documentInitOneSignal function| OneSignal object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| tds_general_modal_image string| tdc_is_installed string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| td_user_incorrect string| td_email_user_empty string| td_pass_empty string| td_pass_pattern_incorrect string| td_retype_pass_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError string| tdBlockNonce object| tdDateNamesI18n string| td_ad_background_click_link string| td_ad_background_click_target function| gtag object| dataLayer object| block_tdi_75 object| block_tdi_80 object| block_tdi_81 object| block_tdi_85 object| FB object| block_tdi_86 object| block_tdi_87 object| google_tag_manager object| block_tdi_94 object| google_tag_data string| GoogleAnalyticsObject function| ga object| block_tdi_98 object| block_tdi_99 object| CleverCore number| CleverCoreRegistryLoaded object| block_tdi_116 object| block_tdi_119 object| block_tdi_122 object| runtime object| regeneratorRuntime object| wpcf7 object| localized_strings function| sp_viewport boolean| sortable boolean| paginated number| display_length function| Waypoint function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig function| _ object| tdbAutoload object| $jscomp object| tdAnalytics object| tdDetect object| tdViewport object| tdMenu object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box number| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| td_comments_form_validation object| tdLoadingBox object| tdAjaxSearch string| tdModalImageLastEl object| tdBlocks object| tdLogin object| tdLoginMob object| tdDemoMenu object| tdTrendingNow object| td_history object| tdSmartSidebar object| tdStickyRow object| tdScrollToClass object| tdInfiniteLoader function| Froogaloop object| tdCustomEvents object| tdEvents object| tdHeader object| tdAjaxCount object| tdYoutubePlayers object| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| td_fps object| tdAnimationScroll object| tdHomepageFull object| tdBackstr object| tdShowVideo object| tdAnimationStack function| td_compute_parallax_background function| td_compute_backstretch_item object| td_backstretch_items object| tdAjaxLoop object| tdWeather object| tdAnimationSprite function| td_date_i18n object| tdSocialSharing function| tdModalImage object| tdAjaxVideoModal object| tdfAjaxFlickr object| tdPopupModal object| tdConfirm function| $f function| onYouTubeIframeAPIReady object| addComment object| gutentorLS object| moove_frontend_gdpr_scripts function| postscribe function| gdpr_lightbox undefined| eventHub object| tdbMenu object| tdbMenuItemPullDown object| tdbSearch object| tdcPostSettings function| tdbGetMobileTemplates object| gaplugins object| gaGlobal object| gaData object| _stq object| lazyLoadOptions function| lazyLoadThumb function| lazyLoadYoutubeIframe function| st_go function| linktracker_init object| wpcom object| googletag object| ggeac object| google_js_reporting_queue number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| LazyLoad function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy object| teadsscript object| teads function| eHost string| vvia string| vvib string| vvic string| vvid string| vvie string| vvif string| vvig string| vvih string| vvii string| vvij string| vvik string| vvil string| vvim string| vvin function| callPlayers function| __tcfapi_8928924878912 object| lkqdSettings object| vpaidLoader object| lkqd object| mobile_blocked_mfs function| lkqd_http_response

91 Cookies

Domain/Path Name / Value
.mrtnsvr.com/sync Name: userId
Value: o8RAfubfp
.3lift.com/sync Name: sync
Value: CgoIgAIQ1qXfluIvCgoIgQIQtaPfluIvCgoIhwIQtaPfluIvCgkICRC1o9-W4i8KCgiJAhDWpd-W4i8KCQgLELWj35biLwoKCIwCELWj35biLwoKCM4BEKul35biLwoKCI4BEKul35biLwoKCJECEKul35biLwoKCJICEKul35biLwoKCJQCENal35biLwoKCJYCENal35biLwoKCNYBENal35biLwoKCJcCENal35biLwoKCJgCEKul35biLwoKCJkCEKul35biLwoKCJoCENal35biLwoKCJsCEKul35biLwoJCBsQ1qXfluIvCgoInAIQq6XfluIvCgoIngIQtaPfluIvCgoI3gEQ1qXfluIvCgkIXxC1o9-W4i8KCQgfEKul35biLwoKCKEBENal35biLwoKCOIBELWj35biLwoKCOYBELWj35biLwoJCDkQq6XfluIvCgkIOhC1o9-W4i8=
.www.controle.diarioceleste.com.br/ Name: serverdoID
Value: okpqosvta0hndbfo8cjqjs8nrc
.diarioceleste.com.br/ Name: _ga
Value: GA1.3.1401732646.1641262073
.diarioceleste.com.br/ Name: _gid
Value: GA1.3.1212573865.1641262073
.diarioceleste.com.br/ Name: _gat_gtag_UA_57583848_1
Value: 1
.diarioceleste.com.br/ Name: _gat_gtag_UA_175164381_50
Value: 1
diarioceleste.com.br/ Name: wp-ps-session
Value: 8eee181ej06vm87vgtcmf9no4a
.diarioceleste.com.br/ Name: __gads
Value: ID=891a7ad1ca8fa810:T=1641262073:S=ALNI_MZBzVYFr_qK0IasykVVv3SceFYYeQ
.adform.net/ Name: C
Value: 1
.ctnsnet.com/ Name: cid_a6a9e197291b4d5987004b3b6bcd29ba
Value: 1
.quantserve.com/ Name: d
Value: EDIBCQGPJYEA
.quantserve.com/ Name: mc
Value: 61d3abfa-eb392-f50d4-69bbc
.lijit.com/ Name: ljt_reader
Value: 4d88f5e3d9490238d1719b98
.360yield.com/ Name: tuuid
Value: a31aff17-2c82-4824-aef9-3b766cbbcc5c
.360yield.com/ Name: tuuid_lu
Value: 1641262075
.bidswitch.net/ Name: tuuid
Value: 0caf0677-c490-439a-9f76-c1bb9d219461
.bidswitch.net/ Name: c
Value: 1641262075
.bidswitch.net/ Name: tuuid_lu
Value: 1641262075
ads.stickyadstv.com/ Name: UID
Value: 3393b4fc8f6aec62ef1ab8b06b799ea7
ads.stickyadstv.com/ Name: sessionId
Value: d645624a53f337524d24725d84b288
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YdOr_wAC8XDohAAm
.tidaltv.com/ Name: tidal_ttid
Value: d99aa4d1-9f5d-4ec9-b857-df0055f1a51b
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0srQwtzI0sgAAZe41oQkAAAA="
.mathtag.com/ Name: uuid
Value: b1c861d3-abfb-4f00-82ea-782ebbdf8fa7
.adform.net/ Name: uid
Value: 4667613904866364743
.adform.net/ Name: TPC
Value: 1641262075159
.adsrvr.org/ Name: TDID
Value: 3e0b6a2f-88ed-4487-a221-34631cbb3ff3
.vidoomy.com/ Name: vidoomy-uids
Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6IjBjYWYwNjc3LWM0OTAtNDM5YS05Zjc2LWMxYmI5ZDIxOTQ2MSIsImV4cGlyZXMiOjE2NDM4NTQwNzV9LCJDRU4iOnsidWlkIjoibm8tY29uc2VudCIsImV4cGlyZXMiOjE2NDM4NTQwNzV9fX0=
.adsrvr.org/ Name: TDCPM
Value: CAESGAoJbW9va2llLXBzEgsIpL2P3KHMpzoQBRgFIAEoAjILCPz624i4zKc6EAU4AQ..
