guaiba.com.br Open in urlscan Pro
2606:4700:3033::6815:2b83 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://guaiba.com.br/
Effective URL:
https://guaiba.com.br/
Submission: On November 16 via manual (November 16th 2023, 11:54:21 am UTC) from BR — Scanned from DE

Summary HTTP 417 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 90 IPs in 11 countries across 77 domains to perform 417 HTTP transactions. The main IP is 2606:4700:3033::6815:2b83, located in United States and belongs to CLOUDFLARENET, US. The main domain is guaiba.com.br.
TLS certificate: Issued by E1 on November 9th 2023. Valid for: 3 months.

This is the only time guaiba.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 57	2606:4700:303... 2606:4700:3033::6815:2b83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
43	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	18.66.2.22 18.66.2.22	16509 (AMAZON-02) (AMAZON-02)
4	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
1	35.201.123.184 35.201.123.184	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	80.66.79.249 80.66.79.249	60602 (INOVARE-A...) (INOVARE-AS str. Uzinelor 21 of. 37)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
7	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
3	34.102.185.99 34.102.185.99	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:400c:c0a::9a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
5	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 9	37.157.5.84 37.157.5.84	198622 (ADFORM) (ADFORM)
6	185.86.138.121 185.86.138.121	201081 (SMARTADSE...) (SMARTADSERVER)
1 5	37.252.172.68 37.252.172.68	29990 (ASN-APPNEX) (ASN-APPNEX)
2	185.64.191.208 185.64.191.208	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	18.158.2.213 18.158.2.213	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:440... 2606:4700:4400::6812:22b2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	80.66.79.248 80.66.79.248	60602 (INOVARE-A...) (INOVARE-AS str. Uzinelor 21 of. 37)
8	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
13	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	80.66.79.247 80.66.79.247	60602 (INOVARE-A...) (INOVARE-AS str. Uzinelor 21 of. 37)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2602:803:c003... 2602:803:c003:200::31	26667 (RUBICONPR...) (RUBICONPROJECT)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	34.149.50.64 34.149.50.64	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	212.36.83.246 212.36.83.246	15699 (AS_ADAM A...) (AS_ADAM Adam Datacenter)
2 4	193.3.178.4 193.3.178.4	399668 (E-PLANNING-) (E-PLANNING-)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	172.64.152.89 172.64.152.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.64.79.46 18.64.79.46	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1691	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	52.48.43.143 52.48.43.143	16509 (AMAZON-02) (AMAZON-02)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	185.59.208.177 185.59.208.177	43541 (VSHOSTING) (VSHOSTING)
20	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2 4	34.248.37.96 34.248.37.96	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
2 3	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
1 1	35.194.66.159 35.194.66.159	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
15 36	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 4	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2 2	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	35.214.162.168 35.214.162.168	15169 (GOOGLE) (GOOGLE)
9 17	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8 13	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
3	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
1	213.202.235.10 213.202.235.10	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4	2600:9000:225... 2600:9000:225f:7a00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
11	2600:1f13:800... 2600:1f13:800:7780:8a60:dbd7:7b5e:77d1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	37.157.6.235 37.157.6.235	198622 (ADFORM) (ADFORM)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1	2600:9000:211... 2600:9000:211e:7c00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.200.74.130 18.200.74.130	16509 (AMAZON-02) (AMAZON-02)
4	2a02:26f0:350... 2a02:26f0:3500:d::1732:83c8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3 3	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	130.211.44.5 130.211.44.5	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2600:9000:226... 2600:9000:2260:9c00:f:4f64:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	184.30.22.30 184.30.22.30	16625 (AKAMAI-AS) (AKAMAI-AS)
14	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	3.65.104.224 3.65.104.224	16509 (AMAZON-02) (AMAZON-02)
1	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
1 1	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
3 4	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::300	54113 (FASTLY) (FASTLY)
1	2600:1f18:659... 2600:1f18:6593:f606:ee73:d59a:4018:6dc2	14618 (AMAZON-AES) (AMAZON-AES)
2 2	54.220.63.108 54.220.63.108	16509 (AMAZON-02) (AMAZON-02)
1	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
2 2	34.111.131.239 34.111.131.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.15.245.80 185.15.245.80	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1 1	18.203.198.173 18.203.198.173	16509 (AMAZON-02) (AMAZON-02)
1	34.160.236.64 34.160.236.64	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	52.16.155.12 52.16.155.12	16509 (AMAZON-02) (AMAZON-02)
1	162.55.233.29 162.55.233.29	24940 (HETZNER-AS) (HETZNER-AS)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 1	44.209.183.242 44.209.183.242	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.95.125.22 52.95.125.22	16509 (AMAZON-02) (AMAZON-02)
1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	108.128.89.5 108.128.89.5	16509 (AMAZON-02) (AMAZON-02)
10	18.194.184.132 18.194.184.132	16509 (AMAZON-02) (AMAZON-02)
1 1	62.209.227.211 62.209.227.211	13036 (TMOBILE-) (TMOBILE-)
1	18.66.2.52 18.66.2.52	16509 (AMAZON-02) (AMAZON-02)
2 2	3.76.109.233 3.76.109.233	() ()
417	90

57 2606:4700:3033::6815:2b83 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

guaiba.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.2.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-22.txl50.r.cloudfront.net

tagmanager.alright.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

delivery.r2b2.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com

d.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.66.79.249 (Chisinau, Moldova)

ASN60602 (INOVARE-AS str. Uzinelor 21 of. 37, MD)

special.beatifulllhistory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com

b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.157.5.84 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.86.138.121 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.172.68 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 831.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

r2b2-emea.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adscale-emea.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.191.208 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

openbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.2.213 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-2-213.eu-central-1.compute.amazonaws.com

hb.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:4400::6812:22b2 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.66.79.248 (Chisinau, Moldova)

ASN60602 (INOVARE-AS str. Uzinelor 21 of. 37, MD)

north.statisticplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.66.79.247 (Chisinau, Moldova)

ASN60602 (INOVARE-AS str. Uzinelor 21 of. 37, MD)

got.statisticplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.50.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.50.149.34.bc.googleusercontent.com

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.36.83.246 (Sant Vicenç dels Horts, Spain)

ASN15699 (AS_ADAM Adam Datacenter, ES)
PTR: lb2.vdmy.dtic.es

d.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a-prebid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 193.3.178.4 (United States) 2 redirects

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.79.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-46.txl50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1691 (United States)

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.43.143 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-43-143.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.59.208.177 (Czech Republic)

ASN43541 (VSHOSTING, CZ)
PTR: webgarden-track-lb-ha.vshosting.cz

log.r2b2.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.248.37.96 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-37-96.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.194.66.159 (Washington, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 142.250.184.226 (United States) 15 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.53 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.214.162.168 (Groningen, Netherlands) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 168.162.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 172.64.151.101 (United States) 9 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 37.252.171.21 (Frankfurt am Main, Germany) 8 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.10 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:225f:7a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:1f13:800:7780:8a60:dbd7:7b5e:77d1 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:7c00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.200.74.130 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-74-130.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:d::1732:83c8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.114.159.118 (Loerrach, Germany) 3 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.9 (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 130.211.44.5 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 5.44.211.130.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2260:9c00:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.65.104.224 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-104-224.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.28 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.111.113.62 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:6593:f606:ee73:d59a:4018:6dc2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dmp.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.220.63.108 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-63-108.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.131.239 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.15.245.80 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

dmp.theadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.198.173 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-198-173.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.16.155.12 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-155-12.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.233.29 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.29.233.55.162.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.209.183.242 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-183-242.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.125.22 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.89.5 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-89-5.eu-west-1.compute.amazonaws.com

obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.194.184.132 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-184-132.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.209.227.211 (Prague, Czech Republic) 1 redirects

ASN13036 (TMOBILE-, CZ)
PTR: bbnautid2.ibillboard.com

bbnaut.ibillboard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.2.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-52.txl50.r.cloudfront.net

vfd2dyn.vodafone.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.76.109.233 (None, ) 2 redirects

ASN- ()

tracking.m6r.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
69	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com 4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149	678 KB
58	doubleclick.net 15 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 ad.doubleclick.net — Cisco Umbrella Rank: 154	492 KB
57	guaiba.com.br 1 redirects guaiba.com.br	3 MB
26	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	535 KB
20	adnxs.com 11 redirects r2b2-emea.adnxs.com — Cisco Umbrella Rank: 64688 secure.adnxs.com — Cisco Umbrella Rank: 495 ib.adnxs.com — Cisco Umbrella Rank: 246 adscale-emea.adnxs.com — Cisco Umbrella Rank: 13410	14 KB
19	adsafeprotected.com 2 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 898 static.adsafeprotected.com — Cisco Umbrella Rank: 587 dt.adsafeprotected.com — Cisco Umbrella Rank: 570	209 KB
17	casalemedia.com 9 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625 ssum.casalemedia.com — Cisco Umbrella Rank: 1451	10 KB
15	adscale.de hb.adscale.de — Cisco Umbrella Rank: 17527 js.adscale.de — Cisco Umbrella Rank: 7728 ih.adscale.de — Cisco Umbrella Rank: 3211	16 KB
14	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 3274 mwzeom.zeotap.com — Cisco Umbrella Rank: 3222	5 KB
14	criteo.com 4 redirects bidder.criteo.com — Cisco Umbrella Rank: 757 gum.criteo.com — Cisco Umbrella Rank: 454 mug.criteo.com — Cisco Umbrella Rank: 2926 dis.criteo.com — Cisco Umbrella Rank: 597	10 KB
13	adform.net 3 redirects adx.adform.net — Cisco Umbrella Rank: 4418 track.adform.net — Cisco Umbrella Rank: 4256 s1.adform.net — Cisco Umbrella Rank: 9253 c1.adform.net — Cisco Umbrella Rank: 599 cm.adform.net — Cisco Umbrella Rank: 1267 dmp.adform.net — Cisco Umbrella Rank: 3509	112 KB
8	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 496 rtb0.doubleverify.com — Cisco Umbrella Rank: 761 tps.doubleverify.com	126 KB
8	rubiconproject.com 2 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 513 pixel.rubiconproject.com — Cisco Umbrella Rank: 376 eus.rubiconproject.com — Cisco Umbrella Rank: 602 token.rubiconproject.com — Cisco Umbrella Rank: 458	17 KB
8	pubmatic.com openbid.pubmatic.com — Cisco Umbrella Rank: 28134 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 502 ads.pubmatic.com — Cisco Umbrella Rank: 534 image6.pubmatic.com — Cisco Umbrella Rank: 823	12 KB
7	gstatic.com fonts.gstatic.com	178 KB
7	r2b2.io delivery.r2b2.io — Cisco Umbrella Rank: 47541 log.r2b2.io — Cisco Umbrella Rank: 52875	191 KB
6	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 746	2 KB
6	4dex.io mp.4dex.io — Cisco Umbrella Rank: 2070 script.4dex.io — Cisco Umbrella Rank: 1523	27 KB
6	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1611	3 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	106 KB
5	openx.net 2 redirects oajs.openx.net — Cisco Umbrella Rank: 1656 google-bidout-d.openx.net — Cisco Umbrella Rank: 1665 rtb.openx.net — Cisco Umbrella Rank: 695	1 KB
5	criteo.net static.criteo.net — Cisco Umbrella Rank: 668	46 KB
4	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 487	2 KB
4	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 351	1 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	256 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
4	e-planning.net 2 redirects pbjs.e-planning.net — Cisco Umbrella Rank: 6743	2 KB
4	vidoomy.com d.vidoomy.com — Cisco Umbrella Rank: 9578 a-prebid.vidoomy.com — Cisco Umbrella Rank: 11944	2 KB
4	tailtarget.com d.tailtarget.com — Cisco Umbrella Rank: 71637 b.t.tailtarget.com — Cisco Umbrella Rank: 57903 t.tailtarget.com — Cisco Umbrella Rank: 7625	10 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	233 KB
3	krxd.net 1 redirects beacon.krxd.net — Cisco Umbrella Rank: 758 usermatch.krxd.net — Cisco Umbrella Rank: 1979	942 B
3	adition.com 3 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533	2 KB
3	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 860 s.tribalfusion.com — Cisco Umbrella Rank: 2311	2 KB
3	quantserve.com 2 redirects cms.quantserve.com — Cisco Umbrella Rank: 764	1 KB
3	crwdcntrl.net 1 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 976 bcp.crwdcntrl.net — Cisco Umbrella Rank: 887	12 KB
2	m6r.eu 2 redirects tracking.m6r.eu	1 KB
2	amazon-adsystem.com 1 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 709	936 B
2	yahoo.com 2 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1460 ups.analytics.yahoo.com — Cisco Umbrella Rank: 327	566 B
2	weborama.fr 2 redirects idsync.frontend.weborama.fr — Cisco Umbrella Rank: 27893	909 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 228	1 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	297 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 851 r.turn.com — Cisco Umbrella Rank: 4121	869 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	26 KB
2	loopme.me 2 redirects csync.loopme.me — Cisco Umbrella Rank: 940	831 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 417	954 B
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 894	104 B
2	seedtag.com s.seedtag.com — Cisco Umbrella Rank: 1735	473 B
2	statisticplatform.com north.statisticplatform.com got.statisticplatform.com	7 KB
2	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 7332 invstatic101.creativecdn.com — Cisco Umbrella Rank: 2139	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	89 KB
2	alright.network tagmanager.alright.network — Cisco Umbrella Rank: 354499	156 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	2 KB
1	vodafone.de vfd2dyn.vodafone.de — Cisco Umbrella Rank: 137134
1	ibillboard.com 1 redirects bbnaut.ibillboard.com — Cisco Umbrella Rank: 13497	203 B
1	imrworldwide.com 1 redirects obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 51304	215 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 685	145 B
1	richaudience.com sync.richaudience.com — Cisco Umbrella Rank: 1851	380 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1324	213 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 560	529 B
1	theadex.com dmp.theadex.com — Cisco Umbrella Rank: 25983	84 B
1	exelator.com loadeu.exelator.com — Cisco Umbrella Rank: 7844	324 B
1	fwmrm.net dmp.v.fwmrm.net — Cisco Umbrella Rank: 13579	460 B
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 705	203 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 726	187 B
1	360yield.com match.360yield.com — Cisco Umbrella Rank: 2249	199 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 716	237 B
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 11905	1 KB
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1824	173 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 795	714 B
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 1421	46 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1383	5 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1762	8 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	2 KB
1	beatifulllhistory.com special.beatifulllhistory.com — Cisco Umbrella Rank: 117208	13 KB
0	bemail.it Failed bn01.er.bemail.it Failed
0	tidaltv.com Failed sync.tidaltv.com Failed
417	77

	Domain	Requested by
57	guaiba.com.br	1 redirects guaiba.com.br
43	pagead2.googlesyndication.com	guaiba.com.br pagead2.googlesyndication.com securepubads.g.doubleclick.net 4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com tpc.googlesyndication.com 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
36	cm.g.doubleclick.net	15 redirects 4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com googleads.g.doubleclick.net 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com guaiba.com.br spl.zeotap.com
26	s0.2mdn.net	guaiba.com.br s0.2mdn.net
20	tpc.googlesyndication.com	securepubads.g.doubleclick.net guaiba.com.br 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com 4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
16	dsum-sec.casalemedia.com	8 redirects googleads.g.doubleclick.net
13	ib.adnxs.com	8 redirects googleads.g.doubleclick.net spl.zeotap.com
12	mwzeom.zeotap.com	spl.zeotap.com
11	dt.adsafeprotected.com	39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com guaiba.com.br
10	ih.adscale.de	js.adscale.de ih.adscale.de
9	securepubads.g.doubleclick.net	tagmanager.alright.network securepubads.g.doubleclick.net delivery.r2b2.io
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com guaiba.com.br 4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
8	bidder.criteo.com	guaiba.com.br
7	fonts.gstatic.com	fonts.googleapis.com
6	onetag-sys.com	delivery.r2b2.io tagmanager.alright.network
6	prg.smartadserver.com	delivery.r2b2.io tagmanager.alright.network
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	static.criteo.net	delivery.r2b2.io guaiba.com.br securepubads.g.doubleclick.net
4	pixel.tapad.com	3 redirects spl.zeotap.com
4	x.bidswitch.net	2 redirects guaiba.com.br spl.zeotap.com
4	cdn.doubleverify.com	s1.adform.net cdn.doubleverify.com guaiba.com.br
4	static.adsafeprotected.com	39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
4	track.adform.net	1 redirects 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com s1.adform.net
4	www.googletagservices.com	guaiba.com.br 4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
4	www.google.com	guaiba.com.br tpc.googlesyndication.com 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
4	fw.adsafeprotected.com	2 redirects guaiba.com.br 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
4	39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	pbjs.e-planning.net	2 redirects guaiba.com.br
4	mp.4dex.io	delivery.r2b2.io tagmanager.alright.network
4	r2b2-emea.adnxs.com	delivery.r2b2.io
4	delivery.r2b2.io	guaiba.com.br delivery.r2b2.io
4	www.googletagmanager.com	guaiba.com.br www.googletagmanager.com
3	js.adscale.de	delivery.r2b2.io js.adscale.de ih.adscale.de
3	rtb0.doubleverify.com	cdn.doubleverify.com 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
3	dis.criteo.com	3 redirects
3	dsp.adfarm1.adition.com	3 redirects
3	s1.adform.net	track.adform.net s1.adform.net 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
3	ad.doubleclick.net	guaiba.com.br 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
3	pixel.rubiconproject.com	2 redirects guaiba.com.br
3	cms.quantserve.com	2 redirects 4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com
3	log.r2b2.io	delivery.r2b2.io
3	adx.adform.net	delivery.r2b2.io
2	tracking.m6r.eu	2 redirects
2	aax-eu.amazon-adsystem.com	1 redirects spl.zeotap.com
2	sync-tm.everesttech.net	2 redirects
2	beacon.krxd.net	spl.zeotap.com
2	idsync.frontend.weborama.fr	2 redirects
2	dpm.demdex.net	2 redirects
2	match.adsrvr.org	spl.zeotap.com ih.adscale.de
2	a-prebid.vidoomy.com	guaiba.com.br
2	spl.zeotap.com	tagmanager.alright.network spl.zeotap.com
2	eus.rubiconproject.com	tagmanager.alright.network eus.rubiconproject.com
2	image6.pubmatic.com	ads.pubmatic.com spl.zeotap.com
2	ads.pubmatic.com	delivery.r2b2.io tagmanager.alright.network
2	a.tribalfusion.com	1 redirects 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
2	rtb.openx.net	1 redirects 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
2	cdnjs.cloudflare.com	s0.2mdn.net
2	csync.loopme.me	2 redirects
2	secure.adnxs.com	2 redirects
2	eb2.3lift.com	2 redirects
2	i.clean.gg	cadmus.script.ac
2	4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	bcp.crwdcntrl.net	1 redirects tags.crwdcntrl.net
2	oajs.openx.net	1 redirects guaiba.com.br
2	d.vidoomy.com	tagmanager.alright.network
2	s.seedtag.com	tagmanager.alright.network
2	hbopenbid.pubmatic.com	tagmanager.alright.network
2	fastlane.rubiconproject.com	tagmanager.alright.network
2	script.4dex.io	tagmanager.alright.network script.4dex.io
2	gum.criteo.com	1 redirects guaiba.com.br
2	hb.adscale.de	delivery.r2b2.io
2	openbid.pubmatic.com	delivery.r2b2.io
2	b.t.tailtarget.com	d.tailtarget.com
2	connect.facebook.net	guaiba.com.br connect.facebook.net
2	tagmanager.alright.network	guaiba.com.br tagmanager.alright.network
2	fonts.googleapis.com	guaiba.com.br 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
1	tps.doubleverify.com	cdn.doubleverify.com
1	adscale-emea.adnxs.com	1 redirects
1	vfd2dyn.vodafone.de	39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
1	ssum.casalemedia.com	1 redirects
1	bbnaut.ibillboard.com	1 redirects
1	token.rubiconproject.com	eus.rubiconproject.com
1	obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	1 redirects
1	tags.bluekai.com	spl.zeotap.com
1	usermatch.krxd.net	1 redirects
1	sync.richaudience.com	spl.zeotap.com
1	odr.mookie1.com	spl.zeotap.com
1	aa.agkn.com	1 redirects
1	ups.analytics.yahoo.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	dmp.theadex.com	spl.zeotap.com
1	loadeu.exelator.com	spl.zeotap.com
1	dmp.v.fwmrm.net	spl.zeotap.com
1	trc.taboola.com	spl.zeotap.com
1	dmp.adform.net	spl.zeotap.com
1	cm.adform.net	1 redirects
1	pixel-sync.sitescout.com	guaiba.com.br
1	s.tribalfusion.com	guaiba.com.br
1	match.360yield.com	39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
1	s.ad.smaato.net	39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
1	c1.adform.net	1 redirects
1	r.turn.com	39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
1	ad.turn.com	1 redirects
1	m.exactag.com	39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
1	tr.blismedia.com	4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com
1	um.simpli.fi	1 redirects
1	google-bidout-d.openx.net	oa.openxcdn.net
1	cadmus.script.ac	script.4dex.io
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	mug.criteo.com	guaiba.com.br
1	got.statisticplatform.com	north.statisticplatform.com
1	cdn.jsdelivr.net	tagmanager.alright.network
1	t.tailtarget.com	guaiba.com.br
1	north.statisticplatform.com	special.beatifulllhistory.com
1	prebid-eu.creativecdn.com	delivery.r2b2.io
1	stats.g.doubleclick.net	www.google-analytics.com
1	special.beatifulllhistory.com	guaiba.com.br
1	d.tailtarget.com	guaiba.com.br
0	bn01.er.bemail.it Failed	spl.zeotap.com
0	sync.tidaltv.com Failed	spl.zeotap.com
417	123

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
open.spotify.com
twitter.com
www.youtube.com
jurandirsoares.com.br
mycitydesign.com.br
xyzscripts.com
www.xyzscripts.com

Subject Issuer	Validity	Valid
guaiba.com.br E1	`2023-11-09` - `2024-02-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.alright.network Amazon RSA 2048 M01	`2023-05-28` - `2024-06-25`	a year	crt.sh
1838731126.rsc.cdn77.org R3	`2023-10-06` - `2024-01-04`	3 months	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-08-09`	a year	crt.sh
special.beatifulllhistory.com R3	`2023-10-15` - `2024-01-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-25` - `2023-11-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.adscale.de Amazon RSA 2048 M02	`2023-07-18` - `2024-08-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-08-01` - `2024-07-31`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
north.statisticplatform.com R3	`2023-10-06` - `2024-01-04`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
got.statisticplatform.com R3	`2023-10-16` - `2024-01-14`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2023-10-23` - `2024-10-22`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-29` - `2024-04-15`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-10-06`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-09-25` - `2023-12-24`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
script.ac E1	`2023-10-31` - `2024-01-29`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2023-11-14` - `2024-02-12`	3 months	crt.sh
*.r2b2.io AlpiroSSL ECC DV CA	`2022-11-15` - `2023-12-15`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2023-08-22` - `2024-09-15`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.v.fwmrm.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-09` - `2023-12-10`	a year	crt.sh
*.exelator.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-29` - `2024-06-11`	a year	crt.sh
dmp.theadex.com R3	`2023-10-21` - `2024-01-19`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.richaudience.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-02-27` - `2024-02-26`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
dyn.vodafone.de Amazon RSA 2048 M03	`2023-11-13` - `2024-12-11`	a year	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2023-09-29` - `2024-09-28`	a year	crt.sh

This page contains 39 frames:

Primary Page: https://guaiba.com.br/
Frame ID: 64D50AE64AECF3C9F0EC07E71C346289
Requests: 168 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: AB2EBCAF31774EEB01DC8E50A37DFD50
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8161413193986253&output=html&adk=1812271804&adf=3025194257&lmt=1700135651&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C236x810_r&format=0x0&url=https%3A%2F%2Fguaiba.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&ascmds=1&aslcwct=1&asacwct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700135651039&bpp=4&bdt=1211&idt=352&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7236544713066&frm=20&pv=2&ga_vid=317852422.1700135651&ga_sid=1700135651&ga_hid=1656276894&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44795922%2C44809317%2C31078297%2C44807405%2C44807764%2C44808149%2C44808285%2C44809054&oid=2&pvsid=1749170353716444&tmod=1165723062&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=395
Frame ID: A20A32742172153D9DB462C627BAD82A
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=guaiba.com.br
Frame ID: 709AB6C89B4C7BC609C7AA60A104806E
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: DA42E86744C2A6DBA05AA8A1CA98B178
Requests: 6 HTTP requests in this frame

Frame: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FF4581DEC744947EC8497FBC652187E4
Requests: 1 HTTP requests in this frame

Frame: https://4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 901F3385BF469DCA31910FB2A4C9635E
Requests: 1 HTTP requests in this frame

Frame: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DC65BA45C8E6C6C42DF89D0BF5B82D4E
Requests: 3 HTTP requests in this frame

Frame: https://4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 9EB57C109176C804EF00B6515E2479AB
Requests: 13 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 395CDEE76E82A797EDB13C957ABB237F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjIioH8ATAB&v=APEucNXomzAEMqDSSqmalg5Az07Djdr728Pa-LkUFmi3aWPsgCy4ThqoYDyQxBR7sPV0vYM7kmfabxbklfKKtkILj8v7iasP496xjill-6HXiQJP5ZK4S-3xdmb_gtSxU5HET1mLTaCudSzxRoT0mSMSz61vBJ4B3ptAB2UY5_HRU6MgaBAdqak
Frame ID: 687F8646079B1EAEC9B6432B7F5E16BD
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 79D8470124BFB29D546750800A10AF3D
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGO_lk_0BMAE&v=APEucNV7bkB5xcJHKQBhReTmfRLOA2GT6OuinHpX07d02bEaRo-BIvnj7gEGPVjHAPslT-jfXSvRBE_R98bAUZn8IB9tpL5ALqd-yqmEFy9eRJMp6i6mvVElu55BTk63uF81ACbQ0AXkMakLajYMvjjPQdGgt8zhVsmeqSwGliQLAg0cHgirsfg
Frame ID: 1C38102A97AED4C97F271640EBD56717
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CC89FDCB2224D0F4E6F3DE73FAD5BBD7
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E1153D6F19DAFBE2C51F6701832506B5
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1EF6A4C9D865C6D28D3E682B1A4F5DA8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B921C6ABC11AB819DE3FCCE02CDC87EA
Requests: 2 HTTP requests in this frame

Frame: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 94F98EE8F402FEE7CDCCF38CDB34EA6F
Requests: 24 HTTP requests in this frame

Frame: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E1366D8C6907FF85401E96E9365B027F
Requests: 29 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250
Frame ID: 00FF4E4E27974C36C6E9AA48F49AB127
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjIioH8ATAB&v=APEucNU5-NW35RI0l8b2-6W_JzLfNgZyPRolzuqZGMQHsQMEwzNxmCZzJl0QcTK2q3y2gZ5rlRVIZqjKUcsUVIY24jABjH3C_9_NzPsgpJTw-ZAVVsFgR_BqZxmG7AzdvpL7WeJLlofvsbEuk1JGevTertma1IMVj8h5Hg0Exliq9rgW8OJQ4SE
Frame ID: 921FC5425759B15779073C9F300126E4
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQx7C0wQQY-9uA-gEwAQ&v=APEucNVixbDqrZr8SuCQR0w-z7nb91ePpAPxLL31L3hVi_MYrahhUr6tEEfxN7St_Dk0QLvRzeT9Ftxlnby2a_9C42IKzQejG3gYorPTtjtFbqHPKPTw9Brfv_dDHrhaOxQi6PFrzEOxMFDs1nuPqVqv-X8tSisus7ThoNw-cJozc027St058cQ
Frame ID: 4EC3703DE7CCBDB7F72BB35D853CCBBB
Requests: 5 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 01D57B712921AF97CD5BDA88701AC5E3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E4023FFA47607D1B7FC46C42ACE8C296
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C2FE71A60D4AD14330821D1F7081EC23
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 1D3837C989503FF02B17B76D4380754E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B77537CD751B41A14173AB307E0F7219
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B9372092B9C811D8F4B6D9ADEAECA1AA
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 818C3450EFD0159216633DEA7F9C8A8C
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158361
Frame ID: 02A03395971151133E27C45D9CBFEE39
Requests: 2 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html
Frame ID: D0A1726F2B8DFF32B8655ECDCA8F051C
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1700135656507
Frame ID: B2EB7D1341B4F84FCF44954FF1A69D92
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 6096F98FAA318833BE071AB9F04CA93E
Requests: 3 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: A9B0FCEEA66986F4D211376C30025485
Requests: 33 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638
Frame ID: A3A77BD8A477DCF50AACD75B21A4C701
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1700135651807
Frame ID: 94E771FFE76609D57994E689309A79C5
Requests: 1 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fguaiba.com.br%2F
Frame ID: 3EEA1AB51FB5A46003C72AEBFFE80830
Requests: 11 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4946.js
Frame ID: 1C2D0436E2DFE640CDDE156E87A41991
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0BE87C5F6B9431AC169C3C1A7B0F4529
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rádio Guaíba | Informação com credibilidade – Rádio Guaíba

Page URL History Show full URLs

http://guaiba.com.br/ HTTP 301
https://guaiba.com.br/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

RightJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

right\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

417
Requests

85 %
HTTPS

33 %
IPv6

77
Domains

123
Subdomains

90
IPs

11
Countries

7070 kB
Transfer

15302 kB
Size

77
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/radioguaibaoficial/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/rdguaibaoficial/

Search URL Search Domain Scan URL

URL: https://open.spotify.com/show/6FOSGKL3n4j6MVRVoJ1jky?si=A-ocYuAwSgCT-OjlO-I4bw&utm_source=copy-link

Search URL Search Domain Scan URL

URL: https://twitter.com/rdguaibaoficial

Search URL Search Domain Scan URL

URL: https://www.youtube.com/radioguaibaoficial

Search URL Search Domain Scan URL

URL: http://jurandirsoares.com.br/
Title: Blog do Jurandir Soares

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/RadioGuaibaOficial

Search URL Search Domain Scan URL

URL: https://mycitydesign.com.br/produtos/?ref=93&title=Cadeiras%20Girat%C3%B3rias

Search URL Search Domain Scan URL

URL: https://xyzscripts.com/wordpress-plugins/twitter-auto-publish/compare
Title: WP Twitter Auto Publish

Search URL Search Domain Scan URL

URL: http://www.xyzscripts.com/
Title: XYZScripts.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://guaiba.com.br/ HTTP 301
https://guaiba.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 132

https://gum.criteo.com/sid/json?origin=publishertag&domain=guaiba.com.br&sn=ChromeSyncframe&so=0&topUrl=guaiba.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=k3zjc3xrS2pzNFdJR0hhZTJ5Tkk0Qm5YZDVLMHE2MmVlQ243NzBWSmtVMEJCTUdkMUNRR2VZZG90bkZkY2dYV01ZZzl1SkdPemlDM3FEQjBENHBxWnptSk4wRHFQd2dvVXlyY1dNV3FkcDh6NThrUFR0bmNWenNGOVlaczduMllSYnJrdHN4My93eHRhcUM3T3J4SGNCWlhVQWZsTVNkODY4ZE03L29HSk5jNjQveFVTVVNSWkQ4NVpmVHpnRVo4R3hFUXNXclM2U0xuaFJuRHBnYXk0QUJ6Y0xyVjRBL2NXU0FtN1RnNE5vTnlGMzlUalNWYU1IL21SaDFPNGZQMEpKUVoxa3RwZ1FzeUNHWm1uUkxEdjZYYXhDZz09fA&cppv=2

Request Chain 142

https://pbjs.e-planning.net/pbjs/1/4d628/1/guaiba.com.br/ROS?rnd=0.8376319418312477&e=728x90_0%3A728x90%2C970x90&ur=https%3A%2F%2Fguaiba.com.br%2F&pbv=7.47.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fguaiba.com.br%2F HTTP 302
https://pbjs.e-planning.net/hb/1/4d628/1/guaiba.com.br/ROS?ct=1&r=pbjs&rnd=0.8376319418312477&e=728x90_0%3A728x90%2C970x90&ur=https%3A%2F%2Fguaiba.com.br%2F&pbv=7.47.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fguaiba.com.br%2F

Request Chain 149

https://pbjs.e-planning.net/pbjs/1/4d628/1/guaiba.com.br/ROS?rnd=0.8376319418312477&e=300x250_0%3A300x250%2C300x600%2C160x600%2C320x250%2C120x600%2C336x280&ur=https%3A%2F%2Fguaiba.com.br%2F&pbv=7.47.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fguaiba.com.br%2F HTTP 302
https://pbjs.e-planning.net/hb/1/4d628/1/guaiba.com.br/ROS?ct=1&r=pbjs&rnd=0.8376319418312477&e=300x250_0%3A300x250%2C300x600%2C160x600%2C320x250%2C120x600%2C336x280&ur=https%3A%2F%2Fguaiba.com.br%2F&pbv=7.47.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fguaiba.com.br%2F

Request Chain 162

https://oajs.openx.net/esp?url=https%3A%2F%2Fguaiba.com.br%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fguaiba.com.br%2F&rid=esp&cc=1

Request Chain 198

https://um.simpli.fi/gp_match?google_gid=CAESEFulmdubqQQ3YEbZ3xnt9Ks&google_cver=1&google_push=AXcoOmRJ1pIMHH2ZGXCzMj2mYEHXevFNeI4JteTQiszmI0X-rblktt2_5a8EQJpFyGTSCzZ-PMhsJiH_54wXelSNX0dt8HlwoxYPDQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E2A08E31903345198307F1D456CE98B9&google_push=AXcoOmRJ1pIMHH2ZGXCzMj2mYEHXevFNeI4JteTQiszmI0X-rblktt2_5a8EQJpFyGTSCzZ-PMhsJiH_54wXelSNX0dt8HlwoxYPDQ

Request Chain 200

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFAvHdcYRBKhLK3oG-U2pYY&google_cver=1&google_push=AXcoOmQQEszadJhddau0fu893kJpBNGiNKWwC2OVW4dMjA2wtvk_A5dFxOOEzr52NXtmx4PBcKBkyEknOzMlABw8COtq0b6BYGcq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAxNFZDT1gtMU4tQ0U2OA==&google_push=AXcoOmQQEszadJhddau0fu893kJpBNGiNKWwC2OVW4dMjA2wtvk_A5dFxOOEzr52NXtmx4PBcKBkyEknOzMlABw8COtq0b6BYGcq

Request Chain 201

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEN1R5bRqA7HlVwAowpC_IXs&google_cver=1&google_push=AXcoOmTdCe9SfZQYmPUMz1M_DD671shp_xHvUKZUGK5FVmg6riXW8IBbA3GWBLLR1D6DW0TRsjxHv0GgXsSb4SZUs9XUv5biRvuX7A HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTdCe9SfZQYmPUMz1M_DD671shp_xHvUKZUGK5FVmg6riXW8IBbA3GWBLLR1D6DW0TRsjxHv0GgXsSb4SZUs9XUv5biRvuX7A&google_gid=CAESEN1R5bRqA7HlVwAowpC_IXs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTg3ODczNDU5Njg1Mzc3MjcwMTcx&google_push=AXcoOmTdCe9SfZQYmPUMz1M_DD671shp_xHvUKZUGK5FVmg6riXW8IBbA3GWBLLR1D6DW0TRsjxHv0GgXsSb4SZUs9XUv5biRvuX7A

Request Chain 202

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEEH6xl177jEBFDHxwmfWAOA&google_cver=1&google_push=AXcoOmSlsEMw4dUuM115cOsJrjh2UJVMld9x5iavU2AdqtqeTeC9nZHg_oVXeVxWSwRdBFz0lalNH_ebBNKaX3FRO9hFsXMaHQBwjds HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEEH6xl177jEBFDHxwmfWAOA%26google_cver%3D1%26google_push%3DAXcoOmSlsEMw4dUuM115cOsJrjh2UJVMld9x5iavU2AdqtqeTeC9nZHg_oVXeVxWSwRdBFz0lalNH_ebBNKaX3FRO9hFsXMaHQBwjds HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDg3OTIyMzczNTg5MDU5MDQyOA%3D%3D&google_gid=CAESEEH6xl177jEBFDHxwmfWAOA&google_cver=1&google_push=AXcoOmSlsEMw4dUuM115cOsJrjh2UJVMld9x5iavU2AdqtqeTeC9nZHg_oVXeVxWSwRdBFz0lalNH_ebBNKaX3FRO9hFsXMaHQBwjds

Request Chain 203

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEANah3RFPXlph-4LfJN3IWs&google_cver=1&google_push=AXcoOmTguxZ2Wyd0LrYksPIBkgaoimacX1YZnC6CCTFGjno_4p34iBWu7DfC1KeYJZGrINIdlkRlR3D554kdfWgjN5ABRaPu0mzn-Q HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=132f68cd-3170-4050-8407-3327a3c53893&google_cver=1&google_gid=CAESEANah3RFPXlph-4LfJN3IWs&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTguxZ2Wyd0LrYksPIBkgaoimacX1YZnC6CCTFGjno_4p34iBWu7DfC1KeYJZGrINIdlkRlR3D554kdfWgjN5ABRaPu0mzn-Q&gdpr=${GDPR}

Request Chain 206

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFSABmo-_ZkKKxW9kI4d4&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFSABmo-_ZkKKxW9kI4d4&google_cver=1&C=1

Request Chain 207

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVYC5qVyRFBwOts44vtIIgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFSABmo-_ZkKKxW9kI4d4&google_cver=1

Request Chain 208

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEH6BKgssRcDw641qDhePkAQ&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEH6BKgssRcDw641qDhePkAQ%26google_cver%3D1

Request Chain 209

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE5MjA2OTczODAxNDUwNjgyNA%3D%3D

Request Chain 210

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFSABmo-_ZkKKxW9kI4d4&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFSABmo-_ZkKKxW9kI4d4&google_cver=1&C=1

Request Chain 211

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVYC5qVyRFBwOts44vtIIgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFSABmo-_ZkKKxW9kI4d4&google_cver=1

Request Chain 212

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEH6BKgssRcDw641qDhePkAQ&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEH6BKgssRcDw641qDhePkAQ%26google_cver%3D1

Request Chain 213

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE5MjA2OTczODAxNDUwNjgyNA%3D%3D

Request Chain 247

https://fw.adsafeprotected.com/rfw/bgd/1520146/76103085/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-Cd6UX6o09BH3mWhfU58yJoDZjNf0B42zdHGFtQAlmRdWlSRt4iB_qqXBbuza2kuNZJ929hPQj_AOV8PHH1CR5-tFL4sr9NbxJ0zcQTac-jfTQEnc4DQATsi47qPEa6CW9NNoVMQFetA12ZmfdiL2BMnZSD0KYPRWdTUnMaVSgehX5tYT0SuRcAoCZ_4BK5fh1nfRrXiGjsLton778t8zqqHoHONRA1GYLtwdBTMh5nO799ro7tWhlC6xo-J6n4H_FJkOH0cnsBchX3DGABaMOhWbD81QGTITUjRos0xcMwtOjbwCHiMeYxyx1WU1ZoQdFFII5uU3QgL-r2a7Q3loRzyEibA7FboPx5ri13FT4oFyTItw5117alCZ9wQzbRF_BsT59kEpUzTXPAQatJJy5EjBn2cvJqhjUYAbUFmyyHRxq9GV2rmvysWO86wmMMUv9wsQuomAJ9x3kndMp8IJOifQV8TqlHkrXFxcRqH1kcIFz-gsSv2JuHKq11j7q50kgRF6cFXk-cxkxtbKwfkeiFaN3EoctKf3EABFlYIQnXsGMWaJiulKvQT0lUiYZRpgwpMDgCG1QwSif6WrHB6tF4ow7OjC_KwniK0CALj_rO6RZtFs2npK8aI3Xzf9TWA7Aw7V70XXwaQlHu7aGSxBYwwserTEtWyA29rHGstEiwJTLoSIGtwZATOWdQbnW0JtkUm8EE7diR2L8DfGj8Pe4p-27-bGy9TBItKqwLsnBZ_2wcwGOifcYmHP_dUOF3HgueCsuTjomxCP38t1ksQ7Cl4un51Yu_rVSZZ6C1tyQNiIasKDBojTfj9gmzjMowKTRihqAtJ6dAMHwUUDhnmzvJ9gsgh8fN_5_pg4LWLxEzCOTHEJ7XqGSQ3B7fiQw5VlG4r71xr9bBmhmbYxonVFX88CWW46dRAaFLPSLQOI_AfBvfsjbqpgsAjZSh21GUn1cLARypoDu0Va6OgugLE1uz2iMZeqXv9OmeAMYkfN3JFSuxumMZdzqD9EMnVWR60d6M5w6gUiVbXFm8CLWuxROdBUtRn4lT5z9kYDfKsz6z4JtCK46Qg1p2a77T67YjR2_BPBjVUe-LEMmCZbAOq-51XfXu4lSvyNbArhpRs0salMMEgoDeEkrIA5M43bkZGaBRGMLQRJ5PcBR5Dw7-dUJAKVMXAMfvXj72iCFX7AqiXdSo32tmioOL2ZWL5buFocTN2YDqrmZ_S0nTZqBCuXbvbqiOiiBa9ja62qqYhbJxPivMjyn2IAZto0aa7hG5EQuY4c22yOcBgJfnQz2KUTtcR65vTHt5njPQCns5Mim-rw-OusmcZt_iy9p1fJ0ZDuUV_lFbKNxgRS1ntgPa5SwneDP0BowvXzZixLyGjUb1WMCxkugU-prmuf_-SwA7Sal1XS-uHViyAlqMHPnqpztMehNT3IrMufhctk-ENOJ-Y2eLG02ZjMGToAdvZG1rpqTIZQ-CnmJ-ZqO2WprFTjefDD2tYLJ4_lUQ049BODszvskLqGfwzitgB22azBTeejvTATDixL33NRka1OIp2AY06MFGg2bzPnYQo0xjVe3VYqhuMfjN7S3p8o3cx8TxqDvM3EuUyretyoVkpIQVmifvcgQLvsjy1I3BLtFVeJmUXIHYZ-chJQNzdRXbA7NcdSAO4kpgCaYmOXYCAPGHZ8IYsVhpxqkJnDWsV7ZCaVltXxI7RCxXVG6oPisrIic8UsfUzPVmafT0nrOi86-vwPhqX4sDzJpcOWiY7ZnBUFkf6AjNYgKIWAr7IsIU6LKL9R6pqTy7bv9frffvekeEjoPXSG9Z7BgyKclcuDDtah5GS2qbHEpWlXB4_Or4BK-cF_gev9omh1TXhm57iKxYSHRO3ECkolcD9JbnT3r28XGhkMiD-CVjr1p1d-kCzJAGP0RpOMAWVThvyo64cX4k8RoFuwpoBWkuk-rtUSo4gpzabc_KF8vU2DnixAf8SKL93E_iDzVlILEY_viuVbfR0y9wZIUNiMebeJVaJ3Ue3KO8nPEm_BG5MKGuZTGn09GLZRSjpYGnhHWRJubdLuPPvqpqlw2tz4fzdSXNijxDbO2F5g4RT5SfoHqu418dnPrejNp9ylJJKr1G5B-upPyJcUWG43cg1Wu4RV1dZ4Coh0wI20qLVlgabkeuCH8L1pBBM77XIyEMxtdh1cwgGv8ubi-0dxkofIavt5gUxAcVZh3PEwFQmMTpiTTlgOfM-IS_ZhDDEFrbiojimCyNy-opa53ZMu2SjiiCS1nPn9O1lsqocmLck_6HCmDanI5fh-mhDy1qIfr7ewmy-xsWwHGJO0Yv0WXpQbh-WkFwuHckT6G5RNV-lGkQzGEW--BR6tzmtv8kgCxfhKeH_b7c_DwOr5NQWTOmKRokOHa_2mZEFiiz8tpeMDPv35uYHmsAvGsg3zGF0BLZVOZIzKRz5erL7VxTLD5Hbu70rS4V0RaJOSCcLSB1kIp63QCCjcKRs2wYtqTySvkYykZ7A0vtpng3DvKAOrxSRAzkTCozDTTyf1UZ14hFOYlQnCu4k5OAizl_b6MHnzrR6SJyMfX9H8Wd9PtHgXhDR0gbGdPVvF8KVstjvWpNQnXiuxNtw01ao8wFNbmYb-_sLmXVvK7-mwXCtWmjhfD-4_5MUsDM0S_uBu9l_pjtrtRTMxHC4RfGxrtoWBvo4bSkbNmUTTIN8Xf7c0DeASzs2eSQIDX_iYkP5wV9fYypdOoXmhsC2o4arOhYrf-w4IdoMVQfheRpH3OJ-9g-zT1Zfs7SbOtQdvrEwZv818zA_z__VbgFN_bj6Q_OKbacvOcHtKfvjbtDRYjnqjFkaMuTR2ubB2yysHHVVK6nAINX6KIn0rCVB-6JvuUzfEpjwgUyJliOKvbsKSsLFeB4ag64wtVTkw3V1gUpXrgp17gLFn_1natyVEdVMxIWru3DlErT8eM3yCiH8kifFXwj1VXkYMxW4G2GEmSRJIPkxC-Vuo9OQBYi3iU_R0osuyJAM-UxK2Y89H-YISa_gDqLZL-yMgpYvzTvZ6uYy_SMDumDG97Jte9xyvTqPRc2RoToSAep7VFCJOl6Jw5aKbhk-n7LD_Ee1X0xxdBlijSRqQkVJuoiL39svqaO35q5oQFxlcIFiRa3g_zsa-gkoYwjfKogQfSJd79jH4tepqdyDBdU7sqNHkGDzjkn4woX7Opff4OIeSwbXg1MBORHwW2-DKyQOKJpSaLTxLQX2pD6ZFV5CJJY79nzF1YEtNYvhoZxLzuD-H9YIL1C_9JPFQOUvQkoRyS2GeXJoNReFL9IOE5gnFJ6pk7kwRmtm0V2Jor_FPgql9wz66K8D74tZ0JrPGaPoSkLQz6GA4s9almJSSF0ioX01dI64bJjqa7jN-1XrMPXROrXjJTL8VOwmn5e-vaURbun-v5wGLZz9Qe7jb91dVXDF4XrL6odXmEh1WpjyUKHfFhBz788iGeTmKu-kfLfQOCkQk6bsr6178NHbxtJrlD31rZa8SY_mXRg7Tvr1Mff4RvZ3vIWQthNttVuQXIxzoWcRDSUS_doTj6SVvbKrUoSOtmfBS-ZheEpksJKcY_EFxgJQ7uyrckNMGUrKzpR-OMugBf2mXclaQfcfE-z3FujpBu8aDQozm8WtyeGGS-nl2RUUzT4X2XO90yu9uIzRbqram91R_DTHCmW1XtysNDEx1kU94nKOkolIqY9s8RpyLbZ661Zxy0K3m9qp6GrVmaXfN0bGb6lHpY_fMaSNfVlGEEzgGI8RGt1GaQyFp90rRHck22MFO8dY3njPV-i6gN027tvPC5s5HG2G3e_3CGnDyQXCaNF6mf-RbXpZ9HJa4bXjeBPS3A34VkxcTtlCevJWWoL8CEoIN9owOWOgiU_RRtohubpCbLj_MGnd0qbbY_BJ8p2bMS8DlUcezip0OVVg7I0rQ1d67fRcrkReiF60OyhFirpOvHidHAA0p1ruHJEBopLhmkG4q83fhfQnYWrNNygcDmlrr8UcrwhN1IrL0SXTKSXXIgC16MNy2sur7CBrmbo9KSGAVd1H5FUfohVZ1o3hMluEpprLCe1juSd1gTK8HC7DMX3IWFjdp61z2-P6vZvGleUnKMYGcvMnHSsGGYr28nwI-Tap5eyaCr1_wFtmVROj4ksTTbxAmTVr6MmMlj5urfTTbVYGkEIBBI7AMgJpo3bHTqkdCyZ836CdBN3Bp5HiLzJrkbcKOmtGqt-a3fH-WpXFeJo3VwbR6HpGlEN9qAWyRxt9lgYAWAB&bundleId=&ias_dspID=3&ias_campId=1013172746&ias_pubId=pub-6070985156043962&ias_chanId=1&ias_placementId=20409787662&bidurl=https://guaiba.com.br/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0hDRoOwCssDfXbb0UcLqMYV&adsafe_url=https%3A%2F%2Fguaiba.com.br&adsafe_type=g&adsafe_url=https%3A%2F%2Fguaiba.com.br%2F&adsafe_type=c&adsafe_url=https%3A%2F%2F39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=bed&adsafe_jsinfo=,id:d4c15ebc-399a-a9fe-27dc-b44df2fb5371,c:u8oAhF,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7bc8d8d488-24vdb,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tVLZWK5+11%7C12%7C13%7C1411%7C1412%7C14131%7C1414%7C142%7C143%7C15%7C161*.1520146-76103085%7C1611%7C17%7C181%7C191,idMap:161*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:30,oid:dd3e29f6-8476-11ee-8a65-ca41b776905c,v:19.8.460,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 251

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFSABmo-_ZkKKxW9kI4d4&google_cver=1

Request Chain 252

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVYC5qVyRFBwOts44vtIIgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFSABmo-_ZkKKxW9kI4d4&google_cver=1

Request Chain 253

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEH6BKgssRcDw641qDhePkAQ&google_cver=1

Request Chain 254

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg3OTIyMzczNTg5MDU5MDQyOA%3D%3D

Request Chain 255

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFSABmo-_ZkKKxW9kI4d4&google_cver=1

Request Chain 256

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVYC5qVyRFBwOts44vtIIgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFSABmo-_ZkKKxW9kI4d4&google_cver=1

Request Chain 257

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEH6BKgssRcDw641qDhePkAQ&google_cver=1

Request Chain 258

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg3OTIyMzczNTg5MDU5MDQyOA%3D%3D

Request Chain 300

https://fw.adsafeprotected.com/rfw/bgd/1520146/76103085/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-BRq0auYG79FVJ8MAOrCJHALTEeX0bEB4YdnPu6Uu0IMFFQWow8rRY7cJD2ZgEIKV7cRvPE_P-7a1oIGjB3MXl4_CKdECdD-ULTISATOswr4TRuwTRIYfzkBPrV3HCmPYyHcq-HFp0aTvk_BiebYH-waeTcNXQ7FRY74v6fxalpTT3lHdwSyRcAoCZ_4BLnuyONx1dTRsRpl84TS37HxsaiU7pgE-SdsIQWvAFfkKl4JArfTj_UprSWYBqjfwyQoTUrqRGAYuYQBSK22Fb3J-uM3MibetwugWeJi6FEggOqFnbqIuxPA5i0c4Pwvehk_hJ76eUYvvOQgy0l7LSxGmBTsso0C5mNgS5uKgbTVHM2RZTDWZNAoZRFzhL4CBg5wTQyvXEZpT3kimWqvac7arCfdjnk9v6Y8MN73dbxaR2zJqDLoyEvdmLcRumKPcBB7rMkbtcK8deJh4wUvGTR9hfDzWz__PUVAGeNkxl3-abTNxE81cHoi3LDpCplsG5Ox2OJVMK8eAvAH-S207ngbNTXiqTvMOQfnHqm9dA1Y6H7qCo8pE9mjICPZtGznFBwKJig_W3XpiatSoNBH-odlWS1_TIezNuMuo6AYI6wokJev27sLYeAwRAp6e38dur-L2BmyZlCi9nGKtSQyzBeigj6AStP_GVbVCO-fYZm9El0B_lXRa0bAN-3DUCHrbCWCI42I972KdV-qde-1YgVguvfU5mtjp4jCYGbg3MDTpEPm-mEcUeZPYC8D7a8PHg_PZ41vnhajVJWekmQ0Nn2hNm0majRVAOY0dnRzY1F4aToHmrE4OEmeqUncLKt3ptqhJtFyr8QabuC6AJxj5Z0-zTrNsLUChX84RoYc_0qiKsNumFV2q6T4kC8TCWsRvcm3utZlO8CMRlKXptc9Bi81baxLS4dGQUJBbwXbqLubCaJMK3EFetxxo7Izq15YzdJDRa8qLVxPH7su_V1uCeZGW0F0bINruV8fSsabsCKQmpyrZ6aQlZReWWk2w1xF3DTbUaR_rPeIdSRvSaKLhO_W2hJ2RlaAWgbJ-WvKHJKp5OJ9_B8abdp1ypYbTD07qQNxfT0gRN2snns-3JheyM9wmqtcJO1VvES_SjL9maMdXMn7kfk0aFKPRQ4IfhPxsN7Ur-olXUaPKy6-Ja8Q8I7mu-ZWAoViOR94pUI4hHnRKvbW4Mcu0jE_GotqNy75AQo-g9NEWbbSDWzvt5TtXHGEZ2dgZpWDoOvnyczkAtg7DR47cLc35eZbSV2LzoylyhFsH_iz4jthBd6_NiuVOhg4Ay-7EnFvpF1Mj9Z7MZs-ZIB8qKQkEXNTpKtdG_7JjJRkUxyL3j-VNQrl_s65TvnQNT-3BgEpgietlsrIM0fSf_nQDaEeg5sRbF015HlWyXQ9kAoonSFK-rmBkDHQ6mVwuppwYcrWHYqHaeGDNE49KHb9GoTL3dSySH8iMlv5lCzHrhqa3-XHqfEhtvaKI7I5TXT4LQ7oVhv3YgiKydAFFAxWAgb8t7dpUCpH1z3TI0vAz4AnE14Qo8JeQXD3EQQvcRDrkrg5INjcA5wKkGH0xSwcxk-8pnXajnOJ_8e_zMGe755oFLQHLOn5cuj7M4Gg8Mbg1LgAVZStOu4clvu98SwuzOUEYl9FPtv81DYlgDDt5OyDmU-M5gRTdE1eIz--PHuTp-4ALP6xFp0yal-kxYAWKYch3rr63eUeLPgO6masw2BIt_ITo_UAgOeWV6tV-P3WS7A0aLyB4Uv-Iga3LztfBGEqt5otec3a9J5SQ8QAxmBryITwCvHCFv8PKBAzepcN-7ZBs4N9Xc8fQnwUegbKj0lIigV7-xxYFFlQ2UtrKzOZjLhYMTEBOvecoUlkF_zkg0JSxB86699Bi0nFuigwlAOzUk8pVQOTEd_2jhThsh9TtjKa3KjkGPWdvNTTPa7q7yq1SCcKFYbRSEI407DUbaWnGUWXucBfCMhbdqIcD5unkr8Bx5Bg-fZ93PRxt_rYjBBAB-8sQwDYZ8qdC6LQkz_kLojfxToBd4Ud8YUF9tcIJmAQKdBtX64FJ12_dO5vo1N0ipB5eLH5y9AyCKvYowfiGnvYdg3hNZvFO88m5pMzVr4XoqcV7ubRWu_sJpyjOkMbgqFZgrVFp1rdQ_J5Yk3y0Oj0uRUsNjS8wXqOuaqEGVEOdKm3inL4cP8nkCLdS6xd81a157Cnx7qJdmIrt1dJ1YzSsz-wGiPhFPBX93PKRJz_-12bojab8PjnWDcpWEOg7h4bAPvj2OF4_vtrU4hNbTt-r7PxsqSmrSbUEfx8THqNupIw5UQUAl_tIJuNDjhKwwhd1NQG6i3TftkPP5HCD2SxWND97MVlVsb3a6mxAaxG4SVC_1wHnscXig6gzVsUVaLxKZIw2qeywvytMS4WLvZB7Icfp--nxcRv4fXRBI05LDa9FVCoi32stFGeDZ5BpLgUAiT8QhnMSdMMaUzQBMrccz0EJMtRanWs08QPEc2f1Nqyl_RvkGh6E2UP2Fbc1WwA8DXQBaYAz2osxJMwOPpRYeaVpLGG0iAz6FJHXJw5bMSus_NZCZmWc2EaOwwevyrxswRgZ8XzkJKflxnE-s5PL40sWMNsO59t9LhttsO7YV73cF91VbGJIRuvKAt6P5GOf1zef4lqLxxYIAYNym899F7QbRqnahIebbxF5eN7d1FnF6AWsHM-p9G3dCWohQqH32yQhvrlr_zRk6Es1fOF3EgwLie2wRjr4cAfU1-VnJ7JfXNGlMSg66xH-rFOB0lRlU5vy2iWWzpCwXRBVRxx44ERyfjQ0r_xUA_COf5a2vhyoGDWF9CAIvrqVuflmEyJXfRFyHtqxPfanL9yRDQjtEIJOLBuFQN6XMvxBA7Rpki63ALAPNs32YTyXL2Fc1Wza8WTxqD5S1DUg3Usg4GqiVLXTSb_2K0iD4fbNBU0_lJ5QQHDc6VgFv8u8-ozys2jKEgYGBvFeKBZiEl2XMR9z5D19FUbDg_n2Rj_usXZaSjqLw8bthVg5nI7l6d35QmLz3DpAqe7rYOsrtjVvBLEfJDPiWbevVAaPrsCpOuYoLTBNQXLPsRIdzEetXNReL3uV_vJdL4gnddSfdwUCfHDPQlG1DsJ1fODA0m-7d6M1JWZu0K0OEj7sFFY6PEjdGzjj2y0Z3M1DePwqJ4X01rFBB5HRRIqe8Icc3kpS46zZQ2h43QkBIgV7Geob3hDgujJpB1QQ5T049vHmnI4Nyl_rQTKcb9yYynbhpign_r1bknP7kELW_lj1WAoTwRZzB3xIZu0MnuVFc-7JOTQjA5ml5n8ujXuxcUkJ1PzUL2lJAw9PkWu4tvXrTKowMJxn9yp1FCUlprikgmUljnQRD4VwtEKmGk_a85vTNtNyqP9TusrSfD45me5R5wDAhf49WO8QRjXjAXJP41ftQJOSqfKmZBA-pyFv_S247DrwpTscDJN4nFKx6TiFsOaEWiL1o6P-fa3Qv1tEHIaRB8wP9_HF61jWbhXxBtPE9MQEoGJs7Fosizc8zU7Id8RBNsm299Ywu2tWqtOcp0oJKIgBfN83n3fpzRRPJzyOp-57sBk0EtriV1CAXVRcgPhNwFuk043W7XUICdXZ29zxX1JIT1AUPSSyOtIshTkd3DyBtoZ2FmmBwvovt5JK5H_oms0QTOvpO8Btvp-dzpGE93o3_GE5GmC4rvyT5nKHcpBCpSpXKdhg0R6gcSIkmWxtUwTg2VQSTBk4yesFOniSZeUDNHcz5yLz4H-2sTErzcdU2pEY3sNofR1WHAQSoLEDWabYp_d9DcbrVZFfrOy4ALA-tvBLoCTkiwlO0c5waivfsjCvOWoGP92ZYozW5TRmcCvoA9y53AgGwXiGcMXaSDWtXAWJVrdEToEkQykp239jwbV7j5pokxjY_BYj6DdmCoe9i3zU8WPOCy4RgdUoey1KRtWhHqS-xfaKnVMUj2YkTBRCWEmho6m1J68dEae9ke8_sARuYNBKMz_9XmoAt9GlPxGIkBU7vHCXfibcXyKIUhq0vL7Wkk4_fgjzkI5NRFhglm03NF-vNQ1SrA4HDYA5QnVyugv9UOdq1nz9JaYNP1czBSFNzxltP4cPAMrxwThYwk31qdAA-do0Mp31_Busd_9FHvKvdALBdyBJ5bN8unPZ3xN03A3wvmuYJ293CZdFfWew2W8Ea8fyMtgBpBCAQSOwDICaaNmmXyiacIOSDH3MCvOitjAzNqumXX0sCEnwOyr8sTsD8oL7Jn0kbQw42ybnJP87drHJh0G_ISGAFgAQ&bundleId=&ias_dspID=3&ias_campId=1013172746&ias_pubId=pub-9153399113741741&ias_chanId=1&ias_placementId=20409787662&bidurl=https://guaiba.com.br/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0iyolZo1JJo86_d2gxBUAo4&adsafe_url=https%3A%2F%2Fguaiba.com.br&adsafe_type=y&adsafe_url=https%3A%2F%2Fguaiba.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:a677207f-fd83-ef3b-5802-1055eff39989,c:u8oAnF,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7bc8d8d488-5bbbh,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tVLZWQd+11%7C12%7C13%7C1411%7C1412%7C14131%7C1414%7C1421%7C143%7C15%7C1611%7C1612%7C1613%7C1614%7C17%7C18*.1520146-76103085%7C181%7C191,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:23,oid:dd5a3de6-8476-11ee-81d1-cee356f6348a,v:19.8.460,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 304