.turn.com/ Name: uid
Value: 4392194267766048912
.awin1.com/ Name: awpv19228
Value: 412871|1641262075|214a2700-6d03-11ec-9ff3-2231056962d9
.adnxs.com/ Name: uuid2
Value: 632072906110587084
.creative-serving.com/ Name: tuuid
Value: bae2a8fa-da16-48f3-a8ee-ee897fba81ab
.creative-serving.com/ Name: c
Value: 1641262075
.creative-serving.com/ Name: tuuid_lu
Value: 1641262075
.lead-alliance.net/ Name: ppv1225
Value: 2022010403075561436752941X113752V1225131106MSoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuidKnVRbz8jl9YEznYcSjwwJZ72HxHdabapasuid__suite_Netmix_Reach13_BlackFridayPush
www.lead-alliance.net/ Name: PHPSESSID
Value: 2l4v6m0ic4g8safd0mn0ga92m2
.lead-alliance.net/ Name: ppv1226
Value: 2022010403075561436752943X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidKnVRbz8jl9YEznYcSjwwJZ72HxHdabapasuid__suite_Netmix_Reach13_BlackFridayPush
.blau.de/ Name: nscT486
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTcwMDAwMDAwMDA2MTY0MTI2MjA3NXZsZWExZGUyMDIyMDEwNDAzMDc1NTYxNDM2NzUyOTQxWDExMzc1MlYxMjI1MTMxMTA2TVNvbmVpZDlNMVNNZktNdHhFcFNLSEJIMnQ3dHJycXN3VG1UeFZjZG9uZWlkX19hc3VpZEtuVlJiejhqbDlZRXpuWWNTand3Slo3Mkh4SGRhYmFwYXN1aWRfX3N1aXRlX05ldG1peF9SZWFjaDEzX0JsYWNrRnJpZGF5UHVzaDExMzc1Mg
.blau.de/ Name: nscQ486
Value: V
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTcwMDAwMDAwMDA2MTY0MTI2MjA3NXZsZWExZGUyMDIyMDEwNDAzMDc1NTYxNDM2NzUyOTQzWDEyMDIxMVYxMjI2MTMyNzAyTVNvbmVpZFlYMUhyZjE1c3BCcEhWSDlIZXRRdFJSOGNBVDFUNm1Icm9uZWlkX19hc3VpZEtuVlJiejhqbDlZRXpuWWNTand3Slo3Mkh4SGRhYmFwYXN1aWRfX3N1aXRlX05ldG1peF9SZWFjaDEzX0JsYWNrRnJpZGF5UHVzaDEyMDIxMQ
.o2online.de/ Name: nscQ485
Value: V
.getrockerbox.com/ Name: uuid
Value: 632072906110587084
.mathtag.com/ Name: mt_mop
Value: 4:1641262075
.advertising.com/ Name: APID
Value: UP216a32e9-6d03-11ec-9269-02dfe115da4c
.w55c.net/ Name: wfivefivec
Value: DJZjnkKv1N4zeX5
.blau.de/ Name: webShopPV
Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022010403075561436752941X113752V1225131106MSoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuidKnVRbz8jl9YEznYcSjwwJZ72HxHdabapasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=113752
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022010403075561436752943X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidKnVRbz8jl9YEznYcSjwwJZ72HxHdabapasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&ratenzahlung=24
.w55c.net/ Name: matchgoogle
Value: 5
www.diarioceleste.com.br/ Name: wp-ps-session
Value: bq8gmhmdg4kfsrf6biues2n69g
.yahoo.com/ Name: APID
Value: UP216a32e9-6d03-11ec-9269-02dfe115da4c
.yahoo.com/ Name: A3
Value: d=AQABBPur02ECEJPWns4sqh595I09AzwEdh4FEgEBAQH91GHdYQAAAAAA_eMAAA&S=AQAAAjbrAlnc1atxndv3WudnZQY
.scoota.co/ Name: tuuid
Value: 8c849103-308a-4972-86bf-6d198c4911e8
.scoota.co/ Name: c
Value: 1641262075
.scoota.co/ Name: tuuid_lu
Value: 1641262075
.casalemedia.com/ Name: CMID
Value: YdOr.5kpJzxJ2BtmOuKK2wAA
.casalemedia.com/ Name: CMPS
Value: 3165
.simpli.fi/ Name: suid
Value: 7509EDD89CD543279D0C21224FF946B8
.casalemedia.com/ Name: CMPRO
Value: 1102
.casalemedia.com/ Name: CMST
Value: YdOr+2HTq-sA
.awin1.com/ Name: awpv14098
Value: 412871|1641262076|21c2b260-6d03-11ec-9ff3-2231056962d9
.awin1.com/ Name: AWSESS
Value: 379097:2519498
.doubleclick.net/ Name: IDE
Value: AHWqTUlf_IbYX47_hdCkkWab9Au0_os-Upj5pCWSyP_B9_iLfjqqtMCr4N82uXgQha8
.yahoo.com/ Name: APIDTS
Value: 1641262076
.tribalfusion.com/ Name: ANON_ID
Value: agntmISkTsfAutomjt9kDqWFUXU3VwZcRUpsaWhKROAlxZb34bPwk7m9pjZbMWINhyXWVXqAowqPJSVSFQofQZcZbIDGM
.yieldlab.net/ Name: id
Value: 4d12057f-471e-4b91-9e56-affdd4f23855
.mobility-ads.de/ Name: coyoteTrackingCookie_1
Value: 483566946
.mobility-ads.de/ Name: coyoteSimpleTrackingCookie
Value: 483566946
www.autohaus-koenig.de/ Name: mobilityAds
Value: 483566946
.3lift.com/ Name: tluid
Value: 13395637757564724946
.analytics.yahoo.com/ Name: IDSYNC
Value: "18wq~22gq:18yx~22gq"
.adaptv.advertising.com/ Name: migrated2y
Value: "1"
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.blismedia.com/ Name: b
Value: 61D3ABFC05E57CE54693C14DBLIS
.spotxchange.com/ Name: audience
Value: 21feecd3-6d03-11ec-acdf-1d7abbad0006
ads.stickyadstv.com/ Name: pxId
Value: 7169
.bing.com/ Name: MUID
Value: 13646B75056B680607617A57040069E8
.pubmatic.com/ Name: KADUSERCOOKIE
Value: F17BD47C-72D8-446D-9830-6EB3AA9DC28D
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&304916e8-aee1-4d65-893f-62580c98b61d"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NDEyNjIwNzY7MjswMjGNVI1hjO/lWZl/lvFm7a+K5dTAS6BWQjc31BIOP397pQ==
.linkedin.com/ Name: lidc
Value: "b=VGST01:s=V:r=V:a=V:p=V:g=2515:u=1:x=1:i=1641262076:t=1641348476:v=2:sig=AQFA7lE6ksxTwYxMO0Wq6I1gCzT9g-dw"
.mfadsrvr.com/ Name: tuuid
Value: 7c0e8899-e544-43dc-be4b-f8e6020c4dbd
.mfadsrvr.com/ Name: c
Value: 1641262076
.mfadsrvr.com/ Name: tuuid_lu
Value: 1641262076
.bidr.io/ Name: bito
Value: ABG-OU7Dp1gAAEA59Q76GQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.mfadsrvr.com/ Name: ssh
Value: !triplelift,1641262076
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-8ec1e53e-56b9-4f3b-5073-e9afbf915b6f.5PbfyoB9fC%2B1OB25CDyFppLJEV4gKt36IxuUhrXVqz4
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-8ec1e53e-56b9-4f3b-5073-e9afbf915b6f%24ip%2491.199.118.155.SIu2K9wy7mMz2iJSr2edYCan42wtgOQsStEPSLcBeYU

32 Console Messages

Source Level URL
Text
javascript error URL: https://www.controle.diarioceleste.com.br/
Message:
Access to font at 'https://controle.diarioceleste.com.br/wp-content/themes/Newspaper/images/icons/newspaper.woff?19' from origin 'https://www.controle.diarioceleste.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://controle.diarioceleste.com.br/wp-content/themes/Newspaper/images/icons/newspaper.woff?19
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.controle.diarioceleste.com.br/
Message:
Access to font at 'https://controle.diarioceleste.com.br/wp-content/plugins/td-composer/assets/fonts/font-awesome/fontawesome-webfont.woff2?v=4.7.0' from origin 'https://www.controle.diarioceleste.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://controle.diarioceleste.com.br/wp-content/plugins/td-composer/assets/fonts/font-awesome/fontawesome-webfont.woff2?v=4.7.0
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.controle.diarioceleste.com.br/
Message:
Access to font at 'https://controle.diarioceleste.com.br/wp-content/themes/Newspaper/images/icons/newspaper.ttf?19' from origin 'https://www.controle.diarioceleste.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://controle.diarioceleste.com.br/wp-content/themes/Newspaper/images/icons/newspaper.ttf?19
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.controle.diarioceleste.com.br/
Message:
Access to font at 'https://controle.diarioceleste.com.br/wp-content/plugins/td-composer/assets/fonts/font-awesome/fontawesome-webfont.woff?v=4.7.0' from origin 'https://www.controle.diarioceleste.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://controle.diarioceleste.com.br/wp-content/plugins/td-composer/assets/fonts/font-awesome/fontawesome-webfont.woff?v=4.7.0
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.controle.diarioceleste.com.br/
Message:
Access to font at 'https://controle.diarioceleste.com.br/wp-content/plugins/td-composer/assets/fonts/font-awesome/fontawesome-webfont.ttf?v=4.7.0' from origin 'https://www.controle.diarioceleste.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://controle.diarioceleste.com.br/wp-content/plugins/td-composer/assets/fonts/font-awesome/fontawesome-webfont.ttf?v=4.7.0
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://www.diarioceleste.com.br/wp-content/uploads/2021/01/footer_bg.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://www.controle.diarioceleste.com.br/
Message:
Access to font at 'https://controle.diarioceleste.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-700.woff2' from origin 'https://www.controle.diarioceleste.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://controle.diarioceleste.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-700.woff2
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL8ZaizKBOQLsb8cT4dOw3zRqPHCd0le-qPWWMQWLmX31gzaPIlBnNSIC08xCN04mC8nKA1HgoUobJriDb2s_WsryEPC5M
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript error URL: https://www.controle.diarioceleste.com.br/
Message:
Access to font at 'https://controle.diarioceleste.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-regular.woff2' from origin 'https://www.controle.diarioceleste.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://controle.diarioceleste.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-regular.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.controle.diarioceleste.com.br/
Message:
Access to font at 'https://controle.diarioceleste.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-700.woff' from origin 'https://www.controle.diarioceleste.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://controle.diarioceleste.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-700.woff
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJmpJiA8r7mLnh5kjjBd5_f6x3xGWZuef92dlRGEd_vM_6SYb5Syk6u2omUd2okvt4diNt7lsph4J26wmhQVVgJa36ropE
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript error URL: https://www.controle.diarioceleste.com.br/
Message:
Access to font at 'https://controle.diarioceleste.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-regular.woff' from origin 'https://www.controle.diarioceleste.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://controle.diarioceleste.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-regular.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.controle.diarioceleste.com.br/
Message:
Access to font at 'https://controle.diarioceleste.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-700.ttf' from origin 'https://www.controle.diarioceleste.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://controle.diarioceleste.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-700.ttf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.controle.diarioceleste.com.br/
Message:
Access to font at 'https://controle.diarioceleste.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-regular.ttf' from origin 'https://www.controle.diarioceleste.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://controle.diarioceleste.com.br/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-regular.ttf
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://eb2.3lift.com/xuidmid=7976&xuid=o8RAfubfp&dongle=u6nf
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdOr-5kpJzxJ2BtmOuKK2wAABE4AAAIB&google_push=AYg5qPIb_MVzyt95b6mEplvNyKYSntwHcW4rYJl-cpDhoIwUY5Tu30CHQ18YpNTIno8xBFVwioa4-KVhFPcYUJZLkjbikCKXIg&google_cver=1&google_gid=CAESEEaALM6E714T4YCKFpxMgWk
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=13395637757564724946
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=13395637757564724946
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKIsf4lYNiDxaP_ui-3Ugk0r-0NPryxgtKk9GEQmpTWtvtzipFJHfmsTvTJENjP2Zx3kQ-DwE_LmUEWUZGPcydxDd7rOw
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPKBqALNyDBJ0gkC-WW8LmxQc-_pLoM2OYYMI_AnyWBWWJL6rMgwfvUU4ZDM1TbfGOhnHjY4U8frCzN4VR5xXXrzmwjAVVI
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oxr_FyyCSCSu-Tt2bLvMXA&google_push=AYg5qPJqrnfcWZNHHWV37Q46gLw4uZ8CchRLQqvcyrOE5FEJiXcLLOeD2lI4WqhymvVjLRvnhNFwz_7RAPNbm6bzT_RYW2lSSubZ
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2932482adfadb3baff05adaac92b50a0.safeframe.googlesyndication.com
a.teads.tv
a.tribalfusion.com
a.vidoomy.com
ad.doubleclick.net
ad.lkqd.net
ad.mrtnsvr.com
ad.turn.com
ad.yieldlab.net
ad4m.at
ads-eu.v.ssp.yahoo.com
ads.adaptv.advertising.com
ads.creative-serving.com
ads.stickyadstv.com
ads.vidoomy.com
adservice.google.com
adservice.google.de
analytics.webgains.io
ap.lijit.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
aws-fr.bidswitch.net
b1sync.zemanta.com
c.bing.com
c0.wp.com
c1.adform.net
campaign.mobility-ads.de
cdn.onesignal.com
choices.trustarc.com
choices.truste.com
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
controle.diarioceleste.com.br
cs.lkqd.net
dclk-match.dotomi.com
de1-bid.adsrvr.org
diarioceleste.com.br
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.3lift.com
ib.adnxs.com
image6.pubmatic.com
match.adsrvr.org
match.prod.bidr.io
metrics.getrockerbox.com
odr.mookie1.com
onesignal.com
pagead2.googlesyndication.com
partner.blau.de
partner.googleadservices.com
partner.o2online.de
pixel-sync.sitescout.com
pixel.advertising.com
pixel.everesttech.net
pixel.wp.com
pm.w55c.net
portal.blau.de
portal.o2online.de
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
px.ads.linkedin.com
r.scoota.co
r.turn.com
rtb.mfadsrvr.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s1.adform.net
s8t.teads.tv
scripts.cleverwebserver.com
search.spotxchange.com
secure.adnxs.com
securepubads.g.doubleclick.net
static-de.ad4mat.net
stats.g.doubleclick.net
stats.wp.com
stg.vidoomy.com
sync-tm.everesttech.net
sync.hgrtb.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.tidaltv.com
t.lkqd.net
t.teads.tv
tags.juicebarads.com
tlx.3lift.com
tpc.googlesyndication.com
tr.blismedia.com
track.adform.net
track.webgains.com
triplelift-match.dotomi.com
ui.cleverwebserver.com
um.simpli.fi
ups.analytics.yahoo.com
v.lkqd.net
vidoomy-d.openx.net
vpaid.pubmatic.com
www.autohaus-koenig.de
www.awin1.com
www.controle.diarioceleste.com.br
www.diarioceleste.com.br
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
ads-eu.v.ssp.yahoo.com
cm.g.doubleclick.net
controle.diarioceleste.com.br
google2waycm.netmng.com
t.lkqd.net
104.111.218.85
104.111.239.217
13.248.151.244
13.248.245.213
13.32.27.72
13.35.253.104
142.250.181.226
142.250.184.230
142.250.185.66
142.250.186.34
143.204.215.68
143.204.215.88
146.20.128.185
146.20.128.47
146.20.128.75
151.101.2.49
151.139.128.11
159.69.159.132
169.50.137.182
172.67.177.215
18.156.0.31
18.158.253.107
18.185.252.3
18.194.149.16
18.194.21.212
18.195.217.206
185.29.134.244
185.33.221.14
185.33.221.88
185.94.180.123
190.89.239.204
192.0.76.3
192.0.77.37
198.47.127.19
2.18.232.7
2.18.233.180
2.18.234.233
2001:678:cb4:bbbb::11
209.54.180.144
213.133.107.215
2600:1901:0:76b9::
2600:9000:211e:fa00:1b:5138:8a40:93a1
2606:4700:20::681a:71b
2606:4700:20::681a:bd1
2606:4700:20::ac43:4a81
2606:4700:3031::ac43:b242
2606:4700:3033::ac43:9036
2606:4700::6812:19f6
2606:4700::6812:d05
2606:4700::6812:e234
2620:116:800d:21:36a9:ecb:e518:b308
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:802::2002
2a00:1450:4001:802::200a
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::2006