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJxvmGNWtO7xlxqOqV5cxLI&google_cver=1&google_push=AXcoOmS5bFEKCZpjZU1Li9r2xf7i-qRC2l6dOugBA4Bvfxkfh2fpigi-7cXVlbv5tnra6lI1fElEWMJO3kmL6vKDWfO2AFrrZOQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDE1NTg5MDU1ODgxOTE4NDk2Ng==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOenk4I4ZJXVNJeduJF8Hpc&google_cver=1

Request Chain 305

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDc99CGV_ZfA4iDTf7RRtNM&google_cver=1&google_push=AXcoOmQ_DWP9sYFGcokdMIiYhK1hd3NYzE6-OlO38dD-AP24bQCt9RY81xZ7lrEZ2TuxOeS-CKpFsDnf42zK9RdDbPi6gLRIBw HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQ_DWP9sYFGcokdMIiYhK1hd3NYzE6-OlO38dD-AP24bQCt9RY81xZ7lrEZ2TuxOeS-CKpFsDnf42zK9RdDbPi6gLRIBw&google_hm=8Vm7qNzbIVcy40z-Vmzj0g

Request Chain 306

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMEQkY0qLNQPBfIsGFEdgi4&google_cver=1&google_push=AXcoOmQCufhMbxoFnwZ9asMBawzQsPQXj9Xe648YbLidWQrE9A94ttzDmBG_rIOXRa54hVMhR-pq43exivtdBuoWPwWviaKMpFc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njg2Mzk3NTE5MTA0NTM2Njk2Ng&google_push=AXcoOmQCufhMbxoFnwZ9asMBawzQsPQXj9Xe648YbLidWQrE9A94ttzDmBG_rIOXRa54hVMhR-pq43exivtdBuoWPwWviaKMpFc

Request Chain 310

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEOiEXO2hqHmYJpl0mND9yOg&google_cver=1&google_push=AXcoOmQCSOorzJ8T2M7DLjFNbFsYMnA_OsW9ZMqa9VD9TQV9k0yNqtQedCMO8piz2RuH3l_RPwzQj8Lc8UjUonJdwnOlg8tDOaUe HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=132f68cd-3170-4050-8407-3327a3c53893&google_cver=1&google_gid=CAESEOiEXO2hqHmYJpl0mND9yOg&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQCSOorzJ8T2M7DLjFNbFsYMnA_OsW9ZMqa9VD9TQV9k0yNqtQedCMO8piz2RuH3l_RPwzQj8Lc8UjUonJdwnOlg8tDOaUe&gdpr=${GDPR}

Request Chain 323

https://a.tribalfusion.com/i.match?p=b6&u=CAESENrM-Vm0AfYm8qg_PediZqs&google_cver=1&google_push=AXcoOmTcYeve_e3jjXyHK2R6U3Czab8Rfk7A5yLC-GucguF-Zs1xLc7-ruyHpg_TTcn0nsnXV8ErBUBk71t91DE0kztvgN-wI0NdnA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTcYeve_e3jjXyHK2R6U3Czab8Rfk7A5yLC-GucguF-Zs1xLc7-ruyHpg_TTcn0nsnXV8ErBUBk71t91DE0kztvgN-wI0NdnA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENrM-Vm0AfYm8qg_PediZqs&google_cver=1&google_push=AXcoOmTcYeve_e3jjXyHK2R6U3Czab8Rfk7A5yLC-GucguF-Zs1xLc7-ruyHpg_TTcn0nsnXV8ErBUBk71t91DE0kztvgN-wI0NdnA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTcYeve_e3jjXyHK2R6U3Czab8Rfk7A5yLC-GucguF-Zs1xLc7-ruyHpg_TTcn0nsnXV8ErBUBk71t91DE0kztvgN-wI0NdnA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 324

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEA4T-AepVR-7Dd9aItcMewA&google_cver=1&google_push=AXcoOmTC7BhIAwvdloJY-HdkVkxtJ3LkBZX6PA71sX8OZ9XcYFdc-5kvI7C_1mWT4Tdi7SdjmpC8ucQmXDe5husOOXkLnynZLIF5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjAyNzAzNzAxNTI3NTY1OQ%3D%3D&google_push=AXcoOmTC7BhIAwvdloJY-HdkVkxtJ3LkBZX6PA71sX8OZ9XcYFdc-5kvI7C_1mWT4Tdi7SdjmpC8ucQmXDe5husOOXkLnynZLIF5

Request Chain 325

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRy5pmot856AIMhiO-PPStzB4LeX7EHGalyuzLHhDsj4cjo3c5D03KqJbst6nH2xfUl_4C35n-OPmujTTaDHFT2IByVX8lwEQ&google_gid=CAESEAej-bx4D4XDY6JMzL4y_k0&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-4Sjblz_fq77oGC0P4VOuJy62mNtUCBwoQAiAjg&google_push=AXcoOmRy5pmot856AIMhiO-PPStzB4LeX7EHGalyuzLHhDsj4cjo3c5D03KqJbst6nH2xfUl_4C35n-OPmujTTaDHFT2IByVX8lwEQ

Request Chain 353

https://x.bidswitch.net/sync?ssp=vidoomy&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=vidoomy&bsw_param=999c6b80-00e3-4316-bbd8-680a78506d3c&google_hm=OTk5YzZiODAtMDBlMy00MzE2LWJiZDgtNjgwYTc4NTA2ZDNj HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEIobHlOd8DLS7AJKEqE87g0&google_cver=1&ssp=vidoomy&bsw_param=999c6b80-00e3-4316-bbd8-680a78506d3c

Request Chain 354

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D$%7BUID%7D HTTP 302
https://a-prebid.vidoomy.com/setuid?bidder=openx&uid=372c1bad-f234-4dc9-9ceb-607abf1950e8

Request Chain 357

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadf%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
https://a-prebid.vidoomy.com/setuid?bidder=adf&gdpr=0&gdpr_consent=&uid=6863975191045366966

Request Chain 361

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db0887763-40a7-4a68-7c74-22d0f4ebb57a%26reqId%3Dc39d6dc4-02de-4fb5-61f9-50c7f6075819%26zdid%3D1361 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db0887763-40a7-4a68-7c74-22d0f4ebb57a%26reqId%3Dc39d6dc4-02de-4fb5-61f9-50c7f6075819%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=083b435e-cc1b-4186-afde-0300c5fc3674&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361

Request Chain 368

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=b0887763-40a7-4a68-7c74-22d0f4ebb57a&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db0887763-40a7-4a68-7c74-22d0f4ebb57a%26reqId%3Dc39d6dc4-02de-4fb5-61f9-50c7f6075819%26zdid%3D1361 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=b0887763-40a7-4a68-7c74-22d0f4ebb57a&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db0887763-40a7-4a68-7c74-22d0f4ebb57a%26reqId%3Dc39d6dc4-02de-4fb5-61f9-50c7f6075819%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=72692904725138836182054538822932795560&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361

Request Chain 371

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db0887763-40a7-4a68-7c74-22d0f4ebb57a%26reqId%3Dc39d6dc4-02de-4fb5-61f9-50c7f6075819%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=7302027037015275659&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361

Request Chain 372

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=b0887763-40a7-4a68-7c74-22d0f4ebb57a HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=b0887763-40a7-4a68-7c74-22d0f4ebb57a

Request Chain 373

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=b0887763-40a7-4a68-7c74-22d0f4ebb57a&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db0887763-40a7-4a68-7c74-22d0f4ebb57a%26reqId%3Dc39d6dc4-02de-4fb5-61f9-50c7f6075819%26zdid%3D1361 HTTP 307
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=b0887763-40a7-4a68-7c74-22d0f4ebb57a&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db0887763-40a7-4a68-7c74-22d0f4ebb57a%26reqId%3Dc39d6dc4-02de-4fb5-61f9-50c7f6075819%26zdid%3D1361&bounce=1&random=1793748635 HTTP 302
https://mwzeom.zeotap.com/mw?webouuid=qKpEnT51zdgL2VmeqCMWce&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361

Request Chain 375

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=b0887763-40a7-4a68-7c74-22d0f4ebb57a?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361

Request Chain 376

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
https://mwzeom.zeotap.com/mw?cid=y-AA6hNwlE2ooTlEI_7F2lw1XpzouyLy0Bfg--~A&zpartnerid=570&env=mWeb

Request Chain 377

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=gqfL0Nh9Qe2ByRuLJ0f6sthl%2BvRayLG1%2BS41iYitP1U%3D

Request Chain 381

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db0887763-40a7-4a68-7c74-22d0f4ebb57a%26reqId%3Dc39d6dc4-02de-4fb5-61f9-50c7f6075819%26zdid%3D1361 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db0887763-40a7-4a68-7c74-22d0f4ebb57a%26reqId%3Dc39d6dc4-02de-4fb5-61f9-50c7f6075819%26zdid%3D1361&_test=ZVYC6QAAENxE6ABU HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZVYC6QAAENxE6ABU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361

Request Chain 382

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361

Request Chain 383

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=b0887763-40a7-4a68-7c74-22d0f4ebb57a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=b0887763-40a7-4a68-7c74-22d0f4ebb57a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361&dcc=t

Request Chain 385

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db0887763-40a7-4a68-7c74-22d0f4ebb57a%26reqId%3Dc39d6dc4-02de-4fb5-61f9-50c7f6075819%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361

Request Chain 386

https://pixel.rubiconproject.com/token?pid=41544&puid=b0887763-40a7-4a68-7c74-22d0f4ebb57a&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=LP14VCOX-1N-CE68&env=mWeb&zpartnerid=1770&gdpr=1

Request Chain 389

https://cms.quantserve.com/pixel/p-2vLHuZkZPAz2_.gif?idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=b0887763-40a7-4a68-7c74-22d0f4ebb57a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=kHW5rpZy6a6LIuivwCGh_Jd4uf2LJrWvkXhdFilO&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=b0887763-40a7-4a68-7c74-22d0f4ebb57a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361

Request Chain 395

https://bbnaut.ibillboard.com/match/AdScale?partneruid=e62fbb303622415fb2a838491ee29368&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F24970c3e37c947ce97ba3224af311546%2F1700135658808%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID HTTP 302
https://ih.adscale.de/sium/24970c3e37c947ce97ba3224af311546/1700135658808/0/img?tpid=101&tpuid=BBID-01-03748496590450943-17078652

Request Chain 396

https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=0dec622eba1b06d0018c00a1cc77452d047333b9fea5d0d85d4bf6f21d8cd745&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F24970c3e37c947ce97ba3224af311546%2F1700135658808%2F0%2Fimg HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=ZVYC5qVyRFBwOts44vtIIgAA%262192

Request Chain 398

https://track.adform.net/serving/cookie/match/?party=9&uid=97402078d83311ead452e37ea0171bebf25dd8e5845e5d247d7f7820821b08e8&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F24970c3e37c947ce97ba3224af311546%2F1700135658808%2F0%2Fimg HTTP 302
https://ih.adscale.de/sium/24970c3e37c947ce97ba3224af311546/1700135658808/0/img?tpid=42&tpuid=6863975191045366966

Request Chain 399

https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=39de8d69a88853a14dd3fcdb65c45af7e6f95c9cb538e47e3236a2a0a3716f5e&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F24970c3e37c947ce97ba3224af311546%2F1700135658808%2F0%2Fimg HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=fa28e85c-0c2e-48e1-aafd-84488569c116

Request Chain 403

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=a08a93dd6f5392699d783377a18b6bcb15552038428f5f3266946fd02638b3a3&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F24970c3e37c947ce97ba3224af311546%2F1700135658808%2F0%2Fimg HTTP 302
https://ih.adscale.de/sium/24970c3e37c947ce97ba3224af311546/1700135658808/0/img?uid=a08a93dd6f5392699d783377a18b6bcb15552038428f5f3266946fd02638b3a3&tpid=38&tpuid=CAESEGxElMn2GBSiP2IR6eDyDqs&google_cver=1

Request Chain 406

https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F24970c3e37c947ce97ba3224af311546%2F1700135658808%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID HTTP 302
https://ih.adscale.de/sium/24970c3e37c947ce97ba3224af311546/1700135658808/0/img?tpid=75&tpuid=4879223735890590428

Request Chain 412

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEA4T-AepVR-7Dd9aItcMewA&google_cver=1&google_push=AXcoOmSHgr2OnDVhzD1bZz0vWoriGPNCBlyTI8tWRkSt95zOXANOM3ww2KIQb26DiLLoz7OMEdkz0st0hRcPqu8vsellzp9bRqgo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjAyNzAzNzAxNTI3NTY1OQ%3D%3D&google_push=AXcoOmSHgr2OnDVhzD1bZz0vWoriGPNCBlyTI8tWRkSt95zOXANOM3ww2KIQb26DiLLoz7OMEdkz0st0hRcPqu8vsellzp9bRqgo

Request Chain 413

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRZfNuZU3mhD5FC5Qs4hW-dtsjzXXdTh0m6Q3rwHOW_7C2A2OByluETAlJS8gb1B5VDs-CtyIrUloxRTpwkXBxNrEWpE_nTzg&google_gid=CAESEAej-bx4D4XDY6JMzL4y_k0&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-4Sjblz_fq77oGC0P4VOuJy62mNtUCBwoQAiAjg&google_push=AXcoOmRZfNuZU3mhD5FC5Qs4hW-dtsjzXXdTh0m6Q3rwHOW_7C2A2OByluETAlJS8gb1B5VDs-CtyIrUloxRTpwkXBxNrEWpE_nTzg

Request Chain 415

https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=062dfedf3998eb0b6b0c902f4a6df5ffe0ae9fb373613852d15fb0fb723be079&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F24970c3e37c947ce97ba3224af311546%2F1700135658808%2F0%2Fjs HTTP 302
https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=062dfedf3998eb0b6b0c902f4a6df5ffe0ae9fb373613852d15fb0fb723be079&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F24970c3e37c947ce97ba3224af311546%2F1700135658808%2F0%2Fjs&checkcookies=true HTTP 302
https://ih.adscale.de/sium/24970c3e37c947ce97ba3224af311546/1700135658808/0/js?tpid=48&tpuid=18c66b7abf408efbfc1e6da49628e56f

417 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
guaiba.com.br/
Redirect Chain

http://guaiba.com.br/
https://guaiba.com.br/

245 KB
39 KB

824ms
772ms

Document
text/html

2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://guaiba.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34 PleskLin
Resource Hash: bb030289d3cc0f40b34c12711f84d8ea12d21c10d2ea642cd9059ddd310e593f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-edge-cache: cache,platform=wordpress
cf-ray: 826f899ea8a74d2e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 11:54:09 GMT
link: <https://guaiba.com.br/wp-json/>; rel="https://api.w.org/" <https://guaiba.com.br/wp-json/wp/v2/pages/899>; rel="alternate"; type="application/json" <https://guaiba.com.br/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3c0DtO8zxgFnnEY%2F3cW%2Fh3EzqFBinven5s9w9wnokeqgWF%2FI7hCNsn7%2BwxW805%2FPtTikrLva6wJAopn%2F56h3A%2FbODmJxkyQTa2v9USq3RRnPIuHzb1wg5Pecx%2Fy3xkgsiuJl0%2BEzGRg9WeIs"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-cache-status: BYPASS
x-powered-by: PHP/7.2.34 PleskLin

Redirect headers

CF-RAY: 826f899e19a535fe-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 16 Nov 2023 11:54:08 GMT
Expires: Thu, 16 Nov 2023 12:54:08 GMT
Location: https://guaiba.com.br/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=83w%2Fa4%2BIlyWSb1ohWdAFaPu5HaARhNiMMQq21DySKba6famLAusbduxwZsXd9mrb9ltx4D9Ky7o%2BOLbe6VpaoCxblYNJUcINMzn3J2Hr1GUibHPM%2F%2FC0dmhKYgTHfAU3xyXOf%2Bnbx%2BMcO6lp"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 XSBFC2fb3_N7jd74dcB9ujz0eEk.js Show response
guaiba.com.br/cdn-cgi/apps/head/ 7 KB
3 KB 37ms
36ms Script
application/javascript 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://guaiba.com.br/cdn-cgi/apps/head/XSBFC2fb3_N7jd74dcB9ujz0eEk.js
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24f5106c713f84f4879522e16c7ae5fbbbd3c827d6243d7f70324d82323fcd5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:09 GMT
x-amz-version-id: FiUDYOZujGk5m_IJE6VHpw9p06BTwyY8
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: WWR1HXEY0TJGETKH
age: 1192429
alt-svc: h3=":443"; ma=86400
x-amz-id-2: mNGDAH7rFItmsj3c6q79FO1Rd7lMw7zeGuYgJwdk9zE7Cc+rsK0iin1YQUdYE+oecSEuTWDnabk=
last-modified: Wed, 02 May 2018 22:23:44 GMT
server: cloudflare
etag: W/"868948178ad1aafa7818b275985e6a13"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kky50gqNMVibLqE8QDZFRf79mwvWBHCOx3y9fT0yRW3RIIMAKOin146qO6bDoV76qEsL%2Fmpx8LDujzv%2B8H9DPexxmY4Nhx46ZR3wAIYRkIHPWctVrRHkBqOrZBHsL01VWuy7ZPl189LI1oU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 826f89a38d7c4d2e-FRA

GET
H2 200 /
guaiba.com.br/_static/ 2 MB
198 KB 286ms
285ms Stylesheet
text/css 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://guaiba.com.br/_static/??-eJytlFlu3DAMhi9URkgDpOlD0Rv0CgNKoieCJVEQ6Rhz+9KzdbrYAzR5MQzy58dFlNzcINWQp0jigoiLSdT5zGGEnHzHfnCih0wPJdUHE3xyFhG4KlV1LU/7VC2QeUwEGWeDDewy7TEcXJt8TuGI/UMBJ9cHAvex9VVciwO0nsyyhA796I6rckUv0EkaV0lv5FCE9DSewaSAMwkX+suwOaMNqGdW0Y4NjqX9DwJrKqi0GmqmxjnbKJYvmGxVSigHEA4JM8grdgI/qVrKJ2cb4QrHKduynBWD8XimbkyeDNQvVZ39rfOQTL85m42UNz2SiIeKaq2DjKlWiu+kXnuZvISePFk7vby31gs12K6OoAw6E+lHDGBNtb14ESrNkkmX0zld5g1t4NJYTGn/Zcqa7K72xXIvFH2mZtt5fkdoQIv+Z2X6SsXm88OqatjuFtVmXM4F5nY7DLOa0eQFLcWdAVybOj8kv1LfEDXuTu7dEbmBE8UasUdoGMZV2EW1W1R3mSHzFK9v7m8kb3WJ7K6Pw/fy7fH5+cvnry+PL08/Ac5kMIA=
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34, PleskLin
Resource Hash: 8872bb521ffe952bb817698b1c11c667d77fff8b63ab226a3e56ac5600c0ae8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 01 Nov 2022 10:23:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-page-optimize: cached
x-powered-by: PHP/7.2.34, PleskLin
etag: W/"bf097db894dee6f7e0bd753209a11215"
x-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yj9C7we7BiiwjxQT7Q3w68%2BL4CzeFlTBoCCRRaFldiYCbxB8X2pLkXn%2FxbWg3qCSQetykGzI%2FD97nNdiIveVQPAsZhJrZ0YUJ3d2Thc9%2BAiFMORDBiCOsjM%2Fs1zQaNaKTw488o1VuEfxyu0S"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: max-age=31536000
cf-ray: 826f89a38d7b4d2e-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
63 KB 89ms
37ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-89364106-2

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/cdn-cgi/apps/head/XSBFC2fb3_N7jd74dcB9ujz0eEk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ba19f59ba4e4bd77dde6ebe0f57c8ae89293efcee9be03aa82bee3d2cde07b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64578
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Nov 2023 11:54:09 GMT

GET
H3 200 wp-emoji-release.min.js Show response
guaiba.com.br/wp-includes/js/ 18 KB
5 KB 51ms
38ms Script
application/javascript 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://guaiba.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.0.6
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Nov 2022 10:19:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3720
etag: W/"6360f298-48b9"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NVghM%2FnBNb9hSQRTtSihtJ39qx7TYzwruWDs6ZMNDOfzlC6%2FoakGHYb5iRLthnD7vWNSK0XiW3W8ElulGMv6bOabk99BZARIwNf09AJbyAh6Db7TQEnxmaQTzRNFaT0KIUl6Rsi8QD2ud1nz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 826f89a949bb693f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 33 KB
2 KB 86ms
33ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&display=swap&ver=10.2

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2df7253cdb0ecc3cd0eb9f379bf9aea72e7e3f4b24de78cb7eac19e99795844

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://guaiba.com.br/
Origin: https://guaiba.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Nov 2023 11:54:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 11:19:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Nov 2023 11:54:09 GMT

GET
H3 200 jquery.min.js Show response
guaiba.com.br/wp-includes/js/jquery/ 87 KB
32 KB 228ms
228ms Script
application/javascript 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://guaiba.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:10 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 01 Nov 2022 10:19:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6360f297-15db1"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BGTkUo64Q2cExzfhA%2Bx2PaoibloBc2ia3HCH8tN8%2BVxGohW8WNVcDNBp7AYvEpLRdQGXa53WNSEAxZh4BICiiuxb9raa0BTR4RPiKYfiSa0EZEZDdbaz8EvQWGv3I%2FZGA6EISLYHquXAI6cL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 826f89a40c9e693f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
guaiba.com.br/_static/ 44 KB
12 KB 282ms
282ms Script
application/javascript 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://guaiba.com.br/_static/??/wp-includes/js/jquery/jquery-migrate.min.js,/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?m=1667297943
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34, PleskLin
Resource Hash: 4edeb16291a0a77ecf414c539c96824c907e57dc2861e67e2d6dae98ff9d66f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.2.34, PleskLin
x-cache-status: BYPASS
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Nov 2022 10:19:03 GMT
server: cloudflare
x-page-optimize: cached
etag: W/"b7ee960884a7310e8ba450ed923e9f56"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q5mQDFu3Duf34FDiMBz8HADjAkwZs4EIZVm%2F%2FiwsfshM4jgKKujltN5hNKDG03bGbAC33MpfaFAHjR209K7VzhzGcUE8XJ4oqMv2rzWat0lL8Rb8DilhuBcDKxBv%2FnqLK2TAEHSQHvQXAh41"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 826f89a40ca0693f-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
63 KB 63ms
46ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-160181995-1

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

242e8e2b3f4c1b0f4f0e49113c9bc0775981dba4a03b86a2501332e02154923d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64594
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Nov 2023 11:54:10 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 144ms
76ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8161413193986253&host=ca-host-pub-2644536267352236

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6d18aa3cf66caa4c1565815d412ca62f54bdaa35564c5bf7ca18140d2ae599b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://guaiba.com.br/
Origin: https://guaiba.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52716
x-xss-protection: 0
server: cafe
etag: 15469168291884698034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 11:54:10 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 96ms
24ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89364106-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 16 Nov 2023 11:16:44 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2246
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 16 Nov 2023 13:16:44 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 175ms
108ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8161413193986253

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3483963149e24fb0f6a022c900e4c5c172879d5f9c572e2640f9a77191eeff12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://guaiba.com.br/
Origin: https://guaiba.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52715
x-xss-protection: 0
server: cafe
etag: 1497594154491350670
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 11:54:10 GMT

GET
H2 200 container_NtL1DxxU.js Show response
tagmanager.alright.network/manager/js/ 117 KB
28 KB 601ms
443ms Script
application/javascript 18.66.2.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagmanager.alright.network/manager/js/container_NtL1DxxU.js
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-22.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dfb925e8d65a02b12a674460cfe84aba089ad90e4ad76f4756451069d17a634f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: _cvHP2nInEoPDMxTVuWbm6rYdKIQxTDW
content-encoding: gzip
via: 1.1 eedf8ac56e4e1ec3b240557514df9d64.cloudfront.net (CloudFront)
date: Thu, 16 Nov 2023 11:54:12 GMT
last-modified: Wed, 08 Nov 2023 12:58:37 GMT
server: AmazonS3
x-amz-cf-pop: TXL50-P1
x-amz-server-side-encryption: AES256
etag: W/"cfdb40c6bb9f91d48f0e86033f432256"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-cf-id: 9kDVvovqHj1QjYvEV8W6fwt98GsPE3EA6spPL4QXinTR93nLjseUHA==

GET
H3 200 Logo-cabecalho-maior.png
guaiba.com.br/wp-content/uploads/2023/05/ 10 KB
10 KB 215ms
214ms Image
image/png 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/uploads/2023/05/Logo-cabecalho-maior.png
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 11619eb14230c5f950dbd89d78bcb857b70d1ebd0a180dbdde2c7e3e4c8ba031

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:10 GMT
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 13:51:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64511577-2679"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yyhvDp4U1tFsm9uiswR71fDpRoFiBzsVIG1sxK3dJIDPTIjlkmazqRmehFnDC3RKZCzp%2FOqAtReQxTu0%2FCMbdBrnzSbpFyiX%2FgAEJ1AYcKXOWFTclou8jPde1xEvrwAWqH1d58FauA9yrYl%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a53de3693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 9849

GET
H3 200 Banner-superior.png
guaiba.com.br/wp-content/uploads/2023/05/ 37 KB
38 KB 330ms
329ms Image
image/png 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/uploads/2023/05/Banner-superior.png
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 564619dbfcde06b3bfd533af532e323b2eb931c6254a203ff23f42d30c689256

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:10 GMT
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 13:23:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64510ee4-950e"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2B0v%2FFPmNqkf03eO0bWLNKBIeKa89aJAI70bxbHdBlgykhQCmAnSoOH5rKjAOmmcbFfqJPQXnGXZLvW%2Fn%2Bbj3sN6%2B%2BOwQAoyEAhbjdF8lv158oVthQ2XmeufeLGeAgfuxJXa9eUC0yLO05Wc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a53de5693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 38158

GET
H3 200 IMG-20220801-WA0008.jpg
guaiba.com.br/wp-content/uploads/2022/08/ 62 KB
62 KB 32ms
32ms Image
image/jpeg 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/uploads/2022/08/IMG-20220801-WA0008.jpg
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b1a318e1eb9b9f18af26fe48bc64527ad7567f98c8f80cf42d8cc702ca97c931

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3048
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 63196
last-modified: Mon, 01 Aug 2022 16:17:16 GMT
server: cloudflare
etag: "62e7fc8c-f6dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0H2ffLeCkl2rimcVWCAh0W5xUZ8%2FzI8kS9DHBux21Z3pe21%2FugG4cixsHMGnaIxPodn%2F3quyc0ZQQ%2F%2FLaaADDrKwEOxyWPciI5BispP5qYiqqH%2FNcUBdBtvsybA5SZf2uR735MBlc1jS2idX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a68f59693f-FRA

GET
H3 200 png-534x360.png
guaiba.com.br/wp-content/uploads/2023/11/ 290 KB
291 KB 440ms
439ms Image
image/png 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/uploads/2023/11/png-534x360.png
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f11ca850172289b1fdd037407491d44b187bf4e52cd22b398bf66a9979e3bb1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:10 GMT
cf-cache-status: MISS
last-modified: Thu, 16 Nov 2023 03:41:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65558f6b-4888f"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YFkLuDZw32tqz7OlTpDP05lxeGtw2Lqu1S2nFszjOTAZXDDxI1hjSYeqgI0xZngpx0ME4ix5dYtxL1txnW6LLIWZXP4QGMRtTdkiGHeSbeNwZUOLLXlvc3OFzMVr3RE2bQiqm6P6EDfbxbdk"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a70fca693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 297103

GET
H3 200 1-533x261.png
guaiba.com.br/wp-content/uploads/2023/11/ 115 KB
116 KB 422ms
412ms Image
image/png 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/uploads/2023/11/1-533x261.png
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d33886587a31f294d227ef9c7f5bac37d59607171fc47c4d5bc887a1ee498e99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
cf-cache-status: MISS
last-modified: Wed, 08 Nov 2023 14:33:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "654b9c3c-1cc3f"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E6FqUnImptaDskBYlsQ6gsBwOeIdAjjRvLQVzr2i0%2BPYK7Bv1xrzjyLp4PK1cXqSluXijbnL5G60tI%2F7S%2Bp%2F4vH7M9RUFzdCzJExnHgZ%2Fb%2Bk4Oe7kNsgIPKGpZCqfLfF9eHvcjVEYVc7baGs"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a949bd693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 117823

GET
H3 200 eduardoleite-265x198.webp
guaiba.com.br/wp-content/uploads/2023/11/ 7 KB
8 KB 233ms
222ms Image
image/webp 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/uploads/2023/11/eduardoleite-265x198.webp
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4d0654e13b073b24f54175513644fea0c108e44105a4494618f8548cfc395cda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:10 GMT
cf-cache-status: MISS
last-modified: Tue, 07 Nov 2023 14:58:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "654a5088-1d6c"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTNkx4BcfOrhJtwI8GyK2YvwZMUJjEe1ccPEwbP21Hpwc630GfXmGpg%2BcjSYe22okPLQOguqpL%2FRXqwdyI6B4ms4PfbaxBnyRhKpQCWV%2B4ZuGdrp1A6JwMBQWHeUFI1vcgtS2i68P%2FauPPHi"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a949be693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7532

GET
H3 200 190117_Alex-Rocha_PMPA-001-265x198.jpg
guaiba.com.br/wp-content/uploads/2023/11/ 16 KB
17 KB 394ms
383ms Image
image/jpeg 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/uploads/2023/11/190117_Alex-Rocha_PMPA-001-265x198.jpg
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4ea9f30b144ea79511f24dcbdf13f2a8d95fa9a4395d4dde5af28a7a595f69a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Nov 2023 18:36:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65550fab-417e"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FCJ4Eu%2F5615PowK1gXycjg2Ss74IY2n%2B%2Fh%2FwPO6gdpDiNX7A%2BkKNMX5sM5aPsmDl8jhyKSUsKvL%2BhYxOTn8YRuBHt6spwrCY8cSPFF1FubKpj9JogqnLcA%2BrVYSMKxy8C%2F5Uz3Vxt7xoHXac"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a949bf693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 16766

GET
H3 200 png-324x235.png
guaiba.com.br/wp-content/uploads/2023/11/ 132 KB
132 KB 434ms
424ms Image
image/png 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/uploads/2023/11/png-324x235.png
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d71c2c340f862b24468a26fe0135ae3d6d345abad50fd7e00b46d12b31add295

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
cf-cache-status: MISS
last-modified: Thu, 16 Nov 2023 03:41:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65558f6a-20e18"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=itoMKN%2FixDsSN0bfxDYpZVi%2FBWXnz9Q5yBzB2tJ79yupFGcZ0x1T5aLc0CyDZybC7ds0By2yUAJKG8l%2BBQcW5wdN4zQyEG5lwMP4GLVmaltjha95eJg7D%2BaAlH4fsNTAbfUkP0PZ1yaOffZh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a949c1693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 134680

GET
H3 200 td_218x150.png
guaiba.com.br/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/no-thumb/ 15 KB
16 KB 394ms
384ms Image
image/png 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/no-thumb/td_218x150.png
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 79b0d413b2efd74cbee158c6a13e96e61f69a0fdc214f6e34d39618ffa4da10c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
cf-cache-status: MISS
last-modified: Mon, 27 Jul 2020 16:46:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5f1f04e4-3d6c"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2FepGWb0wAtoyZqoLkCG5DVwIaQ%2FFzRd6P28xN5OyEbv2s0MvLbC7gc4l6W7WB1RyTNyhBsOZbXUoo8RQdWev0nFjVSI7fSopHGPllVgNyKfQd4ytTt89EYluC9kQEQTi2TZgYZZ6zLR%2BYhk"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a949c2693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15724

GET
H3 200 WhatsApp-Image-2023-11-08-at-09.14.41-218x150.jpeg
guaiba.com.br/wp-content/uploads/2023/11/ 6 KB
7 KB 244ms
234ms Image
image/jpeg 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/uploads/2023/11/WhatsApp-Image-2023-11-08-at-09.14.41-218x150.jpeg
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 82bb695eaa3770d4d9853ce849dbf9dabd364741e67e4ea46058fae09fe67b95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:10 GMT
cf-cache-status: MISS
last-modified: Fri, 10 Nov 2023 20:01:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "654e8c11-190e"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S9SVT6KTmFy6QvYQPNl39kr08RZNrhq1zY9U%2Femex1I%2F9TyCefEk5rFoZ2JNPFXTxhcMMYqe5lV8dvpUbqg%2FYhs6Rxp5yHCtSxf8JDnVmIn3AOepmcyxEe0Zf8h8h3NsL1HCRT1TAdq%2FtqP6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a949c3693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6414

GET
H3 200 divina-providencia-218x150.jpg
guaiba.com.br/wp-content/uploads/2023/10/ 13 KB
13 KB 239ms
228ms Image
image/jpeg 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/uploads/2023/10/divina-providencia-218x150.jpg
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a8b6b0a573b60a5a88fd2dcefd54b8368ecbe6687af7a995c4ce8c00ce929320

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:10 GMT
cf-cache-status: MISS
last-modified: Tue, 17 Oct 2023 21:17:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652ef9f0-32af"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0zJ2XeaEx9leuqQGbPKeEF50ZCClxr2qhpEsDck2XAj51UFZgQFnrM6yZApaAoWx7cRzvKV7RQAaZ1YR0IFXSa0bG7PvWvI8uy1Xm3JO%2BB9cglORzU9QFN%2BB4epz%2F93l8JkIXbb4flIYnyT"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a949c4693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 12975

GET
H3 200 WhatsApp-Image-2023-11-15-at-16.40.17-324x160.jpeg
guaiba.com.br/wp-content/uploads/2023/11/ 9 KB
10 KB 271ms
260ms Image
image/jpeg 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/uploads/2023/11/WhatsApp-Image-2023-11-15-at-16.40.17-324x160.jpeg
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 30680fe4396248970391cb2a52e5c27561a51ddf82a116001d9b7858c72f6651

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:10 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Nov 2023 19:37:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65551dfd-25d4"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jEdJ92VKFV%2FV9rRmFgufWkPzm5tBVCLA6qnLCJfi8xAO2wqzY7MX7RptE0Lk%2BiD4BJ%2Fd%2BAmt8Q2kuw0NgcOLwHbW6N0S7K2uzZfkUHvU0duftjL60e%2B8AF5SX7ywiEBQt%2BhTHvc3%2F52MWDwL"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a949c6693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 9684

GET
H3 200 eduardoleite-324x160.webp
guaiba.com.br/wp-content/uploads/2023/11/ 7 KB
8 KB 429ms
419ms Image
image/webp 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/uploads/2023/11/eduardoleite-324x160.webp
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4fc30196480f71ea6a7ba79daa0b6048289c8ad4e0b8beb8fc065483aa29a3d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
cf-cache-status: MISS
last-modified: Tue, 07 Nov 2023 14:58:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "654a5088-1c9e"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FhzcXaUAHjRfIhUD0Bc%2Fp7fm%2B6%2FCZT2TManiGLmqVbz9KUIUB45TXiyRYkYB7ezkuESttoX4SJEo2IB6gFbR0wewJpVONmIfqoQjFCF8prEXXvc0cyATAPT3TYwjQuSjK57NskpRowR58s%2FS"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a949c7693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7326

GET
H3 200 Lula-100x70.webp
guaiba.com.br/wp-content/uploads/2023/11/ 3 KB
4 KB 234ms
223ms Image
image/webp 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/uploads/2023/11/Lula-100x70.webp
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d2c90d7710d8fa703ec28ab459cfd89a52b13f193956ae4ba84d5a9cdad2d410

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:10 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Nov 2023 20:30:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65552a7b-ce8"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gea0jfJyzFIz315W2SvHi1LW3QGfqGpXYOiopKYBwb8oAaqiTYYYnDHf37QJgDVkisJgxqXvjCozXHD8u3aVnar3ufYcxPMo0y0iItJK4lITpq3oyhBXau4qHr1o5OoI3POTfovlQ1a6bv15"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a949c8693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3304

GET
H3 200 SENADO-e-100x70.jpg
guaiba.com.br/wp-content/uploads/2023/01/ 2 KB
3 KB 267ms
257ms Image
image/jpeg 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/uploads/2023/01/SENADO-e-100x70.jpg
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f0ff6f2fc23ff95548681232d265917300d8b437cd5a6947438d829fa0e7c64b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:10 GMT
cf-cache-status: MISS
last-modified: Thu, 26 Jan 2023 01:07:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63d1d24c-8ca"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0pVZ3TRgTYsz%2BEqp6WIIlfCeeUr5%2FpDVXHNOimgRwKI9P1P4xUQODiiKLzvWzPgfI3JU8AgsFE%2BcvGPGmZm1P%2FViLufRAnK80CMlEwH1P%2BiJ8z4WJCAONk6%2BOhSRlSVbdaxm%2FI%2FAcU31xvBD"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a949ca693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2250

GET
H3 200 ponte-brasil-bolivia-100x70.webp
guaiba.com.br/wp-content/uploads/2023/11/ 3 KB
4 KB 227ms
216ms Image
image/webp 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/uploads/2023/11/ponte-brasil-bolivia-100x70.webp
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 376debad0c198eeed09117759974dfc365cdabe1f067276f6e514af9312c8983

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:10 GMT
cf-cache-status: MISS
last-modified: Tue, 14 Nov 2023 23:53:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65540890-d00"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xiKW8KfqG4xamlWZezWxgIEQggNjQBd67uGDtGPeIM3AZT8tvesChvQkkBhKPmL2yNWvYLLRQ8HC1zdSw%2B2WkNgZ%2BrVjDqABUbYDx1C5pD8gz8wibjJkR2kgQ7SPM6ySiWu0OCvN4IVPFiBg"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a949cb693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3328

GET
H3 200 jpg-16-100x70.webp
guaiba.com.br/wp-content/uploads/2023/11/ 3 KB
4 KB 290ms
280ms Image
image/webp 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/uploads/2023/11/jpg-16-100x70.webp
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f5571d84323aac057a0c1ea997e298cdf182b7f90df4b2e8ca4197a006c02c9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
cf-cache-status: MISS
last-modified: Tue, 14 Nov 2023 23:40:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65540576-c88"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SiEEHQyCfllk5SAacOyY11wct0W%2B0Uryi2%2B49DIHyL6ItTBg21Yx3nDScX%2FfI%2B2es0QKoLvwx%2F1xXkMG9mzdz65KTHAfJn%2F%2FRDjtzbi8X9JFjo78pKf%2Fr48kH09lfgjTUNzWRDrKRR4nIkDd"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a949cc693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3208

GET
H3 200 unidade-das-lojas-americanas-12012023131209885-100x70.jpeg
guaiba.com.br/wp-content/uploads/2023/01/ 3 KB
4 KB 291ms
281ms Image
image/jpeg 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/uploads/2023/01/unidade-das-lojas-americanas-12012023131209885-100x70.jpeg
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a544030c93320e7804a327960d6cf81c29fce675498c9d2d7ebb022e11290480

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
cf-cache-status: MISS
last-modified: Thu, 12 Jan 2023 19:30:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63c05ff1-da5"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R5Jr0xLJvx5nKK%2BmiG0Qv1d4rS2awuVUdG6vgl8UvPKLYnvkIIdHb%2FmoFw2u6ubDoK%2F9oGoODZgAoj%2BT2%2BGuxy4kKhQ3LxHuJeTWKLZ5bmvMsf8Q2pcRoBB9Qx22Jy6TFNS9lXX%2B%2Bu1F%2By%2F%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a949cd693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3493

GET
H3 200 NOVA-SEDE-Sistema-Fecomercio-inicia-Mudan%C3%A7a-20-Julho-2020-3-100x70.jpg
guaiba.com.br/wp-content/uploads/2021/10/ 1 KB
2 KB 227ms
217ms Image
image/jpeg 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/uploads/2021/10/NOVA-SEDE-Sistema-Fecomercio-inicia-Mudan%C3%A7a-20-Julho-2020-3-100x70.jpg
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8a95c52c35c0c65b1abbcd03341d67c6fb79d367a41fe6135f76d2fb324aa329

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:10 GMT
cf-cache-status: MISS
last-modified: Tue, 18 Oct 2022 17:08:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "634edd9c-45f"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JxeUwlfjoj8viB8ZnfdvOfHEpD6ipnr7UD664Tqa%2BMeN5uu0Z8CWLOF2yyA314fnIs%2FJuusbqKMvxUSF8FA1Dq1fY1viSlObria8QCmtCEWbbd%2FWBuoYrVNEIKz%2Bs%2F88JHZIpnXy1eAV2qVv"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a949cf693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1119

GET
H3 200 inssss-100x70.jpg
guaiba.com.br/wp-content/uploads/2020/10/ 12 KB
13 KB 232ms
223ms Image
image/jpeg 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/uploads/2020/10/inssss-100x70.jpg
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ad70f10782c22bad438f4978f1bd1f025b912d040962e3a5eb1214b8d6f1148a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:10 GMT
cf-cache-status: MISS
last-modified: Tue, 18 Oct 2022 14:53:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "634ebde3-30bf"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MnozkHh8lxW9rmc%2F2aN9EIUeUeFC7h1%2FQR8VbsqkD3ejXEcAFl5ctPBhOZ%2BO8fyTXImu22gCqsw3FMoDkyGkQArTIeCAR22W3ZvD7DtyRL2dytIeEVMVRCYWcCUJuV%2BQbWfvr4IeRdDb8FQ8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a949d1693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 12479

GET
H3 200 49728086377_fcac11e5fd_b-100x70.jpg
guaiba.com.br/wp-content/uploads/2022/08/ 3 KB
3 KB 395ms
385ms Image
image/jpeg 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/uploads/2022/08/49728086377_fcac11e5fd_b-100x70.jpg
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 54ec44c096ac706b9133680baae603d1b528a0c4b17b6e51e11ee54732d6eabb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
cf-cache-status: MISS
last-modified: Sat, 06 Aug 2022 11:44:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62ee543a-b56"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uwk%2BjVpOI69a1uPrpGi9sdtUuxcwvcEJ0kiJOzWzhSWRuEVBFSwbTYt9Guy5kv9yJ3faGQVSwXKn0tkUwze1dezW1VV%2BGU8iXjBdbFQUX4VrWRduWOacerQLMulYBpRdCeuWH1sDfty55cHx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a949d2693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2902

GET
H3 200 unidade-das-lojas-americanas-12012023131209885-218x150.jpeg
guaiba.com.br/wp-content/uploads/2023/01/ 11 KB
12 KB 267ms
257ms Image
image/jpeg 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/uploads/2023/01/unidade-das-lojas-americanas-12012023131209885-218x150.jpeg
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 53cdc87002dcbe5a8909b892345cac3ace0c5d4d30a0fcf3d0cf1694c9309217

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:10 GMT
cf-cache-status: MISS
last-modified: Thu, 12 Jan 2023 19:30:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63c05ff1-2cc8"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=748JyRPeURF0emEQ3BeJatvO1pDR1NkwPg6UDV0xgStzoO0%2F6ahG9fUXR5tHqx5i0weaoLg%2BseTgNeNLWSCTA2UYpkZoQhabFLCULoNTOUUS%2BG5orrxj1qL%2F8U9dbspoDUiZM%2BxYLqevRYKh"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a949d3693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11464

GET
H3 200 NOVA-SEDE-Sistema-Fecomercio-inicia-Mudan%C3%A7a-20-Julho-2020-3-218x150.jpg
guaiba.com.br/wp-content/uploads/2021/10/ 3 KB
4 KB 398ms
388ms Image
image/jpeg 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/uploads/2021/10/NOVA-SEDE-Sistema-Fecomercio-inicia-Mudan%C3%A7a-20-Julho-2020-3-218x150.jpg
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4d64c23d8f29779768e1ba5e11c541d0d59f01bae3a8bc8afbb6d76642d04345

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
cf-cache-status: MISS
last-modified: Tue, 18 Oct 2022 17:08:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "634edd9c-c4a"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZLeDU1w6NW6s6tH1xQ5ir%2FudOD2kGnBKkB1j4BuFqT43mwBdN8RDQATU2nqRWBsk8myB%2BfnFbLHU3wlj2wQalqmW6VAF6hZqqZywVLOtxfUMvvWd8gJvi6e%2F%2FlDXAKXBFHcbTaEKE7%2BTreqS"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a949d5693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3146

GET
H3 200 inssss-218x150.jpg
guaiba.com.br/wp-content/uploads/2020/10/ 14 KB
14 KB 398ms
388ms Image
image/jpeg 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/uploads/2020/10/inssss-218x150.jpg
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b469848d5117152b45254cce322216ebe30c42b710a10599530f8de367a834f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
cf-cache-status: MISS
last-modified: Tue, 18 Oct 2022 14:53:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "634ebde3-37f2"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQ%2BKPzrs5LDQmULrE1NaktQ8FmxTlUInN5NBhjg7jJE2A5hjUlMBPpQll%2FGu1TbULeinR8u0sFhT0ZqW5mSFN8buSpsryxLdot7zOp2gzs6jaNJpbc5LO9VlvH9I2bYyjURuHwFF34PwtL70"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a949d6693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 14322

GET
H3 200 WhatsApp-Image-2023-11-15-at-16.45.27-324x235.jpeg
guaiba.com.br/wp-content/uploads/2023/11/ 15 KB
16 KB 398ms
389ms Image
image/jpeg 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/uploads/2023/11/WhatsApp-Image-2023-11-15-at-16.45.27-324x235.jpeg
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 3380d49459c62895f06a4daad0e9035356a50a2ca566c1c6335b4bec606290bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Nov 2023 21:56:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65553e95-3cb9"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pa7wtBeJ%2BTax%2FA0hM%2Bpl%2BUk671r6Q3oi9fSxo6emVmIiAFlQ9bJxAJAJQrB%2F1P48auB%2FhwEBBKUd1jbrE2Tn2%2BN3Mn668CSFaKa3fGQK0tN%2BbwBTUVdL57dO%2FwZch%2B7BNIFc%2Ffl7DcG%2FjSjf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a949d7693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15545

GET
H3 200 policia-federal-20052022103051346-100x70.jpeg
guaiba.com.br/wp-content/uploads/2022/08/ 4 KB
4 KB 270ms
260ms Image
image/jpeg 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/uploads/2022/08/policia-federal-20052022103051346-100x70.jpeg
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8b93ff2a1f9d2c1031a60348ca6442021802d6a865f71f9a2895139af8413587

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
cf-cache-status: MISS
last-modified: Tue, 23 Aug 2022 12:52:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6304cd97-1020"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kb1sW7HgC%2FYVgvVcQk4YbGQ5ESsS61uh69Plb42%2BDZp8cZT2LK1Se5Gevcm8m3E8iENdEiOqoLyMPQtvFzmLAbq6PAv3Vpmabi82vjHFOVzm37yei23%2FHB5s7JUDEHlrkywJ%2BEnT3hf2nfyF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a949d9693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4128

GET
H3 200 WhatsApp-Image-2023-11-15-at-12.50.14-100x70.jpeg
guaiba.com.br/wp-content/uploads/2023/11/ 4 KB
4 KB 400ms
390ms Image
image/jpeg 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/uploads/2023/11/WhatsApp-Image-2023-11-15-at-12.50.14-100x70.jpeg
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 85e63d4a3fd0c38c1f24813f5d313f44b6b47b37c18959886229030bc778ed5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Nov 2023 20:05:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65552481-f0a"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fEdLXg14c%2Bo1DmfHw6IyCPOv3L%2BIVBT93fDHmNRTbHE05lC%2FFtBZgBL72i%2FJC8YHagYx33tFU%2Ff3oJjJuyLb65A2EYCe7QLy%2FairOl4jnVCjeK5KEELyfXPaq231fuHQ4iH07Y3QrmMKpUxW"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a949da693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3850

GET
H3 200 10170624_446734_GD-100x70.jpeg
guaiba.com.br/wp-content/uploads/2023/01/ 3 KB
4 KB 401ms
392ms Image
image/jpeg 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/uploads/2023/01/10170624_446734_GD-100x70.jpeg
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 758574325066e1e18e21e567c11c5ed0fe766e3122de1be44960433c75cd95c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
cf-cache-status: MISS
last-modified: Tue, 10 Jan 2023 20:42:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63bdcdc0-d18"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KzFx5kAXuJkl06UzlAXScfD7Haohsbp4ZhhHJwndh5%2FNi28Lwa4r%2FxdyTYqFTsTcdBLXDJdH5pNoFDBwAhZwLyo9ZhK039ZkeOcIg7erQyUc02zIw%2F29dYgC%2FHjHdw1jgxaBVaRbROxY94%2FT"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a949dc693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3352

GET
H3 200 3-1-100x70.png
guaiba.com.br/wp-content/uploads/2023/11/ 11 KB
12 KB 405ms
395ms Image
image/png 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/uploads/2023/11/3-1-100x70.png
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b624ee48ff669fdb36e94f3bfd24117112e6fb067c5f427b59232927a62faf84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Nov 2023 10:33:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "654cb582-2c4a"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RoGobWMlV9hCh%2BMxRLchlF2DXVVbGs0PLjUFiclColfxDbWGIbkMziSHsq3cxOqM6JMvwpiU77D9sDOYMu6nypgUwAv04MrWoL7%2ByCCQ0Zf0dWNsfwDPdIwVZpHri09DnELyVIRSY34%2FQCps"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a949dd693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11338

GET
H3 200 scarpa-218x150.webp
guaiba.com.br/wp-content/uploads/2023/11/ 9 KB
10 KB 407ms
398ms Image
image/webp 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/uploads/2023/11/scarpa-218x150.webp
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 6fdff36dddf64151f004df6d8b2454105c9c4e32c866e70396c228ad2d519b42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Nov 2023 14:45:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6554d978-2552"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CEp4RdmbcHWwkbdQ04%2FIavaqoX25J9QRSlc%2Fv%2FbVB%2ByykfgfTQePZTZ0ynJTqvfK%2Fvs1vlg%2BojJs0DS%2F2VJVA8kYPLtarL7mYuFu7c3I%2FSy4%2FidiKZ%2BpHq68u314lIU9p5xcMGIkfCCSSwMJ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a949e0693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 9554

GET
H3 200 renato-1-218x150.webp
guaiba.com.br/wp-content/uploads/2023/11/ 8 KB
9 KB 259ms
250ms Image
image/webp 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/uploads/2023/11/renato-1-218x150.webp
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c1c3465d4ed2192391252e130e5b1c7900a2a3ba9f6aa18ea8317ac666c3c26b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:10 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Nov 2023 14:39:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6554d823-203e"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tO4cgq5KBPLXb7YrfN4cT1Wtb5rhkH2ayZRJ%2FBYXwXddWckT1yYJd0AV8WFZWKh0XA3ag4iPHZBXh2dPjYlVixBNLEkN08JcmF1SX1ONFHb%2B4b9mt4xyshpyu8tkmJt%2FgeSY%2BIWnIFgW90sU"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a949e1693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 8254

GET
H3 200 NA6qILxM8Psg21RBuWR1-218x150.jpg
guaiba.com.br/wp-content/uploads/2023/11/ 10 KB
10 KB 265ms
256ms Image
image/jpeg 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/uploads/2023/11/NA6qILxM8Psg21RBuWR1-218x150.jpg
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 40b159fa53fde2421e0d0a0c9e983a6c466e33c22829db45bac0e7fed94a1e56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:10 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Nov 2023 14:48:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6554da5b-2819"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0oiQXo1cnIAJewyxEehpYdmNdBBulSbGrftD%2F9XqiTlJWrAg5M1T2T%2FC9RiJkh8VVndlPTTIQJEx%2BzYucfu3UD%2BiUlRpXtK5GXWhN4tC3mQA%2BYNWMVUf6sQK9l6bfctN6NpbtLlED2uZM8il"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a949e2693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 10265