2a00:1450:4001:813::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2002
2a00:1450:400c:c06::9d
2a02:26f0:6c00:19c::26e5
2a02:fa8:8806:12::1370
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:24:b001:a15e:14c8:83cf:d3c5
2a05:d018:d29:3602:7523:c0c8:9412:6c81
3.120.18.167
3.120.64.49
3.129.250.65
3.228.133.61
3.238.93.74
3.248.87.88
3.33.220.150
3.66.59.71
34.102.163.6
34.96.105.8
34.98.64.218
34.98.67.61
35.156.28.35
35.186.193.173
35.186.253.211
37.157.2.248
37.157.6.246
37.157.6.252
46.236.13.147
46.4.41.145
50.31.142.63
52.214.119.250
52.30.38.36
52.58.61.12
54.186.168.56
66.155.71.150
72.251.249.14
75.2.29.42
78.46.85.162
82.113.101.132
82.113.101.236
84.200.5.215
00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8
010ec6ae5c22fe4fd7caa576a218d691d6c670f0032d098bbb4e6c93d9bd7918
01ddc6dbd15cc803055acc5a336a0547d4af0c2fe85e3e3587810deb397aa083
028565858aca93c3b487996eb5af450fa2671990023c0a38f485a16513d26013
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02e5d19a183da192e043987b408ccc29f42f512819fff85ba46f8a678dbb1773
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
05a8064d59bbff5b98080b8175f03352ab02348fd442c8910a7cf4da6b04f98c
06cbe3c0f376f63b0c691c556c34a7eec39a973fd6a695860051c7e656eef4d4
070393de80f029aefe89c1cf65c5f4328ace34d5bcc6e21f076e0d10be351fd8
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
08a6cf0b7286c74eba2932942eed8213ea918b6db3fbdf0e59ccb371df69d074
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c4f536f41f8d54b5cfccb706ed54c2f1378eefb835cca65debdf8a9b681d9f5
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
0d5fdb8585a6666488e36dec3229ed54a161dd44410c1a4a105428ae8759f7e7
0d8bfae49e542cc562327932e8877d87639dbe4d1df7743657f161cff3b8f81a
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ec390ad895cf27cba604d31b03aad81f26ca0676ad3b925b632a7e10eb1cfee
0f2aac94d011ec45570ef1245e5fc8df73ebd09b1c6859c5a8393df5336e01b2
107e891db20c6621813b4f0bfadd11fc4402440ac4dbf92d4e395598c9832514
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
115e6b5dc9d38bc61444ea742ed56610be8c69c6d04d41f49eb3c550f54cc87f
1188032245ea8f4d0c03938253437fcc1c613dcc5aa090db0b19271aac915fea
11a65c014503faa8bee61848876af88e39ace7edbd48fd2728b5e0c0aecd2554
124ae650115eb30ff9e5c63cacb88dc562bfd9c7f2928ab3cfb890670c98aaa9
127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12908fba830466a63d701246d2ab82c2728d680f333e7b32dd09eb8ad7b0a413
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
1499434474341ae6bea12a035804abdcfe3ba63fce3eeda8b4a61a88a82e0d80
15211e0be73438987ed05236dc4ce90962f7c46452427364446576505e66697b
1802916cab838711ade3021032e3d81f3b3562726b408d72dd6566af36a649c2
185513ad5ed54196b721f7cb789e9c4a2a58cc5696407b10429e5ff55487e245
189c08d44ddda8907afb937de0e125a6aba5c5df4a3678fee894272180c85541
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
196e696a9155c1d7c7b263a29d88c0f7bcd676e9200f24436f1f73593b0576f3
1cb5dcdb11eda07425f9584041552e161f7ff7395cf52d201e023dcd869157f2
1deb7ec46806b09ad27b9134b5f1169cb1b479d30198c85ba38162cdc7402d1a
1f647589f081c26a24954bf8f32fb7ea1b828fe3a41cebc760154191a167efea
1f99dd1eea9be5307b89e629a14ed780446a1e17959318ef7a75a1ef14320721
1fcabdf3bbdecbc31985b860a287617a73a1296d5697cff54255aaf76b3cff33
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
20559f1422350a5a49f7b28d7c7319a685c307d0c6dbe430b4562881dc96f4fd
21d871a313c7064c4f9d0b462b743557e5282f53a45bb4a30d697091337eb1dc
22a6d659e0a0999a31855dfe6bc85f4a2fefd88f2f1ae80e1a859af0ff66b9b2
251494916cc4c78fd627cad05e9cec482e5ef4a51a99ec2b96d3a1bba2caac63
2638a81ca371a2235741edbb23617ec83c3a38e81c326c08b578deea0f73d8cc
267e5fb978fa691c1b12174c588280dd4e69df0123957736d771b9f1dcd13f76
277c84697b5039a7583a843ba2e6b784354925898a15056c8d975b696d2e7c2c
27de805901b0d4087ab509abacf9cd382a79682c62ce6d243c2fb19e4cad7928
280639fb9be527f18ee3f89f8599c50bd9a826b9c7563a2e29e47dc3d1d76416
28ba94202c3d185a9a758398f283d22b4fb8d6f5fd20d1e83385ae9e420c1380
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
29172ee9d3db002c837ee55984ae7cf518812ec296375f9628f2a04f5621dd98
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2afca1a64c042d5045d5ec75094fe657cc8bf757a0d7c6df0fa42969284b6ec5
2b8c1d6e272519fc3c3c51af5fbfbe125dc26bc413cb7840b5a8a9dfa3107caa
2c650ad2de9ad603789638a51f6900f1166ae41ffdf5051e63af90f518ee529d
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2d91c5b43406f8e7f61aca23cec58ee76a8e9a9d4b9a7c96cc9700a3376ca42b
2dbb0e9a1e4a7d82d4a339cf4a87d3b2d10711462f7588a906d4a3faba41a4c1
2df47bb3addee043381b6e01e957744fd281b8fc642dc4774005a096595eb05c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e30ce916dc6e6a8661c565a1f37c4c67681dbecadd07fce14a35ac566763e5a
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f0f8368aa29d102ade4d52626f13d1d1214ff44d4d85f2c842e49817638e22c
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
2ffc48b41d06f7df18daaf0b5c18a9ec8a5f17fd1df3883ee953151f9a87271b
30d2143e5e0ad4af94bf25a55ea17ac1451f5f8b91ff96dc4a32b4791aaeeab8
310b9c591be70a73b0c75662b095873612e50e6b1392a36734bef11e884e54a4
327b14f53cd86965457248b0a60398062cf738f95b0cf4cfc2ac3fd7aeca2bf3
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
337c5b96de781a5c61cec0482330949b7ba5b468265f09bbe332e95493513c8a
33d4081d713684a2d0427eeed7c9d8b332fbb57995c499e715367c54962a349c
35427bee7326b9125939440515fc52b3ec2228de0280561c62a1f3e1e29e93d3
358f93c5271e0b8cd9dc774736a10cbdcd53f3c6413083bfdc27e53887bc7cb7
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32
39dc7caec8eeaf5ac988f044df5dd44085ca963e9818a7baa9b7d28bb4263284
3a8566c410bdc9c4b1a222d4e198c179255893accb662ed34ac308c39fc01bac
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
3db7e4486865423a7d1b5b08b7d87967d8d5996dbae0f9a0e974b763c0a7a161
3f40bc40d708c962a94023356a2076a8269d64c8246a5b5376b42bf6351a8ac3
40ab039ddf421b282235661a8567992ee23ce45239fdf4047e27ba58fb397767
42bab28225b200fcaef4d6dc17379592c02c63daf49fea12450d9c66e4afa1c5
44ec02de71946ab47b5893a06a0939acf70475ae1b3a027f78f79e10acfa9bbf
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
46b98a3787c3de05a63a522c71300ef713f78660098ae524fda5e19bb8567a83
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48a927f2b30131ace1e8b886fe8d2d340e7ba80791563f0e5fb33e8586fbe452
48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1
4980bda72ee19e17ca1a7b098f1ae9484adee34e4a0e68ce9f4605b306df0b83
4a54e0f9f88e55e67663c6419b93ab31dfea3eadabf045ab51f3603e5c1ec014
4c3343b0140e607c94911eda1c15c22fd1b7d61bb522f82ced66f4aee87d477c
4ce18cdb2853cee920e0eba3183e7644402ed7ce950c6fb560afb1d95331c7c1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e731469b10709f2b3ce4441b36166dd5f47be2c03a53e99b5d35f769a1a255b
4e8149856625f4e9a157b60ca64536687ceaaab7914dde8df7a71fef0c65b254
4eb1486c71d3f6285f1a59152925398df1a16b950c04efa9bf75ddc376023145
4eefdd923f73deeaec9e4ecb4cc3fae74379145f0fd3f5892165326bce8ed0ea
4f9462175938b666185f315616e9936412b6509b7b72e72f5204245b48e9f518
502b21feb07da7288d3fc751e8d9522fbb2b0ebd9e970f551dbc5b4fddf3994b
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
527216f5a7191ef2aaad9e7352cb2ba796d9f189f3407cba50e9bcfacc6cb136
52837f8e6500e3ccc4746760ac2a13c756d5dd232d9ec204a0e5df0c9b5c8f44
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
54e261ac516594dda3e0bbc238618b2bc9b9e0b096ef69a70265a7252dd78147
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561ba42a2b675c6a15db9cb005bdec8ea3dae8c69a01cd4a57f0923d57d7ca5e
56586b3b65cde1c9378097ce0fd776cf2e7f0862d94f81f3740a9cf5bd4843ac
586ca6c15395979e6dbbc4b01dad042173b41f0c1b0bd9ec05e239b6901a0b5b
58879e8811754d8383a63ef32969a62c02154576c46c8f47a0d50847f5bac431
5ca8dae0b7a8c1ceaf7c15929e5a6ea0cebf8bc7aaf29a688e7d0941ed94d8cd
5d5ee2ea990988787e3dd82b9b312600c09ce412250e63530e0e347c04b06c1a
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
5f1e1b1be8d315de8af302292f59cdea120ead63577e456d46c9cf4622c80229
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6158156e9beecb18c9c1fef9181a35f8495ad9799554bbcd5e4a185ab4dd4638
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6280d6395aacbb3754ca67c37b062ffc2de7e3d360e1d8a9b1e30107a179da95
64aa3aea4984154fa8dbe542159695fdc109c6421f7e7ee3513779404181e676
64fd5d6287e3e81b4864ebdffbf56c844ef8f39ff774559cd90e6a297b724485
6542386045f000be35565764afdc693add96f82ff290c3d042b0d7aef1677d8b
65bc2a61e4c5b633b53209ca0e7a8a2a8b0329a45df6fc1ab306cea108dff561
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
66e6fad9e5ec87bcda3f169e68173f0d99c792ec94f8586d7df8a4edb540d1e5
69d5ecee9d49838d1a15e85356754339c0211cf2fea3c28ea1ce43e88f30b232
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bef4e8542d999cba05f2d0399a96ccfd2ed45c3223547178e380fd73a3a6c1b
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
6eac1cbc3815731eee3a44c2f8b1ec2b5bc3e0c0fe2f2284638f238be3ba18ab
6fef1e9a733d7dd62a4d190056ca17b3445d871bc3deb64a3b772cfea6f7668d
6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764
704093e6dbcaa87b77efac3adc3430b5aa84c9f19f73e8244ed0eb42c4cf920d
7052e792e308a2387efa0d7bd83de848ebe07b6cb72038ac8513ab9713519bfc
718e2c2b96b20c45de9c93e36bdfa89ca06d53d8f9c14a45e430a35d26754b4c
73f5365b1465fbae7d80abf56a1c0bd20f7b66117a6254c158a4f908ec04ad50
747bac1d5969e3b43ebd07e4c105a5cb0b623e7fc3cb9f0c1da29d343bf7346d
764f9e51d68d51adaacadf43c657557ae97ec4753c29bec4d516eb6000596a21
769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371
7712f778cdb133f3169002cbdefd0503bd942a4b6543f267d986255946d8d1f4
7713951547d129cdbfd676b605c788fec19dbc155e177d5d3b1ee73b98c315ca
778f89c62dad1fcdc74a76104f8dc95cdb7fad0fa4d4f8142723c2cb440e7a03
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
7974ea43cfdbb548e0a536c11079dc8787b796729fedf7aa720c30c3d41bb29f
7a89d23287ae3c749a356c76da7ef88c34d0ed018c049701b05304c3f6601ab7