GET
H3 200 o9zz89ABF0228-218x150.jpg
guaiba.com.br/wp-content/uploads/2023/11/ 12 KB
13 KB 407ms
398ms Image
image/jpeg 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/uploads/2023/11/o9zz89ABF0228-218x150.jpg
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7fff10f44831d95dd5299fcffecafaa3f6a8cb227e6524d2bbfb6aaacf8205cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
cf-cache-status: MISS
last-modified: Tue, 14 Nov 2023 19:00:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6553c3b9-31a6"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWZsXFoQr24%2BvN98Mxv5vBzL5gvibyHEzwjORdbFixcwIHqG8Sz85pOslwEp5rCzNCtMQLrYILq3W5m9%2FF07Uel3lFrxDuEyJqM7RwdWTxNlKQWAX9rb3cd%2B7e44NyC5jgdoM7PMiZDw2sIh"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a949e4693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 12710

GET
H3 200 Esquila-Credito-Arco-Divulgacao-218x150.jpg
guaiba.com.br/wp-content/uploads/2023/11/ 9 KB
10 KB 265ms
257ms Image
image/jpeg 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/uploads/2023/11/Esquila-Credito-Arco-Divulgacao-218x150.jpg
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: eaecd7411166c89701ad141497f061a1fe170b22cc8ab1709727418978b7b68b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:10 GMT
cf-cache-status: MISS
last-modified: Tue, 14 Nov 2023 18:52:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6553c1e9-2570"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mN31WHANXmN2x4Y%2BlhHXuiPyxP7pofA1%2BDaaNnY3GLYvtVSWDzLYQ1IH%2FJ0nFSg7PB%2B1HqIciBtvN8pWEdi4chtYxz1kRRr8Zsov%2BnYuCASPSnCSh7QKy1Eoiiws9DXHuQm8%2FLFuVlquBm8r"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a949e5693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 9584

GET
H3 200 Logo-rodape-branco13925.png
guaiba.com.br/wp-content/uploads/2023/05/ 13 KB
13 KB 414ms
406ms Image
image/png 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/uploads/2023/05/Logo-rodape-branco13925.png
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 5e4ac0328b79d03d0ab4f5a4c2b1a827c89ffb189fa1363c74eaebeb0377b241

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 13:52:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6451159d-328c"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZzvARKBgkCJFVBRns0B7WRnoU%2F1XW5oNKSl%2FPnIYoBjWPVIVsaZqixbJ%2FdgNh7Zi7RbQHoFiWXBWP%2FvYSMluAd17InnEzIoTJ6QHxIMGeuTYnDY3LtIkZU0YZ5bh9Yq4%2F%2BwAckI7g0LDNjSk"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a949e6693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 12940

GET
H2 200 sticky Show response
delivery.r2b2.io/get/guaiba.com.br/generic/ 165 KB
13 KB 154ms
84ms Script
text/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.r2b2.io/get/guaiba.com.br/generic/sticky
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: fa680d39b2c76b05b2ca5a57512dbbf54c1b2dde666649f0a3204999f43fb77e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 16 Nov 2023 11:54:10 GMT
content-encoding: gzip
x-age-lb: 2515
adt-version: 6.74.0-RC1
x-77-cache: HIT
x-accel-date: 1700133135
content-length: 13116
x-77-nzt: AsO1ryc3Nzfb0wkAANRmOJw3Nzf/AQYAAA
x-accel-expires: @1700135913
adt-powered-by: slim
x-cache-lb: EXPIRED
x-77-age: 4052
last-modified: Thu, 16 Nov 2023 11:28:33 GMT
server: CDN77-Turbo
adt-server: webgarden-track-www2
x-77-nzt-ray: 25b0213109a283b6e20256653d99a81f
content-type: text/javascript; charset=utf-8
cache-control: s-maxage=1800
accept-ranges: bytes

GET
H2 200 mobile Show response
delivery.r2b2.io/get/guaiba.com.br/generic/sticky/ 167 KB
13 KB 33ms
32ms Script
text/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.r2b2.io/get/guaiba.com.br/generic/sticky/mobile
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 14b245622ffcbb82a46de757471f6e655e22d3b967527e1f4e5f732d189e8877

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 16 Nov 2023 11:54:10 GMT
content-encoding: gzip
x-age-lb: 2515
adt-version: 6.74.0-RC1
x-77-cache: HIT
x-accel-date: 1700133135
content-length: 13142
x-77-nzt: AsO1ryc3Nzfb0wkAANRmOJw3Nzf/AQYAAA
x-accel-expires: @1700135913
adt-powered-by: slim
x-cache-lb: EXPIRED
x-77-age: 4052
last-modified: Thu, 16 Nov 2023 11:28:13 GMT
server: CDN77-Turbo
adt-server: webgarden-track-www4
x-77-nzt-ray: 25b0213109a283b6e20256652cfdf024
content-type: text/javascript; charset=utf-8
cache-control: s-maxage=1800
accept-ranges: bytes

GET
H2 200 vignette Show response
delivery.r2b2.io/get/guaiba.com.br/generic/ 38 KB
6 KB 26ms
26ms Script
text/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.r2b2.io/get/guaiba.com.br/generic/vignette
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2281280d9e0f69ef635072fb055d4b51cb0e0a657d430eb39274be12408ee778

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 16 Nov 2023 11:54:10 GMT
content-encoding: gzip
x-age-lb: 2515
adt-version: 6.74.0-RC1
x-77-cache: HIT
x-accel-date: 1700133135
content-length: 5601
x-77-nzt: AsO1ryc3Nzfb0wkAANRmOAk3Nzf/AQYAAA
x-accel-expires: @1700135913
adt-powered-by: slim
x-cache-lb: EXPIRED
x-77-age: 4052
last-modified: Thu, 16 Nov 2023 11:28:33 GMT
server: CDN77-Turbo
adt-server: webgarden-track-www2
x-77-nzt-ray: 25b0213109a283b6e202566541920127
content-type: text/javascript; charset=utf-8
cache-control: s-maxage=1800
accept-ranges: bytes

GET
H3 200 cookie-law-info-table.css
guaiba.com.br/wp-content/plugins/cookie-law-info/legacy/public/css/ 5 KB
2 KB 576ms
575ms Stylesheet
text/css 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://guaiba.com.br/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-table.css?m=1667297607
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 24aedbf54529258ee3da6ee3971095cadeb8bf91237178ec5253c9a10c966468

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=6113
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 01 Nov 2022 10:13:27 GMT
server: cloudflare
etag: W/"6360f147-17e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gGMVpzyhcWgmKgLN3G5LBabmAP5V9cBfQM1pR0HAQWI4yNNTJZSlmWo9fIiGpH23jdBhHG6lLu3rMHuWr2CVbB%2FsoisixD699EPBixAYwlySxIvcfUWs0qFqv6xODwlqPoCYPb2Wl7RIu%2F0o"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 826f89a91989693f-FRA

GET
H3 200 ui-installprompt.js Show response
guaiba.com.br/wp-content/plugins/progressive-wp/assets/scripts/ 2 KB
1 KB 222ms
220ms Script
application/javascript 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://guaiba.com.br/wp-content/plugins/progressive-wp/assets/scripts/ui-installprompt.js?ver=2.1.13
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 84e7c97429b34edfe6f11b58ef0e74fd09d075b201571f4980d7b41cab9e2687

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:10 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3777
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 01 Nov 2022 10:13:31 GMT
server: cloudflare
etag: W/"6360f14b-ec1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xlqqW%2FbnoJK%2Fb0acyZhNjogE2hSSK2za76vdPyKFBttmHUnqW8T7A9cTvCuKyD%2BIVfuDSz%2BCc4NfmH6ekgHulrZBCxaXzitljsyG%2B6e4ECzKDFV5LQvmuheALNfoU7UtHWBYaUmPG7zSf6rL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 826f89a9299f693f-FRA

GET
H3 200 / Show response
guaiba.com.br/_static/ 67 KB
16 KB 296ms
282ms Script
application/javascript 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://guaiba.com.br/_static/??/wp-content/plugins/tabs-responsive/assets/js/tabs-custom.js,/wp-content/plugins/wp-polls/polls-js.js?m=1667297634
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34, PleskLin
Resource Hash: fcf8d4ee8a411955f60474aaf98b897005d9bbda54fb260c42cdec1974856231

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.2.34, PleskLin
x-cache-status: BYPASS
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Nov 2022 10:13:54 GMT
server: cloudflare
x-page-optimize: cached
etag: W/"92023f95385ce5ea019041197971458a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MdyGqUcPvpHnqIDmiqiDJ8UiMnqBQLnIL02sWZ54utrMM6UvC7zRuF%2FcO8feYWHNbZ%2BB4TJj5zQG37%2BT%2BTtCOp9wAaiAkH47uhxE6uXeUxlPnw66dV7a%2Bx9VPf1H0aK0cXhZ1Ue%2FJqn5jmR%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 826f89a949b4693f-FRA

GET
H3 200 underscore.min.js Show response
guaiba.com.br/wp-includes/js/ 18 KB
8 KB 49ms
34ms Script
application/javascript 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://guaiba.com.br/wp-includes/js/underscore.min.js?ver=1.13.3
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 0da4791b446818516f710c51707081aec7b23a7c5212fc0b2629c973210136a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Nov 2022 10:19:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3721
etag: W/"6360f298-49df"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xm9w0I8emhurtI1xOUTv7sTamHCvcLdKh8De8%2Fovg4q5W5uptVcyQlLfYfwWmSj7bfPR0k48pGCET7O0%2BKI3k0p9EZL2G1Veg4xw9sJ3Yr76rUslLMCbQ6Z4Erqb%2B5kePesJPvprCpht5Pnw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 826f89a949b5693f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
guaiba.com.br/_static/ 233 KB
57 KB 396ms
382ms Script
application/javascript 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://guaiba.com.br/_static/??-eJydjzEOwjAMRS9EaoGqVh0QN+AKlWlMSZXEUZw06u0JnbrAgOTp6ft9G0pQE/tEPkGweTZeIGk1Wc5aWfOIGDdAEUoCy2fGwJJkxJzYMurGGd8scoIvHnY1TxEszThtcKciAUMFVZZw1mYd04scHT3GTzZr2gurwFWnihTs9qssFFRPjqqEw7kVVlbTq9HE/61qLn7/dJGbu567rr8M/dC2b6Smda8=
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34, PleskLin
Resource Hash: 5ef69d3645b13826d1bb76567eea844d29b64fa7728649fd90f93c1505fb17f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 01 Nov 2022 10:19:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-page-optimize: cached
x-powered-by: PHP/7.2.34, PleskLin
etag: W/"8ffd6d5c8036874f3becdc4b13463c44"
x-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mz5pgRi2%2BcgDHmGvr3YxTtLpxZt5p0%2B%2FRLcEPFzt54p44jJ5AiFu48MKD7AcuPOVE1zCgSXrLxpe08sNBAuDbfjOtPq2QJJD4Qt3rqDz%2BgBu8MFXTYRIORJcokVxTxoFSroTViQaOHNoe3HG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 826f89a949b6693f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 pwa-register-sw.js
guaiba.com.br/ 0
0 758ms
745ms Script
text/html 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://guaiba.com.br/pwa-register-sw.js?ver=1.7.51
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cf-edge-cache: cache,platform=wordpress
date: Thu, 16 Nov 2023 11:54:11 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.2.34
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=19YLq2xjY8AP5L0%2Bdfby5FeYpZ%2BLye0tbJIUTD%2FWYZFoqB3f8PA8BtqskyqjPr0xlzsUzHM7NJycqV4%2BqsJ2ZMxuYOjIfhsZ5SHWt8VWr9ie0svm%2BmV1ji9CaAhOso6SDFuTu8j6LxhQfFAm"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400, must-revalidate
cf-ray: 826f89a949b7693f-FRA
link: <https://guaiba.com.br/wp-json/>; rel="https://api.w.org/"
alt-svc: h3=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 js_files_for_front.min.js Show response
guaiba.com.br/wp-content/plugins/td-cloud-library/assets/js/ 13 KB
4 KB 51ms
37ms Script
application/javascript 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://guaiba.com.br/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?m=1595868409
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a32637d5836fe2258b86435151d798ec6b94504643f300edee8936847e427464

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 27 Jul 2020 16:46:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3720
etag: W/"5f1f04f9-351f"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bc%2B5xG4PDqtsbW9UOPWrnn9VbyK9c0fc8ilXAp3uv15YIk6jG86IHO7xf71HP0Ujt6HQpVns2bjXQZnv70%2FeDA1wgZY%2BiJyd%2B5oz0o%2FJimldOuIaVsjLhCUIidI78l3T8P7ZCnzA7K3XDx%2BX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 826f89a949b9693f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
52 KB 181ms
130ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a196e74a8110fdcd0d8d142d53888cbc8285fafed3f2304565786d87a2d8e6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53245
x-xss-protection: 0
server: cafe
etag: 10220253600506124392
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 11:54:10 GMT

GET
H3 200 social-profiles.min.css
guaiba.com.br/wp-content/plugins/easy-social-share-buttons3/lib/modules/social-followers-counter/assets/ 32 KB
5 KB 50ms
37ms Stylesheet
text/css 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://guaiba.com.br/wp-content/plugins/easy-social-share-buttons3/lib/modules/social-followers-counter/assets/social-profiles.min.css
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 1b2f25ad0f768316e771ef0a7ba96a3c38a8567d716111953b0225f9b03650d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Nov 2022 10:13:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3720
etag: W/"6360f144-7f51"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WrZ09mrRMyO%2BDFpUDaO%2BNPjNgf306LYUivaMivhpnHU6lK6b9Apr5pCcI3wWN8D%2FqunYtSeJGhOXRlEXn%2Fm1gdZNxXbsKhOzVQz0p7hicl3xCMmlmAwQC0dYhgjCQTzs1CUmBOot8AYSvDej"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 826f89a949ba693f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
63 KB 62ms
55ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-160181995-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89364106-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

870f8d0399c02e217dd705d925e0ea65467bfe56b2fcef7aa3c69501dfd8b048

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64675
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Nov 2023 11:54:10 GMT

GET
H2 200 base.js Show response
d.tailtarget.com/ 20 KB
9 KB 95ms
24ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/base.js
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 10:07:22 GMT
content-encoding: gzip
age: 6408
x-guploader-uploadid: ABPtcPrZmgLdxRUDahb_GOizH0MPjvzeV3LpRz2m2a3DyYDDQl0Il6meBq0QzU7vLlyWs5ahml_VtSD7-Ldchlz-UbDuGQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8334
last-modified: Thu, 14 Sep 2023 12:59:30 GMT
server: UploadServer
etag: "20de3c90b2d9541b062276e079f0eaa7"
x-goog-hash: crc32c=yMCztg==, md5=IN48kLLZVBsGInbgefDqpw==
x-goog-generation: 1694696370056280
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 8334
accept-ranges: bytes
expires: Fri, 17 Nov 2023 10:07:22 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 112 KB
43 KB 43ms
36ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KKF3SZ3

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0853f264199cae9f99231c43e872fdac497426c6f29e9983ad243aedd889b54f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44353
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Nov 2023 11:54:10 GMT

GET
H/1.1 200
OK stock.js Show response
special.beatifulllhistory.com/api/ 31 KB
13 KB 516ms
96ms Script
application/javascript 80.66.79.249
INOVARE-AS str. U...

General

Check archive.org

Show headers Download Go to

Full URL: https://special.beatifulllhistory.com/api/stock.js
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.66.79.249 Chisinau, Moldova, ASN60602 (INOVARE-AS str. Uzinelor 21 of. 37, MD),
Reverse DNS
Software: nginx /
Resource Hash: 164d5b15820f2c6d68cccba4309e13b4a6d3321edbc8fc09a95dcdf38e5efff6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 11:54:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Nov 2023 10:35:31 GMT
Server: nginx
ETag: W/"654cb5f3-7a35"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Sun, 26 Nov 2023 11:54:11 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 92ms
24ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

35c67f3d27fafe9a0e9aa8f6bd100d1d49d34db666fa537cbca8e17c11561dfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 16 Nov 2023 11:54:10 GMT
content-md5: 9a0IUnSdqJ2ih1S9zY+IcQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
reporting-endpoints
x-fb-debug: Zl1AANFyGYohWT2R/9y7X0pN+9JlQPa5/sX20LERgSSHkcjcfSbaNoLtwbHRcBGkJaUrSeowPuUM49Nqbaz9Ng==
x-fb-content-md5: bef4c0b7e9d859dcfe92237ff72ec6ba
cross-origin-opener-policy: same-origin-allow-popups
etag: "7df0bcb7bf15050423ecfbf9e63c7333"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 16 Nov 2023 12:09:17 GMT

GET
H2 200 bundle.868357515b9a49882e97.js Show response
delivery.r2b2.io/js/6.74.0-RC1/online/public/ 609 KB
157 KB 36ms
30ms Script
text/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.r2b2.io/js/6.74.0-RC1/online/public/bundle.868357515b9a49882e97.js
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/get/guaiba.com.br/generic/sticky
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f474546cfc149f0090f9ea8dd898a3b5b54babea7999854e7cfab4f138e75984

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 16 Nov 2023 11:54:10 GMT
content-encoding: gzip
x-age-lb: 1273
x-77-cache: HIT
x-accel-date: 1700134377
x-77-nzt: AsO1ryc3Nzf/+QQAANRmOJw3Nzf/DCkAAA
x-accel-expires: @1700145177
x-77-age: 11781
x-cache-lb: HIT
last-modified: Mon, 13 Nov 2023 08:05:57 GMT
server: CDN77-Turbo
etag: W/"6551d8e5-984cf"
x-77-nzt-ray: 25b0213109a283b6e2025665aa70902d
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=10800, public
x-lb-cache: HIT
expires: Mon, 13 Nov 2023 12:36:09 GMT

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 jornadaINSTITUCIONAL-cor_5x83.jpg
guaiba.com.br/wp-content/uploads/2023/10/ 242 KB
243 KB 493ms
493ms Image
image/jpeg 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/uploads/2023/10/jornadaINSTITUCIONAL-cor_5x83.jpg
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4164d161f8d49ca23ad133436473152c0a18f06df00f007cdb9b1685b098621b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
cf-cache-status: MISS
last-modified: Thu, 05 Oct 2023 13:39:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "651ebcac-3c9bc"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4nfmiAWN%2BLPS4WXYWshAYYjH4jcj1oTreU%2BYNJKdY4XCErtTWTlWTrWEhafYbtKLA%2FqnZkTMFoIcFAcu%2BFuts5EbfPq81WZyJFAsl0ZgjOkZb2Va21rxl7aiPJp1IbhiRpMzy%2Fs%2FZrtU%2BmDz"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a959ec693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 248252

GET
H3 200 BANNER-NEWAY.png
guaiba.com.br/wp-content/uploads/2023/01/ 2 MB
2 MB 534ms
534ms Image
image/png 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guaiba.com.br/wp-content/uploads/2023/01/BANNER-NEWAY.png
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 0b69e3de2afa156997870f3827638f3b5209d1fd76f81eab7240fe1145aadf47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
cf-cache-status: MISS
last-modified: Tue, 31 Jan 2023 17:11:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63d94bce-1b772f"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pGvzB5MQdupjWfbUIhhyAp5sTrLv4xMPfJ2CBC8ds2GzmGtgZnleOGdiCFijm2%2Ff%2BCBgviqJX9TwYpd%2F2sz18Us0eulVKoVCor%2FH80xDNhVvjsCOAiGeZ7CqA2OVR%2BCrvQWYtsi2t5t8bN4M"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a959f7693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1799983

GET
H3 200 newspaper.woff
guaiba.com.br/wp-content/themes/Newspaper/images/icons/ 121 KB
121 KB 32ms
31ms Font
font/woff 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://guaiba.com.br/wp-content/themes/Newspaper/images/icons/newspaper.woff?17
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/_static/??-eJytlFlu3DAMhi9URkgDpOlD0Rv0CgNKoieCJVEQ6Rhz+9KzdbrYAzR5MQzy58dFlNzcINWQp0jigoiLSdT5zGGEnHzHfnCih0wPJdUHE3xyFhG4KlV1LU/7VC2QeUwEGWeDDewy7TEcXJt8TuGI/UMBJ9cHAvex9VVciwO0nsyyhA796I6rckUv0EkaV0lv5FCE9DSewaSAMwkX+suwOaMNqGdW0Y4NjqX9DwJrKqi0GmqmxjnbKJYvmGxVSigHEA4JM8grdgI/qVrKJ2cb4QrHKduynBWD8XimbkyeDNQvVZ39rfOQTL85m42UNz2SiIeKaq2DjKlWiu+kXnuZvISePFk7vby31gs12K6OoAw6E+lHDGBNtb14ESrNkkmX0zld5g1t4NJYTGn/Zcqa7K72xXIvFH2mZtt5fkdoQIv+Z2X6SsXm88OqatjuFtVmXM4F5nY7DLOa0eQFLcWdAVybOj8kv1LfEDXuTu7dEbmBE8UasUdoGMZV2EW1W1R3mSHzFK9v7m8kb3WJ7K6Pw/fy7fH5+cvnry+PL08/Ac5kMIA=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 905ce0d8fef384dc4f22450bfb19b6811c0704e467f9970d116ac3d8c3e9b700

Request headers

Referer: https://guaiba.com.br/_static/??-eJytlFlu3DAMhi9URkgDpOlD0Rv0CgNKoieCJVEQ6Rhz+9KzdbrYAzR5MQzy58dFlNzcINWQp0jigoiLSdT5zGGEnHzHfnCih0wPJdUHE3xyFhG4KlV1LU/7VC2QeUwEGWeDDewy7TEcXJt8TuGI/UMBJ9cHAvex9VVciwO0nsyyhA796I6rckUv0EkaV0lv5FCE9DSewaSAMwkX+suwOaMNqGdW0Y4NjqX9DwJrKqi0GmqmxjnbKJYvmGxVSigHEA4JM8grdgI/qVrKJ2cb4QrHKduynBWD8XimbkyeDNQvVZ39rfOQTL85m42UNz2SiIeKaq2DjKlWiu+kXnuZvISePFk7vby31gs12K6OoAw6E+lHDGBNtb14ESrNkkmX0zld5g1t4NJYTGn/Zcqa7K72xXIvFH2mZtt5fkdoQIv+Z2X6SsXm88OqatjuFtVmXM4F5nY7DLOa0eQFLcWdAVybOj8kv1LfEDXuTu7dEbmBE8UasUdoGMZV2EW1W1R3mSHzFK9v7m8kb3WJ7K6Pw/fy7fH5+cvnry+PL08/Ac5kMIA=
Origin: https://guaiba.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3720
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 123488
last-modified: Mon, 27 Jul 2020 16:46:16 GMT
server: cloudflare
etag: "5f1f04d8-1e260"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WT%2F4NSG2VI%2B64MLfbB6V%2BY37wmfsosyR%2FE1tqMp29oveUVKCiGe5m348ql7nEPoUML9fh84qgaVZzRTqoqqJUCNNg2BIE6hE1IIpPZjXhSdkowZ%2Fwb2hOBA6sNMDz3yUifB4NT6cKyeZoQs1"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a969fe693f-FRA

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
47 KB 89ms
29ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&display=swap&ver=10.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://guaiba.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:29:28 GMT
x-content-type-options: nosniff
age: 509082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Nov 2024 14:29:28 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 85ms
25ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://guaiba.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:30:11 GMT
x-content-type-options: nosniff
age: 217439
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2024 23:30:11 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 123ms
64ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://guaiba.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 14:45:25 GMT
x-content-type-options: nosniff
age: 248925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2024 14:45:25 GMT

GET
H3 200 newspaper-icons.woff
guaiba.com.br/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/ 6 KB
6 KB 389ms
388ms Font
font/woff 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://guaiba.com.br/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/newspaper-icons.woff?1
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/_static/??-eJytlFlu3DAMhi9URkgDpOlD0Rv0CgNKoieCJVEQ6Rhz+9KzdbrYAzR5MQzy58dFlNzcINWQp0jigoiLSdT5zGGEnHzHfnCih0wPJdUHE3xyFhG4KlV1LU/7VC2QeUwEGWeDDewy7TEcXJt8TuGI/UMBJ9cHAvex9VVciwO0nsyyhA796I6rckUv0EkaV0lv5FCE9DSewaSAMwkX+suwOaMNqGdW0Y4NjqX9DwJrKqi0GmqmxjnbKJYvmGxVSigHEA4JM8grdgI/qVrKJ2cb4QrHKduynBWD8XimbkyeDNQvVZ39rfOQTL85m42UNz2SiIeKaq2DjKlWiu+kXnuZvISePFk7vby31gs12K6OoAw6E+lHDGBNtb14ESrNkkmX0zld5g1t4NJYTGn/Zcqa7K72xXIvFH2mZtt5fkdoQIv+Z2X6SsXm88OqatjuFtVmXM4F5nY7DLOa0eQFLcWdAVybOj8kv1LfEDXuTu7dEbmBE8UasUdoGMZV2EW1W1R3mSHzFK9v7m8kb3WJ7K6Pw/fy7fH5+cvnry+PL08/Ac5kMIA=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2a2ac34136c00e48cd04edf792aec5e6dba2b4cd5942b9383f3f56764125e808

Request headers

Referer: https://guaiba.com.br/_static/??-eJytlFlu3DAMhi9URkgDpOlD0Rv0CgNKoieCJVEQ6Rhz+9KzdbrYAzR5MQzy58dFlNzcINWQp0jigoiLSdT5zGGEnHzHfnCih0wPJdUHE3xyFhG4KlV1LU/7VC2QeUwEGWeDDewy7TEcXJt8TuGI/UMBJ9cHAvex9VVciwO0nsyyhA796I6rckUv0EkaV0lv5FCE9DSewaSAMwkX+suwOaMNqGdW0Y4NjqX9DwJrKqi0GmqmxjnbKJYvmGxVSigHEA4JM8grdgI/qVrKJ2cb4QrHKduynBWD8XimbkyeDNQvVZ39rfOQTL85m42UNz2SiIeKaq2DjKlWiu+kXnuZvISePFk7vby31gs12K6OoAw6E+lHDGBNtb14ESrNkkmX0zld5g1t4NJYTGn/Zcqa7K72xXIvFH2mZtt5fkdoQIv+Z2X6SsXm88OqatjuFtVmXM4F5nY7DLOa0eQFLcWdAVybOj8kv1LfEDXuTu7dEbmBE8UasUdoGMZV2EW1W1R3mSHzFK9v7m8kb3WJ7K6Pw/fy7fH5+cvnry+PL08/Ac5kMIA=
Origin: https://guaiba.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
cf-cache-status: MISS
last-modified: Mon, 27 Jul 2020 16:46:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5f1f04ff-1744"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k0A3UoJU9l5Qize47MJB9i99EP2FTC4fQi52zUc4kPl456suyooz%2FfmyHKngHcT0C8qtEMQj7t5dzffY65tXm%2B2MbSmTxWb0ur1KWRPFX1rYw1jjn70T4GvnzF5XgjuNA7kJsQXJYAQIdeYL"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826f89a96a00693f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5956

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 137ms
79ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://guaiba.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:31:44 GMT
x-content-type-options: nosniff
age: 285746
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2024 04:31:44 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v36/ 49 KB
49 KB 113ms
67ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a246c4de8a0f1f1fdb6ee52565018dc341063aa9efe8481034bc3ef7d697e334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://guaiba.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:30:13 GMT
x-content-type-options: nosniff
age: 217437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50368
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:04:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2024 23:30:13 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 82ms
81ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://guaiba.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 06:30:11 GMT
x-content-type-options: nosniff
age: 365039
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Nov 2024 06:30:11 GMT

GET
H2 200 u Show response
b.t.tailtarget.com/ 54 B
497 B 185ms
121ms Script
application/x-javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 9d5ec6c1d8623cb17e4f59fd8b4dfa0743882d4b6d9ff6958a4bd557a23259c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/x-javascript
cache-control: private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
204 B 31ms
30ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1656276894&t=pageview&_s=1&dl=https%3A%2F%2Fguaiba.com.br%2F&ul=en-us&de=UTF-8&dt=R%C3%A1dio%20Gua%C3%ADba%20%7C%20Informa%C3%A7%C3%A3o%20com%20credibilidade%20%E2%80%93%20R%C3%A1dio%20Gua%C3%ADba&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1520099847&gjid=2006600863&cid=317852422.1700135651&tid=UA-89364106-2&_gid=1058596196.1700135651&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1973086815

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://guaiba.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
70 B 30ms
30ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1656276894&t=pageview&_s=1&dl=https%3A%2F%2Fguaiba.com.br%2F&ul=en-us&de=UTF-8&dt=R%C3%A1dio%20Gua%C3%ADba%20%7C%20Informa%C3%A7%C3%A3o%20com%20credibilidade%20%E2%80%93%20R%C3%A1dio%20Gua%C3%ADba&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgUABAAAAACAAI~&jid=26871237&gjid=912277885&cid=317852422.1700135651&tid=UA-160181995-1&_gid=1058596196.1700135651&_slc=1&z=220869125

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://guaiba.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
344 B 183ms
123ms XHR
text/plain 2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-160181995-1&cid=317852422.1700135651&jid=26871237&gjid=912277885&_gid=1058596196.1700135651&_u=YGDAgUABAAAAAGAAI~&z=1064085777

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 16 Nov 2023 11:54:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://guaiba.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 302 KB
86 KB 52ms
28ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=a0f613e114e4cb872deb2f4c1d6b15d2

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6f20bff1d6993662159d485aa45c43cd94f226ec23cff761ca541b4237d09b0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://guaiba.com.br/
Origin: https://guaiba.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 16 Nov 2023 11:54:10 GMT
content-md5: ygewgjujCbI2ULsgI3VFHA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88331
reporting-endpoints
x-fb-debug: UzZbQBeFaHP47U7BFofiQ+YP9U3qkg+WPLs7noPvJTv0ffvmUcmrJYv5Zh/jQEe5BCJ064IrgXbHvcOga9cpUw==
x-fb-content-md5: fc700c67e987b411a784739f24ca5563
cross-origin-opener-policy: same-origin-allow-popups
etag: "3ca229d3be85d889a8b0e01cbbeb63a8"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Fri, 15 Nov 2024 10:00:21 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 177 KB
65 KB 148ms
147ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-TDTSWX2&t=gtag_UA_160181995_1&cid=317852422.1700135651&aip=true

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

90766fa54b3dfaa6df0d98254fb096e93483f647e21d8cf079b084f1c8fe2339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 66102
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 16 Nov 2023 11:54:11 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 116ms
116ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-160181995-1&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 16 Nov 2023 11:16:44 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2247
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 16 Nov 2023 13:16:44 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 400 KB
136 KB 163ms
162ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8161413193986253&plah=guaiba.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8161413193986253&host=ca-host-pub-2644536267352236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de0a84c830015472189c15c0f037becb8c9a6be2a848bb75ec2856b147a196b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138528
x-xss-protection: 0
server: cafe
etag: 11749895387888317999
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 11:54:11 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame AB2E 9 KB
4 KB 145ms
23ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8161413193986253&host=ca-host-pub-2644536267352236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://guaiba.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15243
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 07:40:08 GMT
etag: 16674218716276178799
expires: Thu, 30 Nov 2023 07:40:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 publishertag.standalone.js
static.criteo.net/js/ld/ Frame 0
0 163ms
42ms Preflight 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://guaiba.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=86400
date: Thu, 16 Nov 2023 11:54:11 GMT
expires: Fri, 17 Nov 2023 11:54:11 GMT
server: nginx
strict-transport-security: max-age=31536000; preload;

GET
H2 200 publishertag.standalone.js Show response
static.criteo.net/js/ld/ 98 KB
32 KB 55ms
55ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.standalone.js

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.74.0-RC1/online/public/bundle.868357515b9a49882e97.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3b2011f4b5bc9c8ae2d7714429e66b688f9047d5d5675265907eb0fcea972066

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type: application/javascript

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-18743"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Nov 2023 11:54:11 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
366 B 158ms
39ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 10 Nov 2024 11:54:11 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
529 B 222ms
105ms XHR
text/plain 37.157.5.84
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.74.0-RC1/online/public/bundle.868357515b9a49882e97.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://guaiba.com.br
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
556 B 525ms
361ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.74.0-RC1/online/public/bundle.868357515b9a49882e97.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:11 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://guaiba.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 prebid Show response
r2b2-emea.adnxs.com/ut/v3/ 156 B
717 B 138ms
44ms XHR
application/json 37.252.172.68
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://r2b2-emea.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.74.0-RC1/online/public/bundle.868357515b9a49882e97.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.68 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

831.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

082b50dbfa624e306a31fc9933d1a06921c6a8d71dc228607568dca2f072e513

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:11 GMT
an-x-request-uuid: a17d8bea-aebd-4bf4-81bd-e34280c92fd9
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://guaiba.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.27; 217.114.218.27; 831.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 156
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content translator Show response
openbid.pubmatic.com/ 0
208 B 207ms
66ms XHR
text/plain 185.64.191.208
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://openbid.pubmatic.com/translator?pubId=158361
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.74.0-RC1/online/public/bundle.868357515b9a49882e97.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.208 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://guaiba.com.br
Date: Thu, 16 Nov 2023 11:54:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true

POST
H2 200 dsh Show response
hb.adscale.de/ 11 B
469 B 114ms
28ms XHR
text/plain 18.158.2.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adscale.de/dsh
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.74.0-RC1/online/public/bundle.868357515b9a49882e97.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.2.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-2-213.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
content-encoding: gzip
vary: origin
p3p: CP=NOI PSA OUR
access-control-allow-origin: https://guaiba.com.br
content-type: text/plain
cache-control: no-cache
access-control-allow-credentials: true
x-robots-tag: none

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
561 B 236ms
74ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.74.0-RC1/online/public/bundle.868357515b9a49882e97.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:11 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://guaiba.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 prebid Show response
r2b2-emea.adnxs.com/ut/v3/ 156 B
717 B 164ms
73ms XHR
application/json 37.252.172.68
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://r2b2-emea.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.74.0-RC1/online/public/bundle.868357515b9a49882e97.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.68 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

831.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

d8cdf990a336cae142b4cb735baff60151f5c6b147ade2ec63ef3cb14f764396

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:11 GMT
an-x-request-uuid: 76e41b14-9fbf-4387-bfb1-ba1fd411158a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://guaiba.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.27; 217.114.218.27; 831.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 156
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
mp.4dex.io/ 60 B
139 B 163ms
80ms XHR
application/json 2606:4700:4400::6812:22b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.74.0-RC1/online/public/bundle.868357515b9a49882e97.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:11 GMT
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://guaiba.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 826f89ac3b7a904e-FRA
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
409 B 107ms
28ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.74.0-RC1/online/public/bundle.868357515b9a49882e97.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://guaiba.com.br
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
176 B 125ms
40ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.74.0-RC1/online/public/bundle.868357515b9a49882e97.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://guaiba.com.br
date: Thu, 16 Nov 2023 11:54:11 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
529 B 200ms
96ms XHR
text/plain 37.157.5.84
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.74.0-RC1/online/public/bundle.868357515b9a49882e97.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://guaiba.com.br
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
530 B 200ms
95ms XHR
text/plain 37.157.5.84
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.74.0-RC1/online/public/bundle.868357515b9a49882e97.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://guaiba.com.br
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
335 B 213ms
37ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.74.0-RC1/online/public/bundle.868357515b9a49882e97.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:11 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://guaiba.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 200 prebid Show response
r2b2-emea.adnxs.com/ut/v3/ 156 B
719 B 128ms
43ms XHR
application/json 37.252.172.68
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://r2b2-emea.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.74.0-RC1/online/public/bundle.868357515b9a49882e97.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.68 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

831.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

d3dd3ae4375a12bfc7aebdca83dcea3a408192da7fdce8761749ab484bd433df

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:11 GMT
an-x-request-uuid: f6a695d5-d87f-4d56-b418-9760d82d7bfc
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://guaiba.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.27; 217.114.218.27; 831.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 156
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 dsh Show response
hb.adscale.de/ 11 B
470 B 105ms
27ms XHR
text/plain 18.158.2.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adscale.de/dsh
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.74.0-RC1/online/public/bundle.868357515b9a49882e97.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.2.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-2-213.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
content-encoding: gzip
vary: origin
p3p: CP=NOI PSA OUR
access-control-allow-origin: https://guaiba.com.br
content-type: text/plain
cache-control: no-cache
access-control-allow-credentials: true
x-robots-tag: none

POST
H/1.1 204
No Content translator Show response
openbid.pubmatic.com/ 0
208 B 195ms
65ms XHR
text/plain 185.64.191.208
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://openbid.pubmatic.com/translator?pubId=158361
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.74.0-RC1/online/public/bundle.868357515b9a49882e97.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.208 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://guaiba.com.br
Date: Thu, 16 Nov 2023 11:54:09 GMT
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
335 B 172ms
38ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.74.0-RC1/online/public/bundle.868357515b9a49882e97.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:10 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://guaiba.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 200 prebid Show response
r2b2-emea.adnxs.com/ut/v3/ 156 B
717 B 232ms
150ms XHR
application/json 37.252.172.68
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://r2b2-emea.adnxs.com/ut/v3/prebid

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.74.0-RC1/online/public/bundle.868357515b9a49882e97.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.68 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

831.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

c49e67ab1eabed4a2b6c4fcfa9dfef910674efc22c3ecf402088ace5b858c1a5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:11 GMT
an-x-request-uuid: 304c2d9d-a954-489f-a431-ad6e669feb91
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://guaiba.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.27; 217.114.218.27; 831.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 156
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
mp.4dex.io/ 60 B
395 B 125ms
50ms XHR
application/json 2606:4700:4400::6812:22b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.74.0-RC1/online/public/bundle.868357515b9a49882e97.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:11 GMT
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://guaiba.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 826f89ac3b79904e-FRA
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
410 B 98ms
27ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.74.0-RC1/online/public/bundle.868357515b9a49882e97.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://guaiba.com.br
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H2 200 b Show response
b.t.tailtarget.com/ 92 B
532 B 132ms
122ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-11835-4&tY=1&tS=3&tU=0100007FE3025665EF06684502B45A3D&tX=b.52&tZ=615142895
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 60719d3959882ac169b8a7bca20de78fac6ffc1b533a0f1115d5f863f7cd9bc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 32ms
31ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1656276894&t=pageview&_s=1&dl=https%3A%2F%2Fguaiba.com.br%2F&ul=en-us&de=UTF-8&dt=R%C3%A1dio%20Gua%C3%ADba%20%7C%20Informa%C3%A7%C3%A3o%20com%20credibilidade%20%E2%80%93%20R%C3%A1dio%20Gua%C3%ADba&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACUADRAAAAGAAI~&jid=1510297947&gjid=2110453389&cid=317852422.1700135651&tid=UA-160181995-1&_gid=1058596196.1700135651&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&did=dZTNiMT&gdid=dZTNiMT&z=584831542

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://guaiba.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK LJWmLm Show response
north.statisticplatform.com/ 14 KB
6 KB 284ms
155ms Script
application/javascript 80.66.79.248
INOVARE-AS str. U...

General

Check archive.org

Show headers Download Go to

Full URL: https://north.statisticplatform.com/LJWmLm
Requested by: Host: special.beatifulllhistory.com
URL: https://special.beatifulllhistory.com/api/stock.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.66.79.248 Chisinau, Moldova, ASN60602 (INOVARE-AS str. Uzinelor 21 of. 37, MD),
Reverse DNS
Software: nginx / PHP/7.4.33
Resource Hash: 0d10ab9ae81ed51d40af144320af43f208be21fb0ac02e968c5b017fc2c3bbdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 11:54:11 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/7.4.33
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: Thu, 16 Nov 2023 11:54:11 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
191 B 157ms
54ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=144&profileId=184&cb=79629778106

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://guaiba.com.br
date: Thu, 16 Nov 2023 11:54:11 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
191 B 141ms
38ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=144&profileId=184&cb=46429389324

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://guaiba.com.br
date: Thu, 16 Nov 2023 11:54:11 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
191 B 157ms
54ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=144&profileId=184&cb=11740731308

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://guaiba.com.br
date: Thu, 16 Nov 2023 11:54:11 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 141ms
38ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=144&profileId=184&cb=2672784615

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://guaiba.com.br
date: Thu, 16 Nov 2023 11:54:10 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 prebid_alright.js Show response
tagmanager.alright.network/ 388 KB
128 KB 53ms
53ms Script
application/javascript 18.66.2.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagmanager.alright.network/prebid_alright.js
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/manager/js/container_NtL1DxxU.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-22.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 57b300c964d5cfc56638cae9228fdd997e9b6d98ff3392397a2e9e1d46430358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 eedf8ac56e4e1ec3b240557514df9d64.cloudfront.net (CloudFront)
date: Thu, 16 Nov 2023 11:54:11 GMT
last-modified: Fri, 23 Jun 2023 04:50:01 GMT
server: AmazonS3
x-amz-cf-pop: TXL50-P1
age: 261
x-amz-server-side-encryption: AES256
etag: W/"a7ce381c3163780fa6da6ed8af01b5b5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: BsUYQxk8p9MKkbfpthtV5hfQd5UY0G5s2SliLfWfShjRr0_0_zR1nA==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 101 KB
31 KB 166ms
77ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/manager/js/container_NtL1DxxU.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9647c36cad183949a9c968111d3c0fa2c6ebd6f570bdb1f761860988f311d6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31649
x-xss-protection: 0
server: cafe
etag: 716 / 19677 / m202311090101 / config-hash: 12061389886161084213
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 11:54:11 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A20A 603 B
245 B 192ms
186ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8161413193986253&output=html&adk=1812271804&adf=3025194257&lmt=1700135651&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C236x810_r&format=0x0&url=https%3A%2F%2Fguaiba.com.br%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&ascmds=1&aslcwct=1&asacwct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700135651039&bpp=4&bdt=1211&idt=352&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7236544713066&frm=20&pv=2&ga_vid=317852422.1700135651&ga_sid=1700135651&ga_hid=1656276894&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44795922%2C44809317%2C31078297%2C44807405%2C44807764%2C44808149%2C44808285%2C44809054&oid=2&pvsid=1749170353716444&tmod=1165723062&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=395

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8161413193986253&plah=guaiba.com.br

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://guaiba.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 11:54:11 GMT
expires: Thu, 16 Nov 2023 11:54:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
298 B 152ms
129ms Image
image/gif 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-11835-4&tE=0&tF=&tI=___de_1700135651237_3648182811&tU=0100007FE3025665EF06684502B45A3D&tX=b.52&tY=1&tZ=900113228
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 77ms
31ms XHR
application/json 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231116

Requested by

Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a18ffbf77cf4d3bc8539b189e1aea2530e9a698a37b4de6089e6d6224c2ca830

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 28398
x-jsd-version: 1.0.1875
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230119-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"63f-L0Ljb9SbZP21vRYLf3HdNCXma8E"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bOR6U5F9jYFq0gYa3UkePaoC%2Bcw7hWf2W3SMJFTmub6wwE%2FxRx6kGmEFT8Oo1DB2gSqNSs7TKTC61hWYTKFDQy62bKl8cwqPvjc9NRdXN2QmI4So9EKeCpsJRLuk70XkjtF%2Bu%2BPWxz%2FwfefBbSI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 826f89ae0848381f-FRA

POST
H2 204 events
bidder.criteo.com/csm/ 0
191 B 38ms
36ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://guaiba.com.br
date: Thu, 16 Nov 2023 11:54:10 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 42ms
40ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 10 Nov 2024 11:54:11 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
191 B 38ms
38ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://guaiba.com.br
date: Thu, 16 Nov 2023 11:54:10 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 events
bidder.criteo.com/csm/ 0
191 B 39ms
39ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://guaiba.com.br
date: Thu, 16 Nov 2023 11:54:11 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 events
bidder.criteo.com/csm/ 0
191 B 36ms
36ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://guaiba.com.br
date: Thu, 16 Nov 2023 11:54:11 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H3 200 pinterest-pro.min.js Show response
guaiba.com.br/wp-content/plugins/easy-social-share-buttons3/assets/modules/ 8 KB
3 KB 49ms
48ms Script
application/javascript 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://guaiba.com.br/wp-content/plugins/easy-social-share-buttons3/assets/modules/pinterest-pro.min.js
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a51d0b123c25524043e8101d5dbd5afc242caa004c4947e14d20b4fc3a13129a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Nov 2022 10:13:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3721
etag: W/"6360f144-1f7a"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DL9eYk0CE0kA52G17hBzloB5Qr6STWAzJylsNuUtKKc%2BuB68mI%2B1kXsd1tC4eyyrVsYOluhg3GEYtCWMjshKd4cJ8Gn4Qh67a%2BAIuOfPImT3JfrTMNsUHLwPyfnXe4XJfsFYw%2BZ9TGed0q%2BS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 826f89ae0e54693f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 subscribe-forms.min.js Show response
guaiba.com.br/wp-content/plugins/easy-social-share-buttons3/assets/modules/ 10 KB
3 KB 49ms
48ms Script
application/javascript 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://guaiba.com.br/wp-content/plugins/easy-social-share-buttons3/assets/modules/subscribe-forms.min.js
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c4dfcf0a7f1361d7343478a34b55ac4f8e93eeb3946e207910c1d5c6f40399bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Nov 2022 10:13:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3721
etag: W/"6360f144-26c8"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CXbUZbKM%2FMw7PGmvhREX5BtugilHS3qWyQ4MCGJS%2BAPS8HUcPuUehkHhmnNCbeVBuoXOev9PEftp33G1aSdIr1KJl%2F8JhgKzLJeKIvxK0u%2FOiHJLIS6%2FTJLg4wkpEnBpGJ42mf2iI8SzUf5J"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 826f89ae0e57693f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 essb-core.min.js Show response
guaiba.com.br/wp-content/plugins/easy-social-share-buttons3/assets/js/ 36 KB
10 KB 49ms
49ms Script
application/javascript 2606:4700:3033::6815:2b83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://guaiba.com.br/wp-content/plugins/easy-social-share-buttons3/assets/js/essb-core.min.js
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2b83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c270e44131dcc18463007a913d8c5db258f201ff507526066f84735df004865e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Nov 2022 10:13:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3721
etag: W/"6360f144-91a4"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bxP%2BiXBR%2F2tR1xkskXgtO2C87YuzDtp8AW3aDpsR%2FJtyJWYm8TDjJtpF68jIT6Zo5rXceJhXeqAR4d2YqLm0ZANth1Ig%2BuLINoupS6R0hRV%2BdOP7wLV68rb2kFqMNsxXVtJ8r%2F68LYj3mz%2BC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 826f89ae0e58693f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 709A 15 KB
6 KB 122ms
41ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=guaiba.com.br

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://guaiba.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 11:54:11 GMT
server: Kestrel
server-processing-duration-in-ticks: 367048
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://guaiba.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 16:55:01 GMT
x-content-type-options: nosniff
age: 586750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17336
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Nov 2024 16:55:01 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 429 KB
135 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 10:54:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3605
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137535
x-xss-protection: 0
server: cafe
etag: 18342593356503948095
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 15 Nov 2024 10:54:06 GMT

GET
H/1.1 200
OK special Show response
got.statisticplatform.com/ 0
327 B 282ms
155ms Script
text/html 80.66.79.247
INOVARE-AS str. U...

General

Check archive.org

Show headers Download Go to

Full URL: https://got.statisticplatform.com/special
Requested by: Host: north.statisticplatform.com
URL: https://north.statisticplatform.com/LJWmLm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.66.79.247 Chisinau, Moldova, ASN60602 (INOVARE-AS str. Uzinelor 21 of. 37, MD),
Reverse DNS
Software: nginx / PHP/7.4.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 11:54:11 GMT
Server: nginx
X-Powered-By: PHP/7.4.33
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 16 Nov 2023 11:54:11 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 709A
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=guaiba.com.br&sn=ChromeSyncframe&so=0&topUrl=guaiba.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=k3zjc3xrS2pzNFdJR0hhZTJ5Tkk0Qm5YZDVLMHE2MmVlQ243NzBWSmtVMEJCTUdkMUNRR2VZZG90bkZkY2dYV01ZZzl1SkdPemlDM3FEQjBENHBxWnptSk4wRHFQd2dvVXlyY1dNV3FkcDh6NThrUFR0bmNWenNGOVlacz...

439 B
656 B

57ms
42ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=k3zjc3xrS2pzNFdJR0hhZTJ5Tkk0Qm5YZDVLMHE2MmVlQ243NzBWSmtVMEJCTUdkMUNRR2VZZG90bkZkY2dYV01ZZzl1SkdPemlDM3FEQjBENHBxWnptSk4wRHFQd2dvVXlyY1dNV3FkcDh6NThrUFR0bmNWenNGOVlaczduMllSYnJrdHN4My93eHRhcUM3T3J4SGNCWlhVQWZsTVNkODY4ZE03L29HSk5jNjQveFVTVVNSWkQ4NVpmVHpnRVo4R3hFUXNXclM2U0xuaFJuRHBnYXk0QUJ6Y0xyVjRBL2NXU0FtN1RnNE5vTnlGMzlUalNWYU1IL21SaDFPNGZQMEpKUVoxa3RwZ1FzeUNHWm1uUkxEdjZYYXhDZz09fA&cppv=2

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0183ebe6a6f087df360b458804771632637a60e809537e9d4555d10b1a338dea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:11 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1306224
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:10 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=k3zjc3xrS2pzNFdJR0hhZTJ5Tkk0Qm5YZDVLMHE2MmVlQ243NzBWSmtVMEJCTUdkMUNRR2VZZG90bkZkY2dYV01ZZzl1SkdPemlDM3FEQjBENHBxWnptSk4wRHFQd2dvVXlyY1dNV3FkcDh6NThrUFR0bmNWenNGOVlaczduMllSYnJrdHN4My93eHRhcUM3T3J4SGNCWlhVQWZsTVNkODY4ZE03L29HSk5jNjQveFVTVVNSWkQ4NVpmVHpnRVo4R3hFUXNXclM2U0xuaFJuRHBnYXk0QUJ6Y0xyVjRBL2NXU0FtN1RnNE5vTnlGMzlUalNWYU1IL21SaDFPNGZQMEpKUVoxa3RwZ1FzeUNHWm1uUkxEdjZYYXhDZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 274695
content-length: 0
expires: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame DA42 101 KB
31 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.74.0-RC1/online/public/bundle.868357515b9a49882e97.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00bbe6aa826e82b451aa598fe3295b71436b3284044d4097244c848b9e287892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31651
x-xss-protection: 0
server: cafe
etag: 581 / 19677 / m202311090101 / config-hash: 12061389886161084213
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 11:54:11 GMT

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 4 KB
2 KB 104ms
35ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 11:54:11 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Mon, 06 Nov 2023 14:13:09 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 192447
ETag: W/"e90435520cec1363a82b67d8298d79a8"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fR4OmwmidmN0bEfNxh4O8YAJ6JLgVQbv9OcZtniwp2cjOl3e9TN5Ny8GFp4nAgFWxUAJ3J9enJqKpV5Thh2f5IeftW8JuTJyEuh9hVYU%2F3NF%2BPNxNJZyqCL70YWt%2FQgzTV9v6F7sANrLuNQt"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 826f89afadbb65b4-FRA

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 318 B
680 B 2566ms
2455ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16794&site_id=154298&zone_id=733542&size_id=2&alt_size_ids=55&rp_schain=1.0,1!alright.com.br,1ff8a7b5dc7a7d1f0ed65aaa29c04b1e,1,,,&rf=https%3A%2F%2Fguaiba.com.br%2F&tg_i.domain=guaiba.com.br&tg_i.page=https%3A%2F%2Fguaiba.com.br%2F&tk_flint=pbjs_lite_v7.47.0-pre&x_source.tid=f3f9cfe9-0a3e-45ed-8834-92dda91fd260&l_pb_bid_id=23f3fae39a8c04&p_screen_res=1600x1200&rp_floor=0.2&rp_secure=1&x_imp.ext.tid=f3f9cfe9-0a3e-45ed-8834-92dda91fd260&rp_hard_floor=0.2&rp_maxbids=1&slots=1&rand=0.9097966237810946
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 69a77aa5703fe98853be12aa1e346d036bb8db37f59a8244ce0a3756ad83fe2a

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:12 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://guaiba.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 318
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
409 B 26ms
26ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://guaiba.com.br
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
55 B 112ms
37ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://guaiba.com.br
date: Thu, 16 Nov 2023 11:54:10 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
555 B 146ms
145ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:11 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://guaiba.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 bid Show response
s.seedtag.com/c/hb/ 11 B
66 B 2564ms
2491ms XHR
application/json 34.149.50.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Nov 2023 11:54:12 GMT
via: 1.1 google
server: openresty
etag: W/"b-OSzRjQUfcriHUprCmY2lR0nxM48"
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://guaiba.com.br
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 prebid Show response
mp.4dex.io/ 60 B
139 B 45ms
45ms XHR
application/json 2606:4700:4400::6812:22b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:11 GMT
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://guaiba.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 826f89af5e15904e-FRA
expires: 0

GET
H/1.1 204
No Content / Show response
d.vidoomy.com/api/rtbserver/prebid/ 0
363 B 2558ms
2352ms XHR
text/plain 212.36.83.246
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.vidoomy.com/api/rtbserver/prebid/?id=15029&adtype=banner&auc=supertag-ad-zyxbkvaca&w=728&h=90&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.159%20Safari%2F537.36&l=en&dt=1&pid=51743&requestId=143ae3685533263&schain=1.0%2C1!alright.com.br%2C1ff8a7b5dc7a7d1f0ed65aaa29c04b1e%2C1%2C%2C%2C&eids=&bidfloor=0.2&d=guaiba.com.br&sp=https%253A%252F%252Fguaiba.com.br%252F&usp=&coppa=false&videoContext=
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.246 Sant Vicenç dels Horts, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb2.vdmy.dtic.es
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 16 Nov 2023 11:54:12 GMT
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://guaiba.com.br
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/4d628/1/guaiba.com.br/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/4d628/1/guaiba.com.br/ROS?rnd=0.8376319418312477&e=728x90_0%3A728x90%2C970x90&ur=https%3A%2F%2Fguaiba.com.br%2F&pbv=7.47.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F...
https://pbjs.e-planning.net/hb/1/4d628/1/guaiba.com.br/ROS?ct=1&r=pbjs&rnd=0.8376319418312477&e=728x90_0%3A728x90%2C970x90&ur=https%3A%2F%2Fguaiba.com.br%2F&pbv=7.47.0-pre&ncb=1&vs=F&crs=UTF-8&fr=h...

292 B
704 B

39ms
37ms

XHR
application/json

193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/4d628/1/guaiba.com.br/ROS?ct=1&r=pbjs&rnd=0.8376319418312477&e=728x90_0%3A728x90%2C970x90&ur=https%3A%2F%2Fguaiba.com.br%2F&pbv=7.47.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fguaiba.com.br%2F
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H2
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: cc24994b0db8dcc54916c4a90825f36d4abdf84ffafa4b8496b4e60ae6e581c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Thu, 16 Nov 2023 11:54:11 GMT
date: Thu, 16 Nov 2023 11:54:11 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://guaiba.com.br
content-type: application/json
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-length: 292
x-sid: AMS-937

Redirect headers

date: Thu, 16 Nov 2023 11:54:11 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://guaiba.com.br
location: /hb/1/4d628/1/guaiba.com.br/ROS?ct=1&r=pbjs&rnd=0.8376319418312477&e=728x90_0%3A728x90%2C970x90&ur=https%3A%2F%2Fguaiba.com.br%2F&pbv=7.47.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fguaiba.com.br%2F
content-type: text/html; charset=iso-8859-1
access-control-allow-credentials: true
x-sid: AMS-937

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
409 B 25ms
25ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://guaiba.com.br
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 200 bid Show response
s.seedtag.com/c/hb/ 11 B
407 B 2555ms
2490ms XHR
application/json 34.149.50.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Nov 2023 11:54:12 GMT
via: 1.1 google
server: openresty
etag: W/"b-OSzRjQUfcriHUprCmY2lR0nxM48"
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://guaiba.com.br
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 prebid Show response
mp.4dex.io/ 60 B
221 B 79ms
79ms XHR
application/json 2606:4700:4400::6812:22b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

x-version: 3.0.0-gcp-ams
date: Thu, 16 Nov 2023 11:54:11 GMT
x-err: Shapings: no adunits with size and seat and mapping
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: gzip
x-warn: Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: supertag-ad-egni3db6m
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://guaiba.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 826f89af5e1d904e-FRA
expires: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
555 B 143ms
143ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:11 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://guaiba.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H/1.1 204
No Content / Show response
d.vidoomy.com/api/rtbserver/prebid/ 0
363 B 2553ms
2353ms XHR
text/plain 212.36.83.246
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.vidoomy.com/api/rtbserver/prebid/?id=15029&adtype=banner&auc=supertag-ad-egni3db6m&w=300&h=250&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.159%20Safari%2F537.36&l=en&dt=1&pid=51743&requestId=26ec88dc6b75aae&schain=1.0%2C1!alright.com.br%2C1ff8a7b5dc7a7d1f0ed65aaa29c04b1e%2C1%2C%2C%2C&eids=&bidfloor=0.2&d=guaiba.com.br&sp=https%253A%252F%252Fguaiba.com.br%252F&usp=&coppa=false&videoContext=
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.246 Sant Vicenç dels Horts, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb2.vdmy.dtic.es
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 16 Nov 2023 11:54:12 GMT
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://guaiba.com.br
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
111 B 95ms
32ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://guaiba.com.br
date: Thu, 16 Nov 2023 11:54:11 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/4d628/1/guaiba.com.br/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/4d628/1/guaiba.com.br/ROS?rnd=0.8376319418312477&e=300x250_0%3A300x250%2C300x600%2C160x600%2C320x250%2C120x600%2C336x280&ur=https%3A%2F%2Fguaiba.com.br%2F&pbv=7.4...
https://pbjs.e-planning.net/hb/1/4d628/1/guaiba.com.br/ROS?ct=1&r=pbjs&rnd=0.8376319418312477&e=300x250_0%3A300x250%2C300x600%2C160x600%2C320x250%2C120x600%2C336x280&ur=https%3A%2F%2Fguaiba.com.br%...

293 B
707 B

40ms
38ms

XHR
application/json

193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/4d628/1/guaiba.com.br/ROS?ct=1&r=pbjs&rnd=0.8376319418312477&e=300x250_0%3A300x250%2C300x600%2C160x600%2C320x250%2C120x600%2C336x280&ur=https%3A%2F%2Fguaiba.com.br%2F&pbv=7.47.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fguaiba.com.br%2F
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H2
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 180e738985fc51eacc5a57a84e2d357158eac3a909c0960cce199dd9e2fefdb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Thu, 16 Nov 2023 11:54:11 GMT
date: Thu, 16 Nov 2023 11:54:11 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://guaiba.com.br
content-type: application/json
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-length: 293
x-sid: AMS-937

Redirect headers

date: Thu, 16 Nov 2023 11:54:11 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://guaiba.com.br
location: /hb/1/4d628/1/guaiba.com.br/ROS?ct=1&r=pbjs&rnd=0.8376319418312477&e=300x250_0%3A300x250%2C300x600%2C160x600%2C320x250%2C120x600%2C336x280&ur=https%3A%2F%2Fguaiba.com.br%2F&pbv=7.47.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fguaiba.com.br%2F
content-type: text/html; charset=iso-8859-1
access-control-allow-credentials: true
x-sid: AMS-937

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 323 B
836 B 2549ms
2455ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16794&site_id=154298&zone_id=733542&size_id=15&alt_size_ids=9%2C8%2C10%2C16%2C159&rp_schain=1.0,1!alright.com.br,1ff8a7b5dc7a7d1f0ed65aaa29c04b1e,1,,,&rf=https%3A%2F%2Fguaiba.com.br%2F&tg_i.domain=guaiba.com.br&tg_i.page=https%3A%2F%2Fguaiba.com.br%2F&tk_flint=pbjs_lite_v7.47.0-pre&x_source.tid=78c0c05a-49d7-49f3-8234-ef3a7c532e6b&l_pb_bid_id=328be2fba3cd0af&p_screen_res=1600x1200&rp_floor=0.2&rp_secure=1&x_imp.ext.tid=78c0c05a-49d7-49f3-8234-ef3a7c532e6b&rp_hard_floor=0.2&rp_maxbids=1&slots=1&rand=0.975843716541025
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 54ae79d494bbd732b9e2e6daeb6064cf26fcd42d5ec72822d24a5b0e747a3ec4

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:11 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://guaiba.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 323
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 55ms
54ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-a9a7"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Nov 2023 11:54:11 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 98ms
27ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 17:40:12 GMT
content-encoding: gzip
age: 238439
x-guploader-uploadid: ABPtcPrYakBZZUaYUT2Aa4NoJoJQZRP6-ODG4Mlhh8MKCLApMvJzlaEJN2z8T9SAscKxSRsWb_zHAvxtH2n8WvZ8c-eAXA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Tue, 12 Nov 2024 17:40:12 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 11 KB
5 KB 112ms
44ms Script
application/javascript 172.64.152.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2023 20:31:13 GMT
server: cloudflare
age: 470541
etag: W/"65401291-2b7d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 826f89afff8f3a4a-FRA
expires: Sun, 19 Nov 2023 11:54:11 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 117ms
32ms Script
text/javascript 18.64.79.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-46.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 07:38:20 GMT
content-encoding: gzip
via: 1.1 1414bd7a19d3e0731eb4c47589439132.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: TXL50-P2
age: 15352
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: s5zLE7_gZuyRSI-qkobCVzBytz5QkWKMuuNZkQzbIaNfhma6aDNQEQ==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 116ms
47ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 5fd3b8fe496e2f0c6327d5e408779769
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 60 KB
20 KB 2535ms
2534ms Fetch
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1749170353716444&correlator=2567632874237087&eid=31077976%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=187332344%3A22047968035%2Cgeneric_vignette_(guaiba.com.br)_-_Sale_-_Interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=3&didk=1432899826&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700135651745&lmt=1700135651&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fguaiba.com.br%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=317852422.1700135651&ga_sid=1700135651&ga_hid=1656276894&ga_fc=true&dlt=1700135649828&idt=1866&adks=181608147&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

174a5f5a2608acda7e2f204e773bfe864299f64316008369c068a5f04b2718a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:12 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20842
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://guaiba.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FF45 6 KB
3 KB 181ms
57ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://guaiba.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 11:54:11 GMT
expires: Fri, 15 Nov 2024 11:54:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 39 KB
13 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e329117bbdc12ee0649ed6654138a9ba8e600eaddf9138752631a50d236d135a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78106
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13750
x-xss-protection: 0
server: cafe
etag: 15254217830347453119
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 14 Nov 2024 14:12:25 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ Frame DA42 429 KB
134 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 10:54:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3605
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137535
x-xss-protection: 0
server: cafe
etag: 18342593356503948095
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 15 Nov 2024 10:54:06 GMT

GET
H2 200 script.js Show response
cadmus.script.ac/dahhc4ozyvjm6/ 129 KB
46 KB 136ms
32ms Script
application/javascript 2606:4700::6812:1691
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a456edc846e4b7ceba3021fb9f478ee8b6cac6d6851a0e0244c6094d72bcf6dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
content-encoding: gzip
last-modified: Thu, 16 Nov 2023 10:38:38 GMT
server: cloudflare
age: 0
etag: W/"b4ad9a62a302c3ae61658bcf9ee89440ad292866"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray: 826f89b0ad8b9177-FRA

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 77 KB
24 KB 153ms
96ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61496aa1a9c3d26cfc292b41fc451a597a47468117c1fb258226a57296390433

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 11:54:11 GMT
Content-Encoding: br
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 06 Nov 2023 14:13:08 GMT
Server: cloudflare
ETag: W/"ccc354615ffb5b4afd96268bab4a6502"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hGSE2VPy4yK%2F8i5JVSZY%2BNGVMW4FCsci%2BKZ0abMPIidJ4BCpxtyCVcUEjzXqC2%2FTXnqhToOsMQxBLAIAXGa%2FTmZp1tntgkIVzqKkKHLljQ1OOKkF3v8WM1agFuIw7nCALQMHNhoiZLT8vOSU"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 826f89b05eab085a-FRA

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fguaiba.com.br%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fguaiba.com.br%2F&rid=esp&cc=1

85 B
193 B

305ms
304ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fguaiba.com.br%2F&rid=esp&cc=1
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: c6c720c333789cc26c133a9c96f24d63ae13f87c9918670ea2a88e3ea1840a21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:14 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-cg+fLMbmnkdFeoeuIkR59kD3Bew"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://guaiba.com.br
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Thu, 16 Nov 2023 11:54:11 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://guaiba.com.br
location: /esp?url=https%3A%2F%2Fguaiba.com.br%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
332 B 2453ms
59ms XHR
application/json 52.48.43.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.43.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-43-143.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 1a096834ac41709c7dce178a835c3af3102a2c50a7114b1fed96901aeaf3863d

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://guaiba.com.br
cache-control: no-cache
x-server: 10.45.20.41
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame DA42 113 KB
46 KB 2365ms
2365ms Fetch
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1947515717116153&correlator=3733403176626585&eid=31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=187332344%3A22047968035%2Cgeneric_sticky_(guaiba.com.br)_-_Sale&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x310%7C300x600%7C300x250%7C300x300%7C336x280%7C970x250%7C728x90%7C1000x310%7C970x210%7C900x250%7C994x250%7C998x200%7C950x300%7C930x180%7C750x100%7C1000x210%7C776x200%7C1000x300%7C1000x250%7C750x200&ifi=1&didk=1543413491&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&abxe=1&dt=1700135651918&adxs=315&adys=890&biw=1600&bih=1200&isw=970&ish=310&scr_x=0&scr_y=0&btvi=0&ucis=3e7z61yvnz3x&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fguaiba.com.br%2F&top=guaiba.com.br&vis=1&psz=970x310&msz=970x0&fws=260&ohw=970&ea=0&ga_vid=317852422.1700135651&ga_sid=1700135652&ga_hid=1040470704&ga_fc=true&dlt=1700135651677&idt=225&adks=4251258239&frm=23

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cc96e9d9bab3838163202edc2ee48bcf3617198afb7a525d26e3f6c6dc3543a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:12 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46891
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://guaiba.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DA42 16 KB
12 KB 2354ms
2353ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2265dd0ebe6f6894860e8c74e5c1470e289d8068b210d7bb8b0ce6d1dd189ef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12415
x-xss-protection: 0

GET
H2 200 container.html
4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 901F 6 KB
0 2352ms
2324ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://guaiba.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 11:54:11 GMT
expires: Fri, 15 Nov 2024 11:54:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 117ms
115ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 16 Nov 2023 11:54:14 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 2609ms
283ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://guaiba.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Thu, 16 Nov 2023 11:54:14 GMT
server: nginx/1.21.6
via: 1.1 google

POST
H2 200 events.php Show response
log.r2b2.io/ 7 B
498 B 1594ms
49ms XHR
text/javascript 185.59.208.177
VSHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://log.r2b2.io/events.php?u=https%3A%2F%2Fguaiba.com.br%2F
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.74.0-RC1/online/public/bundle.868357515b9a49882e97.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 185.59.208.177 , Czech Republic, ASN43541 (VSHOSTING, CZ),
Reverse DNS: webgarden-track-lb-ha.vshosting.cz
Software: nginx /
Resource Hash: 0e24e419966e088022d66225fdbd71e14449ebbeeab942aa7fb4472a7a38c3a7

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:12 GMT
content-encoding: gzip
last-modified: Thu, 16 Nov 2023 11:54:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://guaiba.com.br
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate, private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
expires: Tue, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DA42 17 KB
6 KB 434ms
101ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 16 Nov 2023 11:54:14 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 494ms
494ms Fetch
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1749170353716444&correlator=2661629666562664&eid=31077976%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=21830119956%3A22047968035%2Cguaiba.com.br%2CSIDEBAR_DESK_HOME_BF&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C320x250%7C300x600%7C120x600%7C160x600%7C336x280&fluid=height&ifi=4&didk=1434379757&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700135654304&lmt=1700135654&adxs=1010&adys=1298&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fguaiba.com.br%2F&vis=1&psz=324x0&msz=324x0&fws=4&ohw=1600&ga_vid=317852422.1700135651&ga_sid=1700135651&ga_hid=1656276894&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYn5Ptv70xSABSAghkEhsKDDMzYWNyb3NzLmNvbRifk-2_vTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Yn5Ptv70xSABSAghkEhcKCHJ0YmhvdXNlGJ6U7b-9MUgAUgIIahIUCgVvcGVueBifk-2_vTFIAFICCGQ.&cbidsp=CpUCCAESFAoGb25ldGFnEFEgAlIGb25ldGFnEhcKB3NlZWR0YWcQgxQgAlIHc2VlZHRhZxIUCgZhZGFnaW8QXSACUgZhZGFnaW8SIwoNc21hcnRhZHNlcnZlchCTASACUg1zbWFydGFkc2VydmVyEhcKB3ZpZG9vbXkQgRQgAlIHdmlkb29teRIYCghwdWJtYXRpYxBhIAJSCHB1Ym1hdGljEhsKCWVwbGFubmluZxDGASACUgllcGxhbm5pbmcSFwoHcnViaWNvbhD6EyACUgdydWJpY29uGAIiJDc4YzBjMDVhLTQ5ZDctNDlmMy04MjM0LWVmM2E3YzUzMmU2YioECAMgADILdjcuNDcuMC1wcmVAuBdKAA..&dlt=1700135649828&idt=1866&prev_scp=siteurl%3Dradioguaiba%26sitestructure%3DRON%26iabsafe%3Dtrue&adks=2753598704&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69393ed07673b7844fab53ae6fc10e5c10a6fb9324c22acf31b0ebd3fd0d777e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:14 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12357
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://guaiba.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 37 KB
14 KB 481ms
480ms Fetch
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1749170353716444&correlator=3511444943951284&eid=31077976%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=21830119956%3A22047968035%2Cguaiba.com.br%2CWIDESCREEN_ENGAGE_DESK&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=5&didk=4260840332&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700135654318&lmt=1700135654&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fguaiba.com.br%2F&vis=1&psz=728x-1&msz=0x-1&fws=644&ohw=1600&ga_vid=317852422.1700135651&ga_sid=1700135651&ga_hid=1656276894&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYn5Ptv70xSABSAghkEhsKDDMzYWNyb3NzLmNvbRifk-2_vTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Yn5Ptv70xSABSAghkEhcKCHJ0YmhvdXNlGJ6U7b-9MUgAUgIIahIUCgVvcGVueBifk-2_vTFIAFICCGQ.&cbidsp=CpUCCAESFwoHcnViaWNvbhCOFCACUgdydWJpY29uEhQKBm9uZXRhZxBcIAJSBm9uZXRhZxIYCghwdWJtYXRpYxB1IAJSCHB1Ym1hdGljEiMKDXNtYXJ0YWRzZXJ2ZXIQlgEgAlINc21hcnRhZHNlcnZlchIXCgdzZWVkdGFnEKEUIAJSB3NlZWR0YWcSFAoGYWRhZ2lvEE8gAlIGYWRhZ2lvEhcKB3ZpZG9vbXkQhhQgAlIHdmlkb29teRIbCgllcGxhbm5pbmcQzQEgAlIJZXBsYW5uaW5nGAIiJGYzZjljZmU5LTBhM2UtNDVlZC04ODM0LTkyZGRhOTFmZDI2MCoECAMgADILdjcuNDcuMC1wcmVAuBdKAA..&dlt=1700135649828&idt=1866&prev_scp=siteurl%3Dradioguaiba%26sitestructure%3DRON%26pageposition%3Dabovefold%26adposition%3Dwidescreen%26iabsafe%3Dtrue&adks=1851938793&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c418eaa0518052c98741fe20cebfe9552bb7fa35c958bd6a7e95018db0ad77a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:14 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14632
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://guaiba.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DC65 6 KB
3 KB 252ms
251ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://guaiba.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 11:54:11 GMT
expires: Fri, 15 Nov 2024 11:54:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9EB5 6 KB
3 KB 231ms
230ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://guaiba.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 11:54:11 GMT
expires: Fri, 15 Nov 2024 11:54:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 395C 0
176 B 87ms
32ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://guaiba.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Thu, 16 Nov 2023 11:54:14 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 css2
fonts.googleapis.com/ Frame DC65 4 KB
671 B 84ms
32ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Nov 2023 11:54:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 11:06:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Nov 2023 11:54:14 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 687F 624 B
242 B 66ms
63ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjIioH8ATAB&v=APEucNXomzAEMqDSSqmalg5Az07Djdr728Pa-LkUFmi3aWPsgCy4ThqoYDyQxBR7sPV0vYM7kmfabxbklfKKtkILj8v7iasP496xjill-6HXiQJP5ZK4S-3xdmb_gtSxU5HET1mLTaCudSzxRoT0mSMSz61vBJ4B3ptAB2UY5_HRU6MgaBAdqak

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 11:54:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 79D8 92 KB
32 KB 93ms
91ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f40994eab15b92af5183f9acf338e0354771054c65024e0aa679b6506f9eb87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32789
x-xss-protection: 0
server: cafe
etag: 17194431578830737671
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 11:54:14 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1520146/76103085/xbbe/creative/ Frame 79D8 263 KB
80 KB 186ms
52ms Script
application/javascript 34.248.37.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1520146/76103085/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-Cd6UX6o09BH3mWhfU58yJoDZjNf0B42zdHGFtQAlmRdWlSRt4iB_qqXBbuza2kuNZJ929hPQj_AOV8PHH1CR5-tFL4sr9NbxJ0zcQTac-jfTQEnc4DQATsi47qPEa6CW9NNoVMQFetA12ZmfdiL2BMnZSD0KYPRWdTUnMaVSgehX5tYT0SuRcAoCZ_4BK5fh1nfRrXiGjsLton778t8zqqHoHONRA1GYLtwdBTMh5nO799ro7tWhlC6xo-J6n4H_FJkOH0cnsBchX3DGABaMOhWbD81QGTITUjRos0xcMwtOjbwCHiMeYxyx1WU1ZoQdFFII5uU3QgL-r2a7Q3loRzyEibA7FboPx5ri13FT4oFyTItw5117alCZ9wQzbRF_BsT59kEpUzTXPAQatJJy5EjBn2cvJqhjUYAbUFmyyHRxq9GV2rmvysWO86wmMMUv9wsQuomAJ9x3kndMp8IJOifQV8TqlHkrXFxcRqH1kcIFz-gsSv2JuHKq11j7q50kgRF6cFXk-cxkxtbKwfkeiFaN3EoctKf3EABFlYIQnXsGMWaJiulKvQT0lUiYZRpgwpMDgCG1QwSif6WrHB6tF4ow7OjC_KwniK0CALj_rO6RZtFs2npK8aI3Xzf9TWA7Aw7V70XXwaQlHu7aGSxBYwwserTEtWyA29rHGstEiwJTLoSIGtwZATOWdQbnW0JtkUm8EE7diR2L8DfGj8Pe4p-27-bGy9TBItKqwLsnBZ_2wcwGOifcYmHP_dUOF3HgueCsuTjomxCP38t1ksQ7Cl4un51Yu_rVSZZ6C1tyQNiIasKDBojTfj9gmzjMowKTRihqAtJ6dAMHwUUDhnmzvJ9gsgh8fN_5_pg4LWLxEzCOTHEJ7XqGSQ3B7fiQw5VlG4r71xr9bBmhmbYxonVFX88CWW46dRAaFLPSLQOI_AfBvfsjbqpgsAjZSh21GUn1cLARypoDu0Va6OgugLE1uz2iMZeqXv9OmeAMYkfN3JFSuxumMZdzqD9EMnVWR60d6M5w6gUiVbXFm8CLWuxROdBUtRn4lT5z9kYDfKsz6z4JtCK46Qg1p2a77T67YjR2_BPBjVUe-LEMmCZbAOq-51XfXu4lSvyNbArhpRs0salMMEgoDeEkrIA5M43bkZGaBRGMLQRJ5PcBR5Dw7-dUJAKVMXAMfvXj72iCFX7AqiXdSo32tmioOL2ZWL5buFocTN2YDqrmZ_S0nTZqBCuXbvbqiOiiBa9ja62qqYhbJxPivMjyn2IAZto0aa7hG5EQuY4c22yOcBgJfnQz2KUTtcR65vTHt5njPQCns5Mim-rw-OusmcZt_iy9p1fJ0ZDuUV_lFbKNxgRS1ntgPa5SwneDP0BowvXzZixLyGjUb1WMCxkugU-prmuf_-SwA7Sal1XS-uHViyAlqMHPnqpztMehNT3IrMufhctk-ENOJ-Y2eLG02ZjMGToAdvZG1rpqTIZQ-CnmJ-ZqO2WprFTjefDD2tYLJ4_lUQ049BODszvskLqGfwzitgB22azBTeejvTATDixL33NRka1OIp2AY06MFGg2bzPnYQo0xjVe3VYqhuMfjN7S3p8o3cx8TxqDvM3EuUyretyoVkpIQVmifvcgQLvsjy1I3BLtFVeJmUXIHYZ-chJQNzdRXbA7NcdSAO4kpgCaYmOXYCAPGHZ8IYsVhpxqkJnDWsV7ZCaVltXxI7RCxXVG6oPisrIic8UsfUzPVmafT0nrOi86-vwPhqX4sDzJpcOWiY7ZnBUFkf6AjNYgKIWAr7IsIU6LKL9R6pqTy7bv9frffvekeEjoPXSG9Z7BgyKclcuDDtah5GS2qbHEpWlXB4_Or4BK-cF_gev9omh1TXhm57iKxYSHRO3ECkolcD9JbnT3r28XGhkMiD-CVjr1p1d-kCzJAGP0RpOMAWVThvyo64cX4k8RoFuwpoBWkuk-rtUSo4gpzabc_KF8vU2DnixAf8SKL93E_iDzVlILEY_viuVbfR0y9wZIUNiMebeJVaJ3Ue3KO8nPEm_BG5MKGuZTGn09GLZRSjpYGnhHWRJubdLuPPvqpqlw2tz4fzdSXNijxDbO2F5g4RT5SfoHqu418dnPrejNp9ylJJKr1G5B-upPyJcUWG43cg1Wu4RV1dZ4Coh0wI20qLVlgabkeuCH8L1pBBM77XIyEMxtdh1cwgGv8ubi-0dxkofIavt5gUxAcVZh3PEwFQmMTpiTTlgOfM-IS_ZhDDEFrbiojimCyNy-opa53ZMu2SjiiCS1nPn9O1lsqocmLck_6HCmDanI5fh-mhDy1qIfr7ewmy-xsWwHGJO0Yv0WXpQbh-WkFwuHckT6G5RNV-lGkQzGEW--BR6tzmtv8kgCxfhKeH_b7c_DwOr5NQWTOmKRokOHa_2mZEFiiz8tpeMDPv35uYHmsAvGsg3zGF0BLZVOZIzKRz5erL7VxTLD5Hbu70rS4V0RaJOSCcLSB1kIp63QCCjcKRs2wYtqTySvkYykZ7A0vtpng3DvKAOrxSRAzkTCozDTTyf1UZ14hFOYlQnCu4k5OAizl_b6MHnzrR6SJyMfX9H8Wd9PtHgXhDR0gbGdPVvF8KVstjvWpNQnXiuxNtw01ao8wFNbmYb-_sLmXVvK7-mwXCtWmjhfD-4_5MUsDM0S_uBu9l_pjtrtRTMxHC4RfGxrtoWBvo4bSkbNmUTTIN8Xf7c0DeASzs2eSQIDX_iYkP5wV9fYypdOoXmhsC2o4arOhYrf-w4IdoMVQfheRpH3OJ-9g-zT1Zfs7SbOtQdvrEwZv818zA_z__VbgFN_bj6Q_OKbacvOcHtKfvjbtDRYjnqjFkaMuTR2ubB2yysHHVVK6nAINX6KIn0rCVB-6JvuUzfEpjwgUyJliOKvbsKSsLFeB4ag64wtVTkw3V1gUpXrgp17gLFn_1natyVEdVMxIWru3DlErT8eM3yCiH8kifFXwj1VXkYMxW4G2GEmSRJIPkxC-Vuo9OQBYi3iU_R0osuyJAM-UxK2Y89H-YISa_gDqLZL-yMgpYvzTvZ6uYy_SMDumDG97Jte9xyvTqPRc2RoToSAep7VFCJOl6Jw5aKbhk-n7LD_Ee1X0xxdBlijSRqQkVJuoiL39svqaO35q5oQFxlcIFiRa3g_zsa-gkoYwjfKogQfSJd79jH4tepqdyDBdU7sqNHkGDzjkn4woX7Opff4OIeSwbXg1MBORHwW2-DKyQOKJpSaLTxLQX2pD6ZFV5CJJY79nzF1YEtNYvhoZxLzuD-H9YIL1C_9JPFQOUvQkoRyS2GeXJoNReFL9IOE5gnFJ6pk7kwRmtm0V2Jor_FPgql9wz66K8D74tZ0JrPGaPoSkLQz6GA4s9almJSSF0ioX01dI64bJjqa7jN-1XrMPXROrXjJTL8VOwmn5e-vaURbun-v5wGLZz9Qe7jb91dVXDF4XrL6odXmEh1WpjyUKHfFhBz788iGeTmKu-kfLfQOCkQk6bsr6178NHbxtJrlD31rZa8SY_mXRg7Tvr1Mff4RvZ3vIWQthNttVuQXIxzoWcRDSUS_doTj6SVvbKrUoSOtmfBS-ZheEpksJKcY_EFxgJQ7uyrckNMGUrKzpR-OMugBf2mXclaQfcfE-z3FujpBu8aDQozm8WtyeGGS-nl2RUUzT4X2XO90yu9uIzRbqram91R_DTHCmW1XtysNDEx1kU94nKOkolIqY9s8RpyLbZ661Zxy0K3m9qp6GrVmaXfN0bGb6lHpY_fMaSNfVlGEEzgGI8RGt1GaQyFp90rRHck22MFO8dY3njPV-i6gN027tvPC5s5HG2G3e_3CGnDyQXCaNF6mf-RbXpZ9HJa4bXjeBPS3A34VkxcTtlCevJWWoL8CEoIN9owOWOgiU_RRtohubpCbLj_MGnd0qbbY_BJ8p2bMS8DlUcezip0OVVg7I0rQ1d67fRcrkReiF60OyhFirpOvHidHAA0p1ruHJEBopLhmkG4q83fhfQnYWrNNygcDmlrr8UcrwhN1IrL0SXTKSXXIgC16MNy2sur7CBrmbo9KSGAVd1H5FUfohVZ1o3hMluEpprLCe1juSd1gTK8HC7DMX3IWFjdp61z2-P6vZvGleUnKMYGcvMnHSsGGYr28nwI-Tap5eyaCr1_wFtmVROj4ksTTbxAmTVr6MmMlj5urfTTbVYGkEIBBI7AMgJpo3bHTqkdCyZ836CdBN3Bp5HiLzJrkbcKOmtGqt-a3fH-WpXFeJo3VwbR6HpGlEN9qAWyRxt9lgYAWAB&bundleId=&ias_dspID=3&ias_campId=1013172746&ias_pubId=pub-6070985156043962&ias_chanId=1&ias_placementId=20409787662&bidurl=https://guaiba.com.br/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0hDRoOwCssDfXbb0UcLqMYV
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.37.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-37-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 52140514262c5a3e512a7d20359dab8a6eca56b4ce04238f5bccbce32f7d5f2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 79D8 3 KB
1 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:03:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78661
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 14:03:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 79D8 20 KB
9 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 15:51:29 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 79D8 0
0 89ms
32ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT9-lbXZ2EFT6adPTpuq-dY1jyhkN8QaNixTHNSn0aDa_Gv6mknUOu28Ahj313XjXHUpz1sid_abyhEnAj8zBsGd2XO4w
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 79D8 203 KB
64 KB 153ms
124ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 11:54:14 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 79D8 42 B
63 B 76ms
75ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AJrrMCTW4iz68-9MxUzlrxUGQKe94dFsZZsMH1GSKxBl-NBUQZnIihEDtbZdp_IA6fxysajbsli2MlL52Iqc9HW2pnz_mSRuEGq-hH6IhMxrBJzTY

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 79D8 0
20 B 58ms
57ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4249434843180022270&x=1&ct=76

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame DC65 21 KB
9 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 03:59:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28481
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8781
x-xss-protection: 0
server: cafe
etag: 9666818975682992898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 03:59:33 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1C38 624 B
242 B 65ms
64ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGO_lk_0BMAE&v=APEucNV7bkB5xcJHKQBhReTmfRLOA2GT6OuinHpX07d02bEaRo-BIvnj7gEGPVjHAPslT-jfXSvRBE_R98bAUZn8IB9tpL5ALqd-yqmEFy9eRJMp6i6mvVElu55BTk63uF81ACbQ0AXkMakLajYMvjjPQdGgt8zhVsmeqSwGliQLAg0cHgirsfg

Requested by

Host: 4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com
URL: https://4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 11:54:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 9EB5 111 KB
39 KB 113ms
24ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com/
Origin: https://4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 06:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19443
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Nov 2023 06:30:11 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 9EB5 7 KB
3 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 21:41:15 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 9EB5 23 KB
9 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 15:58:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71727
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 15:58:47 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 9EB5 41 KB
14 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:31:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 285745
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2024 04:31:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 9EB5 3 KB
1 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com
URL: https://4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:03:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78661
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 14:03:13 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CC89 1 KB
643 B 24ms
23ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com
URL: https://4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 70337
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Nov 2023 16:21:57 GMT
etag: 48472445140208031
expires: Thu, 16 Nov 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 9EB5 20 KB
8 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com
URL: https://4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 15:51:29 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9EB5 42 B
63 B 56ms
56ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BZzINmLw2jeOqYuWEyX7iEuHPX6XoTqwk0zGduUGjevnO202yzzpW1CchNzjwEpO0BZztvm0fuOl1efGIKbRtx2aSC3akMx737SncH6GJ8RbR1Mmc

Requested by

Host: 4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com
URL: https://4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9EB5 203 KB
64 KB 91ms
77ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com
URL: https://4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 11:54:14 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame CC89 35 B
464 B 109ms
27ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELt9Kt7peVkeYwRuBoaFQTI&google_cver=1&google_push=AXcoOmQ1bX5wLFA9Ne1mX1zvVXUDBKRs-uKN3d6JhXC66t3y-HfPKvLHi_Fc4xSVfKvxP_sS4EQBWrzX1bcyAScJQWy2E0zS7u2iYA

Requested by

Host: 4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com
URL: https://4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CC89
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEFulmdubqQQ3YEbZ3xnt9Ks&google_cver=1&google_push=AXcoOmRJ1pIMHH2ZGXCzMj2mYEHXevFNeI4JteTQiszmI0X-rblktt2_5a8EQJpFyGTSCzZ-PMhsJiH_54wXelSNX0dt8HlwoxYPDQ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E2A08E31903345198307F1D456CE98B9&google_push=AXcoOmRJ1pIMHH2ZGXCzMj2mYEHXevFNeI4JteTQiszmI0X-rblktt2_5a8EQJpFyGTSCzZ-PMhsJiH_54wXelS...

170 B
188 B

38ms
37ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E2A08E31903345198307F1D456CE98B9&google_push=AXcoOmRJ1pIMHH2ZGXCzMj2mYEHXevFNeI4JteTQiszmI0X-rblktt2_5a8EQJpFyGTSCzZ-PMhsJiH_54wXelSNX0dt8HlwoxYPDQ

Requested by

Host: 4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com
URL: https://4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 16 Nov 2023 11:54:14 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E2A08E31903345198307F1D456CE98B9&google_push=AXcoOmRJ1pIMHH2ZGXCzMj2mYEHXevFNeI4JteTQiszmI0X-rblktt2_5a8EQJpFyGTSCzZ-PMhsJiH_54wXelSNX0dt8HlwoxYPDQ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 15 Nov 2023 11:54:14 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame CC89 0
173 B 113ms
31ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESELUSsuMrmqq9QAYE-J9Ok44&google_cver=1&google_push=AXcoOmRd0ZQK5DQ6s7FtyLrmLQ0_X_0sbw194SLItB4gttz6nvbS1q3f65hOZea-y6WZCQ7HhwWeCAvsW-ZpN8kGgWwcri9YhLWrmA
Requested by: Host: 4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com
URL: https://4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:14 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CC89
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFAvHdcYRBKhLK3oG-U2pYY&google_cver=1&google_push=AXcoOmQQEszadJhddau0fu893kJpBNGiNKWwC2OVW4dMjA2wtvk_A5dFxOOEzr52NXtmx4PBcKB...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAxNFZDT1gtMU4tQ0U2OA==&google_push=AXcoOmQQEszadJhddau0fu893kJpBNGiNKWwC2OVW4dMjA2wtvk_A5dFxOOEzr52NXtmx4PBcKBkyEknOzMlABw8COtq0b6BYGcq

170 B
232 B

39ms
36ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAxNFZDT1gtMU4tQ0U2OA==&google_push=AXcoOmQQEszadJhddau0fu893kJpBNGiNKWwC2OVW4dMjA2wtvk_A5dFxOOEzr52NXtmx4PBcKBkyEknOzMlABw8COtq0b6BYGcq

Requested by

Host: 4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com
URL: https://4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAxNFZDT1gtMU4tQ0U2OA==&google_push=AXcoOmQQEszadJhddau0fu893kJpBNGiNKWwC2OVW4dMjA2wtvk_A5dFxOOEzr52NXtmx4PBcKBkyEknOzMlABw8COtq0b6BYGcq
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CC89
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEN1R5bRqA7HlVwAowpC_IXs&google_cver=1&google_push=AXcoOmTdCe9SfZQYmPUMz1M_DD671shp_xHvUKZUGK5FVmg6riXW8IBbA3GWBLLR1D6DW0TRsjxHv0GgXsSb4SZUs9XUv5biRv...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTdCe9SfZQYmPUMz1M_DD671shp_xHvUKZUGK5FVmg6riXW8IBbA3GWBLLR1D6DW0TRsjxHv0GgXsSb4SZUs9XUv5biRvu...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTg3ODczNDU5Njg1Mzc3MjcwMTcx&google_push=AXcoOmTdCe9SfZQYmPUMz1M_DD671shp_xHvUKZUGK5FVmg6riXW8IBbA3GWBLLR...

170 B
243 B

44ms
36ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTg3ODczNDU5Njg1Mzc3MjcwMTcx&google_push=AXcoOmTdCe9SfZQYmPUMz1M_DD671shp_xHvUKZUGK5FVmg6riXW8IBbA3GWBLLR1D6DW0TRsjxHv0GgXsSb4SZUs9XUv5biRvuX7A

Requested by

Host: 4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com
URL: https://4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTg3ODczNDU5Njg1Mzc3MjcwMTcx&google_push=AXcoOmTdCe9SfZQYmPUMz1M_DD671shp_xHvUKZUGK5FVmg6riXW8IBbA3GWBLLR1D6DW0TRsjxHv0GgXsSb4SZUs9XUv5biRvuX7A
date: Thu, 16 Nov 2023 11:54:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CC89
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEEH6xl177jEBFDHxwmfWAOA&google_cver=1&google_push=AXcoOmSlsEMw4dUuM...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEEH6xl177jEBFDHxwmfWAOA%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDg3OTIyMzczNTg5MDU5MDQyOA%3D%3D&google_gid=CAESEEH6xl177jEBFDHxwmfWAOA&google_cver=1&google_push=AXcoOmSlsEMw4dUuM115cOsJrjh2UJVMld...

170 B
188 B

35ms
31ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDg3OTIyMzczNTg5MDU5MDQyOA%3D%3D&google_gid=CAESEEH6xl177jEBFDHxwmfWAOA&google_cver=1&google_push=AXcoOmSlsEMw4dUuM115cOsJrjh2UJVMld9x5iavU2AdqtqeTeC9nZHg_oVXeVxWSwRdBFz0lalNH_ebBNKaX3FRO9hFsXMaHQBwjds

Requested by

Host: 4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com
URL: https://4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
an-x-request-uuid: 16a05857-80c6-44a2-baae-db102fe55c2b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDg3OTIyMzczNTg5MDU5MDQyOA%3D%3D&google_gid=CAESEEH6xl177jEBFDHxwmfWAOA&google_cver=1&google_push=AXcoOmSlsEMw4dUuM115cOsJrjh2UJVMld9x5iavU2AdqtqeTeC9nZHg_oVXeVxWSwRdBFz0lalNH_ebBNKaX3FRO9hFsXMaHQBwjds
x-proxy-origin: 217.114.218.27; 217.114.218.27; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CC89
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=132f68cd-3170-4050-8407-3327a3c53893&google_cver=1&google_gid=CAESEANah3RFPXlph-4LfJN3IWs&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
232 B

39ms
36ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=132f68cd-3170-4050-8407-3327a3c53893&google_cver=1&google_gid=CAESEANah3RFPXlph-4LfJN3IWs&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTguxZ2Wyd0LrYksPIBkgaoimacX1YZnC6CCTFGjno_4p34iBWu7DfC1KeYJZGrINIdlkRlR3D554kdfWgjN5ABRaPu0mzn-Q&gdpr=${GDPR}

Requested by

Host: 4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com
URL: https://4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=132f68cd-3170-4050-8407-3327a3c53893&google_cver=1&google_gid=CAESEANah3RFPXlph-4LfJN3IWs&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTguxZ2Wyd0LrYksPIBkgaoimacX1YZnC6CCTFGjno_4p34iBWu7DfC1KeYJZGrINIdlkRlR3D554kdfWgjN5ABRaPu0mzn-Q&gdpr=${GDPR}
date: Thu, 16 Nov 2023 11:54:14 GMT
server: _
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame CC89 0
59 B 121ms
40ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KlDmBpZ1rRzmzcEa8_fQ-KxcFkZ2-2axX3SiH9casoqfxVUFMae3cRAWF-wZfZ8RDXCS1tHR0

Requested by

Host: 4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com
URL: https://4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:14 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame E115 38 KB
13 KB 23ms
21ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 540594
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 05:44:20 GMT
expires: Sat, 09 Nov 2024 05:44:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 687F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFSABmo-_ZkKKxW9kI4d4&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFSABmo-_ZkKKxW9kI4d4&google_cver=1&C=1

43 B
447 B

41ms
38ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFSABmo-_ZkKKxW9kI4d4&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjIioH8ATAB&v=APEucNXomzAEMqDSSqmalg5Az07Djdr728Pa-LkUFmi3aWPsgCy4ThqoYDyQxBR7sPV0vYM7kmfabxbklfKKtkILj8v7iasP496xjill-6HXiQJP5ZK4S-3xdmb_gtSxU5HET1mLTaCudSzxRoT0mSMSz61vBJ4B3ptAB2UY5_HRU6MgaBAdqak
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Xgr6LPy06oZQQxIoE64DhE%2BukXG%2BpfAmS1%2FWCXaJ9yeZS63ZhNjTBLEECj1U4zue3AuC8xf5JHylmysbpKYyDGHFvz%2BdqlZacf2tAw%2FFk%2BI4%2F%2FxhR8lZtu2kydcE%2Bq9u2rLyvpwY%2FF0Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 826f89c2f9c49183-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FuX5jMJjjB3o5%2BYLU0v83t5Ab%2FWTwKOEBItV9XzQf3YQ690ak%2B9qqOfepYYMoZnT5qx0SYW1MkV%2Ba1Vl8vdnAkapHMx0y0E2Lrp%2FWq6w12ki78uJ2E2O8Z%2BOWzdcvC8AJPOw8M4W269qtg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEERFSABmo-_ZkKKxW9kI4d4&google_cver=1&C=1
cache-control: no-cache
cf-ray: 826f89c299869183-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 687F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVYC5qVyRFBwOts44vtIIgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFSABmo-_ZkKKxW9kI4d4&google_cver=1

43 B
734 B

42ms
41ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFSABmo-_ZkKKxW9kI4d4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjIioH8ATAB&v=APEucNXomzAEMqDSSqmalg5Az07Djdr728Pa-LkUFmi3aWPsgCy4ThqoYDyQxBR7sPV0vYM7kmfabxbklfKKtkILj8v7iasP496xjill-6HXiQJP5ZK4S-3xdmb_gtSxU5HET1mLTaCudSzxRoT0mSMSz61vBJ4B3ptAB2UY5_HRU6MgaBAdqak
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZKwcxA1dwK2hxMr2qxxAsNuQGcrm%2FGUiVRgEqMxX8bEVPyBxkKNO9ZMWAZgYIrqwj1hEXTgEypcL%2BAaAJhnEc63vBYzJmIPbrfwuXT4jSmbkraJBWM5svRy6UZULRYZLoDeecnNxNAZNPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 826f89c38d4fbb80-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFSABmo-_ZkKKxW9kI4d4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 687F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEH6BKgssRcDw641qDhePkAQ&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEH6BKgssRcDw641qDhePkAQ%26google_cver%3D1

43 B
895 B

38ms
34ms

Image
image/gif

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEH6BKgssRcDw641qDhePkAQ%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjIioH8ATAB&v=APEucNXomzAEMqDSSqmalg5Az07Djdr728Pa-LkUFmi3aWPsgCy4ThqoYDyQxBR7sPV0vYM7kmfabxbklfKKtkILj8v7iasP496xjill-6HXiQJP5ZK4S-3xdmb_gtSxU5HET1mLTaCudSzxRoT0mSMSz61vBJ4B3ptAB2UY5_HRU6MgaBAdqak

Protocol

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
an-x-request-uuid: d4ca2e83-9843-4483-aad1-08ea6cedf363
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.27; 217.114.218.27; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
an-x-request-uuid: adaa9928-08f6-4c11-9b1c-0b61465b03d4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEH6BKgssRcDw641qDhePkAQ%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.27; 217.114.218.27; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 687F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE5MjA2OTczODAxNDUwNjgyNA%3D%3D

170 B
188 B

42ms
41ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE5MjA2OTczODAxNDUwNjgyNA%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
an-x-request-uuid: 3aeb8634-7035-411e-8170-852801a4400c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE5MjA2OTczODAxNDUwNjgyNA%3D%3D
x-proxy-origin: 217.114.218.27; 217.114.218.27; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 1C38
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFSABmo-_ZkKKxW9kI4d4&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFSABmo-_ZkKKxW9kI4d4&google_cver=1&C=1

43 B
328 B

41ms
38ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFSABmo-_ZkKKxW9kI4d4&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGO_lk_0BMAE&v=APEucNV7bkB5xcJHKQBhReTmfRLOA2GT6OuinHpX07d02bEaRo-BIvnj7gEGPVjHAPslT-jfXSvRBE_R98bAUZn8IB9tpL5ALqd-yqmEFy9eRJMp6i6mvVElu55BTk63uF81ACbQ0AXkMakLajYMvjjPQdGgt8zhVsmeqSwGliQLAg0cHgirsfg
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hj4a3AjD8kTaLiDWzRbO%2BkEoQ3zgEC4e4YPtWswZlOx%2Bo7zxQdGtpOz5BvlRFhVE2qYm5L5wdf%2BnqcSTCj4fizl75qrjYtM8wC4mKrVqAopiTJ%2Bq91Oy5dnz3jeLRw5TV6u%2BbSVq1IyatA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 826f89c2f9c89183-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IaiQVs80LeaokZ%2B%2FT7rg9T4IsKTWa0hTfcJHEPdKhsBihulDu8jiIO%2F1Zu%2BtavbINq%2FNYezVGwp0fGs%2FgecgkrZU7Tp5K4aKvzTirkaOseEfWoPz4SZ50jWj7Gpct8hBEgigteTNflRWUw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEERFSABmo-_ZkKKxW9kI4d4&google_cver=1&C=1
cache-control: no-cache
cf-ray: 826f89c299879183-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1C38
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVYC5qVyRFBwOts44vtIIgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFSABmo-_ZkKKxW9kI4d4&google_cver=1

43 B
770 B

40ms
40ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFSABmo-_ZkKKxW9kI4d4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGO_lk_0BMAE&v=APEucNV7bkB5xcJHKQBhReTmfRLOA2GT6OuinHpX07d02bEaRo-BIvnj7gEGPVjHAPslT-jfXSvRBE_R98bAUZn8IB9tpL5ALqd-yqmEFy9eRJMp6i6mvVElu55BTk63uF81ACbQ0AXkMakLajYMvjjPQdGgt8zhVsmeqSwGliQLAg0cHgirsfg
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yC%2FO7ps%2BZZ5BhiDtO%2FNYGhwy5cr6em3iynSzRipDypcb2RsnaLw3UMJZRCryHJGWDEtXcpAjc%2BePomRy4PCFF2BtlDPAdygvn0J%2FeHVs47eki9ergnAVKtEkXzJ4v4n0X4aPu60P71rebA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 826f89c38d4bbb80-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFSABmo-_ZkKKxW9kI4d4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 1C38
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEH6BKgssRcDw641qDhePkAQ&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEH6BKgssRcDw641qDhePkAQ%26google_cver%3D1

43 B
895 B

37ms
34ms

Image
image/gif

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEH6BKgssRcDw641qDhePkAQ%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGO_lk_0BMAE&v=APEucNV7bkB5xcJHKQBhReTmfRLOA2GT6OuinHpX07d02bEaRo-BIvnj7gEGPVjHAPslT-jfXSvRBE_R98bAUZn8IB9tpL5ALqd-yqmEFy9eRJMp6i6mvVElu55BTk63uF81ACbQ0AXkMakLajYMvjjPQdGgt8zhVsmeqSwGliQLAg0cHgirsfg

Protocol

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
an-x-request-uuid: eb5458f6-a8b0-435b-905e-1b5d20ec01c8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.27; 217.114.218.27; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
an-x-request-uuid: b8dff7d3-346f-43b9-9b27-bf1c7371f57f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEH6BKgssRcDw641qDhePkAQ%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.27; 217.114.218.27; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1C38
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE5MjA2OTczODAxNDUwNjgyNA%3D%3D

170 B
188 B

40ms
37ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE5MjA2OTczODAxNDUwNjgyNA%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
an-x-request-uuid: 2e5156a9-7f58-44a4-a2db-c452ec8fdcb1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE5MjA2OTczODAxNDUwNjgyNA%3D%3D
x-proxy-origin: 217.114.218.27; 217.114.218.27; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 9EB5 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c283fe092b042b2a590717f6fb2e480d00d66ebcb7d1d5ee350ce5d6fd5b286

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1EF6 13 KB
5 KB 46ms
27ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://guaiba.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3242
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 11:00:12 GMT
expires: Fri, 15 Nov 2024 11:00:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B921 829 B
1 KB 47ms
36ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1ee41f63f5976e2556a9da755b4a81f70235374d5a71726a1a77e9e541dc0316

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-C89Y6DOZ4EN1juz3r7whBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://guaiba.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-C89Y6DOZ4EN1juz3r7whBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 11:54:14 GMT
expires: Thu, 16 Nov 2023 11:54:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 79D8 0
20 B 61ms
59ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5731457360418&version=m202311060101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 79D8 0
20 B 60ms
58ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5731457360418&version=m202311060101&ct=76&x=1&cor=4249434843180022300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 79D8 17 KB
12 KB 72ms
60ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CBZj9q_FWxEbWIgxu2s9en3T7nQh_eF86eB7zN9nnFjOeO19LN0TVmYJ4RRcq8nOQ5UqdPOIOxOJwxiqcklVivHIwm4U01w_ULEcyeOjnMo-aTEuiMRdbD3yh4wUTHExRKBRXivFprThYV77Nngdj4KQvaTBDnXFYD_IwiiFVYF0YK4Pw&cry=1&dbm_d=AKAmf-DBwIFQVZSi9gH-ygHdLiNIdYz0Ws8CKGa3QHdZeXZlLkVfG_wwx1QFOsDoWYSPP7fBHk4sizNUu3QSkFJfNDPFZnFc9BqAadvXrG88riE6JxPnB-6yJFPqYtHCZZdJTlIQ-IWB1UZaZ6aXvx11axUubczda5BZNrNeFY2CQGDl1FPpVX02E89ioTGrVAhPhEYpLnHP4SwXrO7JC4d_HixcoqbfZ56B_7CWpne_NjvqAjUyxdulYJbrVPj7Q0N4OXUguHx3r36-p8E_eoZZdw-mdV9t1jtVe5TuFNT56pPpPcJXs-2J9uE7qjepd-D0U8lXbH9AItQqRI4KvGCgkHzrNEm6dpVeeF9-LYOfNE5imGvMU_tTlNJ3kSJ1G2J8k6yaYtzTbFcIPjHhmlZLI4U-bDgul9Tyy7WjPxAtOf3Cq1lRipmDlH3WmTcA1usBSlebZ8dfr5RISzZC15LuBXm5wWvy9tPS6rRqdk-tXNZM2Wmzk-JBUeKAXnF4GVTbzcnMBnrnd5op3nj7vjxXdiWTixj_-huJUicfbFpMaqiZGqa1S4SvlnjfrjEqCbL5N8e3O4KLyYAfLzyyCPTx3KVZJtrtXeJ3ip6SFovptwd0utY9GgTa7S3pRdohqG1CNAq7cW781n4DnkAFY1yUDqaALyOOJ0_N4eDxdKQQdDWe-uFIOgAqpfPtz58C2CWyJKghcerBy4EiDNBm7e5rDqIOyltRrxavPhQoc8utTAEj_IxGCFCWr7pVwbDef-wG6f9K1UDJ7FJyZL5t1f68ul7C9m-7LD5PuQc-9rrmviS7uLbvOuNRiCZA5pBxTLjDV3Sv2ird_OtGnJi28gi9qF8V8YglsueobDVtj_UyZsu_cKGMZBuu6USodY219usJs1Fnq7Qj2qDvJ5UPPGh2LcgoifyKVWcSSeMlcb-QlpYpFjw7xcZ_l1lPw1ZTP6kDSCOvUkYGe6xmlHlZT4hDEXt2a4a0DRjfb-IdM7oApuLTHZvU5fk-SoT7I1o0VeLYPIJ70UMXw32EDM2jDlM5hqD6l234lml9htfVNUSSRXURA8vefvTwxvEvV2WsnHeLxqNrT-8yahE0x6Z0y1kusN45AhMc_0KE2OV6qJnmg0ywu-K_bcog6744Nux51jZrnhbgtYB0tWZW9AFgkn58QKKbwdhJJToG9vVKCTLaSDrj09eOLXrsS9g58ke7vc4VvX1Le6Ix2-vDXhUWLpwbtDQJ0bsSzrOeB5XjebosyuqiMB0k_3xoGChORQqkABg7vW9evKqWksLmJBo-Vom_ZYqnvm-St38vRr6Ay7hwJj5gKNh20tHiHuSoj8D_QGXTg61Kz5tIgZ3ZeZhAET1EzVrDiSDhT1pAQUqdEhJx3d1P4r41DGPD_XN-m3EaMjcdB60QjYIHRAsuoccaEOfIiTJxQ8cLTIF2MlUvPcbB_HGj3FvsnT22O-bKxOlF75xC0dLl7lvfG7GvEwD1zjjZ7FnMt0HHv7Q7Ys8l680qMkOAB8LvsUnuHHO9rNTtbgqRV2YHL1fP6pZSEmfQC6q32rSqgfOEY5m3OkrzKptzMVs__AsT4dNulLoK_OFy2vQu3H3NRz6ilxarLz5Lf8SDqn4zrdwjmHXPkykCT1Lmj1v7HXbF2x2QoXA2Fqng2yJolU2juq3AdRaLv9wPX262g8pZDbl53zLjmNFG-bfA9LAcCik90p548DnByLhOMq9ppq3lNlUdTcbR1hA1xcDwC1k-0G7ichSOD84Hx-BrcJRYVJ1lMG7jKHMz3WLUx7ojjwVrp8CNLqkYVs7WPLMWu0DwA7hAQBCg7ZgAzJ7tUkf3j8vjUVASNHCycWemFXkPqWAY--KRhWt5JbZ0Xw8kUEfy39LSB39QlqdZ-CtFg_6HRUp3HKu9kFfp_glOjgBzNjlbcR_uyfvZIUHg8s9VKVgxpUt3EzZQfyubA8j9YIdMR47Yam9J678w7IdtDYdCyvTBjiExUJFC3fakkK4mYn6fj_NHHX6R909cqiLTC-gRxDZkjI6TSHe-ZgnJHqfHE8TpO-S0rbMsVN9refAlCzjuHikrkTo7K1Y_uJ2vdu3TS12i-0M30SLEUltbmc0X_88adAjZQmJAODAA_sBXIGjLTocymLQdN7ZeP72JaKPm2GTpiwiDTGxf1MzZt5TQcQcn-p2klBv1KYUbOanhMsLkwGK_W2jeR3ma03NsAwYG-Sez98iRN6GXw3_IMp-hgOlOXG3eeNnv6wex9afpMRdZL5MHKCL5zSwgzIuLVe9ZjB7Mu8ac28HwuDiDv1ZRJVRXlJWoTFs49SpLTYkBHgkITeyZJQmld0LM8hlxlzNUMedwYgTCoXyCBlN-FSzKUaCAi4RntjfTPT2EG6h-Dq0N0ETJb8yRGeegrRvnZ2SQNYAblD33VNBqDqtY4UlyHp8dugadfJc-qGMsWiLub14AfWPF259HSFmZeildu62YaDdRtc2wb-IhdO2bqW-V752_Y3q_qRBpeZUsC02TWyy4F3ghTEfr0kPlp2p2it_aV0Iowz4GJhuVup9mc7wKIi83Fkj5qsVoNrQ45reFbSvvmyZoR_ZAp8954AlmXO_V8yizdGxMIymY8kDvCGEhk7pDv-rpcayZJWmfEbT0THedf41a0KX8K6PMzr9hYRz5--uwGy97ENbbYJHgA4kN4xa0Z016HqPnVPdHN5ablD44hnm5elzdUWwGe6XoaD-4uN0pDZ5x3fV-2HbONwdw6Dc3gxIFbJ3KyvI2jkIwI9Cz6_L9Pc6ayklm6e0ofkr-DY6TZPb1FQ8KPZAZeCsrQh4DM3C1iwRF4mbSE3c91KKATYhvOYxUV1If0U8WjZnS_5SspCOSTgsni6dhfXAwQvWBwITxaTRD5vNwWgZR6YLnl5DeRHbVV_udQ23qSRPX9QfprahiOoTKn9XeWSkoeyh3PnmO0gKmw2uY5Wk4thHDqb-QGZqFkqcZtRQSLEitEqUvF4HkJuqLJCHkbuvCB3dzqooWw2lJ7MFK6Wa2L1PVvZ6_sSR3-NxbmIeay9WLR8CqemHeDhE1KMp8w2hvUScudM1FEgsANrb4vIl1oFagO78nuUAKPd2ljoOGfrYEGB4GmpbiRapaZ2DcrIxy0d0-ebjM1rdWGen8IHP2CommbE5iktQZSw2a8lji-bzAdI93MXa5KGD-Y8XPoFtqUCH4dirSB2dtiu928SyIqsVpDBNHstr6CpUSZorRoQ5YLMjIswyWX-oav1_ah3G0uTtmqlMn4ui2FQflEt-PMwY94G4qzpXS9aphfKfeua4WM6e43FAt9IOSUDdIL-88OTeZU17A5SVADnq1ERD77qec9O7QrQ&cid=CAQSOwDICaaN2x06pHQsmfN-gnQTdwaeR4i8ya5G3CjprRqrfmt3x_lqVxXiaN1cG0eh6RpRDfagFskcbfZYGAE&dc_eid=31079496&dv3_ver=m202311060101&rfl=https%3A%2F%2Fguaiba.com.br%2F&ds=l&xdt=1&iif=1&cor=4249434843180022300&adk=1726166460&idt=110&cac=0&dtd=39

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d15cc4cd7ecc925adf42c5836e7c6e90a38aad9a6c128ebd004000429bf5c256

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12668
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame E115 39 KB
15 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 19:45:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58097
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Nov 2024 19:45:57 GMT

GET
H3 200 container.html Show response
39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 94F9 6 KB
3 KB 27ms
25ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://guaiba.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 11:54:11 GMT
expires: Fri, 15 Nov 2024 11:54:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E136 6 KB
3 KB 34ms
33ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://guaiba.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 11:54:11 GMT
expires: Fri, 15 Nov 2024 11:54:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/14701205373541416960/ Frame 00FF 82 KB
18 KB 74ms
23ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

937c3e3a495e45d0f5722d37ca84d3c8bc8e0986af708e440860425670905844

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 245672
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 18073
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 15:39:42 GMT
expires: Tue, 12 Nov 2024 15:39:42 GMT
last-modified: Wed, 08 Nov 2023 13:33:22 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 9EB5 0
0 156ms
76ms Fetch
image/gif 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuRTKmFKdrruaB-5_tGS2Qv2qeiQ4lAaUSHnfeZMGeNC5t3_FiHZxqHP6rwCVtaSHBkRPdJiFeotTrxivA5mbE2d88QnIEo2apGokUnZYcvAmQjVWhfXubAagSOq9qHy4PhclUdhva_Hh7FM-uv4xmaq0f8N6otcHuKeuMTVKOS8ZwSGcpfhZOw3Y56lq-CVk1m6Gxstklvl8tU2T0sezUQLFyiHd_Lbrd9M38CnJ0NNqADu9uJe6JRx75iuSr2JbphNIRElNkM3IGTWDOTwq7X9lTqR67gfQwoaqYzWNko50sZSauspvw1-xZrtvMz8W2P7CQgbdaBK3EjcwUGx22Enm3cNSq211Kcc7A2Va9k40d9NZzdDJjPm2i81RJosfyxtpK2oetCXzNnGiAfPHNBdU0GVbhqxI4xYw2378kClFmQZHSBAs5OC9VVzLjMwJnZIM1kNOX6YiVYScsKG8EQ8Jfr9K-Uvn3JVuInppAGtYFEIdIhqBFgmDwMIkdKyMu41zt0qWFnGE9mqqOp0dhcstai7tbloBeBQnenUT0tgeGHIR3MfOfDNCZwBzFIfB_kA3W5GldToHkqHqap9UetRDQE33huHWMvGBJQ4OgvDBHbgecRIqQJ9Rb4U3GsOPkrR4Arhake3PbvFdCwnFqQBNZzQbwuLDWJV21Ft-YaIvUyHO4eDC4uQUFjJQ7RxKWknEfoRECvDZVrpb5AZoex1gkUWs6O98d8ZJzl11FXr7xjE-_nryL3PX6Y_f3XqbabA-uhMtDTQ0cIHd15NbHoDpbTUtbLF_Npphu6sIHD3T0K-uOsY3RP3MfVGUHrTTM_3Dmr0Mv08unLnOqbmbQHKh4r3OpkaTJ91nNSbeH29VHmHmu5s7IWbdEbYgEoXy2in-cJJkTIu-xVuVRjGxyyEZZcsM-Nv2TCqJn5BE0bHmpRrXDUvFE_yejWDb3k-iTLglYvOisiuDZWvSDy-EHa797Jk_oW6GHA64BoL1cePqPy55NDE0zPmW0w87M1xvUGFW-3n2xv_pXMR1_WCNMzF18rXG1RGhhd65IgcSRveSkp69Wd9JHvF2_-b78r6EfQzVrYfGa88Z1F-bx1lpvQwtvN_vLBY0PkVY6XhTDWLMuFSTmXMhFF1qjXgkbi_VSN9i5t83INanPsoNCGxH3KdFRrsXc0vwQzGsrIw7UdgUYoLBNi2zK4whoGHHSs-N7Rw4fZfrs9fZeeprAWDk-V-SrBma5Bzs-qqHeVakgPWfgO8XSSkMoDNxDCSHQ6sG-ayTvdWFQfPLwq_KsD6139rNsxQDXhg7XDhYCQvVnYqKomnP6_9ZqM2Hh38vtLH-ifXfABgy24-QuYf-5BY2bhNX5gR4ixGGeZIzw5BVrFPWJ5GfGpbzwhdGsBxngsFly7i4TKUQQ6SPO_KESV8JIb0rv1Y6iqwl6bgvRX6_y-6Hz_9wz5B8gA&sai=AMfl-YRwxqP_nikaQ9cUvgo3RYVd8QDAkMFycP5H7Y6pIVzDBCLTmI_lgLxUpv0boLdb1OIaO4hZX0wsc1ad_jBiL8cc5qVh8CWfK56zzHH7ofzOp_vFu6MnYaKQj-6O84WwQbzq9Ar546I6c9nsnY3QTqM2GoQQL1I3OXUteXsCiOW-cz3hHKj_53FpZz-XrLs0WS2Wl3kb_lgOZUsswKckrZQb63q_r4WQvp4DwMJtoc12iCgmV0quSiajmzl2IjJrDIF4s1nz-DC1rw-pvb1V_wTExEoK2MtFGCnolXg37dmsBc4WEldSOQeWp6t_uTVA5a1OPQ7j9fXfpsupvDA1oDSqGW4EUP5hbp0oumxQECbskUqbGEIMn33mmvKnVmOSkx1TE010XjcPepQICxS7uaWRRr6WrszlWdG8b7sNqkDe&sig=Cg0ArKJSzNXD_g3RSgB8EAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zbWFydC5jb20&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=256&cbvp=1&cstd=254&cisv=r20231109.91467&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 16 Nov 2023 11:54:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B921 0
0 58ms
57ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=1947515717116153&rc=
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 79D8 41 KB
14 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CBZj9q_FWxEbWIgxu2s9en3T7nQh_eF86eB7zN9nnFjOeO19LN0TVmYJ4RRcq8nOQ5UqdPOIOxOJwxiqcklVivHIwm4U01w_ULEcyeOjnMo-aTEuiMRdbD3yh4wUTHExRKBRXivFprThYV77Nngdj4KQvaTBDnXFYD_IwiiFVYF0YK4Pw&cry=1&dbm_d=AKAmf-DBwIFQVZSi9gH-ygHdLiNIdYz0Ws8CKGa3QHdZeXZlLkVfG_wwx1QFOsDoWYSPP7fBHk4sizNUu3QSkFJfNDPFZnFc9BqAadvXrG88riE6JxPnB-6yJFPqYtHCZZdJTlIQ-IWB1UZaZ6aXvx11axUubczda5BZNrNeFY2CQGDl1FPpVX02E89ioTGrVAhPhEYpLnHP4SwXrO7JC4d_HixcoqbfZ56B_7CWpne_NjvqAjUyxdulYJbrVPj7Q0N4OXUguHx3r36-p8E_eoZZdw-mdV9t1jtVe5TuFNT56pPpPcJXs-2J9uE7qjepd-D0U8lXbH9AItQqRI4KvGCgkHzrNEm6dpVeeF9-LYOfNE5imGvMU_tTlNJ3kSJ1G2J8k6yaYtzTbFcIPjHhmlZLI4U-bDgul9Tyy7WjPxAtOf3Cq1lRipmDlH3WmTcA1usBSlebZ8dfr5RISzZC15LuBXm5wWvy9tPS6rRqdk-tXNZM2Wmzk-JBUeKAXnF4GVTbzcnMBnrnd5op3nj7vjxXdiWTixj_-huJUicfbFpMaqiZGqa1S4SvlnjfrjEqCbL5N8e3O4KLyYAfLzyyCPTx3KVZJtrtXeJ3ip6SFovptwd0utY9GgTa7S3pRdohqG1CNAq7cW781n4DnkAFY1yUDqaALyOOJ0_N4eDxdKQQdDWe-uFIOgAqpfPtz58C2CWyJKghcerBy4EiDNBm7e5rDqIOyltRrxavPhQoc8utTAEj_IxGCFCWr7pVwbDef-wG6f9K1UDJ7FJyZL5t1f68ul7C9m-7LD5PuQc-9rrmviS7uLbvOuNRiCZA5pBxTLjDV3Sv2ird_OtGnJi28gi9qF8V8YglsueobDVtj_UyZsu_cKGMZBuu6USodY219usJs1Fnq7Qj2qDvJ5UPPGh2LcgoifyKVWcSSeMlcb-QlpYpFjw7xcZ_l1lPw1ZTP6kDSCOvUkYGe6xmlHlZT4hDEXt2a4a0DRjfb-IdM7oApuLTHZvU5fk-SoT7I1o0VeLYPIJ70UMXw32EDM2jDlM5hqD6l234lml9htfVNUSSRXURA8vefvTwxvEvV2WsnHeLxqNrT-8yahE0x6Z0y1kusN45AhMc_0KE2OV6qJnmg0ywu-K_bcog6744Nux51jZrnhbgtYB0tWZW9AFgkn58QKKbwdhJJToG9vVKCTLaSDrj09eOLXrsS9g58ke7vc4VvX1Le6Ix2-vDXhUWLpwbtDQJ0bsSzrOeB5XjebosyuqiMB0k_3xoGChORQqkABg7vW9evKqWksLmJBo-Vom_ZYqnvm-St38vRr6Ay7hwJj5gKNh20tHiHuSoj8D_QGXTg61Kz5tIgZ3ZeZhAET1EzVrDiSDhT1pAQUqdEhJx3d1P4r41DGPD_XN-m3EaMjcdB60QjYIHRAsuoccaEOfIiTJxQ8cLTIF2MlUvPcbB_HGj3FvsnT22O-bKxOlF75xC0dLl7lvfG7GvEwD1zjjZ7FnMt0HHv7Q7Ys8l680qMkOAB8LvsUnuHHO9rNTtbgqRV2YHL1fP6pZSEmfQC6q32rSqgfOEY5m3OkrzKptzMVs__AsT4dNulLoK_OFy2vQu3H3NRz6ilxarLz5Lf8SDqn4zrdwjmHXPkykCT1Lmj1v7HXbF2x2QoXA2Fqng2yJolU2juq3AdRaLv9wPX262g8pZDbl53zLjmNFG-bfA9LAcCik90p548DnByLhOMq9ppq3lNlUdTcbR1hA1xcDwC1k-0G7ichSOD84Hx-BrcJRYVJ1lMG7jKHMz3WLUx7ojjwVrp8CNLqkYVs7WPLMWu0DwA7hAQBCg7ZgAzJ7tUkf3j8vjUVASNHCycWemFXkPqWAY--KRhWt5JbZ0Xw8kUEfy39LSB39QlqdZ-CtFg_6HRUp3HKu9kFfp_glOjgBzNjlbcR_uyfvZIUHg8s9VKVgxpUt3EzZQfyubA8j9YIdMR47Yam9J678w7IdtDYdCyvTBjiExUJFC3fakkK4mYn6fj_NHHX6R909cqiLTC-gRxDZkjI6TSHe-ZgnJHqfHE8TpO-S0rbMsVN9refAlCzjuHikrkTo7K1Y_uJ2vdu3TS12i-0M30SLEUltbmc0X_88adAjZQmJAODAA_sBXIGjLTocymLQdN7ZeP72JaKPm2GTpiwiDTGxf1MzZt5TQcQcn-p2klBv1KYUbOanhMsLkwGK_W2jeR3ma03NsAwYG-Sez98iRN6GXw3_IMp-hgOlOXG3eeNnv6wex9afpMRdZL5MHKCL5zSwgzIuLVe9ZjB7Mu8ac28HwuDiDv1ZRJVRXlJWoTFs49SpLTYkBHgkITeyZJQmld0LM8hlxlzNUMedwYgTCoXyCBlN-FSzKUaCAi4RntjfTPT2EG6h-Dq0N0ETJb8yRGeegrRvnZ2SQNYAblD33VNBqDqtY4UlyHp8dugadfJc-qGMsWiLub14AfWPF259HSFmZeildu62YaDdRtc2wb-IhdO2bqW-V752_Y3q_qRBpeZUsC02TWyy4F3ghTEfr0kPlp2p2it_aV0Iowz4GJhuVup9mc7wKIi83Fkj5qsVoNrQ45reFbSvvmyZoR_ZAp8954AlmXO_V8yizdGxMIymY8kDvCGEhk7pDv-rpcayZJWmfEbT0THedf41a0KX8K6PMzr9hYRz5--uwGy97ENbbYJHgA4kN4xa0Z016HqPnVPdHN5ablD44hnm5elzdUWwGe6XoaD-4uN0pDZ5x3fV-2HbONwdw6Dc3gxIFbJ3KyvI2jkIwI9Cz6_L9Pc6ayklm6e0ofkr-DY6TZPb1FQ8KPZAZeCsrQh4DM3C1iwRF4mbSE3c91KKATYhvOYxUV1If0U8WjZnS_5SspCOSTgsni6dhfXAwQvWBwITxaTRD5vNwWgZR6YLnl5DeRHbVV_udQ23qSRPX9QfprahiOoTKn9XeWSkoeyh3PnmO0gKmw2uY5Wk4thHDqb-QGZqFkqcZtRQSLEitEqUvF4HkJuqLJCHkbuvCB3dzqooWw2lJ7MFK6Wa2L1PVvZ6_sSR3-NxbmIeay9WLR8CqemHeDhE1KMp8w2hvUScudM1FEgsANrb4vIl1oFagO78nuUAKPd2ljoOGfrYEGB4GmpbiRapaZ2DcrIxy0d0-ebjM1rdWGen8IHP2CommbE5iktQZSw2a8lji-bzAdI93MXa5KGD-Y8XPoFtqUCH4dirSB2dtiu928SyIqsVpDBNHstr6CpUSZorRoQ5YLMjIswyWX-oav1_ah3G0uTtmqlMn4ui2FQflEt-PMwY94G4qzpXS9aphfKfeua4WM6e43FAt9IOSUDdIL-88OTeZU17A5SVADnq1ERD77qec9O7QrQ&cid=CAQSOwDICaaN2x06pHQsmfN-gnQTdwaeR4i8ya5G3CjprRqrfmt3x_lqVxXiaN1cG0eh6RpRDfagFskcbfZYGAE&dc_eid=31079496&dv3_ver=m202311060101&rfl=https%3A%2F%2Fguaiba.com.br%2F&ds=l&xdt=1&iif=1&cor=4249434843180022300&adk=1726166460&idt=110&cac=0&dtd=39

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:31:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 285745
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2024 04:31:49 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 921F 624 B
242 B 75ms
65ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjIioH8ATAB&v=APEucNU5-NW35RI0l8b2-6W_JzLfNgZyPRolzuqZGMQHsQMEwzNxmCZzJl0QcTK2q3y2gZ5rlRVIZqjKUcsUVIY24jABjH3C_9_NzPsgpJTw-ZAVVsFgR_BqZxmG7AzdvpL7WeJLlofvsbEuk1JGevTertma1IMVj8h5Hg0Exliq9rgW8OJQ4SE

Requested by

Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 11:54:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 94F9 89 KB
31 KB 149ms
147ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 11:54:15 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 94F9 42 B
63 B 64ms
57ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AsW6wMMWkzl6Ll06j-AUSxWujx-I3Zm5aczyMKhyLGF_VUom4NPuzAGUVyHed4C5nopvId-NK8nGaTWgDUmyrgLMMvQk1tYmqRgqEZ4ozSyMtX3cM

Requested by

Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 94F9 0
20 B 64ms
57ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15410258287401714308&x=1&ct=76

Requested by

Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1520146/76103085/xbbe/creative/ Frame 94F9 263 KB
80 KB 64ms
51ms Script
application/javascript 34.248.37.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1520146/76103085/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-BRq0auYG79FVJ8MAOrCJHALTEeX0bEB4YdnPu6Uu0IMFFQWow8rRY7cJD2ZgEIKV7cRvPE_P-7a1oIGjB3MXl4_CKdECdD-ULTISATOswr4TRuwTRIYfzkBPrV3HCmPYyHcq-HFp0aTvk_BiebYH-waeTcNXQ7FRY74v6fxalpTT3lHdwSyRcAoCZ_4BLnuyONx1dTRsRpl84TS37HxsaiU7pgE-SdsIQWvAFfkKl4JArfTj_UprSWYBqjfwyQoTUrqRGAYuYQBSK22Fb3J-uM3MibetwugWeJi6FEggOqFnbqIuxPA5i0c4Pwvehk_hJ76eUYvvOQgy0l7LSxGmBTsso0C5mNgS5uKgbTVHM2RZTDWZNAoZRFzhL4CBg5wTQyvXEZpT3kimWqvac7arCfdjnk9v6Y8MN73dbxaR2zJqDLoyEvdmLcRumKPcBB7rMkbtcK8deJh4wUvGTR9hfDzWz__PUVAGeNkxl3-abTNxE81cHoi3LDpCplsG5Ox2OJVMK8eAvAH-S207ngbNTXiqTvMOQfnHqm9dA1Y6H7qCo8pE9mjICPZtGznFBwKJig_W3XpiatSoNBH-odlWS1_TIezNuMuo6AYI6wokJev27sLYeAwRAp6e38dur-L2BmyZlCi9nGKtSQyzBeigj6AStP_GVbVCO-fYZm9El0B_lXRa0bAN-3DUCHrbCWCI42I972KdV-qde-1YgVguvfU5mtjp4jCYGbg3MDTpEPm-mEcUeZPYC8D7a8PHg_PZ41vnhajVJWekmQ0Nn2hNm0majRVAOY0dnRzY1F4aToHmrE4OEmeqUncLKt3ptqhJtFyr8QabuC6AJxj5Z0-zTrNsLUChX84RoYc_0qiKsNumFV2q6T4kC8TCWsRvcm3utZlO8CMRlKXptc9Bi81baxLS4dGQUJBbwXbqLubCaJMK3EFetxxo7Izq15YzdJDRa8qLVxPH7su_V1uCeZGW0F0bINruV8fSsabsCKQmpyrZ6aQlZReWWk2w1xF3DTbUaR_rPeIdSRvSaKLhO_W2hJ2RlaAWgbJ-WvKHJKp5OJ9_B8abdp1ypYbTD07qQNxfT0gRN2snns-3JheyM9wmqtcJO1VvES_SjL9maMdXMn7kfk0aFKPRQ4IfhPxsN7Ur-olXUaPKy6-Ja8Q8I7mu-ZWAoViOR94pUI4hHnRKvbW4Mcu0jE_GotqNy75AQo-g9NEWbbSDWzvt5TtXHGEZ2dgZpWDoOvnyczkAtg7DR47cLc35eZbSV2LzoylyhFsH_iz4jthBd6_NiuVOhg4Ay-7EnFvpF1Mj9Z7MZs-ZIB8qKQkEXNTpKtdG_7JjJRkUxyL3j-VNQrl_s65TvnQNT-3BgEpgietlsrIM0fSf_nQDaEeg5sRbF015HlWyXQ9kAoonSFK-rmBkDHQ6mVwuppwYcrWHYqHaeGDNE49KHb9GoTL3dSySH8iMlv5lCzHrhqa3-XHqfEhtvaKI7I5TXT4LQ7oVhv3YgiKydAFFAxWAgb8t7dpUCpH1z3TI0vAz4AnE14Qo8JeQXD3EQQvcRDrkrg5INjcA5wKkGH0xSwcxk-8pnXajnOJ_8e_zMGe755oFLQHLOn5cuj7M4Gg8Mbg1LgAVZStOu4clvu98SwuzOUEYl9FPtv81DYlgDDt5OyDmU-M5gRTdE1eIz--PHuTp-4ALP6xFp0yal-kxYAWKYch3rr63eUeLPgO6masw2BIt_ITo_UAgOeWV6tV-P3WS7A0aLyB4Uv-Iga3LztfBGEqt5otec3a9J5SQ8QAxmBryITwCvHCFv8PKBAzepcN-7ZBs4N9Xc8fQnwUegbKj0lIigV7-xxYFFlQ2UtrKzOZjLhYMTEBOvecoUlkF_zkg0JSxB86699Bi0nFuigwlAOzUk8pVQOTEd_2jhThsh9TtjKa3KjkGPWdvNTTPa7q7yq1SCcKFYbRSEI407DUbaWnGUWXucBfCMhbdqIcD5unkr8Bx5Bg-fZ93PRxt_rYjBBAB-8sQwDYZ8qdC6LQkz_kLojfxToBd4Ud8YUF9tcIJmAQKdBtX64FJ12_dO5vo1N0ipB5eLH5y9AyCKvYowfiGnvYdg3hNZvFO88m5pMzVr4XoqcV7ubRWu_sJpyjOkMbgqFZgrVFp1rdQ_J5Yk3y0Oj0uRUsNjS8wXqOuaqEGVEOdKm3inL4cP8nkCLdS6xd81a157Cnx7qJdmIrt1dJ1YzSsz-wGiPhFPBX93PKRJz_-12bojab8PjnWDcpWEOg7h4bAPvj2OF4_vtrU4hNbTt-r7PxsqSmrSbUEfx8THqNupIw5UQUAl_tIJuNDjhKwwhd1NQG6i3TftkPP5HCD2SxWND97MVlVsb3a6mxAaxG4SVC_1wHnscXig6gzVsUVaLxKZIw2qeywvytMS4WLvZB7Icfp--nxcRv4fXRBI05LDa9FVCoi32stFGeDZ5BpLgUAiT8QhnMSdMMaUzQBMrccz0EJMtRanWs08QPEc2f1Nqyl_RvkGh6E2UP2Fbc1WwA8DXQBaYAz2osxJMwOPpRYeaVpLGG0iAz6FJHXJw5bMSus_NZCZmWc2EaOwwevyrxswRgZ8XzkJKflxnE-s5PL40sWMNsO59t9LhttsO7YV73cF91VbGJIRuvKAt6P5GOf1zef4lqLxxYIAYNym899F7QbRqnahIebbxF5eN7d1FnF6AWsHM-p9G3dCWohQqH32yQhvrlr_zRk6Es1fOF3EgwLie2wRjr4cAfU1-VnJ7JfXNGlMSg66xH-rFOB0lRlU5vy2iWWzpCwXRBVRxx44ERyfjQ0r_xUA_COf5a2vhyoGDWF9CAIvrqVuflmEyJXfRFyHtqxPfanL9yRDQjtEIJOLBuFQN6XMvxBA7Rpki63ALAPNs32YTyXL2Fc1Wza8WTxqD5S1DUg3Usg4GqiVLXTSb_2K0iD4fbNBU0_lJ5QQHDc6VgFv8u8-ozys2jKEgYGBvFeKBZiEl2XMR9z5D19FUbDg_n2Rj_usXZaSjqLw8bthVg5nI7l6d35QmLz3DpAqe7rYOsrtjVvBLEfJDPiWbevVAaPrsCpOuYoLTBNQXLPsRIdzEetXNReL3uV_vJdL4gnddSfdwUCfHDPQlG1DsJ1fODA0m-7d6M1JWZu0K0OEj7sFFY6PEjdGzjj2y0Z3M1DePwqJ4X01rFBB5HRRIqe8Icc3kpS46zZQ2h43QkBIgV7Geob3hDgujJpB1QQ5T049vHmnI4Nyl_rQTKcb9yYynbhpign_r1bknP7kELW_lj1WAoTwRZzB3xIZu0MnuVFc-7JOTQjA5ml5n8ujXuxcUkJ1PzUL2lJAw9PkWu4tvXrTKowMJxn9yp1FCUlprikgmUljnQRD4VwtEKmGk_a85vTNtNyqP9TusrSfD45me5R5wDAhf49WO8QRjXjAXJP41ftQJOSqfKmZBA-pyFv_S247DrwpTscDJN4nFKx6TiFsOaEWiL1o6P-fa3Qv1tEHIaRB8wP9_HF61jWbhXxBtPE9MQEoGJs7Fosizc8zU7Id8RBNsm299Ywu2tWqtOcp0oJKIgBfN83n3fpzRRPJzyOp-57sBk0EtriV1CAXVRcgPhNwFuk043W7XUICdXZ29zxX1JIT1AUPSSyOtIshTkd3DyBtoZ2FmmBwvovt5JK5H_oms0QTOvpO8Btvp-dzpGE93o3_GE5GmC4rvyT5nKHcpBCpSpXKdhg0R6gcSIkmWxtUwTg2VQSTBk4yesFOniSZeUDNHcz5yLz4H-2sTErzcdU2pEY3sNofR1WHAQSoLEDWabYp_d9DcbrVZFfrOy4ALA-tvBLoCTkiwlO0c5waivfsjCvOWoGP92ZYozW5TRmcCvoA9y53AgGwXiGcMXaSDWtXAWJVrdEToEkQykp239jwbV7j5pokxjY_BYj6DdmCoe9i3zU8WPOCy4RgdUoey1KRtWhHqS-xfaKnVMUj2YkTBRCWEmho6m1J68dEae9ke8_sARuYNBKMz_9XmoAt9GlPxGIkBU7vHCXfibcXyKIUhq0vL7Wkk4_fgjzkI5NRFhglm03NF-vNQ1SrA4HDYA5QnVyugv9UOdq1nz9JaYNP1czBSFNzxltP4cPAMrxwThYwk31qdAA-do0Mp31_Busd_9FHvKvdALBdyBJ5bN8unPZ3xN03A3wvmuYJ293CZdFfWew2W8Ea8fyMtgBpBCAQSOwDICaaNmmXyiacIOSDH3MCvOitjAzNqumXX0sCEnwOyr8sTsD8oL7Jn0kbQw42ybnJP87drHJh0G_ISGAFgAQ&bundleId=&ias_dspID=3&ias_campId=1013172746&ias_pubId=pub-9153399113741741&ias_chanId=1&ias_placementId=20409787662&bidurl=https://guaiba.com.br/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0iyolZo1JJo86_d2gxBUAo4
Requested by: Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.37.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-37-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 643d83eabc67f940e4b0d128dcd85340db3c86afa3680383faf43559bd3cb4a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 94F9 3 KB
1 KB 30ms
23ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:03:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78661
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 14:03:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 94F9 20 KB
8 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 15:51:29 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 94F9 0
0 36ms
33ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRdrV5nH2Z-Vyz2paw7AuPe3LuwzXcz-XRMQi74fIXW6YCKYwLdi9HF9owg9g4hEl46muXP1lAXi_pSpC4BcQoTwOGBkA
Requested by: Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 94F9 203 KB
64 KB 97ms
94ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 11:54:15 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 1EF6 39 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 19:45:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58097
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Nov 2024 19:45:57 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4EC3 624 B
242 B 65ms
63ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQx7C0wQQY-9uA-gEwAQ&v=APEucNVixbDqrZr8SuCQR0w-z7nb91ePpAPxLL31L3hVi_MYrahhUr6tEEfxN7St_Dk0QLvRzeT9Ftxlnby2a_9C42IKzQejG3gYorPTtjtFbqHPKPTw9Brfv_dDHrhaOxQi6PFrzEOxMFDs1nuPqVqv-X8tSisus7ThoNw-cJozc027St058cQ

Requested by

Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 11:54:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E136 89 KB
31 KB 166ms
166ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 11:54:15 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E136 42 B
63 B 58ms
56ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cd0f74ZMk5thMHt0up3sGSRNPAsf1SeGeCPxYm1yQs988bm57fXvrTEeTd9O9RLqn5IaHVYTZPd7jcBmpjRryu4cGthUkKuTy0KDcSJGLddxWl55s

Requested by

Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E136 0
20 B 59ms
57ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14360590305932583883&x=1&ct=77

Requested by

Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame E136 3 KB
3 KB 47ms
35ms Script
text/javascript 37.157.5.84
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=68648312;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=20567029375&extPm=20567029375&extCr=524299771&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CNSEf5gJWZd2yF-TDjuwP8IezEJ6AtNRzg9melpwSxcf93wUQASDSs7t2YJX6-IGUB6ABhseYtynIAQmpAik3-YXKL7I-qAMByAObBKoEngJP0Jj10xdLWl2skEi-zzPcvf0db_Giq_CD7UpHpDnPeWD0HxJ09CQjoWIK2vP3oLqdmQEBfTb5aJnERBHIDuGt7taBWC3B1BL0gz9GmqmQko2sJVJ0DCpUb6UjaJaMoK9V3YbjiP2nUJmUL3SwgEKHh8t5Y902kz0k3RVpArxF1e2Vns0o6eISuN5jk_V3HPj1Y7QCzBKP6L6cEN8m3FkzKaZ09ld2M_iONzzk8E8scU--EL4nVqtKDqfK7aYlBQEUq80Qaa6s7cVuKLDq9tMA-do-jRzk2KZyBGpsJz-DzVGtquiVYS84Nkw8BdHADE10m8XCHe3NQ0ELULLh---HCJzrVDWNtI3r9sxGUFcAMgRWcIGqoKhuYiWznUtNwATZzO7uxgTgBAOIBf_sj89MkAYBoAZNgAeG_-iWBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0yNzU0MTg5Mjk2ODAyNTYwgAoDmAsByAsBgAwBogwQKg4KDOS0sQLutbECtbixAqoNAkRF4g0TCNKw_e26yIIDFeShgwcd8MMMArAT-_vDFdATANgTDdgUAdAVAfgWAYAXAQ&ae=1&num=1&cid=CAQSOwDICaaN-YUzRffMFDVjSfrs5HM4q2SAh9AARkP1j_Wk2fQROtU4TGaszoK6eO_xwI4uXDNdJgmp0DmbGAE&sig=AOD64_0PFme-pEgu_fFpMwKPJ7-pa3sHwg&client=ca-pub-9153399113741741&dbm_c=AKAmf-Bee-XfIQTFmB0y_q5-vrHoFO4LA0B3-iG4couuriVTdNNvLhqZXX10SnmxvDgAF60MKsKQYGJ7aari-3twYxBYhWIPypWlcJ5Ahkue3V0pScBpjuWGOByIw_AwpLgjrbwSANcBhTaU9wbwkP-CcExOZ5h8ZtyvgJRZI6Pc2uvjM5kKmLI&cry=1&dbm_d=AKAmf-Cf-mjpdEQQk_go8nkq4_Fd62myCom7ykCt3wmU1BcAq4wYVoSo90Mt_ZFVMEWES2V_BZ0filyOg_yAybZfCmOEODr-A5wH8u8wu2sxmQsmRtWE7bAMdx_SDy9dvV23cjXkBviNFamjc_Ng0rSYFi6FiqCidWmLCalvBFO549Y9dx_RX_P3vCoNwSM4eHc2R9IoI52dsLKmkSIJZQ4Srr4Rq2WAwFpz0IDrrtHs07gt58mSaG4gu7mrSywge3_CGbWdsaSMW8osTc7J1jhc3f8sDaXd2X2zWvUcSVt67eawFZk3vJltRsugTW-9kxyQ53UkRzcWMpGVsMhZaTiRvDhijbijLWATJyyIpOp_2QYsn_bzoNFJrTbFdnMIfdGaDDAiJ9MmbE0qyX7Yq4OmcG9CQsmRNzdUIduuoTgU5gcUSI4pBXgNeTvmJQo579ma7v3pshojtRHG_aaBTlO-xHeBgFAV2TKPh_acmOoyuVuh5B2obRNU7VexSks4nBd1E7Wy_aQHOlqBtlabmwUvBhynPBK5cO2eNfOOaeVqPbaYzCIsCo0&adurl=

Requested by

Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

bb61735215b1ea7e1ebeec731b081374b0267daa90a634b6140dd96ceb43f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3022
expires: -1

GET
H/1.1 200
OK ai.aspx Show response
m.exactag.com/ Frame E136 43 B
1 KB 128ms
34ms Script
image/gif 213.202.235.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.exactag.com/ai.aspx?extProvId=327&extPu=vf-dv360&extLi=20567029375&extPm=20567029375&extCr=524299771&rnd=1700135654383325

Requested by

Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.202.235.10 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

6b3da89922d333d106b84fefeebd7b16bfebf4cfbd7bef37fa10a47c471ae64c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Thu, 16 Nov 2023 11:54:14 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Do, 16 Nov 2023 11:54:15 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1756
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E136 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:03:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78661
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 14:03:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E136 20 KB
8 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 15:51:29 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E136 0
0 33ms
33ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT5TghGZHSvIJHWdhJ4Q0Czm-TC5I2PtLpMiBWXRws0ra79KvKSJc7Vs9guWkFjOqJOMCJ2sjBWtZryirsbECxEWSao0A
Requested by: Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E136 203 KB
64 KB 124ms
124ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 11:54:15 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 79D8
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1520146/76103085/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-Cd6UX6o09BH3mWhfU58yJoDZjNf0B42zdHGFtQAlmRdWlSRt4iB_q...
https://static.adsafeprotected.com/skeleton.js

17 B
465 B

41ms
39ms

Script
application/javascript

2600:9000:225f:7a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:225f:7a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 03:21:19 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 0cd2c3fbaf7659321a893cd5ab933aa4.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P2
age: 4350777
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: dXSh5jlH2bQDS9qYLTsIQ07iqTGt72juYW5am6G8g-bvxD7JWmZYeA==

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
server: nginx
x-server-name: app05.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 01D5 91 KB
23 KB 152ms
38ms Script
application/javascript 2600:9000:225f:7a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225f:7a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 0cd2c3fbaf7659321a893cd5ab933aa4.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P2
age: 4880705
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: X2sowlnAlT66cBfIkwKebQM4B5bXI_pvlGmjG8u6X5yo_1KZousM0w==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 79D8 43 B
215 B 573ms
185ms Image
image/gif 2600:1f13:800:7780:8a60:dbd7:7b5e:77d1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=d4c15ebc-399a-a9fe-27dc-b44df2fb5371&tv=%7Bc:u8oAiM,pingTime:-3,time:99,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:29%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:99,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:29,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B91~0%5D,as:%5B91~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVLZWK5+11%7C12%7C13%7C1411%7C1412%7C14131%7C1414%7C142%7C143%7C15%7C161*.1520146-76103085%7C1611%7C17%7C181%7C191,idMap:161*,rmeas:1,rend:0,renddet:IMG.us,siq:31%7D&br=c
Requested by: Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:8a60:dbd7:7b5e:77d1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
server: nginx
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 79D8 43 B
215 B 715ms
351ms Image
image/gif 2600:1f13:800:7780:8a60:dbd7:7b5e:77d1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=d4c15ebc-399a-a9fe-27dc-b44df2fb5371&tv=%7Bc:u8oAiN,pingTime:-6,time:101,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:101,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:29,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B93~0%5D,as:%5B93~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVLZWK5+11%7C12%7C13%7C1411%7C1412%7C14131%7C1414%7C142%7C143%7C15%7C161*.1520146-76103085%7C1611%7C17%7C181%7C191,idMap:161*,rmeas:1,rend:0,renddet:IMG.us,siq:31%7D&tpiLookup=ao:guaiba.com.br*%2C39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com*&br=c
Requested by: Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:8a60:dbd7:7b5e:77d1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
server: nginx
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 921F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFSABmo-_ZkKKxW9kI4d4&google_cver=1

43 B
731 B

38ms
36ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFSABmo-_ZkKKxW9kI4d4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjIioH8ATAB&v=APEucNU5-NW35RI0l8b2-6W_JzLfNgZyPRolzuqZGMQHsQMEwzNxmCZzJl0QcTK2q3y2gZ5rlRVIZqjKUcsUVIY24jABjH3C_9_NzPsgpJTw-ZAVVsFgR_BqZxmG7AzdvpL7WeJLlofvsbEuk1JGevTertma1IMVj8h5Hg0Exliq9rgW8OJQ4SE
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13UR5NJdqt49YR2X9CBazmmd8aMoB2lTHDqNghhTj4nMj2uvpf8MAWtaCjkLag7Sw5MvJRwqSwHM%2Bb7aIdEAQU8cl403uHWOxdguFBub7JCcXjy7keqV3qf0F2JcujQSBFegpP%2BZhzVrGg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 826f89c4be9bbb80-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFSABmo-_ZkKKxW9kI4d4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 921F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVYC5qVyRFBwOts44vtIIgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFSABmo-_ZkKKxW9kI4d4&google_cver=1

43 B
738 B

41ms
41ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFSABmo-_ZkKKxW9kI4d4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjIioH8ATAB&v=APEucNU5-NW35RI0l8b2-6W_JzLfNgZyPRolzuqZGMQHsQMEwzNxmCZzJl0QcTK2q3y2gZ5rlRVIZqjKUcsUVIY24jABjH3C_9_NzPsgpJTw-ZAVVsFgR_BqZxmG7AzdvpL7WeJLlofvsbEuk1JGevTertma1IMVj8h5Hg0Exliq9rgW8OJQ4SE
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j1p0D0dm3WE4ElUkewUDp%2FPqW8Ivn9vv2q%2FkX5gV43v2dylpaL09nQL51eUKkC537gBlU%2BqLCZ%2FFIkqrvohy4vwcYZ%2B1aSI%2FrSbZxtHYYYrV5AAV08kcVEtFDD8Bcj1vrGGynajMCLwkAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 826f89c4fedebb80-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFSABmo-_ZkKKxW9kI4d4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 921F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEH6BKgssRcDw641qDhePkAQ&google_cver=1

43 B
845 B

29ms
28ms

Image
image/gif

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEH6BKgssRcDw641qDhePkAQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjIioH8ATAB&v=APEucNU5-NW35RI0l8b2-6W_JzLfNgZyPRolzuqZGMQHsQMEwzNxmCZzJl0QcTK2q3y2gZ5rlRVIZqjKUcsUVIY24jABjH3C_9_NzPsgpJTw-ZAVVsFgR_BqZxmG7AzdvpL7WeJLlofvsbEuk1JGevTertma1IMVj8h5Hg0Exliq9rgW8OJQ4SE

Protocol

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
an-x-request-uuid: 9e5e70d5-bf16-4fce-a803-0aa1fa166813
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.27; 217.114.218.27; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEH6BKgssRcDw641qDhePkAQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 921F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg3OTIyMzczNTg5MDU5MDQyOA%3D%3D

170 B
188 B

41ms
41ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg3OTIyMzczNTg5MDU5MDQyOA%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
an-x-request-uuid: 2b050dee-16e4-492a-b31f-e86a66073e40
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg3OTIyMzczNTg5MDU5MDQyOA%3D%3D
x-proxy-origin: 217.114.218.27; 217.114.218.27; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4EC3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFSABmo-_ZkKKxW9kI4d4&google_cver=1

43 B
730 B

36ms
36ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFSABmo-_ZkKKxW9kI4d4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQx7C0wQQY-9uA-gEwAQ&v=APEucNVixbDqrZr8SuCQR0w-z7nb91ePpAPxLL31L3hVi_MYrahhUr6tEEfxN7St_Dk0QLvRzeT9Ftxlnby2a_9C42IKzQejG3gYorPTtjtFbqHPKPTw9Brfv_dDHrhaOxQi6PFrzEOxMFDs1nuPqVqv-X8tSisus7ThoNw-cJozc027St058cQ
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=al4MRI%2B6iZsxS29BUiEMMKgnsoRwKZkVLpoiW7qogy9E8P0vq09zfN3omKAT1A9xrHSRDZrQh%2Bp7Td9y0TvBXRRHJ7vyIYKpammCD1rm0iD6plbfliN0hocy2qYpSBqiEeOJTUBffbh92A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 826f89c4cea7bb80-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFSABmo-_ZkKKxW9kI4d4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4EC3
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVYC5qVyRFBwOts44vtIIgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFSABmo-_ZkKKxW9kI4d4&google_cver=1

43 B
733 B

47ms
39ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFSABmo-_ZkKKxW9kI4d4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQx7C0wQQY-9uA-gEwAQ&v=APEucNVixbDqrZr8SuCQR0w-z7nb91ePpAPxLL31L3hVi_MYrahhUr6tEEfxN7St_Dk0QLvRzeT9Ftxlnby2a_9C42IKzQejG3gYorPTtjtFbqHPKPTw9Brfv_dDHrhaOxQi6PFrzEOxMFDs1nuPqVqv-X8tSisus7ThoNw-cJozc027St058cQ
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XXztSHuFwa85H%2Feo21vIA0c6SAnvT8oDI1afUw6r7hK8HHg50GN5ZuVBrctx3gxAZkVeSKVxdSCt0IvSoE%2F5eRdjK8imSbLMJpVAx3OGQu%2Bt07ONUs9izB2UNJFR9Lz4G44haLgBP4c%2FHg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 826f89c53f3dbb80-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFSABmo-_ZkKKxW9kI4d4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 4EC3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEH6BKgssRcDw641qDhePkAQ&google_cver=1

43 B
845 B

34ms
34ms

Image
image/gif

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEH6BKgssRcDw641qDhePkAQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQx7C0wQQY-9uA-gEwAQ&v=APEucNVixbDqrZr8SuCQR0w-z7nb91ePpAPxLL31L3hVi_MYrahhUr6tEEfxN7St_Dk0QLvRzeT9Ftxlnby2a_9C42IKzQejG3gYorPTtjtFbqHPKPTw9Brfv_dDHrhaOxQi6PFrzEOxMFDs1nuPqVqv-X8tSisus7ThoNw-cJozc027St058cQ

Protocol

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
an-x-request-uuid: 3795146e-8978-4350-b068-5fabb8724206
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.27; 217.114.218.27; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEH6BKgssRcDw641qDhePkAQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4EC3
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg3OTIyMzczNTg5MDU5MDQyOA%3D%3D

170 B
188 B

43ms
42ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg3OTIyMzczNTg5MDU5MDQyOA%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
an-x-request-uuid: 2349f106-bd48-4a7f-894a-5a9817c606c0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg3OTIyMzczNTg5MDU5MDQyOA%3D%3D
x-proxy-origin: 217.114.218.27; 217.114.218.27; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame E402 38 KB
13 KB 26ms
25ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 540595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 05:44:20 GMT
expires: Sat, 09 Nov 2024 05:44:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/ Frame 00FF 70 KB
25 KB 80ms
32ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efc85c7eb141819717cda0033484a84b1c890d13b02e355a2fec79d424b20e7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1314334
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25280
last-modified: Wed, 28 Jun 2023 20:03:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "649c91f5-62c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7F5fFt%2F3oxlPtnHAOJR00o7BMIFTZLyS%2BCD%2Bf7b0NusIOnjbxYlonS7OA2mZG%2FODU5wJFdBV6lIL7sz90nLYKGSqCFTUeHKo8MOWnvM8IZ081g0Hv1qmd6IOl%2FH3tlnt0CT6JRxL3NjwXs%2B3CKIGHyQX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 826f89c4eeb19b1f-FRA
expires: Tue, 05 Nov 2024 11:54:15 GMT

GET
H2 200 CSSRulePlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/ Frame 00FF 2 KB
1 KB 79ms
31ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/CSSRulePlugin.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3233190287f115105de5b5a99c5418e34b73b59e56bb84f681f1b5f90c553cf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 206943
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 821
last-modified: Wed, 28 Jun 2023 20:03:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "649c91f5-335"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2Fl74%2BHuQesIUjiQ4wjkcEyqLR7KWuA%2BknUSGSDmHeZHYR5B080Zr0HiB%2FczBvpgclR2BHB4ARXxqeneCYuvK7yvMdjc08kdLdxzDj4uRPsnDWh9jujhttaoceCQJOVsb6e2FfzVpZPZi1JScfCVTtZT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 826f89c4eeb29b1f-FRA
expires: Tue, 05 Nov 2024 11:54:15 GMT

GET
H3 200 13dc9848.svg
s0.2mdn.net/sadbundle/14701205373541416960/images/ Frame 00FF 669 B
429 B 26ms
25ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14701205373541416960/images/13dc9848.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a112eaf2a1694b6ce90127e3ddc7692712b4331b3bc8e01c6573bc0526b150a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 15:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245673
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 400
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 13:33:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 15:39:42 GMT

GET
H3 200 ff353116.jpg
s0.2mdn.net/sadbundle/14701205373541416960/images/ Frame 00FF 129 KB
129 KB 29ms
24ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14701205373541416960/images/ff353116.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5802303b9ccdf0b4467ff1ae855be9c11c828cbce7fd50ba1eaf5f3054ed1d10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 15:39:42 GMT
x-content-type-options: nosniff
age: 245673
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132096
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 13:33:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 15:39:42 GMT

GET
H3 200 17fd20cf.jpg
s0.2mdn.net/sadbundle/14701205373541416960/images/ Frame 00FF 73 KB
73 KB 46ms
41ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14701205373541416960/images/17fd20cf.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

944d2257f310fb8befa1b59f2627f8ef46ffaadc5ff920637fadc1bddd0a7a9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 22:25:14 GMT
x-content-type-options: nosniff
age: 134941
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74940
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 13:33:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Nov 2024 22:25:14 GMT

GET
H3 200 cbc2f1f9.jpg
s0.2mdn.net/sadbundle/14701205373541416960/images/ Frame 00FF 105 KB
105 KB 68ms
63ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14701205373541416960/images/cbc2f1f9.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19208883ae18d36ec04e92079536ccb8f1e88035390117eb18eb89a8a976c6fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 15:39:42 GMT
x-content-type-options: nosniff
age: 245673
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107137
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 13:33:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 15:39:42 GMT

GET
H3 200 4332eb45.svg
s0.2mdn.net/sadbundle/14701205373541416960/images/ Frame 00FF 5 KB
2 KB 45ms
40ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14701205373541416960/images/4332eb45.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d6148b7c3275cd5980a7903689546ee11ec96f11f4611a2062905578835e692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 15:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245673
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2343
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 13:33:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 15:39:42 GMT

GET
H3 200 f378cfc5.svg
s0.2mdn.net/sadbundle/14701205373541416960/images/ Frame 00FF 5 KB
2 KB 93ms
88ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14701205373541416960/images/f378cfc5.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48f93e3937054551ff4a887dca69a8fc91561c11f52a53a262f6741bc91a9bb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 15:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245673
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2433
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 13:33:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 15:39:42 GMT

GET
H3 200 31152810.svg
s0.2mdn.net/sadbundle/14701205373541416960/images/ Frame 00FF 302 B
262 B 83ms
78ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14701205373541416960/images/31152810.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b889285d70207e00882df1a4bfd4604d5feac7eb05aad677ad75599b816a77e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139043
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 233
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 13:33:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Nov 2024 21:16:52 GMT

GET
H3 200 51d2ab05.png
s0.2mdn.net/sadbundle/14701205373541416960/images/ Frame 00FF 43 KB
43 KB 86ms
81ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14701205373541416960/images/51d2ab05.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1b9833cf0a4be3bb807715f6f9d69509ab87fd5b8ef4aafa81035d844a4077c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:42:52 GMT
x-content-type-options: nosniff
age: 137483
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43690
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 13:33:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Nov 2024 21:42:52 GMT

GET
H3 200 c3ecc422.png
s0.2mdn.net/sadbundle/14701205373541416960/images/ Frame 00FF 3 KB
3 KB 62ms
57ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14701205373541416960/images/c3ecc422.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc8e68f8d99d419af7a3b904a72bc50dccf71fc345a880dacb6df3f570f039ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 15:39:42 GMT
x-content-type-options: nosniff
age: 245673
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3298
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 13:33:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 15:39:42 GMT

GET
H3 200 879936d8.png
s0.2mdn.net/sadbundle/14701205373541416960/images/ Frame 00FF 6 KB
6 KB 92ms
87ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14701205373541416960/images/879936d8.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db5516940b8b4f6df2fa78ea4698b15213cd7fbbcf695207c7e377b5c9dca566

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:40:27 GMT
x-content-type-options: nosniff
age: 137628
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5705
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 13:33:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Nov 2024 21:40:27 GMT

GET
H3 200 860f7763.png
s0.2mdn.net/sadbundle/14701205373541416960/images/ Frame 00FF 3 KB
3 KB 65ms
60ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14701205373541416960/images/860f7763.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f2893cb6891421b26cec31656508317fbb70f3dd538ca77f571f7d3c1da5020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 15:39:42 GMT
x-content-type-options: nosniff
age: 245673
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3241
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 13:33:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 15:39:42 GMT

GET
H3 200 d55fbd8f.png
s0.2mdn.net/sadbundle/14701205373541416960/images/ Frame 00FF 6 KB
6 KB 59ms
54ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14701205373541416960/images/d55fbd8f.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

553975c2df9cbae97582f53c9d8b911007fb3087afce996316d95c0118b77b2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 15:39:42 GMT
x-content-type-options: nosniff
age: 245673
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6077
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 13:33:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 15:39:42 GMT

GET
H3 200 a6ba4103.png
s0.2mdn.net/sadbundle/14701205373541416960/images/ Frame 00FF 3 KB
3 KB 64ms
60ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14701205373541416960/images/a6ba4103.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5b52cf61522381ededd5e2c28944faa3ea72149f55bd580d70a5622fe9e76a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:40:41 GMT
x-content-type-options: nosniff
age: 137614
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3179
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 13:33:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Nov 2024 21:40:41 GMT

GET
H3 200 5d24fba5.png
s0.2mdn.net/sadbundle/14701205373541416960/images/ Frame 00FF 6 KB
6 KB 62ms
58ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14701205373541416960/images/5d24fba5.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da7d091271c9f085183c7bd5d56862f62fe9c77c323369a83c6b2b5e41e84678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 15:39:42 GMT
x-content-type-options: nosniff
age: 245673
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6155
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 13:33:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 15:39:42 GMT

GET
H3 200 f7facb11.png
s0.2mdn.net/sadbundle/14701205373541416960/images/ Frame 00FF 1 KB
1 KB 58ms
53ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14701205373541416960/images/f7facb11.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cca99d11e5ae8fdf3f5fca9d61592d99ee7379ef1ac1741261fde2f09dceac22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 15:39:42 GMT
x-content-type-options: nosniff
age: 245673
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1159
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 13:33:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 15:39:42 GMT

GET
H3 200 c5aaff60.png
s0.2mdn.net/sadbundle/14701205373541416960/images/ Frame 00FF 2 KB
2 KB 60ms
56ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14701205373541416960/images/c5aaff60.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e0f6c2275ed90502c6b91b5a01bea2afa7ef0ca0c95c497835d0d3ac0c0ac3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 15:39:42 GMT
x-content-type-options: nosniff
age: 245673
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2247
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 13:33:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 15:39:42 GMT

GET
H3 200 d3ce6798.svg
s0.2mdn.net/sadbundle/14701205373541416960/images/ Frame 00FF 820 B
499 B 104ms
99ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14701205373541416960/images/d3ce6798.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43bee53229b0e308836bfd9b6bac0800ab708c82e352498264b7b4e68ca270d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 15:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245673
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 470
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 13:33:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 15:39:42 GMT

GET
H3 200 1147abdf.svg
s0.2mdn.net/sadbundle/14701205373541416960/images/ Frame 00FF 769 B
430 B 101ms
96ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14701205373541416960/images/1147abdf.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84ec131112ca132c741450c29f43750d4cc516f7fe8d642a35092729373c2e90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 15:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245673
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 401
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 13:33:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 15:39:42 GMT

GET
H3 200 7e38720a.png
s0.2mdn.net/sadbundle/14701205373541416960/images/ Frame 00FF 3 KB
3 KB 103ms
98ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14701205373541416960/images/7e38720a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fbb2c27115d000df308e2daf1f6359e9888c5b31f658c37b8270024634491a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 15:39:42 GMT
x-content-type-options: nosniff
age: 245673
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3293
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 13:33:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 15:39:42 GMT

GET
H3 200 524c7c42.png
s0.2mdn.net/sadbundle/14701205373541416960/images/ Frame 00FF 6 KB
6 KB 101ms
97ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14701205373541416960/images/524c7c42.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fce8d2822378f4d3c65a3a98175c6879802e2d73f4169d225fefee457cdfc0f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 22:25:14 GMT
x-content-type-options: nosniff
age: 134941
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5873
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 13:33:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Nov 2024 22:25:14 GMT

GET
H3 200 0f373144.png
s0.2mdn.net/sadbundle/14701205373541416960/images/ Frame 00FF 1 KB
1 KB 100ms
96ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14701205373541416960/images/0f373144.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc45ca4d679d7085db8e71d09ccbfef07e7bc9acdbd06df18c5a24deba287884

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 06:00:09 GMT
x-content-type-options: nosniff
age: 194046
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1308
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 13:33:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Nov 2024 06:00:09 GMT

GET
H3 200 c8840ccb.png
s0.2mdn.net/sadbundle/14701205373541416960/images/ Frame 00FF 3 KB
3 KB 99ms
94ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14701205373541416960/images/c8840ccb.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaa2aee98ac27ff97e81e010ff3b1d996a360f3a7f41fc532bd3f392ddca00af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 15:39:42 GMT
x-content-type-options: nosniff
age: 245673
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3020
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 13:33:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 15:39:42 GMT

GET
H3 200 5f921a7e.png
s0.2mdn.net/sadbundle/14701205373541416960/images/ Frame 00FF 20 KB
20 KB 99ms
95ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14701205373541416960/images/5f921a7e.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a8e388cca548ce8caa0cb37090d39da956c7eab238a6f01ae1a6310f3963047

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 15:39:42 GMT
x-content-type-options: nosniff
age: 245673
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20668
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 13:33:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 15:39:42 GMT

GET
H3 200 2921a114.png
s0.2mdn.net/sadbundle/14701205373541416960/images/ Frame 00FF 58 KB
58 KB 90ms
86ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14701205373541416960/images/2921a114.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a5216cad362a8d3e2d42d559c4c9a55fa28f6fcbb746e39a735587b29494104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14701205373541416960/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 15:39:42 GMT
x-content-type-options: nosniff
age: 245673
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59003
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 13:33:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 15:39:42 GMT

POST
H2 200 events.php Show response
log.r2b2.io/ 7 B
497 B 51ms
49ms XHR
text/javascript 185.59.208.177
VSHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://log.r2b2.io/events.php?u=https%3A%2F%2Fguaiba.com.br%2F
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.74.0-RC1/online/public/bundle.868357515b9a49882e97.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 185.59.208.177 , Czech Republic, ASN43541 (VSHOSTING, CZ),
Reverse DNS: webgarden-track-lb-ha.vshosting.cz
Software: nginx /
Resource Hash: 426ec13ae512e70169a171192468b0a499e9e2ef7dade24ed40cdff7152b4cf5

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:12 GMT
content-encoding: gzip
last-modified: Thu, 16 Nov 2023 11:54:15 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://guaiba.com.br
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate, private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
expires: Tue, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 79D8 43 B
215 B 491ms
186ms Image
image/gif 2600:1f13:800:7780:8a60:dbd7:7b5e:77d1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=d4c15ebc-399a-a9fe-27dc-b44df2fb5371&tv=%7Bc:u8oAk8,pingTime:-2,time:183,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:348,beZ:350,mfA:353,cmA:355,inA:355,inZ:359,prA:359,prZ:374,si:379,poA:380,poZ:412,cmZ:412,mfZ:412,loA:449,loZ:472,ltA:531,ltZ:531%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:29%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:183,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:29,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B175~0%5D,as:%5B175~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVLZWK5+11%7C12%7C13%7C1411%7C1412%7C14131%7C1414%7C142%7C143%7C15%7C161*.1520146-76103085%7C1611%7C17%7C181%7C191,idMap:161*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:31,sinceFw:151,readyFired:false%7D&br=c
Requested by: Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:8a60:dbd7:7b5e:77d1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
server: nginx
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 94F9 0
20 B 61ms
60ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1589769169344&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 94F9 0
20 B 64ms
64ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1589769169344&version=m202309260101&ct=76&x=1&cor=15410258287401714000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 94F9 16 KB
12 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DPNJyqlzzpd81f0EKeYHYmrGibTBaHmTcxLerprix7YfskIzIaO6q4-FkNP2fbrKhoVDlDPH0qPOBL9ewvA8eyAS7VGH0H7Xx6xCQMRltqdMa55CxPZH-P6r5jgmmzcoqREUqrCCGqP54lnug9p8lHL6u0V8AUDKPEF6yI96GblwZYhyU&cry=1&dbm_d=AKAmf-B9duKlQccHTkaTCmTKzsqiyAEYzc0hwXcaD8iVd8KzmhGRItWdoNd_d6i3Qj9gqu8N2COq8Ssddk8FS2dnnTjWnGb5zOvKJjL5psiGTBRxv5eKzJ02DgUqkiMnKQuR1oS6lQFV1YLZsdXgvxgCEadk87h5whwAMCPtl1pPsgrjK5tqlhEFXikXrHz00qINedrBsKkXJU_NZOVe0J6pbdhBjLKtAQKzBLiCkxr5MPYZ0EoLp7A1utPAFfJ7dlcqOSWv8ff3-WOHIEwru97THaKW3lkDEnYK4r7MyNJEpSDBEMgpCUS3CYIoV83KqMpa4NckQmknIkx1l626y_Rjgt5D6n-u0uRzHD8JlwVig66Y_GRexm0a6wqoaiYrzTiE5XMpv5fs-p0utbDc1TbFdpU3pdWu-9TPdv7A9YkZRwFUbRXc0BPSRcvtR4cNhwzTEvt55WWb5u-szi7Bb5TMUyai95vRrBpR2EzVriv32XGq_Fkw5zrfP9x0uCSRK9LI3-BUTnapyZB_heBlO5GaDq3RNI7lXgBcyIUFMIXi7kcgysyTzlgVostbr1zVeDN3L5tsid1yyzgNvXf2Y6uuNTJhwyVi5fyrE_QEurqWqwT1pgCONmSrBF-VYbIbrCcwIM-ZW1HDA91WlZd5UNHXTkPrk3mxq9Y8hJrGs5bY1AsKJ9Szp7yT77u0rcWOn1BJF_0xceCW7pJO_T0-tqdwBmlujcPud9mrNdpDGU_yTKDQhs09GeEQipuwu5jKdCOQbdHZ00eGoIKNo7MQ64kit3o7HY2lx9pecv2SuBisZLcciYHDy-5ngK7AVrerFRlKkhG-auvDgkgwSf1Y1xAQj_kd-DKjkrc8UoMHCQ1OUlk-XOwDYBAUFIs14EwRrEMiB40829twWfyAzNfMhc0TcbQivfd_P_Q_aCwpGavjqVs7aw_2n0XLZcEWd0I_VoUic64348EAlH81DX2wj7AV8Q9t_by43gTENe1pE98kmPfWKpm2snuUXIgZ3JPomgE_8HqaFUOdsJxbO7leWuyAiJGKIs3Dh2YC4NPmVhUdhXqHmFCjO_6tz3_HSwB2WEBXcIDaToBryUKhNjg00_K6zIObnm3h31Aw4hRtPJFzQWJFkd-GJiqPm_9ekRedhlInpWPLYpwE31_aQgJ8EfSrdB-nQajy1zKC63MxBxR3ify-ecXEXIpknftAmkjVzqdhIANr_0Sw2Ziyz9uw3uUGvKKbRcZ_Z2c72auLFk8_zvGoayvM2A4wFrNLc2FQ5GpEM16XimjICTE8QmJZxKdbIIDjfyM4Ghios0OE428oVpluyY2ts9EFTGp7yD0bc2xVNFOU3URChqESB54B_PbGpgWJSWoxjcbtjBnPnPfqfGlKzYt0GWOpoZs6dSGhuL-5WH5-e8NvzIeRIYEGXv_ZiJPk6D30xZ5VrSRUUmDjGUSaPMD6p7enyY9tg-NuPod3-JzHwrokkglSn0k_FQjKsgE0eoFqt7iTOB7X4iN70kSgueNI7-dEl8CCqylg2CgrDyAYrKzkoL5sP7FC288MtCTej-60ZdR49agn8WzODZMAtzKZGURH-vICuuUYrqjynqNyw0xsBIOl0ZYvs8TpVNTZMkDE68huTEFCi5Ia7tN1K3VnLrItbiPdEOL7yJ_pjb-VR8PSf_0AfboMrJBnx6xkMesEKL7ZgN3UKuKdysukD3SLGQcdQeMneQEwF_CsFReC_4Uphhh5EqizjcEcv7OjNM8Oq5iCTa6MPWHsMitvK_QYm5a6p_iAHbCJ6sREnAncGfxlTd-IccGDfxzBwOyagJK4o7q0_xXWhNK8Oo0me5y0XzijSnNZJzxZnFfrvxqDQx_eGra8V86iIpAYUr9NFUXzM3Wk6nUvIBck3r9PJ__z_qmOGoh1WsT_aaLPoQ1_306sTkTcWDojjbZnceCB_apAlE6UjDF5iI3kl78SFWZKRxTO7ojqEiVbNTdNiBAVlbuljqZ6hEjgN_-hb6oAufbsAekY25OGM-xso7Vuviw7lfWIBznj77HlYe32-sRHoNBP5rQJ7FQQxekgnLO8CrnYp9iwz2IpwZc1TmQnWk-RKu0eKsHjq5_rSz_Qr_yTc_BtYIQ04dB8WN1nl0BUg05JN3ggeZxh0R4yaoKW6PqshyrKxwmWSkXCTAH2rRTi4q4GVnEpgVQ0BASbtuFyvIwp_uF82AHqSn0WObMDIAdxvk5yi3e2MXm-cdxKvziVKI_UELZLPyAB_jyZGXBvaFLDH353SmDLeeqVMewOOv_lUegsvBq_ZiuLg-jb0d-Co9MkY6TXKXbZ0SQP9HgzaEYV88KBeVy2ALdBeFYpnzEkOyfzrNq_v2yUOuiS2PKzrOFRvWJDukqhgW7nHGVFJXr2_Q5byj6OIzepSOgrxQmCZM5SqEOqAAZd7hiPiTEYJQ8fuwb86N-3_oBh4t2Ba4n_JpH9lbdv65GHhcZWJz7e0SnUpaYFizoHn-_eBoJccyKoNFIWhFWy0Z_TavNyWkHoKdjsceW7A4Vm3vOSCkNeJIQkZmpqughUodChmqT2Qb71POScRJiGRkb3ECAl47WEaRYsUFS-fwK4hs9AKehVriYFv5J5bpAp0eenW7rO-x34uqMuiHfn7Aj-zbKENUKnjfJqASAg3M0R9Z9ZxPW2jbbZSMLsMANt9RV1yPRJvF4BVohBtGp_9uoux3s8iqQ8JXS7mZr8AcKOzwGFKEC9NfwZH8rr52lC43xyWMeTBJ_NPqMRwT7BlEwWY2--_cAQLBr_T3zfN6EEdSci7Sj3NPywV_VobIts650C7anv_JoPkLLLcTUJmiPyVNbiLkhdQMPZGbvg3-935RplrUYXT8sNNfT72f86aijX7S-GKeCoQ-obSRqYsz9HwNWoADS1RAPpjNmMuLGPG7dRK7riQ8x-b5JfvM2WN1kp1C18bOoYAXcqgCcZDRpocbVo5jVf-WWFCt5DAmADchlfpwj_2pTebAAezqbF8m6TewraiRxTiLPqJ7bPbT1SQ0cET33Qf3Qidru_TeBpZQPfmOU6OmzeNoT0FCBDI1CAWxUJKeCmU4gz9J_7XcRBC_NtFc2GkgGCltmiMZpOjVnuYz-dg61HLLHrN1irAi-iDsoDeejroSYB516rzPijMxY2LbclJDlc26QKkve6TifEuk3Cy6U5CBew1VFr1gk3m5KXm9-4qVGLvZFG3MK6ejROQaZm0O2tqu5kvDYWWDfQ3l68Eyp2k2AjJHdijEKRjF0OcahXpd-SSR-bgxX1b3vr4E4Here3a3J_qcRWlPHMdsWuweimMd-H9a7uNjgLiil4ZdGX6gnmNpWSNaYr2uqfL5ztcw&cid=CAQSOwDICaaNmmXyiacIOSDH3MCvOitjAzNqumXX0sCEnwOyr8sTsD8oL7Jn0kbQw42ybnJP87drHJh0G_ISGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fguaiba.com.br%2F&ds=l&xdt=1&iif=1&cor=15410258287401714000&adk=2857193498&idt=156&cac=0&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3410abcd54b3e5b0be2908349cbf0fc184301394e0b626c78cb2b07517ec72c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12475
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E136 0
20 B 72ms
65ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=213453407592&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E136 0
20 B 72ms
65ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=213453407592&version=m202309260101&ct=77&x=1&cor=14360590305932583000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E136 34 KB
20 KB 71ms
65ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BBs3cX0IZjzGtXH-vOL84-PNvjDWI7El957aKsyk_8mmkck2EVby5OQcO1qqR96EnuIpn0FA5dS6_05PKuiquCtwoInY16F9qYi5RdVm550TH-1FKcRcldmwpr7vJidLE0ri2e3fbthPJQXA04cCAG0UseTqeoLiYkQR3BveoE_hnJfdU&cry=1&dbm_d=AKAmf-BOniE1bR1ZDTkdAJLPJtaQdtyvJwsH0XPTENQ4OlSLi3zy5Y4j1r7-Kt_g5WTUts66Bv5KRFaqNo8uzZ59a1WrXDOEPoejP4b2Td3zI9e1SRW3TfCF8QZgqBc_FpevrrETR6C2hOdHfiOBP300uLjjSAE-M0aWmVmK43fJobLzAmJ570SNYPuZisap4An3xMisQvZ0kT2Bmr4vThy-qZluxm4jCkLOKiksM5yY6f2ZEZXhlQamYk1IxMrAOwB67ckYPrO4wzN6sEeWsI9Q_VuOt63TFvXHI2Wr5zr0MIT0_AtUzHjNmabhswTPJ4uXodcsUWIVHjN2SqWMXyAiFXySfhDzV8pjQqEe1rPM2PfBhZgAEE1-lTyzNyz9TOep-SD5JJFHybvS44zWiv-vMr3nNAbzULna8QyqL9ieOrNOOcJXaDvVt81cP_i4dSZHEbGM72X4obKaLWRmD61v8_XMBPiSngjJ2BaBj08FhNTe5MZHwUSxAXGimgsXGND2yT8If9T4BRThtA8rUH9IBy0XvRggIX5FBPjLgIISIkU2u94BWKCqDBvkc57GSJtzlTGd4hR5St1C6PZY1mo8a2q0SP272rj3Fs4YrHzIlVM9ELcjCEPdct0Zny1ue3VYoGNglgOFeriRlBjYRW_GFbxReGVGBNQgN_1DysBMGS6hab9yXYgd5Kl1UsGznU7AP9vRhQoaBPB-Xqt8s90fDWA7pmrQwWHjDY8Y4eYl2pi8H63bjaQMLfKr6LXnX4mYOkZk4MRhxnd3BS_fpKlm2jTUfCsb4c8hcmNc29c1aOhfWkzYhql5dYSdJNLev58gEtQVlV4CZ4x_7SjV57R9yW0kKJ0rkVLJa6-DQktXpKl9YPmAkB3fyk6F0v2OPZOFQpmhHkGD38oxnNSQnZ5DVP2xMPWeV9Tx0uxZWljKx36WY8eUPazfWynWaUmYlg99Q_r0eCpIjDHPChO9uFz9pKkYab7zQM3IcgO2tbc9W_vwad2PA_bLN3VftovSXrs3Iwhwho0fiPhfbaODayewdFFiXQZHLMCGMWL097pUjb6GuVmD-nTjotqNUWFyfC4_2wy7f7gGI_qnZ8JueObto-a6o2iWHr2mocAypWE1cB8eWAPae3h_OZbfkXJF8VTOLDvvq6DaT567wTvEwSUKzLiRWb3aU_ouWV7olM8LowTvNz1LkhRNhDoyNjwO4ZGTGOnm0SCWikNuKtY9NyqKUuTupGD5rVR3eYY2fJAhiLrv52Nk1RjEUqS-zfvIK0epv2VUDpHaMmgBeMvNegn3SlpAIxEOXnXmcpmxwIqVznVy4D96CYTahVrUZcPW1cqSNYv-xKlKVqkb8drm0QhRxqLEyrjgk8WjVQuNbEbuwbvOtx3JUJqRcu5suz_1CMfsBFMLcocSwLm7pqJ8ko5i3Ycb8ar7dQunwYMWk2xHGHh14AaT0t5Cx13MmhzLLJkcUtwaBzOUG-vxUAmlN3DZahDL2VfFETmP7G8EMu_LdDj2rIz_k6UrzzaXnDT28uSEHICsr9AwUbhZr2XqG7NLK6CGRkQ53hGjFRuNOCBo_DUKjh9_wKBfUwnd8h49xFeugnqp8UwaJg7Hks-_ccFN04wvM5-hHikuADAM8qTBAHMDR76CHtQAkYCSKznWaxBuwczToxmEW1BgqSm8cffsq4WXwYaRjOCx_bcBFAvrmHDauAInLQFm3veYNcCGjlkpAnX27F9nn-FH-p3a51GnReFXMEdpK1xRzCSmJHxNlWWJ1pWrCRs4uN4Sg83WObKLvhxjhhUOO-QjBZ1vm8GHD3i8h67YgJ3oI0mf1yOEYVesG80Rf5FdZmYzAHUhJMLqrot-g1z-q54Jmc-hh533PMzexK_bv4Th61Ge13mMfiATmuS3EMc-p37J2el6B3Qg0BTCzW6Thr4b8Ngv53oGvcwFXQrbQheQeKWGVulaK43UVVYMHhZEh1wCpWQ7veZOhd30zi7nmAjMNsaaFIeo3s2K96Sb3j7l35NR3OVcygbeeJ8cDhLLPeRZCEuWl8Sa28PvYpZeAq5_tZXFalDq9T_kTAQhFRnJxAO_CjJQWVU_utTjQFOV9SO65NhV9EcZrxl8qKC0-ASvUyAaLAsWXiqL6j1xf39bVkYqPwb-zgQgk8BOL996WYs_X_ZRS907HcXNDKheQqGXbPE2BZuMGMgo1oqK0TQYpWZTFBdIDvfy-B9w4Zts5pG1X7KEYjNGW6oUsH9BvLvLuWmAmw6IJMwdzxWBseKLZbZ4OCPQk2__8GDLHrC3QiJ29h5k9Ene0CNf11Kykb6v0S356F18NZ2FiopYAzd9QRngxmp8_ZwaH0gWwjDGAF30l4sFmOg8DOr1AJ3yDlNbe-z80jvwWJiPIXoASj9NScGH1dXAmKjR-A02nJW7zio9SquurNQ-byfag-MWe2cxDsU8LBowQzgrWlQqQ5X7EG-FL-1Qffy7I5kwsHf0Z7qrfbLfEF2Q1__6XiqO77pRJ4hrwYdHZBoSRe8vwwORlPiyvd1xjMZ-uKzDWBosd4NOYNitXCGUbjMlO4pZiZkQjKo0geNgTboZPYrZdM-noEjOvHRLbZi4ANXI7jteWHjYvbUDFDuQozP4ZBdOXs30dZ4IZUXD7hgBZ7Mlyqd5h6xYpulV5ZuH1QVK8mS1bT-3ZJ9bKHw6vWw0jUjByrY075dXYsAZT5cYFRtFcBZCgcAs6ayuopa_eO6-XXt7P6mGijseZYZcdGMGEREZ23mQddVAVpi3DvdRX2cyeJ-W4deTczXU45iiMeHZmmDY9pGa__uzTBKpAov4T44ifbcaoypT5mVyHnEpQk62Lk5t57aHzKAc9xpSr0ZXvEOHQGjgB7ZgyH01jtLj2qKzo9sEXDk9vz4RKoknIH_p47HtzwDEyVg2bF8uLNOGM3aFqDorCIRc8klUP_Dat8LbTdnA6PeEPY-7LSf-iKvL0qIhAU8DpxihIvn1kw13LYChyM4GrBWSP20utyma6gLqIBJj8JMd0FDWnIbOW8nDGUHkpFdxkBT0xLadvltBaI5MelNFIFkfdNIpiflMWLHb0Zsk5Jj0SGrER-QQ2fLpVG2Kpo_-YfDRdyG8JJyqwfcdwMystauDRNRVwIBd5hCiXGEs1BZrzD6VCigaWrOisxSojKsCpFY_BqCbISoXsEMqvpW08Nz5ItMSAz7tr8Pz3BpamyIsNDrwAJDffZfmhatGAD6kJth42NLfIGNEx97tXPqFystIy0vRvuKYox2FNyVkAVRzTfU-HWN-IlHsEHPbkEgfzrMbKZ4gNBfFxMJ1d8CY_fgEOtEk5YqQtR3yPsW6wlKSuhSZQZlmX8dYhSU_AiPOg0Jj5mHNs3sTssVyq5JTB2PIwdCqwr3aj7p1I-lcvp2uxhbO0hpXe5pqY4yXhShPR-KwKLYDsykZkAecnDsKoGyJRlzi8LOkj4K8EnOEJBqJr_1HaeTVn2La8s39vY1AuYqOlaMK6O6H-86pt0kH_PWShaIXuT3Eym9AE8_0c1giEk4ugSBznnhEXu61S1vrq03lIM8GY0Lp-A66UI3DSXj0krlmBUOV1gkwr67WZe34rJCF6JAZSAFpErU5p-VRxzdKjjFvFhcaepZGvVZYThpAvw0wbDemhkxqx7E3M8A2s7ZIFXPksSCWKi9Bq0d5uk6ND-Vxxkc_S-CKUa71TBTeIwW-noiuV6aCGpFzo18RPWCU_EuQ0g_b4S0pvsFqCR9_6u1boY40GwOdWWgu6ODSb--ygJ6YqPxbAY7FRyuYQhUF804KJkjdUCADw9KuadIKbiOpii3IIptw-NYNN35uNDOqJJKxfLsf37X137vbEDHMVlY_7uUpOshwe7TZF8j_MF6WWhON23eLCu1mj43RS61jr9dGLNjB7_zI8ipp6uZCckc8azH6sQsh0sOURDtg-_F2TyDxBK9jyA0bLdYbEvHsZSW5BbWXJNbN_wHhqaMMTl5dkIlhGvNkbmi3f6rZJ29QPN9FFRbNJ8HDmpbYglFF8pqUK6Wg&cid=CAQSOwDICaaN-YUzRffMFDVjSfrs5HM4q2SAh9AARkP1j_Wk2fQROtU4TGaszoK6eO_xwI4uXDNdJgmp0DmbGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fguaiba.com.br%2F&ds=l&xdt=1&iif=1&cor=14360590305932583000&adk=2086295851&idt=201&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5baa4e9bc655ad466b1f0c7a7c9ceb63792bf85b89468788e9ec45e5e7eabb6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20067
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C2FE 1 KB
643 B 25ms
23ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 70338
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Nov 2023 16:21:57 GMT
etag: 48472445140208031
expires: Thu, 16 Nov 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame E402 39 KB
15 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 19:45:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Nov 2024 19:45:57 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 94F9 41 KB
14 KB 29ms
22ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DPNJyqlzzpd81f0EKeYHYmrGibTBaHmTcxLerprix7YfskIzIaO6q4-FkNP2fbrKhoVDlDPH0qPOBL9ewvA8eyAS7VGH0H7Xx6xCQMRltqdMa55CxPZH-P6r5jgmmzcoqREUqrCCGqP54lnug9p8lHL6u0V8AUDKPEF6yI96GblwZYhyU&cry=1&dbm_d=AKAmf-B9duKlQccHTkaTCmTKzsqiyAEYzc0hwXcaD8iVd8KzmhGRItWdoNd_d6i3Qj9gqu8N2COq8Ssddk8FS2dnnTjWnGb5zOvKJjL5psiGTBRxv5eKzJ02DgUqkiMnKQuR1oS6lQFV1YLZsdXgvxgCEadk87h5whwAMCPtl1pPsgrjK5tqlhEFXikXrHz00qINedrBsKkXJU_NZOVe0J6pbdhBjLKtAQKzBLiCkxr5MPYZ0EoLp7A1utPAFfJ7dlcqOSWv8ff3-WOHIEwru97THaKW3lkDEnYK4r7MyNJEpSDBEMgpCUS3CYIoV83KqMpa4NckQmknIkx1l626y_Rjgt5D6n-u0uRzHD8JlwVig66Y_GRexm0a6wqoaiYrzTiE5XMpv5fs-p0utbDc1TbFdpU3pdWu-9TPdv7A9YkZRwFUbRXc0BPSRcvtR4cNhwzTEvt55WWb5u-szi7Bb5TMUyai95vRrBpR2EzVriv32XGq_Fkw5zrfP9x0uCSRK9LI3-BUTnapyZB_heBlO5GaDq3RNI7lXgBcyIUFMIXi7kcgysyTzlgVostbr1zVeDN3L5tsid1yyzgNvXf2Y6uuNTJhwyVi5fyrE_QEurqWqwT1pgCONmSrBF-VYbIbrCcwIM-ZW1HDA91WlZd5UNHXTkPrk3mxq9Y8hJrGs5bY1AsKJ9Szp7yT77u0rcWOn1BJF_0xceCW7pJO_T0-tqdwBmlujcPud9mrNdpDGU_yTKDQhs09GeEQipuwu5jKdCOQbdHZ00eGoIKNo7MQ64kit3o7HY2lx9pecv2SuBisZLcciYHDy-5ngK7AVrerFRlKkhG-auvDgkgwSf1Y1xAQj_kd-DKjkrc8UoMHCQ1OUlk-XOwDYBAUFIs14EwRrEMiB40829twWfyAzNfMhc0TcbQivfd_P_Q_aCwpGavjqVs7aw_2n0XLZcEWd0I_VoUic64348EAlH81DX2wj7AV8Q9t_by43gTENe1pE98kmPfWKpm2snuUXIgZ3JPomgE_8HqaFUOdsJxbO7leWuyAiJGKIs3Dh2YC4NPmVhUdhXqHmFCjO_6tz3_HSwB2WEBXcIDaToBryUKhNjg00_K6zIObnm3h31Aw4hRtPJFzQWJFkd-GJiqPm_9ekRedhlInpWPLYpwE31_aQgJ8EfSrdB-nQajy1zKC63MxBxR3ify-ecXEXIpknftAmkjVzqdhIANr_0Sw2Ziyz9uw3uUGvKKbRcZ_Z2c72auLFk8_zvGoayvM2A4wFrNLc2FQ5GpEM16XimjICTE8QmJZxKdbIIDjfyM4Ghios0OE428oVpluyY2ts9EFTGp7yD0bc2xVNFOU3URChqESB54B_PbGpgWJSWoxjcbtjBnPnPfqfGlKzYt0GWOpoZs6dSGhuL-5WH5-e8NvzIeRIYEGXv_ZiJPk6D30xZ5VrSRUUmDjGUSaPMD6p7enyY9tg-NuPod3-JzHwrokkglSn0k_FQjKsgE0eoFqt7iTOB7X4iN70kSgueNI7-dEl8CCqylg2CgrDyAYrKzkoL5sP7FC288MtCTej-60ZdR49agn8WzODZMAtzKZGURH-vICuuUYrqjynqNyw0xsBIOl0ZYvs8TpVNTZMkDE68huTEFCi5Ia7tN1K3VnLrItbiPdEOL7yJ_pjb-VR8PSf_0AfboMrJBnx6xkMesEKL7ZgN3UKuKdysukD3SLGQcdQeMneQEwF_CsFReC_4Uphhh5EqizjcEcv7OjNM8Oq5iCTa6MPWHsMitvK_QYm5a6p_iAHbCJ6sREnAncGfxlTd-IccGDfxzBwOyagJK4o7q0_xXWhNK8Oo0me5y0XzijSnNZJzxZnFfrvxqDQx_eGra8V86iIpAYUr9NFUXzM3Wk6nUvIBck3r9PJ__z_qmOGoh1WsT_aaLPoQ1_306sTkTcWDojjbZnceCB_apAlE6UjDF5iI3kl78SFWZKRxTO7ojqEiVbNTdNiBAVlbuljqZ6hEjgN_-hb6oAufbsAekY25OGM-xso7Vuviw7lfWIBznj77HlYe32-sRHoNBP5rQJ7FQQxekgnLO8CrnYp9iwz2IpwZc1TmQnWk-RKu0eKsHjq5_rSz_Qr_yTc_BtYIQ04dB8WN1nl0BUg05JN3ggeZxh0R4yaoKW6PqshyrKxwmWSkXCTAH2rRTi4q4GVnEpgVQ0BASbtuFyvIwp_uF82AHqSn0WObMDIAdxvk5yi3e2MXm-cdxKvziVKI_UELZLPyAB_jyZGXBvaFLDH353SmDLeeqVMewOOv_lUegsvBq_ZiuLg-jb0d-Co9MkY6TXKXbZ0SQP9HgzaEYV88KBeVy2ALdBeFYpnzEkOyfzrNq_v2yUOuiS2PKzrOFRvWJDukqhgW7nHGVFJXr2_Q5byj6OIzepSOgrxQmCZM5SqEOqAAZd7hiPiTEYJQ8fuwb86N-3_oBh4t2Ba4n_JpH9lbdv65GHhcZWJz7e0SnUpaYFizoHn-_eBoJccyKoNFIWhFWy0Z_TavNyWkHoKdjsceW7A4Vm3vOSCkNeJIQkZmpqughUodChmqT2Qb71POScRJiGRkb3ECAl47WEaRYsUFS-fwK4hs9AKehVriYFv5J5bpAp0eenW7rO-x34uqMuiHfn7Aj-zbKENUKnjfJqASAg3M0R9Z9ZxPW2jbbZSMLsMANt9RV1yPRJvF4BVohBtGp_9uoux3s8iqQ8JXS7mZr8AcKOzwGFKEC9NfwZH8rr52lC43xyWMeTBJ_NPqMRwT7BlEwWY2--_cAQLBr_T3zfN6EEdSci7Sj3NPywV_VobIts650C7anv_JoPkLLLcTUJmiPyVNbiLkhdQMPZGbvg3-935RplrUYXT8sNNfT72f86aijX7S-GKeCoQ-obSRqYsz9HwNWoADS1RAPpjNmMuLGPG7dRK7riQ8x-b5JfvM2WN1kp1C18bOoYAXcqgCcZDRpocbVo5jVf-WWFCt5DAmADchlfpwj_2pTebAAezqbF8m6TewraiRxTiLPqJ7bPbT1SQ0cET33Qf3Qidru_TeBpZQPfmOU6OmzeNoT0FCBDI1CAWxUJKeCmU4gz9J_7XcRBC_NtFc2GkgGCltmiMZpOjVnuYz-dg61HLLHrN1irAi-iDsoDeejroSYB516rzPijMxY2LbclJDlc26QKkve6TifEuk3Cy6U5CBew1VFr1gk3m5KXm9-4qVGLvZFG3MK6ejROQaZm0O2tqu5kvDYWWDfQ3l68Eyp2k2AjJHdijEKRjF0OcahXpd-SSR-bgxX1b3vr4E4Here3a3J_qcRWlPHMdsWuweimMd-H9a7uNjgLiil4ZdGX6gnmNpWSNaYr2uqfL5ztcw&cid=CAQSOwDICaaNmmXyiacIOSDH3MCvOitjAzNqumXX0sCEnwOyr8sTsD8oL7Jn0kbQw42ybnJP87drHJh0G_ISGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fguaiba.com.br%2F&ds=l&xdt=1&iif=1&cor=15410258287401714000&adk=2857193498&idt=156&cac=0&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:31:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 285746
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2024 04:31:49 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame E136 31 KB
12 KB 34ms
31ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BBs3cX0IZjzGtXH-vOL84-PNvjDWI7El957aKsyk_8mmkck2EVby5OQcO1qqR96EnuIpn0FA5dS6_05PKuiquCtwoInY16F9qYi5RdVm550TH-1FKcRcldmwpr7vJidLE0ri2e3fbthPJQXA04cCAG0UseTqeoLiYkQR3BveoE_hnJfdU&cry=1&dbm_d=AKAmf-BOniE1bR1ZDTkdAJLPJtaQdtyvJwsH0XPTENQ4OlSLi3zy5Y4j1r7-Kt_g5WTUts66Bv5KRFaqNo8uzZ59a1WrXDOEPoejP4b2Td3zI9e1SRW3TfCF8QZgqBc_FpevrrETR6C2hOdHfiOBP300uLjjSAE-M0aWmVmK43fJobLzAmJ570SNYPuZisap4An3xMisQvZ0kT2Bmr4vThy-qZluxm4jCkLOKiksM5yY6f2ZEZXhlQamYk1IxMrAOwB67ckYPrO4wzN6sEeWsI9Q_VuOt63TFvXHI2Wr5zr0MIT0_AtUzHjNmabhswTPJ4uXodcsUWIVHjN2SqWMXyAiFXySfhDzV8pjQqEe1rPM2PfBhZgAEE1-lTyzNyz9TOep-SD5JJFHybvS44zWiv-vMr3nNAbzULna8QyqL9ieOrNOOcJXaDvVt81cP_i4dSZHEbGM72X4obKaLWRmD61v8_XMBPiSngjJ2BaBj08FhNTe5MZHwUSxAXGimgsXGND2yT8If9T4BRThtA8rUH9IBy0XvRggIX5FBPjLgIISIkU2u94BWKCqDBvkc57GSJtzlTGd4hR5St1C6PZY1mo8a2q0SP272rj3Fs4YrHzIlVM9ELcjCEPdct0Zny1ue3VYoGNglgOFeriRlBjYRW_GFbxReGVGBNQgN_1DysBMGS6hab9yXYgd5Kl1UsGznU7AP9vRhQoaBPB-Xqt8s90fDWA7pmrQwWHjDY8Y4eYl2pi8H63bjaQMLfKr6LXnX4mYOkZk4MRhxnd3BS_fpKlm2jTUfCsb4c8hcmNc29c1aOhfWkzYhql5dYSdJNLev58gEtQVlV4CZ4x_7SjV57R9yW0kKJ0rkVLJa6-DQktXpKl9YPmAkB3fyk6F0v2OPZOFQpmhHkGD38oxnNSQnZ5DVP2xMPWeV9Tx0uxZWljKx36WY8eUPazfWynWaUmYlg99Q_r0eCpIjDHPChO9uFz9pKkYab7zQM3IcgO2tbc9W_vwad2PA_bLN3VftovSXrs3Iwhwho0fiPhfbaODayewdFFiXQZHLMCGMWL097pUjb6GuVmD-nTjotqNUWFyfC4_2wy7f7gGI_qnZ8JueObto-a6o2iWHr2mocAypWE1cB8eWAPae3h_OZbfkXJF8VTOLDvvq6DaT567wTvEwSUKzLiRWb3aU_ouWV7olM8LowTvNz1LkhRNhDoyNjwO4ZGTGOnm0SCWikNuKtY9NyqKUuTupGD5rVR3eYY2fJAhiLrv52Nk1RjEUqS-zfvIK0epv2VUDpHaMmgBeMvNegn3SlpAIxEOXnXmcpmxwIqVznVy4D96CYTahVrUZcPW1cqSNYv-xKlKVqkb8drm0QhRxqLEyrjgk8WjVQuNbEbuwbvOtx3JUJqRcu5suz_1CMfsBFMLcocSwLm7pqJ8ko5i3Ycb8ar7dQunwYMWk2xHGHh14AaT0t5Cx13MmhzLLJkcUtwaBzOUG-vxUAmlN3DZahDL2VfFETmP7G8EMu_LdDj2rIz_k6UrzzaXnDT28uSEHICsr9AwUbhZr2XqG7NLK6CGRkQ53hGjFRuNOCBo_DUKjh9_wKBfUwnd8h49xFeugnqp8UwaJg7Hks-_ccFN04wvM5-hHikuADAM8qTBAHMDR76CHtQAkYCSKznWaxBuwczToxmEW1BgqSm8cffsq4WXwYaRjOCx_bcBFAvrmHDauAInLQFm3veYNcCGjlkpAnX27F9nn-FH-p3a51GnReFXMEdpK1xRzCSmJHxNlWWJ1pWrCRs4uN4Sg83WObKLvhxjhhUOO-QjBZ1vm8GHD3i8h67YgJ3oI0mf1yOEYVesG80Rf5FdZmYzAHUhJMLqrot-g1z-q54Jmc-hh533PMzexK_bv4Th61Ge13mMfiATmuS3EMc-p37J2el6B3Qg0BTCzW6Thr4b8Ngv53oGvcwFXQrbQheQeKWGVulaK43UVVYMHhZEh1wCpWQ7veZOhd30zi7nmAjMNsaaFIeo3s2K96Sb3j7l35NR3OVcygbeeJ8cDhLLPeRZCEuWl8Sa28PvYpZeAq5_tZXFalDq9T_kTAQhFRnJxAO_CjJQWVU_utTjQFOV9SO65NhV9EcZrxl8qKC0-ASvUyAaLAsWXiqL6j1xf39bVkYqPwb-zgQgk8BOL996WYs_X_ZRS907HcXNDKheQqGXbPE2BZuMGMgo1oqK0TQYpWZTFBdIDvfy-B9w4Zts5pG1X7KEYjNGW6oUsH9BvLvLuWmAmw6IJMwdzxWBseKLZbZ4OCPQk2__8GDLHrC3QiJ29h5k9Ene0CNf11Kykb6v0S356F18NZ2FiopYAzd9QRngxmp8_ZwaH0gWwjDGAF30l4sFmOg8DOr1AJ3yDlNbe-z80jvwWJiPIXoASj9NScGH1dXAmKjR-A02nJW7zio9SquurNQ-byfag-MWe2cxDsU8LBowQzgrWlQqQ5X7EG-FL-1Qffy7I5kwsHf0Z7qrfbLfEF2Q1__6XiqO77pRJ4hrwYdHZBoSRe8vwwORlPiyvd1xjMZ-uKzDWBosd4NOYNitXCGUbjMlO4pZiZkQjKo0geNgTboZPYrZdM-noEjOvHRLbZi4ANXI7jteWHjYvbUDFDuQozP4ZBdOXs30dZ4IZUXD7hgBZ7Mlyqd5h6xYpulV5ZuH1QVK8mS1bT-3ZJ9bKHw6vWw0jUjByrY075dXYsAZT5cYFRtFcBZCgcAs6ayuopa_eO6-XXt7P6mGijseZYZcdGMGEREZ23mQddVAVpi3DvdRX2cyeJ-W4deTczXU45iiMeHZmmDY9pGa__uzTBKpAov4T44ifbcaoypT5mVyHnEpQk62Lk5t57aHzKAc9xpSr0ZXvEOHQGjgB7ZgyH01jtLj2qKzo9sEXDk9vz4RKoknIH_p47HtzwDEyVg2bF8uLNOGM3aFqDorCIRc8klUP_Dat8LbTdnA6PeEPY-7LSf-iKvL0qIhAU8DpxihIvn1kw13LYChyM4GrBWSP20utyma6gLqIBJj8JMd0FDWnIbOW8nDGUHkpFdxkBT0xLadvltBaI5MelNFIFkfdNIpiflMWLHb0Zsk5Jj0SGrER-QQ2fLpVG2Kpo_-YfDRdyG8JJyqwfcdwMystauDRNRVwIBd5hCiXGEs1BZrzD6VCigaWrOisxSojKsCpFY_BqCbISoXsEMqvpW08Nz5ItMSAz7tr8Pz3BpamyIsNDrwAJDffZfmhatGAD6kJth42NLfIGNEx97tXPqFystIy0vRvuKYox2FNyVkAVRzTfU-HWN-IlHsEHPbkEgfzrMbKZ4gNBfFxMJ1d8CY_fgEOtEk5YqQtR3yPsW6wlKSuhSZQZlmX8dYhSU_AiPOg0Jj5mHNs3sTssVyq5JTB2PIwdCqwr3aj7p1I-lcvp2uxhbO0hpXe5pqY4yXhShPR-KwKLYDsykZkAecnDsKoGyJRlzi8LOkj4K8EnOEJBqJr_1HaeTVn2La8s39vY1AuYqOlaMK6O6H-86pt0kH_PWShaIXuT3Eym9AE8_0c1giEk4ugSBznnhEXu61S1vrq03lIM8GY0Lp-A66UI3DSXj0krlmBUOV1gkwr67WZe34rJCF6JAZSAFpErU5p-VRxzdKjjFvFhcaepZGvVZYThpAvw0wbDemhkxqx7E3M8A2s7ZIFXPksSCWKi9Bq0d5uk6ND-Vxxkc_S-CKUa71TBTeIwW-noiuV6aCGpFzo18RPWCU_EuQ0g_b4S0pvsFqCR9_6u1boY40GwOdWWgu6ODSb--ygJ6YqPxbAY7FRyuYQhUF804KJkjdUCADw9KuadIKbiOpii3IIptw-NYNN35uNDOqJJKxfLsf37X137vbEDHMVlY_7uUpOshwe7TZF8j_MF6WWhON23eLCu1mj43RS61jr9dGLNjB7_zI8ipp6uZCckc8azH6sQsh0sOURDtg-_F2TyDxBK9jyA0bLdYbEvHsZSW5BbWXJNbN_wHhqaMMTl5dkIlhGvNkbmi3f6rZJ29QPN9FFRbNJ8HDmpbYglFF8pqUK6Wg&cid=CAQSOwDICaaN-YUzRffMFDVjSfrs5HM4q2SAh9AARkP1j_Wk2fQROtU4TGaszoK6eO_xwI4uXDNdJgmp0DmbGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fguaiba.com.br%2F&ds=l&xdt=1&iif=1&cor=14360590305932583000&adk=2086295851&idt=201&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 04:49:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25466
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11874
x-xss-protection: 0
server: cafe
etag: 3876053170955424897
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 04:49:49 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame E136 41 KB
14 KB 33ms
30ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:31:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 285746
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2024 04:31:49 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDEzNTY1NTI0MzU2MQogIHNlcnZlcl9pcDogMTgyNzk3ODYxCiAgcHJvY2Vzc19pZDogMjE4NTIwNjAzCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDU4NTk3NzQK...
ad.doubleclick.net/ddm/activity/ Frame E136 0
580 B 65ms
61ms Image
image/png 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDEzNTY1NTI0MzU2MQogIHNlcnZlcl9pcDogMTgyNzk3ODYxCiAgcHJvY2Vzc19pZDogMjE4NTIwNjAzCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDU4NTk3NzQKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL3ZvZGFmb25lLmRlIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDgKZXZlbnRfaW1wcmVzc2lvbl9pZDogMzM2MTgxNDc5NTc1NjUwMTIyMQpkZWJ1Z19rZXk6IDEzNzgxNDUzMjI4NjIyODAyNDUxCmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyMy0xMS0xNiIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDU4NTk3NzQKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzNzgxMDU2MDcKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDEyMTA5MTQ4ODcKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMjA1NjcwMjkzNzUKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA1MjQyOTk3NzEKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vdm9kYWZvbmUuZGUiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9vdGVsby5kZSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2xpb25nYXRlLnNvbHV0aW9ucyIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo

Requested by

Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xa40b513db61c24080000000000000000","13":"0x2a07a375dfea120a0000000000000000","14":"0xf41e611e1b88643d0000000000000000","15":"0xb561a7a9b671d83a0000000000000000"},"debug_key":"13781453228622802451","debug_reporting":true,"destination":"https://vodafone.de","event_report_window":"345600","expiry":"691200","filter_data":{"14":[],"8":["5859774"]},"priority":"0","source_event_id":"3361814795756501221"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 94F9
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1520146/76103085/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-BRq0auYG79FVJ8MAOrCJHALTEeX0bEB4YdnPu6Uu0IMFFQWow8rRY...
https://static.adsafeprotected.com/skeleton.js

17 B
465 B

47ms
47ms

Script
application/javascript

2600:9000:225f:7a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:225f:7a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 03:21:19 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 0cd2c3fbaf7659321a893cd5ab933aa4.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P2
age: 4350777
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: GbPg-OWJhUysQtfp43s17XgUxaFVC58KDXy1OmMKscLO8n2Ci6qL9w==

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
server: nginx
x-server-name: app13.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 1D38 91 KB
23 KB 40ms
40ms Script
application/javascript 2600:9000:225f:7a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225f:7a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 0cd2c3fbaf7659321a893cd5ab933aa4.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P2
age: 4880705
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: tgIxjmUUha2-mYGLy6cmizDLgkIcTqtyiN5HKcdLEgV8Fvf4SDg9uw==

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 9EB5 0
0 62ms
62ms Fetch
image/gif 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuRTKmFKdrruaB-5_tGS2Qv2qeiQ4lAaUSHnfeZMGeNC5t3_FiHZxqHP6rwCVtaSHBkRPdJiFeotTrxivA5mbE2d88QnIEo2apGokUnZYcvAmQjVWhfXubAagSOq9qHy4PhclUdhva_Hh7FM-uv4xmaq0f8N6otcHuKeuMTVKOS8ZwSGcpfhZOw3Y56lq-CVk1m6Gxstklvl8tU2T0sezUQLFyiHd_Lbrd9M38CnJ0NNqADu9uJe6JRx75iuSr2JbphNIRElNkM3IGTWDOTwq7X9lTqR67gfQwoaqYzWNko50sZSauspvw1-xZrtvMz8W2P7CQgbdaBK3EjcwUGx22Enm3cNSq211Kcc7A2Va9k40d9NZzdDJjPm2i81RJosfyxtpK2oetCXzNnGiAfPHNBdU0GVbhqxI4xYw2378kClFmQZHSBAs5OC9VVzLjMwJnZIM1kNOX6YiVYScsKG8EQ8Jfr9K-Uvn3JVuInppAGtYFEIdIhqBFgmDwMIkdKyMu41zt0qWFnGE9mqqOp0dhcstai7tbloBeBQnenUT0tgeGHIR3MfOfDNCZwBzFIfB_kA3W5GldToHkqHqap9UetRDQE33huHWMvGBJQ4OgvDBHbgecRIqQJ9Rb4U3GsOPkrR4Arhake3PbvFdCwnFqQBNZzQbwuLDWJV21Ft-YaIvUyHO4eDC4uQUFjJQ7RxKWknEfoRECvDZVrpb5AZoex1gkUWs6O98d8ZJzl11FXr7xjE-_nryL3PX6Y_f3XqbabA-uhMtDTQ0cIHd15NbHoDpbTUtbLF_Npphu6sIHD3T0K-uOsY3RP3MfVGUHrTTM_3Dmr0Mv08unLnOqbmbQHKh4r3OpkaTJ91nNSbeH29VHmHmu5s7IWbdEbYgEoXy2in-cJJkTIu-xVuVRjGxyyEZZcsM-Nv2TCqJn5BE0bHmpRrXDUvFE_yejWDb3k-iTLglYvOisiuDZWvSDy-EHa797Jk_oW6GHA64BoL1cePqPy55NDE0zPmW0w87M1xvUGFW-3n2xv_pXMR1_WCNMzF18rXG1RGhhd65IgcSRveSkp69Wd9JHvF2_-b78r6EfQzVrYfGa88Z1F-bx1lpvQwtvN_vLBY0PkVY6XhTDWLMuFSTmXMhFF1qjXgkbi_VSN9i5t83INanPsoNCGxH3KdFRrsXc0vwQzGsrIw7UdgUYoLBNi2zK4whoGHHSs-N7Rw4fZfrs9fZeeprAWDk-V-SrBma5Bzs-qqHeVakgPWfgO8XSSkMoDNxDCSHQ6sG-ayTvdWFQfPLwq_KsD6139rNsxQDXhg7XDhYCQvVnYqKomnP6_9ZqM2Hh38vtLH-ifXfABgy24-QuYf-5BY2bhNX5gR4ixGGeZIzw5BVrFPWJ5GfGpbzwhdGsBxngsFly7i4TKUQQ6SPO_KESV8JIb0rv1Y6iqwl6bgvRX6_y-6Hz_9wz5B8gA&sai=AMfl-YRwxqP_nikaQ9cUvgo3RYVd8QDAkMFycP5H7Y6pIVzDBCLTmI_lgLxUpv0boLdb1OIaO4hZX0wsc1ad_jBiL8cc5qVh8CWfK56zzHH7ofzOp_vFu6MnYaKQj-6O84WwQbzq9Ar546I6c9nsnY3QTqM2GoQQL1I3OXUteXsCiOW-cz3hHKj_53FpZz-XrLs0WS2Wl3kb_lgOZUsswKckrZQb63q_r4WQvp4DwMJtoc12iCgmV0quSiajmzl2IjJrDIF4s1nz-DC1rw-pvb1V_wTExEoK2MtFGCnolXg37dmsBc4WEldSOQeWp6t_uTVA5a1OPQ7j9fXfpsupvDA1oDSqGW4EUP5hbp0oumxQECbskUqbGEIMn33mmvKnVmOSkx1TE010XjcPepQICxS7uaWRRr6WrszlWdG8b7sNqkDe&sig=Cg0ArKJSzNXD_g3RSgB8EAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zbWFydC5jb20&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=762&vt=11&dtpt=506&dett=3&cstd=254&cisv=r20231109.91467&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/630/s1.adform.net/ Frame E136 37 KB
17 KB 158ms
36ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=68648312;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=20567029375&extPm=20567029375&extCr=524299771&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CNSEf5gJWZd2yF-TDjuwP8IezEJ6AtNRzg9melpwSxcf93wUQASDSs7t2YJX6-IGUB6ABhseYtynIAQmpAik3-YXKL7I-qAMByAObBKoEngJP0Jj10xdLWl2skEi-zzPcvf0db_Giq_CD7UpHpDnPeWD0HxJ09CQjoWIK2vP3oLqdmQEBfTb5aJnERBHIDuGt7taBWC3B1BL0gz9GmqmQko2sJVJ0DCpUb6UjaJaMoK9V3YbjiP2nUJmUL3SwgEKHh8t5Y902kz0k3RVpArxF1e2Vns0o6eISuN5jk_V3HPj1Y7QCzBKP6L6cEN8m3FkzKaZ09ld2M_iONzzk8E8scU--EL4nVqtKDqfK7aYlBQEUq80Qaa6s7cVuKLDq9tMA-do-jRzk2KZyBGpsJz-DzVGtquiVYS84Nkw8BdHADE10m8XCHe3NQ0ELULLh---HCJzrVDWNtI3r9sxGUFcAMgRWcIGqoKhuYiWznUtNwATZzO7uxgTgBAOIBf_sj89MkAYBoAZNgAeG_-iWBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0yNzU0MTg5Mjk2ODAyNTYwgAoDmAsByAsBgAwBogwQKg4KDOS0sQLutbECtbixAqoNAkRF4g0TCNKw_e26yIIDFeShgwcd8MMMArAT-_vDFdATANgTDdgUAdAVAfgWAYAXAQ&ae=1&num=1&cid=CAQSOwDICaaN-YUzRffMFDVjSfrs5HM4q2SAh9AARkP1j_Wk2fQROtU4TGaszoK6eO_xwI4uXDNdJgmp0DmbGAE&sig=AOD64_0PFme-pEgu_fFpMwKPJ7-pa3sHwg&client=ca-pub-9153399113741741&dbm_c=AKAmf-Bee-XfIQTFmB0y_q5-vrHoFO4LA0B3-iG4couuriVTdNNvLhqZXX10SnmxvDgAF60MKsKQYGJ7aari-3twYxBYhWIPypWlcJ5Ahkue3V0pScBpjuWGOByIw_AwpLgjrbwSANcBhTaU9wbwkP-CcExOZ5h8ZtyvgJRZI6Pc2uvjM5kKmLI&cry=1&dbm_d=AKAmf-Cf-mjpdEQQk_go8nkq4_Fd62myCom7ykCt3wmU1BcAq4wYVoSo90Mt_ZFVMEWES2V_BZ0filyOg_yAybZfCmOEODr-A5wH8u8wu2sxmQsmRtWE7bAMdx_SDy9dvV23cjXkBviNFamjc_Ng0rSYFi6FiqCidWmLCalvBFO549Y9dx_RX_P3vCoNwSM4eHc2R9IoI52dsLKmkSIJZQ4Srr4Rq2WAwFpz0IDrrtHs07gt58mSaG4gu7mrSywge3_CGbWdsaSMW8osTc7J1jhc3f8sDaXd2X2zWvUcSVt67eawFZk3vJltRsugTW-9kxyQ53UkRzcWMpGVsMhZaTiRvDhijbijLWATJyyIpOp_2QYsn_bzoNFJrTbFdnMIfdGaDDAiJ9MmbE0qyX7Yq4OmcG9CQsmRNzdUIduuoTgU5gcUSI4pBXgNeTvmJQo579ma7v3pshojtRHG_aaBTlO-xHeBgFAV2TKPh_acmOoyuVuh5B2obRNU7VexSks4nBd1E7Wy_aQHOlqBtlabmwUvBhynPBK5cO2eNfOOaeVqPbaYzCIsCo0&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 577bbeb02edadd6a6119ee367adac8fd8b43b40a3763939f1d01e3cb9dd9a9a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:15 GMT
content-encoding: gzip
last-modified: Thu, 12 Oct 2023 13:27:00 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 17 Oct 2023 16:09:59 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame C2FE
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJxvmGNWtO7xlxqOqV5cxLI&google_cver=1&google_push=AXcoOmS5bFEKCZpjZU1Li9r2xf7i-qRC2l6dOugBA4Bvfxkfh2fpigi-7cXVlbv5tnra6lI1fElEWMJO3kmL6vKDWfO2AFrrZOQ
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDE1NTg5MDU1ODgxOTE4NDk2Ng==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOenk4I4ZJXVNJeduJF8Hpc&google_cver=1

43 B
398 B

80ms
28ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOenk4I4ZJXVNJeduJF8Hpc&google_cver=1
Requested by: Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOenk4I4ZJXVNJeduJF8Hpc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C2FE
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDc99CGV_ZfA4iDTf7RRtNM&google_cver=1&google_push=AXcoOmQ_DWP9sYFGcokdMIiYhK1hd3NYzE6-OlO38dD-AP24bQCt9RY81x...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQ_DWP9sYFGcokdMIiYhK1hd3NYzE6-OlO38dD-AP24bQCt9RY81xZ7lrEZ2TuxOeS-CKpFsDnf42zK9RdDbPi6gLRIBw&google_hm=8Vm7qNzbIVcy40...

170 B
188 B

38ms
37ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQ_DWP9sYFGcokdMIiYhK1hd3NYzE6-OlO38dD-AP24bQCt9RY81xZ7lrEZ2TuxOeS-CKpFsDnf42zK9RdDbPi6gLRIBw&google_hm=8Vm7qNzbIVcy40z-Vmzj0g

Requested by

Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQ_DWP9sYFGcokdMIiYhK1hd3NYzE6-OlO38dD-AP24bQCt9RY81xZ7lrEZ2TuxOeS-CKpFsDnf42zK9RdDbPi6gLRIBw&google_hm=8Vm7qNzbIVcy40z-Vmzj0g
pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C2FE
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMEQkY0qLNQPBfIsGFEdgi4&google_cver=1&google_push=AXcoOmQCufhMbxoFnwZ9asMBawzQsPQXj9Xe648YbLidWQrE9A94ttzDmBG_rIOXRa54hVMhR-pq43ex...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njg2Mzk3NTE5MTA0NTM2Njk2Ng&google_push=AXcoOmQCufhMbxoFnwZ9asMBawzQsPQXj9Xe648YbLidWQrE9A94ttzDmBG_rIOXRa54hVMhR-pq43...

170 B
188 B

50ms
50ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njg2Mzk3NTE5MTA0NTM2Njk2Ng&google_push=AXcoOmQCufhMbxoFnwZ9asMBawzQsPQXj9Xe648YbLidWQrE9A94ttzDmBG_rIOXRa54hVMhR-pq43exivtdBuoWPwWviaKMpFc

Requested by

Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njg2Mzk3NTE5MTA0NTM2Njk2Ng&google_push=AXcoOmQCufhMbxoFnwZ9asMBawzQsPQXj9Xe648YbLidWQrE9A94ttzDmBG_rIOXRa54hVMhR-pq43exivtdBuoWPwWviaKMpFc
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame C2FE 43 B
236 B 93ms
33ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEJQZYJ92wXuLZy3sSbXLigQ&google_cver=1&google_push=AXcoOmQxotI3Q6GdJJFl0g-F9IOYMB6MSGHmSDVcAaWMDzUNpg9_tc3SoTAlK7QI_JNMklAFClWZijFVMghMmtC2mdhrDU-t_WE
Requested by: Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame C2FE 0
237 B 135ms
52ms Image
text/plain 2600:9000:211e:7c00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESECenExHbzMnG64Wi35gQ_rQ&google_cver=1&google_push=AXcoOmSFBGGUMz9wjvNzZYtYamanaNe3D2DkddpFmYtNo3LeBb32F4zJ5Is48rMnNL5_5SyI0XcLY1hMLNdAkVzeX8sWjUOfjNY
Requested by: Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:7c00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:15 GMT
cache-control: no-cache, must-revalidate
via: 1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: nS9FmIivldYqP-JPdafT--K4DCWfBMx2_x-M8yE7w8WaLz2gygG4IA==
x-cache: Miss from cloudfront

GET
H2 200 ebda
match.360yield.com/match/ Frame C2FE 43 B
199 B 170ms
47ms Image
image/gif 18.200.74.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESEDK-H3ltHVwdoxTt62GALQI&google_cver=1&google_push=AXcoOmR5V4B40V7R1VyDq04xyKzfj2UAi2gAtWKXyMHZornXIV5GWS-TefdOTQvtFNJjPR1cX5MDwxeIUUA0j7YzJgtn7H-ldGw
Requested by: Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.200.74.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-74-130.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 11:54:15 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C2FE
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=132f68cd-3170-4050-8407-3327a3c53893&google_cver=1&google_gid=CAESEOiEXO2hqHmYJpl0mND9yOg&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
188 B

33ms
32ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=132f68cd-3170-4050-8407-3327a3c53893&google_cver=1&google_gid=CAESEOiEXO2hqHmYJpl0mND9yOg&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQCSOorzJ8T2M7DLjFNbFsYMnA_OsW9ZMqa9VD9TQV9k0yNqtQedCMO8piz2RuH3l_RPwzQj8Lc8UjUonJdwnOlg8tDOaUe&gdpr=${GDPR}

Requested by

Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=132f68cd-3170-4050-8407-3327a3c53893&google_cver=1&google_gid=CAESEOiEXO2hqHmYJpl0mND9yOg&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQCSOorzJ8T2M7DLjFNbFsYMnA_OsW9ZMqa9VD9TQV9k0yNqtQedCMO8piz2RuH3l_RPwzQj8Lc8UjUonJdwnOlg8tDOaUe&gdpr=${GDPR}
date: Thu, 16 Nov 2023 11:54:15 GMT
server: _
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C2FE 0
12 B 33ms
32ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J0ltgNQdpdyy1V4GFPKvlbKrb4hEVKy1oBMf4wUX__nwJH2nGw2F_Xud9VthxTEUkwMe__3w

Requested by

Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:15 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 94F9 43 B
216 B 190ms
185ms Image
image/gif 2600:1f13:800:7780:8a60:dbd7:7b5e:77d1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=a677207f-fd83-ef3b-5802-1055eff39989&tv=%7Bc:u8oAoW,pingTime:-3,time:101,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:102,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B94~0%5D,as:%5B94~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVLZWQd+11%7C12%7C13%7C1411%7C1412%7C14131%7C1414%7C1421%7C143%7C15%7C1611%7C1612%7C1613%7C1614%7C17%7C18*.1520146-76103085%7C181%7C191,idMap:18*,rmeas:1,rend:0,renddet:IMG.us,siq:23%7D&br=c
Requested by: Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:8a60:dbd7:7b5e:77d1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
server: nginx
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 94F9 43 B
215 B 186ms
186ms Image
image/gif 2600:1f13:800:7780:8a60:dbd7:7b5e:77d1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=a677207f-fd83-ef3b-5802-1055eff39989&tv=%7Bc:u8oAoY,pingTime:-6,time:103,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:104,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B96~0%5D,as:%5B96~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVLZWQd+11%7C12%7C13%7C1411%7C1412%7C14131%7C1414%7C1421%7C143%7C15%7C1611%7C1612%7C1613%7C1614%7C17%7C18*.1520146-76103085%7C181%7C191,idMap:18*,rmeas:1,rend:0,renddet:IMG.us,siq:23%7D&tpiLookup=ao:guaiba.com.br*&br=c
Requested by: Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:8a60:dbd7:7b5e:77d1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
server: nginx
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 94F9 43 B
215 B 326ms
326ms Image
image/gif 2600:1f13:800:7780:8a60:dbd7:7b5e:77d1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=a677207f-fd83-ef3b-5802-1055eff39989&tv=%7Bc:u8oAps,pingTime:-2,time:133,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:482,beZ:483,mfA:487,cmA:488,inA:488,inZ:492,prA:492,prZ:499,si:505,poA:507,poZ:528,cmZ:528,mfZ:528,loA:585,loZ:589,ltA:616,ltZ:616%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:133,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B125~0%5D,as:%5B125~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVLZWK5+11%7C12%7C13%7C1411%7C1412%7C14131%7C1414%7C1421%7C143%7C15%7C161.1520146-76103085%7C1611%7C1612%7C1613%7C1614%7C17%7C18*.1520146-76103085%7C181%7C191,idMap:18*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,siq:23,sinceFw:109,readyFired:false%7D&br=c
Requested by: Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:8a60:dbd7:7b5e:77d1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
server: nginx
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B775 38 KB
13 KB 33ms
23ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 540595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 05:44:20 GMT
expires: Sat, 09 Nov 2024 05:44:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1EF6 0
10 B 26ms
23ms Image
text/plain 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?-wUazg
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E115 0
20 B 62ms
61ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BUgXX4wJWZdizO-mvjuwPoLCS2AcAAAAAOAHgBAI&bg=!h4SlhMvNAAZxrfrxUa07ADQBe5WfOAjwmN1HXxw_Kqu35hkpstIOc4D9ogQPCRF_OEBUOnpgE3U3KkU-oFkJQLrJqN3tAgAAAgpSAAAAA2gBBwoAK5rk_WU_AN-Y9W4AM34-fnEgUY5EznFSmIx1SXlQ7aCXRQcUype8SCmld3qZAy0QActWghBLszZolaV2YXNxJsSMPdBjmkTEkrOsc5FJT2FxKrGNR3mN1lHm-XFxcmNZvXn5ARaWe0v7gk7ZZ6y5h_X1TzBthcTFvb5_lcQ6m-Fsq2v6jLLKnikTfQOni1sd0rHf0vZVDsmqDv8bLGVJpSqYddQsP4whddWH0Oj02xgS6bUzE5REZvtWPJk8GNx-7hvMjP549YCrkHV2AJADJFlXOhfTcsZ5Dfb8NAjSp2BZZ4DTujfGWqZTEl9rYC4HnWpxMsql59EGvSelao34FaGiWridTCfbb1psaGJLEX8mHNLvzVEan7FgxLCay2qBUC2F_2Mzx_7_x35-ConP94dxVpbyPn6cMmV2yXeC1yNMgMNy7M6IzPSylDy0roLzOcbAFGe_dyMFiJCvWmtG7QEZWRoAVR1ziMwUPPpkkvj4PSpF7ksWgZC3qKUlX7_A8e5jeuIX5aKbms_bStpJIARO7jMbQEnkKuTtNiUML0mcnn-bblbsCIbolMF-g3IFeI7QljVKzYyldhrdoJoYmr6VpgyDF13jh9A6RCNdwrrwk58PaBqjOg-vND8AXq7O1whOODj4S77BCvXP3I1jc-On8iNhsvqYz_JOoC1nWJGof7Cp2GVUYsRrdg8mt4I7D-0zG6CyD7a7KJBkS4BYgJlZGFdYQerlt0iX-9ys7Hfx_UWuKpqZ4TD3xDM2BwF2W-GQEvAxLaZ8VfLRfBV5X9U9L8_YCSAzydVjf59X2J0GsP3ApTLZa90AsC7EThqkfYi5NW9RWMHFmaizXIJdU3MFzBZt6cwSEu64OulBvJRnsJi2cSG9EK_G1oSGMbGOF9Ncv8be2PqHH7YPPOKA_zDgqZ0wzPo05KMEZBpc560LkyLa2LBwGNiYR713YB5As8BHWxkBhFf-xpy0yAiebwCQ1Lhh7CFk73G6SaKrbIFPU6BvKPWO0MP_M5g5teMLNJOUVxTinqEPft6Fw88JNorXTY1f32YQ08oPEIE2VsWK3Fj_Nhqf0pHCmAoQPINwticrb7VNLnzktHA4FVf4xRwYn7c0r2GfENDZLHfK50v8x_fanE7YhSx6zuk

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B937 38 KB
13 KB 27ms
26ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 540595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 05:44:20 GMT
expires: Sat, 09 Nov 2024 05:44:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 818C 1 KB
643 B 27ms
26ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 70338
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Nov 2023 16:21:57 GMT
etag: 48472445140208031
expires: Thu, 16 Nov 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame E136 2 KB
1 KB 164ms
36ms Script
application/javascript 2a02:26f0:3500:d::1732:83c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=1623176&plc=68648312&sid=1366186&dvregion=0&unit=300x600&aufilter1=165376&autt=1&aubndl=&audeal=&auevent=0&prr=1&ppid=111&auadv=165376&aucmp=1623176&auorder=2010169&aucrtv=60898803&auadid=1366186&c6=1447160&c8=&auplc=6994694&turl=&c1=VF-DE+Deutschland&c2=DE_23_AO_P_M_G_F_cic-215-fix----per-fng-dive-DSL_all_funnel_Tracking_PER&c3=RT_PD_F-215-dsl-all-PRE-Tracking&c4=dsl250_gesamtersparnis_231005_tf177a_600x1200&c5=Doubleclick+DBM&c7=Doubleclick+DBM+(Media)&c9=&c10=DV360_AO_AL_1st_BNR_CM_dsl-100-tracking
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 56109fa3da6aa8f73ea350d38977235631ed519eb883aa78b13f530b2744d67d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 11:54:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Nov 2023 09:32:24 GMT
Server: UploadServer
ETag: "ecfd819e1e247598f4ed0f18c70f6f53"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 932
Expires: Fri, 17 Nov 2023 11:54:15 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame B775 39 KB
15 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 19:45:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Nov 2024 19:45:57 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 79D8 43 B
215 B 179ms
178ms Image
image/gif 2600:1f13:800:7780:8a60:dbd7:7b5e:77d1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=d4c15ebc-399a-a9fe-27dc-b44df2fb5371&tv=%7Bc:u8oAtP,pingTime:-10,time:784,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE1OSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1700135655752%7C%7Cbb47fe36489c54d6b60cf59366b109c2%7C%7C1b7de7e82db1163ab7a1342e5def95a8%7C%7C41296db00942d0c134be6af916739ed9%7C%7Cd7939b31f38fa029ae092486d80dcc17%7C%7C763c4a65698c3dd13082d134b1f8d791%7C%7Cb3f4232de5f74853b56f8215c6230dab%7C%7C06b9c033af1aeebfca5094c07192c986%7C%7C1663701684%7D
Requested by: Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:8a60:dbd7:7b5e:77d1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
server: nginx
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 818C
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESENrM-Vm0AfYm8qg_PediZqs&google_cver=1&google_push=AXcoOmTcYeve_e3jjXyHK2R6U3Czab8Rfk7A5yLC-GucguF-Zs1xLc7-ruyHpg_TTcn0nsnXV8ErBUBk71t91DE0kztvgN-wI0Ndn...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENrM-Vm0AfYm8qg_PediZqs&google_cver=1&google_push=AXcoOmTcYeve_e3jjXyHK2R6U3Czab8Rfk7A5yLC-GucguF-Zs1xLc7-ruyHpg_TTcn0nsnXV8ErBUBk71t91DE0kztvgN-wI0N...

43 B
434 B

252ms
236ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENrM-Vm0AfYm8qg_PediZqs&google_cver=1&google_push=AXcoOmTcYeve_e3jjXyHK2R6U3Czab8Rfk7A5yLC-GucguF-Zs1xLc7-ruyHpg_TTcn0nsnXV8ErBUBk71t91DE0kztvgN-wI0NdnA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTcYeve_e3jjXyHK2R6U3Czab8Rfk7A5yLC-GucguF-Zs1xLc7-ruyHpg_TTcn0nsnXV8ErBUBk71t91DE0kztvgN-wI0NdnA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:16 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 826f89ca6ab35d40-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:16 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 26
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENrM-Vm0AfYm8qg_PediZqs&google_cver=1&google_push=AXcoOmTcYeve_e3jjXyHK2R6U3Czab8Rfk7A5yLC-GucguF-Zs1xLc7-ruyHpg_TTcn0nsnXV8ErBUBk71t91DE0kztvgN-wI0NdnA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTcYeve_e3jjXyHK2R6U3Czab8Rfk7A5yLC-GucguF-Zs1xLc7-ruyHpg_TTcn0nsnXV8ErBUBk71t91DE0kztvgN-wI0NdnA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 826f89c919c25d40-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 818C
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEA4T-AepVR-7Dd9aItcMewA&google_cver=1&google_push=AXcoOmTC7BhIAwvdloJY-HdkVkxtJ3LkBZX6PA71sX8OZ9XcYFdc-5kvI7C_1mWT4Tdi7SdjmpC8ucQmXDe5hu...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjAyNzAzNzAxNTI3NTY1OQ%3D%3D&google_push=AXcoOmTC7BhIAwvdloJY-HdkVkxtJ3LkBZX6PA71sX8OZ9XcYFdc-5kvI7C_1mWT4Tdi7SdjmpC8ucQmXDe5husOOX...

170 B
188 B

33ms
33ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjAyNzAzNzAxNTI3NTY1OQ%3D%3D&google_push=AXcoOmTC7BhIAwvdloJY-HdkVkxtJ3LkBZX6PA71sX8OZ9XcYFdc-5kvI7C_1mWT4Tdi7SdjmpC8ucQmXDe5husOOXkLnynZLIF5

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjAyNzAzNzAxNTI3NTY1OQ%3D%3D&google_push=AXcoOmTC7BhIAwvdloJY-HdkVkxtJ3LkBZX6PA71sX8OZ9XcYFdc-5kvI7C_1mWT4Tdi7SdjmpC8ucQmXDe5husOOXkLnynZLIF5
Date: Thu, 16 Nov 2023 11:54:15 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 818C
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRy5p...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-4Sjblz_fq77oGC0P4VOuJy62mNtUCBwoQAiAjg&google_push=AXcoOmRy5pmot856AIMhiO-PPStzB4LeX7EHGalyuzLHhDsj4cjo3c5D03KqJbst6nH2xfUl_4C35n-OPmuj...

170 B
188 B

37ms
37ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-4Sjblz_fq77oGC0P4VOuJy62mNtUCBwoQAiAjg&google_push=AXcoOmRy5pmot856AIMhiO-PPStzB4LeX7EHGalyuzLHhDsj4cjo3c5D03KqJbst6nH2xfUl_4C35n-OPmujTTaDHFT2IByVX8lwEQ

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-4Sjblz_fq77oGC0P4VOuJy62mNtUCBwoQAiAjg&google_push=AXcoOmRy5pmot856AIMhiO-PPStzB4LeX7EHGalyuzLHhDsj4cjo3c5D03KqJbst6nH2xfUl_4C35n-OPmujTTaDHFT2IByVX8lwEQ
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 742047
content-length: 0
expires: Thu, 16 Nov 2023 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 818C 0
12 B 32ms
31ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ID3L4dmwlBeGYBl1ECioIx0dOUSzBFMRozM7DZu_MQaQ

Requested by

Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:15 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame B937 39 KB
15 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 19:45:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Nov 2024 19:45:57 GMT

GET
DATA 200
OK truncated
/ Frame 94F9 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07af50ab249b567af9c11b5b7e56916adbd54e1469e52478efb688e5085f5b08

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 94F9 43 B
215 B 180ms
179ms Image
image/gif 2600:1f13:800:7780:8a60:dbd7:7b5e:77d1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=a677207f-fd83-ef3b-5802-1055eff39989&tv=%7Bc:u8oAvn,pingTime:-10,time:500,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE1OSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1700135655848%7C%7Ce2d8abb88382185fe958d49e8cb3f79e%7C%7C1b7de7e82db1163ab7a1342e5def95a8%7C%7C571a2ba5ef4737155f8412360d1f9b95%7C%7Cfe0d616352304fd4302d38d6b7234f7c%7C%7Ccc3023a9cbbb89bae58bff7d3c137fda%7C%7C5f22030f7495d39732a1d36545f19361%7C%7Ca3e06123ce81d2a69f48478207917aff%7C%7C1663701684%7D
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:8a60:dbd7:7b5e:77d1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9EB5 42 B
64 B 67ms
66ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuFEG1qgBXQY5iuIHYBiyx3juSehfLZTHHgzmPBNJjfeIDgtry4zrBM4Vzv9tO7YBbjrEMU95Jx-pn5PqdIo081uOkOQ-5WVCpAt0sIVTW73nKxgN7fQUDwR8_ySXCnCZGlOzLEK1SoyzhI&sai=AMfl-YTJvna_4scEv3u0boyDVGhI3T4ev4YU521No7Oals1OM9qhX8zsHPPlnAaKiJJouaF-Vd_RWVLtnsOZz0F-S3sn8Bdly2M_t_Ylf00YCrDjCENC1d9pEoBIDHqH&sig=Cg0ArKJSzGsAMEIewRXAEAE&cid=CAQSPADICaaNEoBFNST70xWvQxCF94GN0TRvOJJ_lLyRvHh9JYw5DxvAlbPVIUiLPoGHpVSx6q5ls1vB1sA4bBgB&id=lidar2&mcvt=1011&p=1057,315,1307,1285&mtos=405,815,1011,1011,1011&tos=405,410,196,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4251258239&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700135654367&rpt=479&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E402 0
20 B 63ms
63ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BCnu85gJWZbXIMpeejuwPipehiAYAAAAAOAHgBAI&bg=!ubqluvXNAAZxrfrxUa07ADQBe5WfOBvzfdyBstI4zzjOXvnVh72yBIuhC4DNqqBHO9U41wQIYEL0EQG0yt42cV0qqBWDAgAAAWlSAAAAA2gBB5kDY5tX4AQXF-NtH4emRujPOApfN-WpBOP_opKpTPxnO9cBkAkWkMjJ8G_xCl34Zw5l1DhBAdz6cm1Y6p08vRkzGopE0GZjInNCFJGuhDM5btSRPzuJrrZ26x40rk1vRrxXBmLP_MOvRzIo404KUaJ0SNNYpMqqtsIr8FQ6XGgYuFbZViTOFAZZS_uxkqBba9HD2-sKR2eBjWdwL8qV8mOcnH9Arn8njmisDYvw14MnxcRpt9TAR5wRTT1Mrwz4CQnhDHxw2MJKES7GqoajpO8sKY-qhUFKsaimLF4Cx3OsvNAD-MpHLnTVeVecaxXtC1Fh5hOnNtwYLZvQWjn9H1XjCHXNbZhWsuR8xyeS_tSFDWvIItZdmbn6k_IXJBK6elEe40SM9364r7XEpC5DIrZ_UA-O6zeqG98wGEPUfbS33ttG_QK0zo4Wa67iJWxB7tEfr_czdy59OXgWzcOcpPlPEmb8w11ZtlGMtReG8TQc92ueygRWOvF_Jo8VlrmUalOTZx6Er6Pzxqttf0hvfDun57brVd-F68b82KfCLX-SCSRuZZpNpqxoFAocMG68r1E6NLgpwNBDoCTnaXHAzSZCqsyGI6Z9MykK1aOoeboseZQJt4E_B3_IBlVsmMBVZ2vlq_4IzQIEqNeY9LNWjRaNzBqI7rq0FlmZq4adPuMmwY8lQwPdYiZoPYgX8lm6RlRQfGEpA3BczRjAh8liH-IWXNNtp4_F6YwKtQHhTNDU4cDLfMfv3ov56PJjsYMCKY8whTHpWgPVWr7bRmjVv6n3RqD7uvM5zgNsQGmPzFmvx-OokVPAlaIpn-MAJq3157N1ClGy2zgQceYryg_ihH8yUbaJlL_t4nzvttZlwFzxcVs0lM6UuqTMsHc6a-nNEMW3ZlM892JCuIYTC5BAq8YiEWXZYGSjb78PHsLGKtVov6onNeKe1lsNvCEIbugQP0YjrFr10QsBBn1iW3er7wQWavEE4BObhFwaQq6qgZxosUQfuwMgL6KEnwXtOvGm5dzTvfSjk3nDn6JOIKGmQUEhVp_sX5eC91ckLhXR7h4u6USaVRrCNNsJrc_e5oW0u2ufG31LI3DbDoLIecOfUiHsUMbyr9Vgf_YQo_U6UkhK3LWdWxRvaQwFcfxx_vFcahE5Nd565w

Requested by

Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src_internal123.js Show response
cdn.doubleverify.com/ Frame E136 60 KB
20 KB 38ms
37ms Script
application/javascript 2a02:26f0:3500:d::1732:83c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal123.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=1623176&plc=68648312&sid=1366186&dvregion=0&unit=300x600&aufilter1=165376&autt=1&aubndl=&audeal=&auevent=0&prr=1&ppid=111&auadv=165376&aucmp=1623176&auorder=2010169&aucrtv=60898803&auadid=1366186&c6=1447160&c8=&auplc=6994694&turl=&c1=VF-DE+Deutschland&c2=DE_23_AO_P_M_G_F_cic-215-fix----per-fng-dive-DSL_all_funnel_Tracking_PER&c3=RT_PD_F-215-dsl-all-PRE-Tracking&c4=dsl250_gesamtersparnis_231005_tf177a_600x1200&c5=Doubleclick+DBM&c7=Doubleclick+DBM+(Media)&c9=&c10=DV360_AO_AL_1st_BNR_CM_dsl-100-tracking
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: ab4c91d229d32a46cacdfa0e0f01096060a891f4973f7699120d7ed39b90bcbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 11:54:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Nov 2023 09:32:26 GMT
Server: UploadServer
ETag: "c78e1b8588fb1329342920c4bf68cac1"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19651
Expires: Fri, 15 Nov 2024 11:54:15 GMT

GET
H/1.1 502
Bad Gateway verify.js
rtb0.doubleverify.com/ Frame E136 0
0 3326ms
3094ms Script
text/html 130.211.44.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_703657091905&jsTagObjCallback=__tagObject_callback_703657091905&num=6&ctx=11655933&cmp=1623176&plc=68648312&sid=1366186&advid=&adsrv=&unit=300x600&isdvvid=&uid=703657091905&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.20&dvpx_strhd=0.20&brid=3&brver=119&bridua=3&dup=null&ppid=111&auevent=0&auadv=165376&aucmp=1623176&aucrtv=60898803&auorder=2010169&auplc=6994694&auadid=1366186&aufilter1=165376&autt=1&c1=VF-DE+Deutschland&c2=DE_23_AO_P_M_G_F_cic-215-fix----per-fng-dive-DSL_all_funnel_Tracking_PER&c3=RT_PD_F-215-dsl-all-PRE-Tracking&c4=dsl250_gesamtersparnis_231005_tf177a_600x1200&c5=Doubleclick+DBM&c6=1447160&c7=Doubleclick+DBM+(Media)&c10=DV360_AO_AL_1st_BNR_CM_dsl-100-tracking&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&prr=1&m1=13&noc=4&fcifrms=9&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=170&eparams=DC4FC%3Dl9EEADTbpTauTau8F2%3A32%5D4%40%3E%5D3CTauU2%3F4r92%3A%3Fl9EEADTbpTauTau8F2%3A32%5D4%40%3E%5D3CTar9EEADTbpTauTaubh%60ggaeg3ad4fdhh47%60f3hefb_f5_77b%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=6.30&aubndl=&audeal=&c8=&turl=&c9=&callbackName=__verify_callback_703657091905
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal123.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B775 0
20 B 60ms
59ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BASy25wJWZeqYDMaPgAfc87_oDAAAAAA4AeAEAg&bg=!dHeldzjNAAZxrfrxUa07ADQBe5WfOJd00wuB-lJcWWjfdKA1L5cMjBY6vn2ollgxG9xjSK0MR37ybfy4656gOjUWkaTsAgAAAMxSAAAAA2gBB5kDD2WLFpryrtE3I9gx7Uj4N8y36unoV1aNCnrZ0rqxrxAPYICJaycKbl7qGzNqtjFS-a5VEKIYgWGV8z02zB0hxRRE60WXjw1sg8Er9l-65MZAUfd11xy2AXtIN-dF8UaiAAaduYYFXFmrwqf0iFDHOktDOjFJCbT7tvu7-68hgj9r75G1gK7al_gAwUAtvCDgex2s8xxsTbk-G-FmAfeq6odrgKfDb5pzjAHZPUxg8gD2LLHOqLIWOHIvvCGYc35EzOJvJ1bPFQ2hB8GKJjsE4gmHGer_z8a-94tRVU7uCz7wlpJUdpNNv0_LgThhhYVzYZSDBJErLoBijuNkl7J9m5lxRo7EFBTuEbdYC9Dqkj39tB7xEPkSfSkVYtTIdua_7zHcfbCyLATlGunkBRF2CnJvNiYb6qDIkZ21ICaG_hg0BU07QMsrjpmAQNYpJisqrwb2zQyMpRWqdh48TLQEooplAuzfJMGpvj28o6IVHrBYeDecM5Mz3yJLxwRBiFYaz-tPyjTdQ60tPnF9zMY7vg2dLe-YBNtdtXk9tN3MttpaBJ7ALKJYihJHpizmKrB1Pw3R_y0ZosR02pp_V_nhUNwzjVBErA7MLVfT45gREmlESGDt-O9wQxsVyMkMFvDBZjtNhDwNJcippfg1F7OYR9-k-XF2xHzYe4eSe2BBrw7ZFsG5QdEuC9iq2s92wWftD15_NFCqK7yay4ebnFt_Yny8RkfITlaCBKvVMvdcpMHXUnSW2GFkUsUt_JwD2ZFZmLEsT1_3QhoW55e8V36pGeIHEaBuU_4_VVk59bu_918InGcK_u0F4nYYH2W_n8IMon4W8qcsGfPqrKLSFOHd9ofl2804eZS3jnHHxW7TRfdbgLrYnXoT41cdtPFTo40AVlRkcLtVNAPg7tACV6BUmUf5HjsNwh0zwMm9FLhn_qMacsusc8YcKs3MAA7SQlq-b8MDlo4bn0SzMSV6xz-ahtc2Fow8txcbg-lpKQ8_7A16lU7vt01I_bU0dgOCam9lb10u23-5M3O_XFg-pEFl8A

Requested by

Host: guaiba.com.br
URL: https://guaiba.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 94F9 43 B
215 B 181ms
177ms Image
image/gif 2600:1f13:800:7780:8a60:dbd7:7b5e:77d1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=a677207f-fd83-ef3b-5802-1055eff39989&tv=%7Bc:u8oAyn,time:686,type:e,im:%7Bpci:%7Btdr:552%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:100,o:586,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B578~0%5D,as:%5B578~0.0%5D%7D%7D,%7Bsl:i,t:586,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B100~100%5D,as:%5B100~970.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:356,fm:tVLZWK5+11%7C12%7C13%7C1411%7C1412%7C14131%7C1414%7C1421%7C143%7C15%7C161.1520146-76103085%7C1611%7C1612%7C1613%7C1614%7C17%7C18*.1520146-76103085%7C181%7C191,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:23,sis:228%7D&br=c
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:8a60:dbd7:7b5e:77d1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:16 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B937 0
20 B 62ms
61ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BvlRn5wJWZenuDqWMlQebuJloAAAAADgB4AQC&bg=!xsWlxYrNAAZxrfrxUa07ADQBe5WfON5wo-mFP9O9WoPjL3-e4ERxBNfmeksubkQ0fRl1Kq2aReHAHi15z051Cw-LclXqAgAAAKNSAAAABGgBB5kC-bHS8H7vbevOjJQT9Wi-ptDKe1ZXMh2_B-ecyY6ZpTr7usuaqb7ygGTELZLi48ChgEH40cJB4TM1QR6vM6Bam8cMBQpiVGOvFR0J_tRidlvJ5Nqt6X7NKmC82OuG-5CvRW17UY_eF2cYx4Zu-OSKOSV7jyHjaXhmf5ypnE7YHFUfzcfT789zj8xMUwaCrDm3JJuiavJi8Ll_TNAIM6hI3e9XAAgH4fwhk7sLmP7asna3zSo8vFE7Hf5uA6xZr669EXiijl-4Dc9Pd6ikbaXJdKsifwRiCz1VHehMQ2OgvzIK9LfzSuQxWXxIWeQrFR5u7zygJx0Q282J7b-qFG2GsVXYEmEDDCiYBtmVMsyA7V3M4_15XDUzHgOfFdsjGgPBNMwx6lFnB-SBUdfQTilIzxRfRr4pomMMLjZjXyvjiLNTjacFuBdu1GC4cSZbbleGmKkajQIMxCDw46_faze3eQM8yf68dQGbrltvsFq1mpvUwSW7e7ouv55eQKpCjzoWgG8Lx9XdYsknrf8xtHXNl9KmaOLj8UzPGJozqg9uvBC37BNQIuIbzDWT2A6Co2TzDqY4vkwgr8mKzrRkNAn6ZZKDlD0WVJtbSLZyhP8os-G6Ei9pZN2WwBgpLc7FWoakQiwGclE5Cyt2cfNEux_XrtXCFS5Li7xLcwP5UOKF-ybuhFCBzoPPBEdUqq4EPTz6_ZOFp9sl6Q1PmKPmPaab25pIfmT7ToIPjsapc-OInanFUUzF_3HncZnmSLh2xPJb5v0yzdnr_JyOXn-GSRZ3tyH1zB23pZnf8CESpiWFNNA5d40pj2t33KvUJtO7U8ooRPSKXse4SXWfkxilP4Pg8Zdr-XrVyswJ9SFtAqkC5uHjBsg_IlZVCc4ZEKKdohTCn_cxx6zxz3pmndhquxK_ZR55LCa5OXwMQnKkF_LAbzxlYk7JtIsIwYBwapoJQU126-OpoMfFAAWEfzpuJEV3WHOeSPQO1i-uIXnxO1_xAoWUZgaNcB-_Wnvv

Requested by

Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DA42 0
0 66ms
65ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=1947515717116153&bg=!FRalFlnNAAZxrfrxUa07ADQBe5WfOBZNup-J6caH_fBxvloaxkEWhLWnYAYnA7k_4qPBQ0I1yLRcNHpJYIXGYQOJ1jrmAgAAAaFSAAAAA2gBB5kC2cHVQvhFDdoKrpG8-WVreNYwwTKBE_odCFfNH9DuyR9_JvwLms4QgG55ihpAh3dTjhkZmBJtvw7DyXQG1FUrRy_a7QiX2u65kUX_deMrTYszL8pfhQEAwGSVJsglnkNQDCWrm2yLLYzkalh7pcIpQviqdq9hy07nc97vRmoniLbEMjWd-kV-XDZfvEVDfOTQHIM4MjcgSCsJpRQDKpBjDyP0A9gFXgv_E6neznHZ-SQ5CJSdXEf0ZwpXP1wy889o2iP7JAlqJwk9b2Jn5VaPo7QSt6PIei9trDdbzd3BN-lqE1bVYgn_CkNSomu3u0ZuIuXzqGIU2zry74EWN1_YVsxVq8ezLuvWHwxqN2nqfBlVB_WdLp0imyDHzkV4_iKJaSLfnjoPHwNxd3LvbW_M4aVRBdWzuJzXz1EJdUSJeGhsfV75eC5CXy0yCyhv_3IzhfRcLSJjdpiId-0Cy3fHuN1rsQOy9cdEeBeYJX11V5cD00U1m6Yri6aqZDE3XQGsY1DA5uY5j_1iDFPJAsEkUNZAihJ7Gh3AjBL5xoVjB11-TT9JxtTLFd0wy-s4ORC8a61xwFD4vLOBEr_8phNVKk07hLzVjIvg1lZnAvQ1czaRo-p-qQph84MQi4kAvazKYotIblq33WSQIIv0jwtlf62LvYFOP9MYc5wWXjrW0y0wT97VxX6eOlLyc-FEotU1B_CF3tuZlqI-c0_cYVzaMZlhxEQgxNX6zSkFJJ44pPvDJ3uR8ognVGDucrfjk2vpps4xrYqYhwyNkEWs_URahaNTJyO02oZ3vWEHaD0PgoWdSQgEQj2mM0dzCzc6DfYN3QSBAFBJ2Be0Gv1LZwFdQgPM34LyXoINXXE6Lq11YXLLnjesWocZaKYQ1XSe4ZylvrdJdfA2a_Vd2Rc495Ciio9I07Tyb1qfTgJ6v4C_pJ5Mu1oVPlV_hUcXGlFcTgr2ypiEUDrl30gv3A
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 02A0 16 KB
6 KB 106ms
27ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158361
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.74.0-RC1/online/public/bundle.868357515b9a49882e97.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://guaiba.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=163559
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Thu, 16 Nov 2023 11:54:16 GMT
expires: Sat, 18 Nov 2023 09:20:15 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 pbsync.html Show response
js.adscale.de/ Frame D0A1 3 KB
2 KB 146ms
33ms Document
text/html 2600:9000:2260:9c00:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/pbsync.html
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.74.0-RC1/online/public/bundle.868357515b9a49882e97.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2260:9c00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f2e9bc088c597c87498eaf303ba5be8ce8b84e0a187576c89c7cb33579e35963

Request headers

Referer: https://guaiba.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2537
cache-control: max-age=7200, stale-while-revalidate=86400
content-encoding: br
content-type: text/html
date: Thu, 16 Nov 2023 11:12:00 GMT
etag: W/"093414ce71e32cba0aa5d32e70ce697c"
last-modified: Thu, 16 Nov 2023 05:11:58 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 74dad4a395a0daef1fa4934a67f7955a.cloudfront.net (CloudFront)
x-amz-cf-id: VThHfKABzjkSFT26AJBNTJbDqx7QJtJQ6nDjyENFDh20YB2C7dJfPw==
x-amz-cf-pop: TXL50-P3
x-amz-server-side-encryption: AES256
x-amz-version-id: vhCbECl3zDGNoYNKEl4S0LVxd6HHBtV0
x-cache: Hit from cloudfront

GET
H2 204 /
onetag-sys.com/usync/ Frame B2EB 0
0 25ms
25ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1700135656507

Requested by

Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.74.0-RC1/online/public/bundle.868357515b9a49882e97.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://guaiba.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 02A0 0
42 B 170ms
48ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=56884474&p=158361&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:16 GMT
content-length: 0

GET
H2 200 userconnect.js Show response
js.adscale.de/ Frame D0A1 11 KB
4 KB 41ms
40ms Script
application/javascript 2600:9000:2260:9c00:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/userconnect.js
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2260:9c00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b14b694672a147aa8f4831209101b3b16ecd4be00388cff5df414ebe7a3ea4f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.adscale.de/pbsync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: L0Sf4NIXTHLJo.ZuqBjRUlY1IRfarpbw
content-encoding: gzip
via: 1.1 74dad4a395a0daef1fa4934a67f7955a.cloudfront.net (CloudFront)
date: Thu, 16 Nov 2023 11:12:01 GMT
last-modified: Thu, 16 Nov 2023 05:11:58 GMT
server: AmazonS3
x-amz-cf-pop: TXL50-P3
age: 2536
x-amz-server-side-encryption: AES256
etag: W/"78b4b0cafb95265ca700a4b4609d0664"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=7200, stale-while-revalidate=86400
x-amz-cf-id: 90wB8BWiZl3UqiXY1Xw5pDufIi9xnHdPHIf0ItfDAdDfJvFxqBD0jw==

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 94F9 0
20 B 69ms
69ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1589769169344&version=m202309260101&ct=76&x=1&cor=15410258287401714000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 94F9 42 B
64 B 63ms
63ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvtmO0W72LEXOYHXxASF-fP6BrBPsEiHkclWXnsUCPhgMv2aNCDJjWccI72LebqPYI9lH-2Qw3SsKXyGm8B2pRGvAOvaE-jvY9ZuGDYWc-EAM1YmbRPpleSDtRv8jYotrOK2h-5sNQTneX7&sai=AMfl-YQXIMp5zM1e4UiRIbGUWnp8bAvLR4SGxuy6LzlAXdQ_0dSdKW-KHoezvMGfc0jfNgXbiy3M6XNl3E4xhmzU-48M2xXnuwbdo-ONWqw2d0eiboip8dpmPD-yfOM&sig=Cg0ArKJSzAWkNlZ8iJbiEAE&cid=CAQSOwDICaaNmmXyiacIOSDH3MCvOitjAzNqumXX0sCEnwOyr8sTsD8oL7Jn0kbQw42ybnJP87drHJh0G_ISGAE&id=lidar2&mcvt=1051&p=0,0,90,970&mtos=1051,1051,1051,1051,1051&tos=1051,0,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1851938793&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700135654867&rpt=776&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 94F9 43 B
215 B 189ms
189ms Image
image/gif 2600:1f13:800:7780:8a60:dbd7:7b5e:77d1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=a677207f-fd83-ef3b-5802-1055eff39989&tv=%7Bc:u8oAMX,pingTime:1,time:1590,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:22%7D,%7Bpiv:100,vs:i,r:,w:970,h:90,t:586%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1004,o:586,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B578~0%5D,as:%5B578~0.0%5D%7D%7D,%7Bsl:i,t:586,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1005~100%5D,as:%5B1005~970.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:184,fm:tVLZWK5+11%7C12%7C13%7C1411%7C1412%7C14131%7C1414%7C1421%7C143%7C15%7C161.1520146-76103085%7C1611%7C1612%7C1613%7C1614%7C17%7C18*.1520146-76103085%7C181%7C191,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:23,sis:228%7D&br=c
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:8a60:dbd7:7b5e:77d1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:17 GMT
server: nginx
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 94F9 43 B
215 B 189ms
188ms Image
image/gif 2600:1f13:800:7780:8a60:dbd7:7b5e:77d1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=a677207f-fd83-ef3b-5802-1055eff39989&tv=%7Bc:u8oAMZ,pingTime:1,time:1592,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:22%7D,%7Bpiv:100,vs:i,r:,w:970,h:90,t:586%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1006,o:586,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B578~0%5D,as:%5B578~0.0%5D%7D%7D,%7Bsl:i,t:586,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1006~100%5D,as:%5B1006~970.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:184,fm:tVLZWK5+11%7C12%7C13%7C1411%7C1412%7C14131%7C1414%7C1421%7C143%7C15%7C161.1520146-76103085%7C1611%7C1612%7C1613%7C1614%7C17%7C18*.1520146-76103085%7C181%7C191,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:23,sis:228%7D&br=c
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:8a60:dbd7:7b5e:77d1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:17 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 79D8 0
20 B 59ms
58ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5731457360418&version=m202311060101&ct=76&x=1&cor=4249434843180022300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 events.php Show response
log.r2b2.io/ 9 B
499 B 78ms
77ms XHR
text/javascript 185.59.208.177
VSHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://log.r2b2.io/events.php?u=https%3A%2F%2Fguaiba.com.br%2F
Requested by: Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.74.0-RC1/online/public/bundle.868357515b9a49882e97.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 185.59.208.177 , Czech Republic, ASN43541 (VSHOSTING, CZ),
Reverse DNS: webgarden-track-lb-ha.vshosting.cz
Software: nginx /
Resource Hash: d5f6b449ee99e22ad03bdb553a6463a198de351a8b27905e7ffee35f5d913b65

Request headers

Referer: https://guaiba.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:14 GMT
content-encoding: gzip
last-modified: Thu, 16 Nov 2023 11:54:17 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://guaiba.com.br
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate, private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
expires: Tue, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 6096 281 B
555 B 96ms
27ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://guaiba.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Nov 2023 11:54:17 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 / Show response
spl.zeotap.com/ Frame A9B0 9 KB
2 KB 141ms
66ms Document
text/html 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Requested by

Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c44a38e4986782a95f3c11d6a177c62eb7a9fa8b39572e9e52cb18c0efdf30e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://guaiba.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://guaiba.com.br
cf-cache-status: DYNAMIC
cf-ray: 826f89d2bf8839d9-FRA
content-encoding: br
content-type: text/html
date: Thu, 16 Nov 2023 11:54:17 GMT
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
via: 1.1 google
x-content-type-options: nosniff

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame A3A7 16 KB
6 KB 35ms
29ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160638
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://guaiba.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=163558
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Thu, 16 Nov 2023 11:54:17 GMT
expires: Sat, 18 Nov 2023 09:20:15 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame 94E7 0
0 29ms
24ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1700135651807

Requested by

Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://guaiba.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2

200

sync
x.bidswitch.net/
Redirect Chain

https://x.bidswitch.net/sync?ssp=vidoomy&gdpr=0&gdpr_consent=&us_privacy=
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&gdpr=0&gdpr_consent=&us_privacy=
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=vidoomy&bsw_param=999c6b80-00e3-4316-bbd8-680a78506d3c&google_hm=OTk5YzZiODAtMDBlMy00MzE2LWJiZDgtNjgwYTc4NTA2ZDNj
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEIobHlOd8DLS7AJKEqE87g0&google_cver=1&ssp=vidoomy&bsw_param=999c6b80-00e3-4316-bbd8-680a78506d3c

43 B
145 B

32ms
32ms

Image
image/gif

3.65.104.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEIobHlOd8DLS7AJKEqE87g0&google_cver=1&ssp=vidoomy&bsw_param=999c6b80-00e3-4316-bbd8-680a78506d3c
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H2
Server: 3.65.104.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-104-224.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEIobHlOd8DLS7AJKEqE87g0&google_cver=1&ssp=vidoomy&bsw_param=999c6b80-00e3-4316-bbd8-680a78506d3c
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
a-prebid.vidoomy.com/
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D$%7BUID%7D
https://a-prebid.vidoomy.com/setuid?bidder=openx&uid=372c1bad-f234-4dc9-9ceb-607abf1950e8

0
571 B

243ms
60ms

Image
text/html

212.36.83.246
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a-prebid.vidoomy.com/setuid?bidder=openx&uid=372c1bad-f234-4dc9-9ceb-607abf1950e8
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: HTTP/1.1
Server: 212.36.83.246 Sant Vicenç dels Horts, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb2.vdmy.dtic.es
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Nov 2023 11:54:17 GMT
Server: nginx
Vary: Accept-Encoding, Origin
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:17 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://a-prebid.vidoomy.com/setuid?bidder=openx&uid=372c1bad-f234-4dc9-9ceb-607abf1950e8
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ 0
239 B 29ms
23ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ 0
187 B 146ms
37ms Image
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Thu, 16 Nov 2023 11:54:17 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

setuid
a-prebid.vidoomy.com/
Redirect Chain

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadf%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://a-prebid.vidoomy.com/setuid?bidder=adf&gdpr=0&gdpr_consent=&uid=6863975191045366966

86 B
634 B

224ms
56ms

Image
image/png

212.36.83.246
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a-prebid.vidoomy.com/setuid?bidder=adf&gdpr=0&gdpr_consent=&uid=6863975191045366966
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: HTTP/1.1
Server: 212.36.83.246 Sant Vicenç dels Horts, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb2.vdmy.dtic.es
Software: nginx /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://guaiba.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Nov 2023 11:54:17 GMT
Server: nginx
Vary: Accept-Encoding, Origin
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 86
Expires: 0

Redirect headers

location: https://a-prebid.vidoomy.com/setuid?bidder=adf&gdpr=0&gdpr_consent=&uid=6863975191045366966
date: Thu, 16 Nov 2023 11:54:17 GMT
server: nginx
content-length: 0
content-type: text/plain

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 6096 46 KB
13 KB 41ms
41ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 8d21e83361177be307d7954587f4b3cc9627ba5f7028dc4bf930d81daa356174

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 11:54:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 15:20:13 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12364
Connection: keep-alive
Content-Length: 13230
Expires: Thu, 16 Nov 2023 15:20:21 GMT

GET
H2 400 getuid
ib.adnxs.com/ Frame A9B0 0
0 41ms
34ms Image
text/html 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame A9B0 170 B
188 B 39ms
37ms Image
image/png 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame A9B0
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=083b435e-cc1b-4186-afde-0300c5fc3674&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5...

95 B
154 B

42ms
41ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=083b435e-cc1b-4186-afde-0300c5fc3674&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:17 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 826f89d4292439d9-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

date: Thu, 16 Nov 2023 11:54:17 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://mwzeom.zeotap.com/mw?cid=083b435e-cc1b-4186-afde-0300c5fc3674&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 403 /
dmp.adform.net/serving/cookie/match/ Frame A9B0 0
453 B 63ms
41ms Image
text/plain 37.157.5.84
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame A9B0 70 B
149 B 165ms
49ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db0887763-40a7-4a68-7c74-22d0f4ebb57a%26reqId%3Dc39d6dc4-02de-4fb5-61f9-50c7f6075819%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:17 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 cm
trc.taboola.com/sg/zeotap/1/ Frame A9B0 0
203 B 104ms
30ms Image
text/plain 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 16 Nov 2023 11:54:17 GMT
via: 1.1 varnish
x-served-by: cache-fra-eddf8230068-FRA
server: nginx
x-timer: S1700135658.545135,VS0,VE9
x-fastly-to-nlb-rtt: 7501
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-service-version: v1
x-cache-hits: 0

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame A9B0 0
460 B 542ms
114ms Image
text/html 2600:1f18:6593:f606:ee73:d59a:4018:6dc2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:6593:f606:ee73:d59a:4018:6dc2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Nov 2023 11:54:17 GMT
X-Fw-Request-Id: umeb608_1700135657290687358
Content-Type: text/html
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Keep-Alive: timeout=300
Content-Length: 0
Expires: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame A9B0 0
163 B 53ms
48ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db0887763-40a7-4a68-7c74-22d0f4ebb57a%26reqId%3Dc39d6dc4-02de-4fb5-61f9-50c7f6075819%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 16 Nov 2023 11:54:16 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET genericusersync.ashx
sync.tidaltv.com/ Frame A9B0 0
0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame A9B0
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=b0887763-40a7-4a68-7c74-22d0f4ebb57a&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=b0887763-40a7-4a68-7c74-22d0f4ebb57a&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=72692904725138836182054538822932795560&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-...

95 B
155 B

37ms
37ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=72692904725138836182054538822932795560&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:17 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 826f89d4999f39d9-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

dcs: dcs-prod-irl1-2-v054-06a768924.edge-irl1.demdex.com 3 ms
pragma: no-cache
date: Thu, 16 Nov 2023 11:54:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: OsP3/v5TRio=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://mwzeom.zeotap.com/mw?cid=72692904725138836182054538822932795560&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 /
loadeu.exelator.com/load/ Frame A9B0 0
324 B 200ms
48ms Image
text/plain 34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:17 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET zeotap.php
bn01.er.bemail.it/ Frame A9B0 0
0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame A9B0
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=7302027037015275659&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-...

95 B
154 B

79ms
43ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=7302027037015275659&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:17 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 826f89d3a88e39d9-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=7302027037015275659&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361
Date: Thu, 16 Nov 2023 11:54:17 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame A9B0
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=b0887763-40a7-4a68-7c74-22d0f4ebb57a
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=b0887763-40a7-4a68-7c74-22d0f4ebb57a

95 B
436 B

35ms
33ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=b0887763-40a7-4a68-7c74-22d0f4ebb57a

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:17 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Thu, 16 Nov 2023 11:54:17 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=b0887763-40a7-4a68-7c74-22d0f4ebb57a
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame A9B0
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=b0887763-40a7-4a68-7c74-22d0f4ebb57a&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=b0887763-40a7-4a68-7c74-22d0f4ebb57a&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
https://mwzeom.zeotap.com/mw?webouuid=qKpEnT51zdgL2VmeqCMWce&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4f...

95 B
155 B

41ms
38ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?webouuid=qKpEnT51zdgL2VmeqCMWce&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:17 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 826f89d4898439d9-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:16 GMT
via: 1.1 google
last-modified: Thu, 16 Nov 2023 11:54:17 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://mwzeom.zeotap.com/mw?webouuid=qKpEnT51zdgL2VmeqCMWce&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 404 2.gif
dmp.theadex.com/d/949/i/ Frame A9B0 0
84 B 103ms
25ms Image
text/plain 185.15.245.80
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=b0887763-40a7-4a68-7c74-22d0f4ebb57a&axd_pid=175
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.15.245.80 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:17 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame A9B0
Redirect Chain

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=b0887763-40a7-4a68-7c74-22d0f4ebb57a?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361

95 B
154 B

67ms
45ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:17 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 826f89d3a89039d9-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:17 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361
cache-control: no-cache
x-server: 10.45.20.41
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame A9B0
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-AA6hNwlE2ooTlEI_7F2lw1XpzouyLy0Bfg--~A&zpartnerid=570&env=mWeb

95 B
154 B

43ms
37ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=y-AA6hNwlE2ooTlEI_7F2lw1XpzouyLy0Bfg--~A&zpartnerid=570&env=mWeb

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:17 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 826f89d4c9d639d9-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=y-AA6hNwlE2ooTlEI_7F2lw1XpzouyLy0Bfg--~A&zpartnerid=570&env=mWeb
date: Thu, 16 Nov 2023 11:54:17 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

mw
mwzeom.zeotap.com/ Frame A9B0
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=gqfL0Nh9Qe2ByRuLJ0f6sthl%2BvRayLG1%2BS41iYitP1U%3D

95 B
154 B

43ms
43ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=gqfL0Nh9Qe2ByRuLJ0f6sthl%2BvRayLG1%2BS41iYitP1U%3D

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:17 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 826f89d54a5f39d9-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:17 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=gqfL0Nh9Qe2ByRuLJ0f6sthl%2BvRayLG1%2BS41iYitP1U%3D
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame A9B0 42 B
213 B 90ms
32ms Image
image/gif 34.160.236.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=b0887763-40a7-4a68-7c74-22d0f4ebb57a&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:17 GMT
via: 1.1 google
last-modified: Thu, 19 Oct 2023 06:07:48 GMT
server: nginx
etag: "6530c7b4-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame A9B0 0
338 B 182ms
48ms Image
text/plain 52.16.155.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.155.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-155-12.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-served-by: beacon-n015-dub-prod.krxd.net
date: Thu, 16 Nov 2023 11:54:17 GMT
cache-control: private, no-cache, no-store
x-request-time: D=44 t=1700135657
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame A9B0 95 B
380 B 133ms
29ms Image
image/png 162.55.233.29
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=b0887763-40a7-4a68-7c74-22d0f4ebb57a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.29.233.55.162.clients.your-server.de
Software: nginx/1.14.1 / PHP/8.2.4
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/png
date: Thu, 16 Nov 2023 11:54:01 GMT
server: nginx/1.14.1
x-powered-by: PHP/8.2.4
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame A9B0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZVYC6QAAENxE6ABU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c...

95 B
177 B

40ms
40ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZVYC6QAAENxE6ABU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:18 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 826f89d73c7039d9-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

x-served-by: cache-cph2320026-CPH
pragma: no-cache
date: Thu, 16 Nov 2023 11:54:18 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1700135658.982579,VS0,VE101
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZVYC6QAAENxE6ABU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame A9B0
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f607...

0
337 B

49ms
49ms

Image
text/plain

52.16.155.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 52.16.155.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-155-12.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-served-by: beacon-n023-dub-prod.krxd.net
date: Thu, 16 Nov 2023 11:54:18 GMT
cache-control: private, no-cache, no-store
x-request-time: D=30 t=1700135658
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361
date: Thu, 16 Nov 2023 11:54:18 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a001-ash-prod.krxd.net

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame A9B0
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=b0887763-40a7-4a68-7c74-22d0f4ebb57a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c7...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=b0887763-40a7-4a68-7c74-22d0f4ebb57a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c7...

43 B
568 B

52ms
52ms

Image
image/gif

52.95.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=b0887763-40a7-4a68-7c74-22d0f4ebb57a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361&dcc=t

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

HTTP/1.1

Server

52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Nov 2023 11:54:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: GM2377GB34DWVP4HD8QF
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 16 Nov 2023 11:54:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: QAF57ZSHZ832Y833AWW6
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=b0887763-40a7-4a68-7c74-22d0f4ebb57a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 400 87734
tags.bluekai.com/site/ Frame A9B0 0
145 B 272ms
182ms Image
text/plain 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/87734?id=b0887763-40a7-4a68-7c74-22d0f4ebb57a&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:17 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame A9B0
Redirect Chain

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db08...
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361

95 B
154 B

37ms
37ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:17 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 826f89d63b7239d9-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361
date: Thu, 16 Nov 2023 11:54:17 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame A9B0
Redirect Chain

https://pixel.rubiconproject.com/token?pid=41544&puid=b0887763-40a7-4a68-7c74-22d0f4ebb57a&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4eb...
https://mwzeom.zeotap.com/mw?cid=LP14VCOX-1N-CE68&env=mWeb&zpartnerid=1770&gdpr=1

95 B
154 B

39ms
39ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=LP14VCOX-1N-CE68&env=mWeb&zpartnerid=1770&gdpr=1

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:17 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 826f89d57aab39d9-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=LP14VCOX-1N-CE68&env=mWeb&zpartnerid=1770&gdpr=1
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 syncd
x.bidswitch.net/ Frame A9B0 43 B
145 B 27ms
25ms Image
image/gif 3.65.104.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=b0887763-40a7-4a68-7c74-22d0f4ebb57a&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db0887763-40a7-4a68-7c74-22d0f4ebb57a%26reqId%3Dc39d6dc4-02de-4fb5-61f9-50c7f6075819%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.65.104.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-104-224.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 mw
mwzeom.zeotap.com/ Frame A9B0 95 B
154 B 38ms
37ms Image
image/png 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:17 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 826f89d58ac139d9-FRA
access-control-allow-headers: *
content-length: 95

GET
H2

200

mw
mwzeom.zeotap.com/ Frame A9B0
Redirect Chain

https://cms.quantserve.com/pixel/p-2vLHuZkZPAz2_.gif?idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=b0887763-40a7-4a68-7c74-22d0f4ebb57a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_...
https://mwzeom.zeotap.com/mw?cid=kHW5rpZy6a6LIuivwCGh_Jd4uf2LJrWvkXhdFilO&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=b0887763-40a7-4a6...

95 B
165 B

76ms
40ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=kHW5rpZy6a6LIuivwCGh_Jd4uf2LJrWvkXhdFilO&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=b0887763-40a7-4a68-7c74-22d0f4ebb57a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:17 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 826f89d3a89339d9-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:17 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://mwzeom.zeotap.com/mw?cid=kHW5rpZy6a6LIuivwCGh_Jd4uf2LJrWvkXhdFilO&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=b0887763-40a7-4a68-7c74-22d0f4ebb57a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame A9B0 557 B
470 B 41ms
39ms Script
text/plain 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0c7d1f1e824d216ef953e2dd760590d366c0c2ef313e6a9846b60ea3f86d502

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:17 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 826f89d3380e39d9-FRA
access-control-allow-headers: *

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 6096 7 B
380 B 114ms
26ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Expires: 0

GET
H2 200 userconnect Show response
ih.adscale.de/ Frame D0A1 130 B
206 B 78ms
21ms Script
application/javascript 18.194.184.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1700135658715&umd=false&gdpr_err=CMP_TIME_OUT&src=userconnect_js&ref=https%3A%2F%2Fguaiba.com.br%2F
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.184.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-184-132.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 2864f8e3a87ed40b6081fbef0c8d8e299754051c4683a6910b5b237eb22b5a9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:18 GMT
content-length: 130
content-type: application/javascript

GET
H2 200 map Show response
ih.adscale.de/ Frame 3EEA 2 KB
3 KB 23ms
22ms Document
text/html 18.194.184.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fguaiba.com.br%2F
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.184.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-184-132.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: d2b9993eb1360f5fad3863eff22a30e7e3b46b4ccfd89b1a5b0a9935a345d433

Request headers

Referer: https://js.adscale.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 2448
content-type: text/html;charset=ISO-8859-1
date: Thu, 16 Nov 2023 11:54:18 GMT

GET
H2 200 match.js Show response
js.adscale.de/ Frame 3EEA 4 KB
2 KB 33ms
33ms Script
application/javascript 2600:9000:2260:9c00:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/match.js
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fguaiba.com.br%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2260:9c00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 45767d3452a56be0180eed18ff44acd5e688dc5bbde2b77e1da29b326a180416

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: WaudPR3u5IR45PaGj6fN8v9SSDmzqfGK
content-encoding: gzip
via: 1.1 74dad4a395a0daef1fa4934a67f7955a.cloudfront.net (CloudFront)
date: Thu, 16 Nov 2023 11:12:01 GMT
last-modified: Thu, 16 Nov 2023 05:11:58 GMT
server: AmazonS3
x-amz-cf-pop: TXL50-P3
age: 2538
x-amz-server-side-encryption: AES256
etag: W/"ff7cce9128150bd82f1a709c03692e3d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=7200, stale-while-revalidate=86400
x-amz-cf-id: HUZnGbzf4ofwq7IAopRxyNaGb_PQsZhL0wRH2TKaiBkM5UfHecRWjw==

GET
H2

200

img
ih.adscale.de/sium/24970c3e37c947ce97ba3224af311546/1700135658808/0/ Frame 3EEA
Redirect Chain

https://bbnaut.ibillboard.com/match/AdScale?partneruid=e62fbb303622415fb2a838491ee29368&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F24970c3e37c947ce97ba3224af311546%2F1700135658808%2F0%2Fimg%3Ftpid%...
https://ih.adscale.de/sium/24970c3e37c947ce97ba3224af311546/1700135658808/0/img?tpid=101&tpuid=BBID-01-03748496590450943-17078652

49 B
536 B

26ms
25ms

Image
image/gif

18.194.184.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/24970c3e37c947ce97ba3224af311546/1700135658808/0/img?tpid=101&tpuid=BBID-01-03748496590450943-17078652
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fguaiba.com.br%2F
Protocol: H2
Server: 18.194.184.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-184-132.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP=NOI PSA OUR
date: Thu, 16 Nov 2023 11:54:19 GMT
content-length: 49
content-type: image/gif

Redirect headers

location: https://ih.adscale.de/sium/24970c3e37c947ce97ba3224af311546/1700135658808/0/img?tpid=101&tpuid=BBID-01-03748496590450943-17078652
date: Thu, 16 Nov 2023 11:54:19 GMT
cache-control: private, max-age=3600
access-control-allow-credentials: true
server: nginx

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 3EEA
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=0dec622eba1b06d0018c00a1c...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=ZVYC5qVyRFBwOts44vtIIgAA%262192

49 B
556 B

23ms
23ms

Image
image/gif

18.194.184.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=ZVYC5qVyRFBwOts44vtIIgAA%262192
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fguaiba.com.br%2F
Protocol: H2
Server: 18.194.184.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-184-132.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP=NOI PSA OUR
date: Thu, 16 Nov 2023 11:54:19 GMT
content-length: 49
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1hj7wYhR2J4dBFOqVONbwMN0fO00cjdFndfn2NT0uqqqcuwIQViMtlDReU8dhHKmxlbx0psi8fV8Wr4jJfgpf2sRrFRFGOIaTChZtL2j3yknA2ycuvYd8ZuIEy4yaqF4XsGU8Nx0"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=ZVYC5qVyRFBwOts44vtIIgAA%262192
cache-control: no-cache
cf-ray: 826f89dd896a9183-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 3EEA 70 B
148 B 50ms
49ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adscale&ttd_tpi=1&uid=41d2532d535d80e05560a9576eaf4023e28c5cd8e3930e946fcf925b10c55b51&tpid=60&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F24970c3e37c947ce97ba3224af311546%2F1700135658808%2F0%2Fimg
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fguaiba.com.br%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:19 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

img
ih.adscale.de/sium/24970c3e37c947ce97ba3224af311546/1700135658808/0/ Frame 3EEA
Redirect Chain

https://track.adform.net/serving/cookie/match/?party=9&uid=97402078d83311ead452e37ea0171bebf25dd8e5845e5d247d7f7820821b08e8&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F24970c3e37c947ce97ba32...
https://ih.adscale.de/sium/24970c3e37c947ce97ba3224af311546/1700135658808/0/img?tpid=42&tpuid=6863975191045366966

49 B
567 B

23ms
23ms

Image
image/gif

18.194.184.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/24970c3e37c947ce97ba3224af311546/1700135658808/0/img?tpid=42&tpuid=6863975191045366966
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fguaiba.com.br%2F
Protocol: H2
Server: 18.194.184.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-184-132.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP=NOI PSA OUR
date: Thu, 16 Nov 2023 11:54:19 GMT
content-length: 49
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://ih.adscale.de/sium/24970c3e37c947ce97ba3224af311546/1700135658808/0/img?tpid=42&tpuid=6863975191045366966
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 3EEA
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=fa28e85c-0c2e-48e1-aafd-84488569c116

49 B
589 B

31ms
31ms

Image
image/gif

18.194.184.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=fa28e85c-0c2e-48e1-aafd-84488569c116
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fguaiba.com.br%2F
Protocol: H2
Server: 18.194.184.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-184-132.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP=NOI PSA OUR
date: Thu, 16 Nov 2023 11:54:19 GMT
content-length: 49
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:18 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=fa28e85c-0c2e-48e1-aafd-84488569c116
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 640625
content-length: 0
expires: Thu, 16 Nov 2023 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame E136 9 KB
5 KB 36ms
34ms Script
text/javascript 37.157.5.84
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=68648312;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=20567029375&extPm=20567029375&extCr=524299771&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CNSEf5gJWZd2yF-TDjuwP8IezEJ6AtNRzg9melpwSxcf93wUQASDSs7t2YJX6-IGUB6ABhseYtynIAQmpAik3-YXKL7I-qAMByAObBKoEngJP0Jj10xdLWl2skEi-zzPcvf0db_Giq_CD7UpHpDnPeWD0HxJ09CQjoWIK2vP3oLqdmQEBfTb5aJnERBHIDuGt7taBWC3B1BL0gz9GmqmQko2sJVJ0DCpUb6UjaJaMoK9V3YbjiP2nUJmUL3SwgEKHh8t5Y902kz0k3RVpArxF1e2Vns0o6eISuN5jk_V3HPj1Y7QCzBKP6L6cEN8m3FkzKaZ09ld2M_iONzzk8E8scU--EL4nVqtKDqfK7aYlBQEUq80Qaa6s7cVuKLDq9tMA-do-jRzk2KZyBGpsJz-DzVGtquiVYS84Nkw8BdHADE10m8XCHe3NQ0ELULLh---HCJzrVDWNtI3r9sxGUFcAMgRWcIGqoKhuYiWznUtNwATZzO7uxgTgBAOIBf_sj89MkAYBoAZNgAeG_-iWBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0yNzU0MTg5Mjk2ODAyNTYwgAoDmAsByAsBgAwBogwQKg4KDOS0sQLutbECtbixAqoNAkRF4g0TCNKw_e26yIIDFeShgwcd8MMMArAT-_vDFdATANgTDdgUAdAVAfgWAYAXAQ&ae=1&num=1&cid=CAQSOwDICaaN-YUzRffMFDVjSfrs5HM4q2SAh9AARkP1j_Wk2fQROtU4TGaszoK6eO_xwI4uXDNdJgmp0DmbGAE&sig=AOD64_0PFme-pEgu_fFpMwKPJ7-pa3sHwg&client=ca-pub-9153399113741741&dbm_c=AKAmf-Bee-XfIQTFmB0y_q5-vrHoFO4LA0B3-iG4couuriVTdNNvLhqZXX10SnmxvDgAF60MKsKQYGJ7aari-3twYxBYhWIPypWlcJ5Ahkue3V0pScBpjuWGOByIw_AwpLgjrbwSANcBhTaU9wbwkP-CcExOZ5h8ZtyvgJRZI6Pc2uvjM5kKmLI&cry=1&dbm_d=AKAmf-Cf-mjpdEQQk_go8nkq4_Fd62myCom7ykCt3wmU1BcAq4wYVoSo90Mt_ZFVMEWES2V_BZ0filyOg_yAybZfCmOEODr-A5wH8u8wu2sxmQsmRtWE7bAMdx_SDy9dvV23cjXkBviNFamjc_Ng0rSYFi6FiqCidWmLCalvBFO549Y9dx_RX_P3vCoNwSM4eHc2R9IoI52dsLKmkSIJZQ4Srr4Rq2WAwFpz0IDrrtHs07gt58mSaG4gu7mrSywge3_CGbWdsaSMW8osTc7J1jhc3f8sDaXd2X2zWvUcSVt67eawFZk3vJltRsugTW-9kxyQ53UkRzcWMpGVsMhZaTiRvDhijbijLWATJyyIpOp_2QYsn_bzoNFJrTbFdnMIfdGaDDAiJ9MmbE0qyX7Yq4OmcG9CQsmRNzdUIduuoTgU5gcUSI4pBXgNeTvmJQo579ma7v3pshojtRHG_aaBTlO-xHeBgFAV2TKPh_acmOoyuVuh5B2obRNU7VexSks4nBd1E7Wy_aQHOlqBtlabmwUvBhynPBK5cO2eNfOOaeVqPbaYzCIsCo0&adurl=;js=1;adfxid=1x;5490;set=en-US|en-US|1600X1200|0|300|600|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;cmpgpp=;cmpgpp_sid=;fd=0|0&CREFURL=https%3A%2F%2Fguaiba.com.br

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

10135c5ccc66abec54e5f847c4d3f50b946c1ffbdb702fbd6c1327aa6c2b9ae9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 4322
expires: -1

GET
H/1.1 200
OK verify.js
rtb0.doubleverify.com/ Frame E136 58 B
58 B 93ms
44ms Image
text/javascript 130.211.44.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&ctx=818052&cmp=1619415&dvp_isLostImp=1&ssl=1&ver=170&dvp_cert=2&dvp_jsErrMsg=VerifyFailedToLoad&dvp_ctx=11655933&dvp_cmp=1623176&dvp_plc=68648312&dvp_sid=1366186
Requested by: Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Nov 2023 11:54:19 GMT
Content-Encoding: br
X-DV-Response: 0
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 11/15/2023 11:54:19

GET
H/1.1 200
OK verify.js
rtb0.doubleverify.com/ Frame E136 58 B
58 B 96ms
42ms Image
text/javascript 130.211.44.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&ctx=818052&cmp=1619415&dvp_isLostImp=1&ssl=1&ver=170&dvp_cert=&dvp_jsErrMsg=AdRenderedUponVerifyFailure__VFTL&dvp_ctx=11655933&dvp_cmp=1623176&dvp_plc=68648312&dvp_sid=1366186
Requested by: Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Nov 2023 11:54:19 GMT
Content-Encoding: br
X-DV-Response: 0
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 11/15/2023 11:54:19

GET
H2

200

img
ih.adscale.de/sium/24970c3e37c947ce97ba3224af311546/1700135658808/0/ Frame 3EEA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=a08a93dd6f5392699d783377a18b6bcb15552038428f5f3266946fd02638b3a3&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F249...
https://ih.adscale.de/sium/24970c3e37c947ce97ba3224af311546/1700135658808/0/img?uid=a08a93dd6f5392699d783377a18b6bcb15552038428f5f3266946fd02638b3a3&tpid=38&tpuid=CAESEGxElMn2GBSiP2IR6eDyDqs&google...

49 B
607 B

26ms
25ms

Image
image/gif

18.194.184.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/24970c3e37c947ce97ba3224af311546/1700135658808/0/img?uid=a08a93dd6f5392699d783377a18b6bcb15552038428f5f3266946fd02638b3a3&tpid=38&tpuid=CAESEGxElMn2GBSiP2IR6eDyDqs&google_cver=1
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fguaiba.com.br%2F
Protocol: H2
Server: 18.194.184.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-184-132.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP=NOI PSA OUR
date: Thu, 16 Nov 2023 11:54:19 GMT
content-length: 49
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ih.adscale.de/sium/24970c3e37c947ce97ba3224af311546/1700135658808/0/img?uid=a08a93dd6f5392699d783377a18b6bcb15552038428f5f3266946fd02638b3a3&tpid=38&tpuid=CAESEGxElMn2GBSiP2IR6eDyDqs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 413
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame E136 9 KB
4 KB 36ms
35ms Script
application/javascript 2a02:26f0:3500:d::1732:83c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=11655933&cmp=1623176&sid=1366186&plc=68648312&advid=165376&app=&sup=&adsrv=178&region=40&btreg=68648312&btadserv=adform&crt=60898803&crtname=dsl250_gesamtersparnis_231005_tf177a_600x1200&dvtagver=6.1.src&turl=&DVP_ADTYPE=Image&DVP_LINE=6994694&DVPX_IMPID=6862675747751807365&DVPX_GUID=6863975191045366966&DVPX_CDID=&DVPX_LAT=52.4114&DVPX_LONG=9.74105&DVPX_PAGE=https%3a%2f%2fguaiba.com.br%2f
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 8ab43ef523c52e830a7706ae32581ae882ebe14920d3e88ee191ac6aea78c401

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 11:54:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 14:21:20 GMT
Server: UploadServer
ETag: "4fd30d56128c4e7705e200cd98cfb057"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3639
Expires: Thu, 16 Nov 2023 12:09:19 GMT

GET
H2 200 csp.php
vfd2dyn.vodafone.de/csp/ Frame E136 0
0 119ms
44ms Image
text/html 18.66.2.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vfd2dyn.vodafone.de/csp/csp.php?b_id=1779&r_id=htlp&rnd=27298
Requested by: Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-52.txl50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2

200

img
ih.adscale.de/sium/24970c3e37c947ce97ba3224af311546/1700135658808/0/ Frame 3EEA
Redirect Chain

https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F24970c3e37c947ce97ba3224af311546%2F1700135658808%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID
https://ih.adscale.de/sium/24970c3e37c947ce97ba3224af311546/1700135658808/0/img?tpid=75&tpuid=4879223735890590428

49 B
617 B

29ms
28ms

Image
image/gif

18.194.184.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/24970c3e37c947ce97ba3224af311546/1700135658808/0/img?tpid=75&tpuid=4879223735890590428
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fguaiba.com.br%2F
Protocol: H2
Server: 18.194.184.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-184-132.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP=NOI PSA OUR
date: Thu, 16 Nov 2023 11:54:19 GMT
content-length: 49
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:19 GMT
an-x-request-uuid: 40be394a-09b8-43fc-9038-98e2d1f36277
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://ih.adscale.de/sium/24970c3e37c947ce97ba3224af311546/1700135658808/0/img?tpid=75&tpuid=4879223735890590428
x-proxy-origin: 217.114.218.27; 217.114.218.27; 831.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK dv-measurements4946.js Show response
cdn.doubleverify.com/ Frame 1C2D 424 KB
100 KB 48ms
48ms Script
application/javascript 2a02:26f0:3500:d::1732:83c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements4946.js
Requested by: Host: guaiba.com.br
URL: https://guaiba.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 532cc63b02ed8f53da56d150a5e594a9a7bc44334a376556f9ffd2d5078197f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 11:54:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 11:28:09 GMT
Server: UploadServer
ETag: "207db46e6ac0ca4732907f40bbd2d096"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 102043
Expires: Fri, 15 Nov 2024 11:54:19 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0BE8 1 KB
643 B 24ms
23ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 70342
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Nov 2023 16:21:57 GMT
etag: 48472445140208031
expires: Thu, 16 Nov 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E136 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ab6dec69d2e7c136b4bd0665b56e1dd4af65b2be59b48716a070c0fc9265265

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Standard Show response
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.235/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame E136 85 KB
36 KB 48ms
47ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.235/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 6a7cb0658f337f9336a51e5429d5bf42e112f550f4562cedc0ce2053f0b1b9bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:19 GMT
content-encoding: gzip
last-modified: Thu, 12 Oct 2023 13:27:00 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 17 Oct 2023 16:09:59 GMT

GET
H2 200 i.match
a.tribalfusion.com/ Frame 0BE8 43 B
432 B 193ms
189ms Image
image/gif 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESENrM-Vm0AfYm8qg_PediZqs&google_cver=1&google_push=AXcoOmRV3HhVQdOtudRhFZAEGuyj8HIkWg27dpCmmi2PzeGrymKcVyyQCnhv6Nda1wfIUtwSzFKc3RY2dGE1Aha3RZmQu7NeLra1OA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRV3HhVQdOtudRhFZAEGuyj8HIkWg27dpCmmi2PzeGrymKcVyyQCnhv6Nda1wfIUtwSzFKc3RY2dGE1Aha3RZmQu7NeLra1OA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:19 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 826f89e01d225d40-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0BE8
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEA4T-AepVR-7Dd9aItcMewA&google_cver=1&google_push=AXcoOmSHgr2OnDVhzD1bZz0vWoriGPNCBlyTI8tWRkSt95zOXANOM3ww2KIQb26DiLLoz7OMEdkz0st0hRcPqu...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjAyNzAzNzAxNTI3NTY1OQ%3D%3D&google_push=AXcoOmSHgr2OnDVhzD1bZz0vWoriGPNCBlyTI8tWRkSt95zOXANOM3ww2KIQb26DiLLoz7OMEdkz0st0hRcPqu8vse...

170 B
188 B

32ms
32ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjAyNzAzNzAxNTI3NTY1OQ%3D%3D&google_push=AXcoOmSHgr2OnDVhzD1bZz0vWoriGPNCBlyTI8tWRkSt95zOXANOM3ww2KIQb26DiLLoz7OMEdkz0st0hRcPqu8vsellzp9bRqgo

Requested by

Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjAyNzAzNzAxNTI3NTY1OQ%3D%3D&google_push=AXcoOmSHgr2OnDVhzD1bZz0vWoriGPNCBlyTI8tWRkSt95zOXANOM3ww2KIQb26DiLLoz7OMEdkz0st0hRcPqu8vsellzp9bRqgo
Date: Thu, 16 Nov 2023 11:54:19 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0BE8
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRZfN...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-4Sjblz_fq77oGC0P4VOuJy62mNtUCBwoQAiAjg&google_push=AXcoOmRZfNuZU3mhD5FC5Qs4hW-dtsjzXXdTh0m6Q3rwHOW_7C2A2OByluETAlJS8gb1B5VDs-CtyIrUloxR...

170 B
188 B

34ms
34ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-4Sjblz_fq77oGC0P4VOuJy62mNtUCBwoQAiAjg&google_push=AXcoOmRZfNuZU3mhD5FC5Qs4hW-dtsjzXXdTh0m6Q3rwHOW_7C2A2OByluETAlJS8gb1B5VDs-CtyIrUloxRTpwkXBxNrEWpE_nTzg

Requested by

Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:18 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-4Sjblz_fq77oGC0P4VOuJy62mNtUCBwoQAiAjg&google_push=AXcoOmRZfNuZU3mhD5FC5Qs4hW-dtsjzXXdTh0m6Q3rwHOW_7C2A2OByluETAlJS8gb1B5VDs-CtyIrUloxRTpwkXBxNrEWpE_nTzg
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 823809
content-length: 0
expires: Thu, 16 Nov 2023 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0BE8 0
12 B 32ms
31ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ITSbahL-_yCSFNZtHfHMJxdCHJGVQAKqhjshCUYODWIA

Requested by

Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:19 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

js Show response
ih.adscale.de/sium/24970c3e37c947ce97ba3224af311546/1700135658808/0/ Frame 3EEA
Redirect Chain

https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=062dfedf3998eb0b6b0c902f4a6df5ffe0ae9fb373613852d15fb0fb723be079&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F24970c3e37c947...
https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=062dfedf3998eb0b6b0c902f4a6df5ffe0ae9fb373613852d15fb0fb723be079&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F24970c3e37c947...
https://ih.adscale.de/sium/24970c3e37c947ce97ba3224af311546/1700135658808/0/js?tpid=48&tpuid=18c66b7abf408efbfc1e6da49628e56f

44 B
635 B

26ms
26ms

Script
text/javascript

18.194.184.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/sium/24970c3e37c947ce97ba3224af311546/1700135658808/0/js?tpid=48&tpuid=18c66b7abf408efbfc1e6da49628e56f
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fguaiba.com.br%2F
Protocol: H2
Server: 18.194.184.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-184-132.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 954c3ede906934ed86f7e8a92c99082c187279480f99db1c3ce4ca1f05004fa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP=NOI PSA OUR
date: Thu, 16 Nov 2023 11:54:19 GMT
content-length: 44
content-type: text/javascript

Redirect headers

location: https://ih.adscale.de/sium/24970c3e37c947ce97ba3224af311546/1700135658808/0/js?tpid=48&tpuid=18c66b7abf408efbfc1e6da49628e56f
date: Thu, 16 Nov 2023 11:54:19 GMT
content-type: text/plain; charset=utf-8
content-length: 147
vary: Accept
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 1C2D 729 B
748 B 659ms
44ms Script
text/javascript 130.211.44.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=96&ttfrms=21&brid=3&brver=119.0.6045.159&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau8F2%3A32%5D4%40%3E%5D3CTauU2%3F4r92%3A%3Fl9EEADTbpTauTau8F2%3A32%5D4%40%3E%5D3CTar9EEADTbpTauTaubh%60ggaeg3ad4fdhh47%60f3hefb_f5_77b%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=4526&ddur=37&uid=1700135659562445&jsCallback=dvCallback_1700135659562941&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.159%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=600&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4946&tgjsver=4946&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&fcifrms=16&brh=2&dvp_epl=215&noc=4&nav_pltfrm=Win32&ctx=11655933&cmp=1623176&sid=1366186&plc=68648312&crt=60898803&btreg=68648312&adsrv=178&advid=165376&crtname=dsl250_gesamtersparnis_231005_tf177a_600x1200&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&region=40&btadserv=adform&DVP_ADTYPE=Image&DVP_LINE=6994694&DVPX_IMPID=6862675747751807365&DVPX_GUID=6863975191045366966&DVPX_LAT=52.4114&DVPX_LONG=9.74105&DVPX_PAGE=https%253a%252f%252fguaiba.com.br%252f&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=80953781085.36646&ee_dp_sukv=80953781085.36646&dvp_tukv=967326592.9163721&ee_dp_tukv=967326592.9163721&dvp_strhd=0.1999969482421875&dvpx_strhd=0.1999969482421875&dvp_tuid=1034611009324&jurtd=2163002826
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4946.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 355ab01efc3c9e76e65cee3ba6bb7dfe604d9e574d26dc8f799971f8ee67b020

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Nov 2023 11:54:20 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 11/15/2023 11:54:20

POST
H2 200 /
track.adform.net/csimpr/ Frame E136 35 B
626 B 34ms
33ms Ping
image/gif 37.157.5.84
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=68648312&csi=bKw5EVuQ3jYzSL5ZeYf7ao1f_Acv0ASASHmvKE6cyxYJDwKV3Zer3E-QcPq5p7EzD3n9rqpETK6zfeg09egvlt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 11:54:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 60898803.gif
s1.adform.net/Banners/60898803/ Frame E136 46 KB
46 KB 44ms
44ms Image
image/gif 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/60898803/60898803.gif?bv=3
Requested by: Host: 39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: e0d7f3dc0157f326424a2edf7a1deaad6088709434c9621f2058a018b77a6837

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:54:19 GMT
last-modified: Mon, 09 Oct 2023 13:53:23 GMT
server: nginx
x-amz-request-id: tx00000c417d71d61fb5f02-006555a220-329552a5-default
etag: "e217d1bb54cb646579f23e8601da18bb"
x-cache-status: STALE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 46939

POST
H2 200 sium
ih.adscale.de/ Frame 3EEA 0
0 34ms
33ms Fetch
application/json 18.194.184.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/sium
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.184.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-184-132.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fguaiba.com.br%2F
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://ih.adscale.de
date: Thu, 16 Nov 2023 11:54:19 GMT
access-control-allow-credentials: true
access-control-allow-headers: x-openrtb-version
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.tidaltv.com
URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361

Domain: bn01.er.bemail.it
URL: https://bn01.er.bemail.it/zeotap.php?_bid=b0887763-40a7-4a68-7c74-22d0f4ebb57a&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361

Verdicts & Comments Add Verdict or Comment

401 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

77 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
guaiba.com.br/	1970-01-21 01:51:35	Name: _ttuu.s Value: 1700135650907
.guaiba.com.br/	1970-01-21 01:51:35	Name: _ga Value: GA1.3.317852422.1700135651
.guaiba.com.br/	1970-01-20 16:17:02	Name: _gid Value: GA1.3.1058596196.1700135651
.guaiba.com.br/	1970-01-20 16:15:35	Name: _gat_gtag_UA_89364106_2 Value: 1
.guaiba.com.br/	1970-01-20 16:15:35	Name: _gat Value: 1
.t.tailtarget.com/	1970-01-21 01:01:11	Name: u Value: fwAAAWVWAuNFaAbvPVq0AgB=
.t.tailtarget.com/	1970-01-20 16:18:28	Name: _ssc Value: y
guaiba.com.br/	1970-01-21 01:01:11	Name: tt.u Value: 0100007FE3025665EF06684502B45A3D
.guaiba.com.br/	1970-01-20 16:15:35	Name: _gat_gtag_UA_160181995_1 Value: 1
.adscale.de/	1970-01-21 00:57:51	Name: uu Value: e62fbb303622415fb2a838491ee29368
.t.tailtarget.com/	1970-01-20 16:58:47	Name: ttbprf Value: ___de_1700135651237_3648182811
.t.tailtarget.com/	1970-01-20 16:15:37	Name: ttc Value: 1
.t.tailtarget.com/	1970-01-20 16:58:47	Name: ttnprf Value:
guaiba.com.br/	1970-01-20 16:17:02	Name: tt.nprf Value:
guaiba.com.br/	1970-01-21 01:01:11	Name: cookielawinfo-checkbox-cookies-de-analise Value: yes
guaiba.com.br/	1970-01-21 01:01:11	Name: cookielawinfo-checkbox-cookies-de-marketing Value: yes
guaiba.com.br/	1970-01-21 01:01:11	Name: cookielawinfo-checkbox-cookies-essenciais Value: yes
guaiba.com.br/	1970-01-21 01:01:11	Name: cookielawinfo-checkbox-cookies-fundamentais Value: yes
guaiba.com.br/	1970-01-21 01:01:11	Name: cookielawinfo-checkbox-cookies-dispositivos-moveis Value: yes
.t.tailtarget.com/	1970-01-20 16:58:47	Name: n Value: 1700135651
.criteo.com/	1970-01-21 01:37:11	Name: uid Value: fa28e85c-0c2e-48e1-aafd-84488569c116
.guaiba.com.br/	1970-01-21 01:37:11	Name: cto_bundle Value: HfHzlV9oWXl2bGduelJtJTJCeUxDSCUyRmxKdzVOMk1qM1F1eUJaRXdUVGpObXpmRVY0dnEzUEFrcWFtVmFRTElqZyUyQlFlajc0akVZazhSU29Ia0NXcVh2YTZ4dHFXTHlJN05yTjhoaE50bnZmR2laTDclMkZwMkRqQUY5YmdsY1ZYZjd0UnpyNE9UMFElMkJ2WCUyQjRFbFlROEtsJTJCeHd3N3JwdyUzRCUzRA
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.guaiba.com.br/	1970-01-20 16:15:35	Name: lotame_domain_check Value: guaiba.com.br
.e-planning.net/	1970-01-21 01:51:35	Name: E Value: AKo7myRqS4OkTkDO
.script.ac/	1970-01-20 16:15:37	Name: __cf_bm Value: OxGQ77Jmfhp6SSUTVLC82z1h5CQOQ03QS8wVOtNMxnY-1700135651-0-AcHCevqjU6+CGUCXQHSL4feTI8nWNv3JdT+HQjNRFu1zj/0CLFSINqCU8ot2VSDB/B52FkfOPmPwAUscBeEoiDk=
.rubiconproject.com/	1970-01-21 01:01:11	Name: khaos Value: LP14VCOX-1N-CE68
.rubiconproject.com/	1970-01-21 01:01:11	Name: audit Value: 1\|naVuGyos1qpdzNh1iYm/PLU1ZxogGjlwOA+xFj1I9scmP1H4Ec1c+yDBS0Xc6FagGIJHEyERsI5C4zdOlB8O68xuhZpbWKLt2b5d5XNK5q2+xUA9sgf/4eNEKcfJxgEB
.openx.net/	1970-01-21 01:01:11	Name: i Value: dd5eab3b-e22c-41d7-adb1-68875a65a198\|1700135651
.doubleclick.net/	1970-01-21 01:37:11	Name: IDE Value: AHWqTUnUdWV4YXqv9K0eD4hluN3gmJNXeZlTT01BNAcIO2JSMEsjAtZ2hfk06bWOi78
.3lift.com/	1970-01-20 18:25:11	Name: tluid Value: 587873459685377270171
.quantserve.com/	1970-01-21 01:45:50	Name: mc Value: 655602e6-bd7fa-d185e-f9778
.blismedia.com/	1970-01-21 01:01:15	Name: b Value: 655602E6A8EA4B10D80B7C39BLIS
.csync.loopme.me/	1970-01-20 18:28:04	Name: viewer_token Value: 132f68cd-3170-4050-8407-3327a3c53893
.casalemedia.com/	1970-01-21 01:01:11	Name: CMID Value: ZVYC5qVyRFBwOts44vtIIgAA
.casalemedia.com/	1970-01-20 18:25:11	Name: CMPS Value: 2192
.casalemedia.com/	1970-01-20 18:25:11	Name: CMPRO Value: 2192
.doubleclick.net/	1970-01-20 20:34:47	Name: APC Value: AfxxVi62Beb0iKWXma3t_6iSLOflfukicKC2S-enJZoBZwoR0jLTCg
.guaiba.com.br/	1970-01-21 01:37:11	Name: __gads Value: ID=02969539764d11f1:T=1700135654:RT=1700135654:S=ALNI_MbuZGwaucT1eqm8enz8x4mJHPIyJg
.guaiba.com.br/	1970-01-21 01:37:11	Name: __gpi Value: UID=00000cc9e49226eb:T=1700135654:RT=1700135654:S=ALNI_Mbk4cG3dRxCML2lLuEI5K2XIeWYVA
.adnxs.com/	1970-01-20 18:25:11	Name: uuid2 Value: 4879223735890590428
.adform.net/	1970-01-20 16:58:47	Name: C Value: 1
.simpli.fi/	1970-01-21 01:02:38	Name: suid Value: E2A08E31903345198307F1D456CE98B9
m.exactag.com/	1970-01-20 18:25:11	Name: exactag_new_gk Value: a361d7bc5c9c43d9825d1a585bd2bc3d%7C15.01.2024%2011%3A54%3A14
m.exactag.com/	1970-01-20 20:34:47	Name: exactag_new_uk Value: d238294e21d244a3b1c27a5fc96e85de%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 9445d60e137d49349cc6bec8
.adnxs.com/	1970-01-20 18:25:11	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>xLh(n+!A#G'.TOKKnyW<U1`VROYQM-:PVJCQLC!v%_>mewQ1-+R:Z^5xE#c]2jk4`F/X%W#.wL4W1Qw1C+E[$M
.doubleclick.net/	1970-01-20 16:58:47	Name: ar_debug Value: 1
.adform.net/	1970-01-20 17:41:59	Name: uid Value: 6863975191045366966
.turn.com/	1970-01-20 20:34:47	Name: uid Value: 4155890558819184966
.adfarm1.adition.com/	1970-01-20 18:25:11	Name: UserID1 Value: 7302027037015275659
.zeotap.com/	1970-01-21 01:01:11	Name: zc Value: b0887763-40a7-4a68-7c74-22d0f4ebb57a
.zeotap.com/	1970-01-20 16:17:02	Name: zsc Value: %FD%23%B5%ED%FF%C2%14%21%F9%0F%06%E1%10%F9%D7%F9%3A%D9%5D%10%08%F32%60%F2X%86%83%1B%26%03%EB%0D%AF%96%FE%A7%A3hSD+%0A%C7Z%C9%09%3D%EB%01b%18Jia%FF%0A%81%C1%7C%80.%0A4~%5CA%11-%8AI5Bm%E5C%DF%BF%2A%162%9D%11%14%E1%A3yAp%A9%2B%D8%E5%8B%8C%17z%1B%EFA%07%7C%D3%83%02%2F%EBI%96%0BU%7F%F6%88%9D%C8%CD%CF%CB%BD%CEyXP%D1h%A7%FC%97%92Cn%061%95%F0%11An%DE%C7n%28%05%D9c%DC6%3Eh%E1%FE%07%1F%08%E6%3CR%94U%EDb%92%FD%BA%F8%02%BFB%D5%F6%BB
.bidswitch.net/	1970-01-21 01:01:11	Name: tuuid Value: 999c6b80-00e3-4316-bbd8-680a78506d3c
.bidswitch.net/	1970-01-21 01:01:11	Name: c Value: 1700135657
.bidswitch.net/	1970-01-21 01:01:11	Name: tuuid_lu Value: 1700135657
.quantserve.com/	1970-01-20 18:25:11	Name: d Value: EDkBEAG4KoENrLsw
.tapad.com/	1970-01-20 17:41:59	Name: TapAd_TS Value: 1700135657555
.tapad.com/	1970-01-20 17:41:59	Name: TapAd_DID Value: 083b435e-cc1b-4186-afde-0300c5fc3674
.tapad.com/	1970-01-20 17:41:59	Name: TapAd_3WAY_SYNCS Value:
.demdex.net/	1970-01-20 20:34:47	Name: demdex Value: 72692904725138836182054538822932795560
.weborama.fr/	1970-01-21 01:41:30	Name: AFFICHE_W Value: vTwutdJSVVy967
.vidoomy.com/	1970-01-20 18:25:11	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJhZGYiOnsidWlkIjoiNjg2Mzk3NTE5MTA0NTM2Njk2NiIsImV4cGlyZXMiOiIyMDIzLTExLTMwVDExOjU0OjE3LjYyNTA4MDA5NFoifX0sImJkYXkiOiIyMDIzLTExLTE2VDExOjU0OjE3LjYyNTA2NTQzM1oifQ==
.yahoo.com/	1970-01-21 01:01:33	Name: A3 Value: d=AQABBOkCVmUCEMisf1HciJX0NMqpIadgcioFEgEBAQFUV2VfZeANyiMA_eMAAA&S=AQAAAvu7YnhKcUsi8kTk5d9u4h4
.dpm.demdex.net/	1970-01-20 20:34:47	Name: dpm Value: 72692904725138836182054538822932795560
.analytics.yahoo.com/	1970-01-21 01:01:11	Name: IDSYNC Value: 19ah~2f2z
.agkn.com/	1970-01-21 01:01:11	Name: ab Value: 0001%3AidfbNWtTlrqJIlI%2FzIdI9FAgXX19EqaA
.richaudience.com/	1970-01-20 18:25:11	Name: avcid-zeo-uid Value: b0887763-40a7-4a68-7c74-22d0f4ebb57a
.krxd.net/	1970-01-20 20:34:47	Name: _kuid_ Value: P61Nt8f8
.everesttech.net/	1970-01-21 01:01:11	Name: everest_g_v2 Value: g_surferid~ZVYC6QAAENxE6ABU
.fwmrm.net/	1970-01-20 20:34:47	Name: _uid Value: umeb608_7302035853180028992
.adform.net/	1970-01-20 16:25:40	Name: TPC Value: 1700135659348
.adscale.de/	1970-01-21 00:57:51	Name: cct Value: 1700135659513
.ih.adscale.de/	1970-01-21 00:57:51	Name: tu Value: 4#4078974347#48~~472259~472259~1#101~BBID-01-03748496590450943-17078652~472259~0~0#38~CAESEGxElMn2GBSiP2IR6eDyDqs~472259~0~0#40~fa28e85c-0c2e-48e1-aafd-84488569c116~472259~0~0#42~6863975191045366966~472259~0~0#75~4879223735890590428~472259~0~0#60~~472259~472259~1#63~ZVYC5qVyRFBwOts44vtIIgAA&2192~472259~0~0
.vodafone.de/	1970-01-20 16:25:40	Name: oshop Value: queryparams\|\|b_id\|\|1779\|\|queryparams\|\|shopid\|\|2673
.m6r.eu/	1970-01-20 16:15:39	Name: test Value: true
.tribalfusion.com/	1970-01-20 18:25:11	Name: ANON_ID Value: a8nteZbw5EGiAaINQfPsPTZcgtOZce2UefXai9h9Zd4tYCAdvSQPC3wGA1ZbAvo14eA2Fi5DuIc6CXpa5VZcnaiFk9QqPGvOCoMaR3

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://guaiba.com.br/pwa-register-sw.js?ver=1.7.51 Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://delivery.r2b2.io/js/6.74.0-RC1/online/public/bundle.868357515b9a49882e97.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 ()
security	error	URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map Message: Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=b0887763-40a7-4a68-7c74-22d0f4ebb57a&axd_pid=175 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://tags.bluekai.com/site/87734?id=b0887763-40a7-4a68-7c74-22d0f4ebb57a&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b0887763-40a7-4a68-7c74-22d0f4ebb57a&reqId=c39d6dc4-02de-4fb5-61f9-50c7f6075819&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_703657091905&jsTagObjCallback=__tagObject_callback_703657091905&num=6&ctx=11655933&cmp=1623176&plc=68648312&sid=1366186&advid=&adsrv=&unit=300x600&isdvvid=&uid=703657091905&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.20&dvpx_strhd=0.20&brid=3&brver=119&bridua=3&dup=null&ppid=111&auevent=0&auadv=165376&aucmp=1623176&aucrtv=60898803&auorder=2010169&auplc=6994694&auadid=1366186&aufilter1=165376&autt=1&c1=VF-DE+Deutschland&c2=DE_23_AO_P_M_G_F_cic-215-fix----per-fng-dive-DSL_all_funnel_Tracking_PER&c3=RT_PD_F-215-dsl-all-PRE-Tracking&c4=dsl250_gesamtersparnis_231005_tf177a_600x1200&c5=Doubleclick+DBM&c6=1447160&c7=Doubleclick+DBM+(Media)&c10=DV360_AO_AL_1st_BNR_CM_dsl-100-tracking&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&prr=1&m1=13&noc=4&fcifrms=9&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=170&eparams=DC4FC%3Dl9EEADTbpTauTau8F2%3A32%5D4%40%3E%5D3CTauU2%3F4r92%3A%3Fl9EEADTbpTauTau8F2%3A32%5D4%40%3E%5D3CTar9EEADTbpTauTaubh%60ggaeg3ad4fdhh47%60f3hefb_f5_77b%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=6.30&aubndl=&audeal=&c8=&turl=&c9=&callbackName=__verify_callback_703657091905 Message: Failed to load resource: the server responded with a status of 502 (Bad Gateway)
security	error	URL: https://39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Message: Refused to execute script from 'https://m.exactag.com/ai.aspx?extProvId=327&extPu=vf-dv360&extLi=20567029375&extPm=20567029375&extCr=524299771&rnd=1700135654383325' because its MIME type ('image/gif') is not executable, and strict MIME type checking is enabled.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

39188268b25c7599cf17b967307d0ff3.safeframe.googlesyndication.com
4b334480f57a76161830be7f3cf7047a.safeframe.googlesyndication.com
a-prebid.vidoomy.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
adscale-emea.adnxs.com
adx.adform.net
b.t.tailtarget.com
bbnaut.ibillboard.com
bcp.crwdcntrl.net
beacon.krxd.net
bidder.criteo.com
bn01.er.bemail.it
c1.adform.net
cadmus.script.ac
cdn-ima.33across.com
cdn.doubleverify.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.adform.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
connect.facebook.net
csync.loopme.me
d.tailtarget.com
d.vidoomy.com
delivery.r2b2.io
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
got.statisticplatform.com
guaiba.com.br
gum.criteo.com
hb.adscale.de
hbopenbid.pubmatic.com
i.clean.gg
ib.adnxs.com
idsync.frontend.weborama.fr
ih.adscale.de
image6.pubmatic.com
invstatic101.creativecdn.com
js.adscale.de
loadeu.exelator.com
log.r2b2.io
m.exactag.com
match.360yield.com
match.adsrvr.org
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
north.statisticplatform.com
oa.openxcdn.net
oajs.openx.net
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
openbid.pubmatic.com
pagead2.googlesyndication.com
pbjs.e-planning.net
pixel-sync.sitescout.com
pixel.rubiconproject.com
pixel.tapad.com
prebid-eu.creativecdn.com
prg.smartadserver.com
r.turn.com
r2b2-emea.adnxs.com
rtb.openx.net
rtb0.doubleverify.com
s.ad.smaato.net
s.seedtag.com
s.tribalfusion.com
s0.2mdn.net
s1.adform.net
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
special.beatifulllhistory.com
spl.zeotap.com
ssum.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.richaudience.com
sync.tidaltv.com
t.tailtarget.com
tagmanager.alright.network
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tr.blismedia.com
track.adform.net
tracking.m6r.eu
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
usermatch.krxd.net
vfd2dyn.vodafone.de
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
bn01.er.bemail.it
sync.tidaltv.com
108.128.89.5
13.248.245.213
130.211.44.5
142.250.184.226
142.250.185.230
151.101.194.49
162.55.233.29
172.64.151.101
172.64.152.89
178.250.1.9
18.158.2.213
18.194.184.132
18.200.74.130
18.203.198.173
18.64.79.46
18.66.2.22
18.66.2.52
184.30.22.30
185.15.245.80
185.184.8.90
185.59.208.177
185.64.189.112
185.64.190.78
185.64.191.208
185.86.138.121
193.3.178.4
2001:678:cb4:bbbb::11
212.36.83.246
213.202.235.10
23.35.236.201
2600:1f13:800:7780:8a60:dbd7:7b5e:77d1
2600:1f18:6593:f606:ee73:d59a:4018:6dc2
2600:9000:211e:7c00:1b:5138:8a40:93a1
2600:9000:225f:7a00:8:48e:53c0:93a1
2600:9000:2260:9c00:f:4f64:8940:93a1
2602:803:c003:200::31
2606:4700:10::ac43:db6
2606:4700:20::681a:8a9
2606:4700:3033::6815:2b83
2606:4700:4400::6812:22b2
2606:4700::6810:5514
2606:4700::6811:190e
2606:4700::6812:1691
2606:4700::6812:19ad
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:806::2002
2a00:1450:4001:809::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2006
2a00:1450:4001:812::200e
2a00:1450:4001:81c::2003
2a00:1450:4001:828::200a
2a00:1450:4001:829::2008
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2004
2a00:1450:4001:831::2002
2a00:1450:400c:c0a::9a
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:26f0:3500:d::1732:83c8
2a02:6ea0:c700::11
2a03:2880:f083:9:face:b00c:0:3
2a04:4e42:200::300
3.65.104.224
3.75.62.37
3.76.109.233
34.102.146.192
34.102.185.99
34.111.113.62
34.111.131.239
34.120.135.53
34.149.50.64
34.160.236.64
34.248.37.96
34.254.143.3
34.95.69.49
34.96.105.8
34.96.70.87
35.194.66.159
35.201.123.184
35.214.162.168
35.227.252.103
35.244.159.8
37.157.4.28
37.157.5.84
37.157.6.235
37.252.171.21
37.252.171.53
37.252.172.68
44.209.183.242
51.75.86.98
52.16.155.12
52.223.40.198
52.48.43.143
52.95.125.22
54.220.63.108
62.209.227.211
69.173.144.139
69.192.160.219
80.66.79.247
80.66.79.248
80.66.79.249
85.114.159.118
98.98.134.243
00bbe6aa826e82b451aa598fe3295b71436b3284044d4097244c848b9e287892
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0183ebe6a6f087df360b458804771632637a60e809537e9d4555d10b1a338dea
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
07af50ab249b567af9c11b5b7e56916adbd54e1469e52478efb688e5085f5b08
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
082b50dbfa624e306a31fc9933d1a06921c6a8d71dc228607568dca2f072e513
0853f264199cae9f99231c43e872fdac497426c6f29e9983ad243aedd889b54f
0b69e3de2afa156997870f3827638f3b5209d1fd76f81eab7240fe1145aadf47
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d10ab9ae81ed51d40af144320af43f208be21fb0ac02e968c5b017fc2c3bbdd
0da4791b446818516f710c51707081aec7b23a7c5212fc0b2629c973210136a4
0e0f6c2275ed90502c6b91b5a01bea2afa7ef0ca0c95c497835d0d3ac0c0ac3f
0e24e419966e088022d66225fdbd71e14449ebbeeab942aa7fb4472a7a38c3a7
10135c5ccc66abec54e5f847c4d3f50b946c1ffbdb702fbd6c1327aa6c2b9ae9
11619eb14230c5f950dbd89d78bcb857b70d1ebd0a180dbdde2c7e3e4c8ba031
14b245622ffcbb82a46de757471f6e655e22d3b967527e1f4e5f732d189e8877
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
164d5b15820f2c6d68cccba4309e13b4a6d3321edbc8fc09a95dcdf38e5efff6
174a5f5a2608acda7e2f204e773bfe864299f64316008369c068a5f04b2718a9
180e738985fc51eacc5a57a84e2d357158eac3a909c0960cce199dd9e2fefdb8
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
19208883ae18d36ec04e92079536ccb8f1e88035390117eb18eb89a8a976c6fd
1a096834ac41709c7dce178a835c3af3102a2c50a7114b1fed96901aeaf3863d
1b2f25ad0f768316e771ef0a7ba96a3c38a8567d716111953b0225f9b03650d6
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1ee41f63f5976e2556a9da755b4a81f70235374d5a71726a1a77e9e541dc0316
1f40994eab15b92af5183f9acf338e0354771054c65024e0aa679b6506f9eb87
2265dd0ebe6f6894860e8c74e5c1470e289d8068b210d7bb8b0ce6d1dd189ef2
2281280d9e0f69ef635072fb055d4b51cb0e0a657d430eb39274be12408ee778
242e8e2b3f4c1b0f4f0e49113c9bc0775981dba4a03b86a2501332e02154923d
24aedbf54529258ee3da6ee3971095cadeb8bf91237178ec5253c9a10c966468
24f5106c713f84f4879522e16c7ae5fbbbd3c827d6243d7f70324d82323fcd5f
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
2864f8e3a87ed40b6081fbef0c8d8e299754051c4683a6910b5b237eb22b5a9c
2a196e74a8110fdcd0d8d142d53888cbc8285fafed3f2304565786d87a2d8e6f
2a2ac34136c00e48cd04edf792aec5e6dba2b4cd5942b9383f3f56764125e808
2ab6dec69d2e7c136b4bd0665b56e1dd4af65b2be59b48716a070c0fc9265265
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
30680fe4396248970391cb2a52e5c27561a51ddf82a116001d9b7858c72f6651
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3233190287f115105de5b5a99c5418e34b73b59e56bb84f681f1b5f90c553cf5
3380d49459c62895f06a4daad0e9035356a50a2ca566c1c6335b4bec606290bb
3410abcd54b3e5b0be2908349cbf0fc184301394e0b626c78cb2b07517ec72c3
3483963149e24fb0f6a022c900e4c5c172879d5f9c572e2640f9a77191eeff12
355ab01efc3c9e76e65cee3ba6bb7dfe604d9e574d26dc8f799971f8ee67b020
35c67f3d27fafe9a0e9aa8f6bd100d1d49d34db666fa537cbca8e17c11561dfd
376debad0c198eeed09117759974dfc365cdabe1f067276f6e514af9312c8983
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3b2011f4b5bc9c8ae2d7714429e66b688f9047d5d5675265907eb0fcea972066
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40b159fa53fde2421e0d0a0c9e983a6c466e33c22829db45bac0e7fed94a1e56
4164d161f8d49ca23ad133436473152c0a18f06df00f007cdb9b1685b098621b
426ec13ae512e70169a171192468b0a499e9e2ef7dade24ed40cdff7152b4cf5
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43bee53229b0e308836bfd9b6bac0800ab708c82e352498264b7b4e68ca270d1
45767d3452a56be0180eed18ff44acd5e688dc5bbde2b77e1da29b326a180416
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48f93e3937054551ff4a887dca69a8fc91561c11f52a53a262f6741bc91a9bb2
4a8e388cca548ce8caa0cb37090d39da956c7eab238a6f01ae1a6310f3963047
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d0654e13b073b24f54175513644fea0c108e44105a4494618f8548cfc395cda
4d6148b7c3275cd5980a7903689546ee11ec96f11f4611a2062905578835e692
4d64c23d8f29779768e1ba5e11c541d0d59f01bae3a8bc8afbb6d76642d04345
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea9f30b144ea79511f24dcbdf13f2a8d95fa9a4395d4dde5af28a7a595f69a5
4edeb16291a0a77ecf414c539c96824c907e57dc2861e67e2d6dae98ff9d66f3
4f2893cb6891421b26cec31656508317fbb70f3dd538ca77f571f7d3c1da5020
4fbb2c27115d000df308e2daf1f6359e9888c5b31f658c37b8270024634491a5
4fc30196480f71ea6a7ba79daa0b6048289c8ad4e0b8beb8fc065483aa29a3d6
52140514262c5a3e512a7d20359dab8a6eca56b4ce04238f5bccbce32f7d5f2b
532cc63b02ed8f53da56d150a5e594a9a7bc44334a376556f9ffd2d5078197f0
53cdc87002dcbe5a8909b892345cac3ace0c5d4d30a0fcf3d0cf1694c9309217
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
54ae79d494bbd732b9e2e6daeb6064cf26fcd42d5ec72822d24a5b0e747a3ec4
54ec44c096ac706b9133680baae603d1b528a0c4b17b6e51e11ee54732d6eabb
553975c2df9cbae97582f53c9d8b911007fb3087afce996316d95c0118b77b2c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56109fa3da6aa8f73ea350d38977235631ed519eb883aa78b13f530b2744d67d
564619dbfcde06b3bfd533af532e323b2eb931c6254a203ff23f42d30c689256
577bbeb02edadd6a6119ee367adac8fd8b43b40a3763939f1d01e3cb9dd9a9a8
57b300c964d5cfc56638cae9228fdd997e9b6d98ff3392397a2e9e1d46430358
5802303b9ccdf0b4467ff1ae855be9c11c828cbce7fd50ba1eaf5f3054ed1d10
5a5216cad362a8d3e2d42d559c4c9a55fa28f6fcbb746e39a735587b29494104
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5baa4e9bc655ad466b1f0c7a7c9ceb63792bf85b89468788e9ec45e5e7eabb6d
5cc96e9d9bab3838163202edc2ee48bcf3617198afb7a525d26e3f6c6dc3543a
5e4ac0328b79d03d0ab4f5a4c2b1a827c89ffb189fa1363c74eaebeb0377b241
5ef69d3645b13826d1bb76567eea844d29b64fa7728649fd90f93c1505fb17f0
60719d3959882ac169b8a7bca20de78fac6ffc1b533a0f1115d5f863f7cd9bc3
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
61496aa1a9c3d26cfc292b41fc451a597a47468117c1fb258226a57296390433
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
643d83eabc67f940e4b0d128dcd85340db3c86afa3680383faf43559bd3cb4a9
661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
69393ed07673b7844fab53ae6fc10e5c10a6fb9324c22acf31b0ebd3fd0d777e
69a77aa5703fe98853be12aa1e346d036bb8db37f59a8244ce0a3756ad83fe2a
6a7cb0658f337f9336a51e5429d5bf42e112f550f4562cedc0ce2053f0b1b9bb
6b3da89922d333d106b84fefeebd7b16bfebf4cfbd7bef37fa10a47c471ae64c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c283fe092b042b2a590717f6fb2e480d00d66ebcb7d1d5ee350ce5d6fd5b286
6f20bff1d6993662159d485aa45c43cd94f226ec23cff761ca541b4237d09b0e
6fdff36dddf64151f004df6d8b2454105c9c4e32c866e70396c228ad2d519b42
758574325066e1e18e21e567c11c5ed0fe766e3122de1be44960433c75cd95c4
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
79b0d413b2efd74cbee158c6a13e96e61f69a0fdc214f6e34d39618ffa4da10c
7c418eaa0518052c98741fe20cebfe9552bb7fa35c958bd6a7e95018db0ad77a
7fff10f44831d95dd5299fcffecafaa3f6a8cb227e6524d2bbfb6aaacf8205cd
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118
82bb695eaa3770d4d9853ce849dbf9dabd364741e67e4ea46058fae09fe67b95
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84e7c97429b34edfe6f11b58ef0e74fd09d075b201571f4980d7b41cab9e2687
84ec131112ca132c741450c29f43750d4cc516f7fe8d642a35092729373c2e90
85e63d4a3fd0c38c1f24813f5d313f44b6b47b37c18959886229030bc778ed5a
870f8d0399c02e217dd705d925e0ea65467bfe56b2fcef7aa3c69501dfd8b048
8872bb521ffe952bb817698b1c11c667d77fff8b63ab226a3e56ac5600c0ae8c
8a95c52c35c0c65b1abbcd03341d67c6fb79d367a41fe6135f76d2fb324aa329
8ab43ef523c52e830a7706ae32581ae882ebe14920d3e88ee191ac6aea78c401
8b93ff2a1f9d2c1031a60348ca6442021802d6a865f71f9a2895139af8413587
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861
8d21e83361177be307d7954587f4b3cc9627ba5f7028dc4bf930d81daa356174
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
905ce0d8fef384dc4f22450bfb19b6811c0704e467f9970d116ac3d8c3e9b700
90766fa54b3dfaa6df0d98254fb096e93483f647e21d8cf079b084f1c8fe2339
937c3e3a495e45d0f5722d37ca84d3c8bc8e0986af708e440860425670905844
944d2257f310fb8befa1b59f2627f8ef46ffaadc5ff920637fadc1bddd0a7a9b
954c3ede906934ed86f7e8a92c99082c187279480f99db1c3ce4ca1f05004fa5
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9ba19f59ba4e4bd77dde6ebe0f57c8ae89293efcee9be03aa82bee3d2cde07b5
9c5b52cf61522381ededd5e2c28944faa3ea72149f55bd580d70a5622fe9e76a
9d5ec6c1d8623cb17e4f59fd8b4dfa0743882d4b6d9ff6958a4bd557a23259c4
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a112eaf2a1694b6ce90127e3ddc7692712b4331b3bc8e01c6573bc0526b150a5
a18ffbf77cf4d3bc8539b189e1aea2530e9a698a37b4de6089e6d6224c2ca830
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a246c4de8a0f1f1fdb6ee52565018dc341063aa9efe8481034bc3ef7d697e334
a32637d5836fe2258b86435151d798ec6b94504643f300edee8936847e427464
a456edc846e4b7ceba3021fb9f478ee8b6cac6d6851a0e0244c6094d72bcf6dd
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a51d0b123c25524043e8101d5dbd5afc242caa004c4947e14d20b4fc3a13129a
a544030c93320e7804a327960d6cf81c29fce675498c9d2d7ebb022e11290480
a8b6b0a573b60a5a88fd2dcefd54b8368ecbe6687af7a995c4ce8c00ce929320
ab4c91d229d32a46cacdfa0e0f01096060a891f4973f7699120d7ed39b90bcbb
ad70f10782c22bad438f4978f1bd1f025b912d040962e3a5eb1214b8d6f1148a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14b694672a147aa8f4831209101b3b16ecd4be00388cff5df414ebe7a3ea4f2
b1a318e1eb9b9f18af26fe48bc64527ad7567f98c8f80cf42d8cc702ca97c931
b469848d5117152b45254cce322216ebe30c42b710a10599530f8de367a834f3
b624ee48ff669fdb36e94f3bfd24117112e6fb067c5f427b59232927a62faf84
b889285d70207e00882df1a4bfd4604d5feac7eb05aad677ad75599b816a77e1
b9647c36cad183949a9c968111d3c0fa2c6ebd6f570bdb1f761860988f311d6b
bb030289d3cc0f40b34c12711f84d8ea12d21c10d2ea642cd9059ddd310e593f
bb61735215b1ea7e1ebeec731b081374b0267daa90a634b6140dd96ceb43f992
bc8e68f8d99d419af7a3b904a72bc50dccf71fc345a880dacb6df3f570f039ff
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c1c3465d4ed2192391252e130e5b1c7900a2a3ba9f6aa18ea8317ac666c3c26b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c270e44131dcc18463007a913d8c5db258f201ff507526066f84735df004865e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c44a38e4986782a95f3c11d6a177c62eb7a9fa8b39572e9e52cb18c0efdf30e3
c49e67ab1eabed4a2b6c4fcfa9dfef910674efc22c3ecf402088ace5b858c1a5
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c4dfcf0a7f1361d7343478a34b55ac4f8e93eeb3946e207910c1d5c6f40399bc
c6c720c333789cc26c133a9c96f24d63ae13f87c9918670ea2a88e3ea1840a21
cc24994b0db8dcc54916c4a90825f36d4abdf84ffafa4b8496b4e60ae6e581c8
cc45ca4d679d7085db8e71d09ccbfef07e7bc9acdbd06df18c5a24deba287884
cca99d11e5ae8fdf3f5fca9d61592d99ee7379ef1ac1741261fde2f09dceac22
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d15cc4cd7ecc925adf42c5836e7c6e90a38aad9a6c128ebd004000429bf5c256
d1b9833cf0a4be3bb807715f6f9d69509ab87fd5b8ef4aafa81035d844a4077c
d2b9993eb1360f5fad3863eff22a30e7e3b46b4ccfd89b1a5b0a9935a345d433
d2c90d7710d8fa703ec28ab459cfd89a52b13f193956ae4ba84d5a9cdad2d410
d33886587a31f294d227ef9c7f5bac37d59607171fc47c4d5bc887a1ee498e99
d3dd3ae4375a12bfc7aebdca83dcea3a408192da7fdce8761749ab484bd433df
d5f6b449ee99e22ad03bdb553a6463a198de351a8b27905e7ffee35f5d913b65
d71c2c340f862b24468a26fe0135ae3d6d345abad50fd7e00b46d12b31add295
d8cdf990a336cae142b4cb735baff60151f5c6b147ade2ec63ef3cb14f764396
da7d091271c9f085183c7bd5d56862f62fe9c77c323369a83c6b2b5e41e84678
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
db5516940b8b4f6df2fa78ea4698b15213cd7fbbcf695207c7e377b5c9dca566
de0a84c830015472189c15c0f037becb8c9a6be2a848bb75ec2856b147a196b7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfb925e8d65a02b12a674460cfe84aba089ad90e4ad76f4756451069d17a634f
e0c7d1f1e824d216ef953e2dd760590d366c0c2ef313e6a9846b60ea3f86d502
e0d7f3dc0157f326424a2edf7a1deaad6088709434c9621f2058a018b77a6837
e2df7253cdb0ecc3cd0eb9f379bf9aea72e7e3f4b24de78cb7eac19e99795844
e329117bbdc12ee0649ed6654138a9ba8e600eaddf9138752631a50d236d135a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
eaa2aee98ac27ff97e81e010ff3b1d996a360f3a7f41fc532bd3f392ddca00af
eaecd7411166c89701ad141497f061a1fe170b22cc8ab1709727418978b7b68b
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc85c7eb141819717cda0033484a84b1c890d13b02e355a2fec79d424b20e7a
f0ff6f2fc23ff95548681232d265917300d8b437cd5a6947438d829fa0e7c64b
f11ca850172289b1fdd037407491d44b187bf4e52cd22b398bf66a9979e3bb1a
f2e9bc088c597c87498eaf303ba5be8ce8b84e0a187576c89c7cb33579e35963
f474546cfc149f0090f9ea8dd898a3b5b54babea7999854e7cfab4f138e75984
f5571d84323aac057a0c1ea997e298cdf182b7f90df4b2e8ca4197a006c02c9e
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f6d18aa3cf66caa4c1565815d412ca62f54bdaa35564c5bf7ca18140d2ae599b
fa680d39b2c76b05b2ca5a57512dbbf54c1b2dde666649f0a3204999f43fb77e
fce8d2822378f4d3c65a3a98175c6879802e2d73f4169d225fefee457cdfc0f5
fcf8d4ee8a411955f60474aaf98b897005d9bbda54fb260c42cdec1974856231

guaiba.com.br Open in urlscan Pro 2606:4700:3033::6815:2b83 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

417 Requests

85 %HTTPS

33 %IPv6

77 Domains

123 Subdomains

90 IPs

11 Countries

7070 kBTransfer

15302 kBSize

77 Cookies

10 Outgoing links

Page URL History

Redirected requests

417 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

guaiba.com.br Open in urlscan Pro
2606:4700:3033::6815:2b83 Public Scan

Screenshot
Live screenshot

Full Image

417
Requests

85 %
HTTPS

33 %
IPv6

77
Domains

123
Subdomains

90
IPs

11
Countries

7070 kB
Transfer

15302 kB
Size

77
Cookies

417 HTTP transactions
4 data transactions