7b5933acf268935d635412ed564ff7c9a568e7782fdd276d7f80d8d427868a5f
7cbf165032e81dd2f6658b53a5bb9b13991802902f355a0778e5f99be2911f0c
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7d274de930eb4259e31c1f046393f3f2afe5687d9f9c2712b52229385ba51fb7
7eef8608d3a966f6e2e55e1e8325922163e1fa84a9804206230f9a5f37ee63de
7f5ea34f651b214f3577127932bfbef816b7a7c1ed84264ce5233d54ca78ec83
80c1e9531472d618e40813cda63f6f91ee15f7d653c40c9181c8a3ab79e16ab1
810293324e0d2bbf0a8713f573d6215398731cd38076b6e8f3d84aa877aa3635
81e7fc5e066da9722af5a7819784e8b30a7f665cd5673e7634381f3fd563ce44
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
8229f3c107482bc93008d1934c044198fe418852cf32e8ae7240086c9e9e78c0
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86dabf596f4044a228b29607107ac6dab42b5a40d6fc4b4d7fa9e481ba89bf74
87b8894b1abee029c86ae3f9574382f4bf792245be7e4ceec899b2d45579fbad
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
881e783c0fbff9c18d75a79588bee24c0ddda5ece31ff287d14faa86709bf54f
88522cca257c7b55886862e9549236b005c2fcbb1246bcd986621476739c2127
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
88be9db33fc64f3c574f56bdc11a2c91fcf179011a1a9b334cf909bb0e456c02
8992f316d050539ec4e21773924cc63d23e0e7aaca4b7bf4a946e096eda9198d
8a170f5913eecb1afeda4cccca5d5b9589c8f068a04ae2c517b602e1484982b4
8a7fceb32c826dffad0a9c1a9287cbebdd0d7e9affc18d73e5d9d2c834d76841
8c39ce2883aad8a36c4194dc053127b29efa1677cc12db45e805760c5d9f14d1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
8ea3a33f02142d5a949c449867a422e08e3ffa6903890dc8f1df2933e3cd712a
8ee72522f8851ffce1868831b7bc6d37257850f93267b19e33adcef0092c8871
8f19d8e2c2eec8941e3fb606ef52ad505d1de3b9681dd9c2ddc3d73abf4ef1b5
91095c11e4ee34fc591e9ae61d1650e5cd02a90bb64e5dff7757b93de0f3840d
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9166cbbecbdffd1ee6e60cca22d487e524ac199583fd372ef032fa0c2196409a
91c9837847e103525f6b00b6066c15df74e18576956d52f8b359e5426b73781b
91e855f7118b0605be6f3b770b00f704eb917cbf36dbb54819c72d5ae5d1cc96
92a37d39cf04132aa7a4d303cac0b8fff2a5cc77fa87f6f91ca89f15d99b1158
941643009275fc7d3b06cd76c6e5bce630edb5031ab4a7f5ec180237a42e9985
942b6757fcee126e043999470c953af3fcb67d0a17249bb08914d3a86a47bd7a
96404afbbcaec432cae1518105cc4472194c96576ffbfbff447c44aadd73e48e
977c9f3fc8540256afaa5f695a1373992b564027c3af0297fb63cd07e0e97c35
97b6924d1d0d23c63b43cd656ec015048dac888185fa4ce55ef13f8d02a7f4ae
97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828
98b165bcbd7b3788685e1bfa6c88a43d96a55a281d7cb79e30dffe090c2a5e41
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a12f6c341938eb24f4b5c08571ef9a1242fed237c5b3c73f593343ef2efe7be
9a570f39f08fbc76463f6d55329895fcd98ece70837283619827b80e8b058660
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9acbd280d7ddd0cabdc1911d2a7dce1405787fb121f880904a6a197e60d3babf
9af0f4e90a7cba0dbe38575666bfedf0e853278155957eb78e63761e33b88a11
9c27626364eeaffb44ad2decb980dace7bedb3c8ea1575f81927fc9409cb5b49
9cb77e98b4987c9f42a1cdc2e9ffa668ebe09ac4aa53c6dc5bedbeff2e6e736b
9ce3adeb7af923dfe95b4e52a29e4119499f9890040c17ac74089d3699e2b841
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9e000e7805a03b275608d64f0ee40fc1140ea80bcb3daa6bc9a5406dd107f9d0
9fd95260ee110232e2e143adfb5c5f0df7ffee9d2513288ff4102d9e401c663c
9fde46370e7dfc5dbc549914da67dad5fe3220607a612de2909483d186376bbf
a0582eccbbdfe4d63a20fd57084efdedaa269dd4405e4bfae87fa3d1dca8e448
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1473115bd81043127f3d50c5125e0634a6f462340a12ed9d814c37a5e1c9358
a1518b3d973c7dab268599cf6a7ebd79f2abd88e1d443dba4e52f0625e07b95c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a428978ac6d6e099ebe300a285fcd25f9bb91facf7210a830b5df228524b2bc4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a59bdfbe2d7603d0fc66a490c8362f95b13e26ff839612dd613d430b6d94bf7c
a6bfa453d3714ec99118326f1d9a28e0171a99726fd5735dbf10b2f19c34b632
a6e9c02837fc4e15d5f6940b514eb5c52f7a752cdbb05862097e7239ad7366a3
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a82b42ad66e8b7db192ab5ffe0bd6c15b55d939a6b96f49851318972e6e83a8a
aac6b2dce51db55f2600b649f8e5598ee2043488feb81ad4c2f2e793d3825e7b
ac24edff050b6cc02ce1f1f6479dc99edcba9ab77b5cb9ac3d2e2d83eac608c2
adff67f70114d426aa7d0993ab6d17afd9974f24807e747df249564c8336fdd8
ae29d756b2b021ca008f6ba08995e46855bad39e915c4162211060ce2d6325c8
aed987ef61d7ede5218faa1d522a7a79d184483712664afc596fd32f42b28759
af49f53268c08752ca4c11e7f467dbb93d1c3a192a123c837e278869754f94f7
b04196d172b99cd8d8f8136a23ed9f3f30abb122804a409013f473ba69afe271
b04f1af6109fe68b11b9cb8be3895cd4018ccc56f78e309ac5b76d435f5cb82f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b9f509b25a71d5a79f2ec823ba9088298b74f05d0f72638a679d07e4167132
b26f89e57885fb78e9179b98396a07094c7f9f51195f79bdee0a2b8dfe62481b
b2b60331576d4c9bf51a6295ff4caa921ac1ca260e304106eca074f88e7c836e
b671e2140966063715d21667867d60de45adc723cd1b31e0d2f7466105a90247
b684aef220bd97e4fbb9c80de3ae948607cc969ec7840be0d32a1f0c7b331e03
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf
b7863c103337dc175e84bb448740615f0b3f336ce70fdc4603bb315608a44541
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b7c9a5b0b38ca35ff0dc384f4884871daa1f30f897b0fee18a633be03f94c7dc
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc7fce0a350a832fcd05e41a4de0c70e8e18f5790d534b97da46a71a5f59361a
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855
bd2f819f1922834893f5fb91a46f3be532ea0cf8b2e54f1ed596ea623ce238e1
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf2deef67d637ab5268bc6c0c34456572531ec087df60f45783cde881f03172b
bfa61b70c2bf4390ff3a52bcafb867ca6a82a852cc610d866b0b6c489d54d4cf
bfe3e40b003948a2278e4ec9481f5e59925078a9c572fd8fd8c9e299be5d6a75
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f
c026d4af160d0ee7ced20d4786f1a7e9e49301689089a2b329ed86f3b279a4e5
c1c8ca57a9dec265bfbdb6f995a58c5cf08763c5939bfbb9138141222899f028
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c2c2b4e09c219ba054567f7690007866c4b0277f230001793a67cc0d3bf5e568
c41e16bdee6fa9c0ac1cffeb7546c2b7d568421656ce1b9dc4df0eeb08605e71
c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29
c580cac2a022550b0dfb6edb1b0d64129a1d39b37a0aed14cc86b4c4b769a192
c67ccb06fe072838f5e17ccc12d9a54f76aeb3e359cfdd4c491d116bfe096520
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c7e8b8b0ef6b5cdaafd0c1bf8c1f1fe779260e75874abe12a2b4a7ea1204a81f
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cb0d491460eeecb7481f7bb38feb7d90c0d6a0321c1573629de5b6281b113fc3
cb6f6531c1b1d51284affcee85675983718a63092385cd5987462166c587598e
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce609c266dedb0ee7936ae8490d284cdfe37242d5f839d6cfd432eb472933589
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfb5c70e3128e3d387755a05d7b469ce8fc2ba2be79863b85256c5d2d106909b
d0ba7e2275cddbdf3d2473a60565d950efb8474ba7bda393cc64f56ff39d85ce
d124c0d47f3dad95f0fcbf08e0faab2a1d5fe796b459c438661a53b879e1ed1d
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d1e7b86a016640acdf9b9475530d6ca3b60ae82093138ae06df90a97e0b3af29
d227e31ec93027f2b903fe5011b6ef0d67fd1fd8e0105843a2f56626e74f4322
d3460d76a3013a4bb9c689877b41f3eadbf5e780ed9230fb8f8bbd16fcc59842
d51d3132f201642d716200003782812ced682ed49bd7923be002063ee11a16e8
d5a456774176f31718c9ce26f8077ca182362f6d153bd0f5f5fa145d93fb48f7
d66cfa52063105bea54ef067d7b3aea76077aac4d4186c70994bb4bda29ee1c4
d724de9d279f96b2c7d3346f4ad30e26ab21412e6dc7c41c74527bc811cb8e52
d7b0d8e40cff46a5d291f9039faa70bcd6e14845d21aafdc7a717b2b7f804c74
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
d9f542eb3c6be355a6167d8e5b11b372f63dbddaef6648487f7b1235f3f29be5
dba4da34230832526244f052a5a2854d036dd6e63c26469f7f90a613bb075e62
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
de130d90c4ac84acf57d670698416f31ed9245c770eb691b52751ac449017453
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dea5d8ba9e54379b26e109f61ceba20a0781d4f80eed75fce6ad0993d4784195
df544db2e8b010512a5ec168d3a9b91355c7197d04a1b29325510e29405e6e0f
e003d9f9155d881ea713b1fea3fc155bf0c3cc94530d3171e14d307292f7ae32
e0e9579913012fe1b131dce9b785608a2a459328312ec0a2dfeccbb21cef0dbd
e1056ba71e3fcb9898b0cd94af69bdb9f4ce94cca79fd0ac2a1ec1a4d505523a
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
e223703c112f0eeca17ebb7d9a9f229f5d6b888d50f0399c6e643adbbc7c19f4
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e35fbb7789e24b1023515cc76136352ee75002d2e8f59dc31877ad0cb642f548
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3dce73099413fb979d4915810491f811e8b6bc1df1298f20344ff9e76f13e50
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7e87bc7c1da75ea1f517e0c6df8983530623b69c6676ccca10cbe905869a9a9
e8743978cd69629c7c8612629753b33c979139569e58cd8a50a68dc14b4893cc
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
e90714da5aa48971f7e92a59f529c1782d19298a126c86db1e514ed93d6b9093
e992acf8af7de27497c44cca7f3758d64d10946bebd1b17319287c0d8f83b29c
ebd797bdab98482911a13a7b10c47488990f4b8784d2e5d8a3dff360fba516cd
ef0d47f1af5311e6146277dab2fa8c51c84e11f116e593d6f082f55578a264a8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ea99ac8ea7baf92d119f7dba1fc62ec6b864cd2827fd530ac7adfdac2573ec
f3260225ba132e9bf8956514e81f6136265ee05250271a027bb2029cbbf4651d
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
f3e9d5a0e959973519a493eafd7d257e56633333b25688ccc4c7c071cea858d0
f5f9ecb6ce5cd13a976187541227e0246570ae91864d052b3e9cc0a4636dc8a2
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
fb42ae17c02a0458684266d58cdf7a61ef37397beb4faad9a07cfd6edc7dab81
fb99807d9c2d9b98d417acd2a3e897a28cc0829d4815642cb9bd1ab640b98454
fd128bb1bb09334b954f40d3932d4617931b7685b7eccb14ca69bbf24bf9aef4
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc