controle.diariodorio.com Open in urlscan Pro
190.89.239.47 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.controle.diariodorio.com/
Effective URL:
https://controle.diariodorio.com/
Submission: On May 12 via automatic, source certstream-suspicious (May 12th 2021, 9:18:51 am UTC)

Summary HTTP 368 Redirects Links 56 Behaviour Indicators

Summary

This website contacted 47 IPs in 8 countries across 38 domains to perform 368 HTTP transactions. The main IP is 190.89.239.47, located in Brazil and belongs to HVC-AS, US. The main domain is controle.diariodorio.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 14th 2020. Valid for: a year.

This is the only time controle.diariodorio.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 40	190.89.239.47 190.89.239.47	29802 (HVC-AS) (HVC-AS)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
39	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	213.174.135.2 213.174.135.2	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	190.89.238.20 190.89.238.20	28209 (Under Ser...) (Under Servicos de Internet Ltda)
1	13.224.193.81 13.224.193.81	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
45	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3033::ac43:ae4e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.206.101.169 34.206.101.169	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
3	35.201.123.184 35.201.123.184	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3036::6815:5b0c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	52.1.252.251 52.1.252.251	14618 (AMAZON-AES) (AMAZON-AES)
5	34.102.185.99 34.102.185.99	15169 (GOOGLE) (GOOGLE)
4	172.217.23.102 172.217.23.102	15169 (GOOGLE) (GOOGLE)
9 37	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2 4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
80	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
7	34.228.251.145 34.228.251.145	14618 (AMAZON-AES) (AMAZON-AES)
1 3	13.224.95.50 13.224.95.50	16509 (AMAZON-02) (AMAZON-02)
2 6	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
3 4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:1f18:612... 2600:1f18:612b:4264:7659:1bf:d736:fba9	14618 (AMAZON-AES) (AMAZON-AES)
6 8	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
8	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2600:9000:219... 2600:9000:2190:7200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6 6	107.23.233.216 107.23.233.216	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
4 4	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	217.182.200.20 217.182.200.20	16276 (OVH) (OVH)
2 2	99.80.199.35 99.80.199.35	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1	34.234.139.177 34.234.139.177	14618 (AMAZON-AES) (AMAZON-AES)
4	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
368	47

40 190.89.239.47 (Brazil) 1 redirects

ASN29802 (HVC-AS, US)
PTR: us222.serverdo.in

www.controle.diariodorio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
controle.diariodorio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.174.135.2 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cdn.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 190.89.238.20 (Brazil)

ASN28209 (Under Servicos de Internet Ltda, BR)
PTR: br86.serverdo.in

diariodorio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-81.fra2.r.cloudfront.net

tagmanager.alright.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:ae4e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.a-latam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.206.101.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-101-169.compute-1.amazonaws.com

analytics.alright.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.123.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.123.201.35.bc.googleusercontent.com

tags.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:5b0c (United States)

ASN13335 (CLOUDFLARENET, US)

data.gblcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.1.252.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-252-251.compute-1.amazonaws.com

wfpscripts.webspectator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.102.185.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.185.102.34.bc.googleusercontent.com

tt-11953-9.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.23.102 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f102.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 142.250.184.194 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.53 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

80 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.228.251.145 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-228-251-145.compute-1.amazonaws.com

webservices.webspectator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.95.50 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-50.zrh50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4264:7659:1bf:d736:fba9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.94.180.126 (United States) 6 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:7200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 107.23.233.216 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-233-216.compute-1.amazonaws.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.78 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.182.200.20 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: gcm6.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.80.199.35 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-199-35.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.234.139.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-139-177.compute-1.amazonaws.com

msgws.webspectator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
94	googlesyndication.com pagead2.googlesyndication.com b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	548 KB
80	2mdn.net s0.2mdn.net	1 MB
66	doubleclick.net 9 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net ad.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	370 KB
42	diariodorio.com 1 redirects www.controle.diariodorio.com controle.diariodorio.com diariodorio.com Failed	1 MB
17	webspectator.com wfpscripts.webspectator.com webservices.webspectator.com msgws.webspectator.com	96 KB
10	google.com 1 redirects adservice.google.com www.google.com	642 B
9	gstatic.com fonts.gstatic.com	186 KB
8	spotxchange.com 6 redirects sync.search.spotxchange.com	5 KB
8	tailtarget.com tags.t.tailtarget.com d.tailtarget.com tt-11953-9.seg.t.tailtarget.com b.t.tailtarget.com t.tailtarget.com	25 KB
6	addthis.com 6 redirects e.dlx.addthis.com	6 KB
6	openx.net 5 redirects us-u.openx.net rtb.openx.net	2 KB
6	quantserve.com 2 redirects secure.quantserve.com cms.quantserve.com pixel.quantserve.com	10 KB
6	googletagservices.com www.googletagservices.com	204 KB
4	rubiconproject.com 4 redirects pixel.rubiconproject.com	2 KB
4	pubmatic.com 4 redirects image6.pubmatic.com	3 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	4 KB
3	mookie1.com odr.mookie1.com	536 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	google-analytics.com www.google-analytics.com	19 KB
2	rlcdn.com 2 redirects id.rlcdn.com	888 B
2	everesttech.net 2 redirects pixel.everesttech.net	752 B
2	gemius.pl 2 redirects googlecm.hit.gemius.pl	500 B
2	tremorhub.com partners.tremorhub.com	365 B
2	teads.tv 1 redirects sync.teads.tv	407 B
2	googleapis.com ajax.googleapis.com	35 KB
2	google.fr adservice.google.fr	287 B
2	facebook.com www.facebook.com	273 B
2	google.de adservice.google.de www.google.de	906 B
2	facebook.net connect.facebook.net	96 KB
2	alright.network tagmanager.alright.network analytics.alright.network	47 KB
2	googletagmanager.com www.googletagmanager.com	81 KB
1	quantcount.com rules.quantcount.com	429 B
1	gblcdn.com data.gblcdn.com server.gblcdn.com Failed	6 KB
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	a-latam.com cdn.a-latam.com	88 KB
1	googleadservices.com partner.googleadservices.com	441 B
1	gravitec.net cdn.gravitec.net	18 KB
368	38

	Domain	Requested by
80	s0.2mdn.net	controle.diariodorio.com s0.2mdn.net
45	tpc.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com controle.diariodorio.com b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com googleads.g.doubleclick.net
39	pagead2.googlesyndication.com	controle.diariodorio.com pagead2.googlesyndication.com tpc.googlesyndication.com b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com googleads.g.doubleclick.net ad.doubleclick.net www.googletagservices.com
39	controle.diariodorio.com	controle.diariodorio.com
37	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com controle.diariodorio.com b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
9	wfpscripts.webspectator.com	tagmanager.alright.network webservices.webspectator.com
9	fonts.gstatic.com	controle.diariodorio.com
8	googleads4.g.doubleclick.net	controle.diariodorio.com
8	sync.search.spotxchange.com	6 redirects googleads.g.doubleclick.net
7	webservices.webspectator.com	wfpscripts.webspectator.com webservices.webspectator.com
7	www.google.com	1 redirects controle.diariodorio.com b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
6	e.dlx.addthis.com	6 redirects
6	b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
6	www.googletagservices.com	pagead2.googlesyndication.com controle.diariodorio.com b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
4	ade.googlesyndication.com
4	pixel.rubiconproject.com	4 redirects
4	image6.pubmatic.com	4 redirects
4	cms.quantserve.com	2 redirects b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
4	us-u.openx.net	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	ad.doubleclick.net	controle.diariodorio.com b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
4	securepubads.g.doubleclick.net	controle.diariodorio.com securepubads.g.doubleclick.net
3	odr.mookie1.com	b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
3	sb.scorecardresearch.com	1 redirects wfpscripts.webspectator.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	id.rlcdn.com	2 redirects
2	pixel.everesttech.net	2 redirects
2	googlecm.hit.gemius.pl	2 redirects
2	rtb.openx.net	2 redirects
2	partners.tremorhub.com	googleads.g.doubleclick.net
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	ajax.googleapis.com	tpc.googlesyndication.com webservices.webspectator.com
2	b.t.tailtarget.com	d.tailtarget.com
2	tt-11953-9.seg.t.tailtarget.com	d.tailtarget.com
2	d.tailtarget.com	controle.diariodorio.com d.tailtarget.com
2	adservice.google.fr	securepubads.g.doubleclick.net
2	www.facebook.com	controle.diariodorio.com connect.facebook.net
2	connect.facebook.net	controle.diariodorio.com connect.facebook.net
2	www.googletagmanager.com	controle.diariodorio.com www.googletagmanager.com
2	diariodorio.com	controle.diariodorio.com
1	msgws.webspectator.com	wfpscripts.webspectator.com
1	pixel.quantserve.com
1	t.tailtarget.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	wfpscripts.webspectator.com
1	data.gblcdn.com	controle.diariodorio.com
1	tags.t.tailtarget.com	controle.diariodorio.com
1	cdn.jsdelivr.net	cdn.a-latam.com
1	analytics.alright.network	controle.diariodorio.com
1	cdn.a-latam.com	tagmanager.alright.network
1	www.google.de	controle.diariodorio.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	tagmanager.alright.network	controle.diariodorio.com
1	cdn.gravitec.net	controle.diariodorio.com
1	www.controle.diariodorio.com	1 redirects
0	server.gblcdn.com Failed	data.gblcdn.com
368	61

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
instagram.com
diariodorio.com
twitter.com
youtube.com
bit.ly

Subject Issuer	Validity	Valid
www.controle.diariodorio.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-14` - `2021-05-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.gravitec.net AlphaSSL CA - SHA256 - G2	`2021-03-04` - `2022-04-05`	a year	crt.sh
www.diariodorio.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-14` - `2021-05-14`	a year	crt.sh
*.alright.network Amazon	`2020-08-25` - `2021-09-24`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-01` - `2021-08-01`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-11` - `2022-03-26`	10 months	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-30` - `2021-05-30`	a year	crt.sh
*.webspectator.com Go Daddy Secure Certificate Authority - G2	`2020-05-12` - `2021-07-11`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
teads.tv R3	`2021-05-04` - `2021-08-02`	3 months	crt.sh
*.tremorhub.com Amazon	`2020-07-25` - `2021-08-25`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh

This page contains 38 frames:

Primary Page: https://controle.diariodorio.com/
Frame ID: 15E978C75417DBE122A3301F5352A003
Requests: 109 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210510/r20190131/zrt_lookup.html
Frame ID: 2536BBFBC9C8213D7C39294A20086A08
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3475011114767287&output=html&adk=1812271804&adf=3025194257&lmt=1620811111&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcontrole.diariodorio.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620811111410&bpp=4&bdt=941&idt=101&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=776379003530&frm=20&pv=2&ga_vid=1273230402.1620811112&ga_sid=1620811112&ga_hid=800897183&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061033&oid=3&pvsid=1799629773953198&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=122
Frame ID: BF7F6DEECC35D51F9578C2B070876FC1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 8C73CFC1A11A54C367BEBB61305352F1
Requests: 2 HTTP requests in this frame

Frame: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BA6F31553F2EE09B4757D446AAD38F54
Requests: 1 HTTP requests in this frame

Frame: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: ADB947A3B3BB5047C9CA55D43EA7B230
Requests: 1 HTTP requests in this frame

Frame: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B6A247A1BC55ACC507E634D6A581F3E9
Requests: 16 HTTP requests in this frame

Frame: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2810E39B228EE2B79A23EAFD3F2BE3C3
Requests: 16 HTTP requests in this frame

Frame: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 37452D69BD1F5D44B7C88688340E0B9E
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhjZg-WmATAB&v=APEucNWnrNVCiLpR1JoMA7hf7yz_t5BLgvXbxdcEuCFZHRicRp_yuwFyjYd9lw2F2WRuVzxyibwhJA16Yp1aBDQnyrqacPZj8fOoajtxa9HpNJoE88fEIR3PJlPTHiV8q7WDbL0nksss4S_dqfT90j58fjSeJNYvVnMBVD-HD8hnBoHljA-I6f8vVszEGz87zT2njghywDezLdqyoTTLYiRc_TICpBVcqQ
Frame ID: 6C6A1AAE098C059353471010F5667478
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AZJrXqlwr0TQJiEsG6HAX-yWUnb7ZuvcneRM8zDHdksb1jGkl_mKR05SITVlj6i5gwhmhX9H8NpmWBTUKLlY60yDTL_6KstP3vARCoooEm1aaLtHPDn_ZpxS3IjDI0tn132mAeNrlBhIryCncOwQlSrACtag&dbm_d=AKAmf-B6JOp_qkndvPFzPw59imSHEhkqSeFWv4bQtq3yqIdfuMamfkUehoPO4MgLW-qcPJ0v3Ulu22TPO23kmC0JAHn3PyvwFOf_kt_UvURA-KNaX5bOaW85iCDEBhQdVK98LOsdOb8yN4xwDiLX8w7SFfQE31Ye3YEZ7jpa5G6pTBQJzJs8ZA9XOhIsgpGxiRYKKLZBcKMYXTxMH3mH6TxtGadywtk8h3rXXA7a1LxTx4ZMXDrWeNEn12Cq3-tKWKz9kxX6clTXJPOhEL0UGd9zie6FGQXIqjT5LAX3GAtxOkduPkO4H14diFDZTvVMFh5ZCs3LaGFFMijcM3wd7Tq-GiR4EytV7v2XHUsVUVOhL1kkcZkjbPG9tWyV9SWdBZeRXXibCgdnpMJW4TqgJUBURBLXaE_7NH2purdYtgGLpjV_MbcpsOgOFNvKsTMzaL6phkOFuyKI2-L0rsofMfiGLnq4W7shVg0le0gC7pcfQKlkgtAqHWfogXpSg-0IlgJuCO9EXQEyMMxbhnBInuiKy9quTxhSF29yHHclfzr2_IxwIt7ykaDrtzbGTxgJB0rWPNl6yfngPXOmnsQbdDeC5f7SE4HDqI2xO1b9BQAtJ8pBbYZpK_dnxEVXL8lVb2epY95JxD66I-83-b1rwjW7WpK5jmEBeqC1lCZpeTSWHFmE9bDkJziU-SMnhoWPGmnow-gkDKybzxYRMjjDnMozjxjvltKRkLcccadypVDHw82QHa8305O3hyTggd9_5-B2KgmEf2nKblebvX3aSaJqyF9A9gWV9j5UK781LiedXpWoriDiU1y-LzrqcvPgNI8tQQIBXKisTL5si9VX9VZcc3Q0aGgqG0FVjZPeIxOV6I-q68MyA7zY025ull6qPqdYJGruE1yepRjpabGnDD-umccG8BXM31CsFVCX7tfIuC6Esvuo3JpZULHhE87tZcENMobEZT4w46qpv8TFOLXoWp0_rTyji9NaKwOj4Toue9lfHUV7xiQnDifvcvL8aaqsoMTl6zft480GtkPYPgFQ-YiMbH7Hu5pWZAJz--OhsRZjdcHrCVP-BojRSr0GNbbv4thVjcSxXp6ysrXMEVDuC8XD_76z-hda_oldTiDnikcCSJHL5xeesssZ8ZPddUcMkKGJdz5zp67AC-5gdiymcGFEW9smXfSPaMdXPDVUQwR43ucB2WeHYaekMFk4DIJrol8zEQpwa8I32cQqcJbe8Sp_5Vsrge4npEuLpiR751Rbx-b437J0qAHfmP1YomrRVPedbJy4_q8IPOqv35coUoM9apyoFcGVTDFUtMPvGNzSyeFkoQsNL-2KeRCQmEwVzNg_Job8FLKykj2OIdeCsN2QjnH29_ALdS4lZg5hPm04MDQYkzHCTePbdBT1ZmZ3Jow4mUCJu5ZW7cHaKzDceR3rJ0cGUzN75lAABO1_WZV2gqZE2preKcxXz0KvRnEf9qOWOhWhgol7ar6e2N0dWT8V-hzb6PVwHjW_4jNENQ3j4ppfPDpvntD-aJ3f5pnx7kr_vYdMlbl5SLPbwWunRSldyac80bsFq_a7tdBTZ4Jpoj1odL2q6ioaOl8cqy1VTsIKWC0A5SaX-xeFwEsEa-0zHDYW9rGUSkP9f11zJYcYjhrSGan8J9jU3VyJ7iBc9kIxIkAqB0zcOfPkcuiw3aWmdO4ZXIY4dKtWpV28j1QCUwA7abVFyPv1IR9CKHNizmd8-gULbQlmjZo4wSehvzuBIXIEk2-ArbdjEvqFn2tTQC4jFWicPy9OvHrH8II8IeLg4AmhL3zf-kNdSli23f8vBmfwt0U3Lh6MV12Emcp761FSTQp3YqnA_54ZGuQoybyExQorpcEKmZXs9jqpYnDPLwggDHPUX6Yq4aBL9zbz1bmDB5IPQO0gRuIAni08004pK_QXt6fUU9WbpV6ahUQKhOuwhSphfifg_hkTNr8APHsFV2A1IXYWn5yzoRelX9FjqYoWebCR1fnDbOyRJG-_bTX-VH-doO8QKBWgR9xKsfHrARJFDrk-VkVnGuVbY009s40T4gbQmb5cEzT9Q9MGkX2cDrVXIlDo4RSVGzoB-1Bfd6-VtAH9jKMFjlXmp_F7KP7KoEMypLmbUPSe3dJTd_fZSoK9LBwyOAEpI12ZvmywRpaxS9YPzgO9yNUvPVo9ujVV_aVUCUGK9zL8xiIWIGVgdX6ocakEIadfh017jzrf0Nv3aEiiPSWM4miVTdouGDp0qC3_lqsXpnnREF7mfvJlLhflqcwmP_7t6iXb7gUXcCN3YEIhhK7ndCfzOHT_--OtqrEEnSfHoWr7PggfuV8AJCKmYa8DMRsNUod54QgqWPVM4XmqGUbExzAkX-l9p3yc4ZWuD9gDJAN2AKdySmqyZyQ-iBycY9A0BpSAKCyotprWr3awaf09Af2RryLaRMWEijgqKpLfQemLxosuaFy4UZ_K5PZnVB8bamr113CQ_rR0rEjbAbfVnMuK8DkNQBXq8elvJveU3qRKXnyWtBG2vAaby-8L6WlVOO4o1uq3HqM5_lSIYVtw6TiHBg07oinEpQzgOoKywuHFaQOVbt1upkmrc7yPaNXgSOmJQK1o7sE8DtC9LREpi85PLFjOijxF3uewaRuRq7g4vqbcC0K0Msz7ELehm-sGdf4FbfQOD4UhT38QdTYZZWPZpKNkRoITyK-0ipL8YCTlFPy6ssSQV8tmmmXy0xQLAddBuOVWzVtT6DKrGhhHZu-AIa4lbQ9cI_0jhymTXIBoxzDi6VkCT02XpCaET5ZlTFbodfeKhOFn76lG5ctdgn2pwFr-yZ6cinHGE2LRadk7vhzEQtY5cY5-2onmMY2Q1fRJQmwfhJ9xcxUqmRAPsgJ5gXpOE1xkK4dPaTbIH0w96mQeRVtMZ_HDSEnCQ_vnFF6v-fhmOiDKDxR2wnOa1nCYqe_6bdptiulMGUDkCCLI9G2Qc3lyARjbk8lJMGVWcxiX-OLyInc&cid=CAASEuRo875iL39RnUZhHPC8dUj6vg&rfl=2%2Chttps%253A%252F%252Fcontrole.diariodorio.com%252F%240
Frame ID: C0CC97CE7051E40C3F30CC6416F317E9
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html
Frame ID: B9C8D9CEAA28D5B81FF3A2ABD13763BF
Requests: 19 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=C1lDQaJ2bYJ75C9CK7gPigJDwCLjPhtNiu9uQuOsNv-EeEAEg5sHRB2D7gYCAiAqgAer8rM4DyAEJqQLDerZZmVe0PuACAKgDAcgDCKoE4gFP0OAn1ifMZuTu3lAQdODbrBQ1R99lZDIArFA-2WKu7w9ICOGYWBMB9lphHtRdIqw66boC5jR1ehdVuH7TFxCfBb4nbbo6x57oNSpiHPJ6wU8HrOC0I_ad-lS8wP_gz-gI0ujNqY0IxBPLGXsFJfbViVv3bFtdbL7LjC8ZDXb-z6OSb-2zc3iOrHifaZeEQdjP-yBe2_dQKcc92HDlIVqXh2uWaIaexDx_VBRSxGIiCE9Kq-Ca4SdkCdSsxmgFqS1CvvyAa9tPSo8jhQEArtK8WGNfMlw2LUpQlVEgraNSxzv3wASrms740APgBAGSBQQIBBgBkgUECAUYBKAGLoAH_oLTMagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCNqwfSCAkIgOGAEBABGB2ACgHICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItMzQ3NTAxMTExNDc2NzI4Nw&sigh=xsLbAiOLoYE&template_id=419
Frame ID: F448662E3F4F81664FC3B01D82DC4897
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhj2ieWmATAB&v=APEucNUzK83VviEQWhO4Glo-XhpLAl_WQY2SxjpjmnxMztbGBNfJFFFcnGOWaPAwFmxA7JqcclmGaEVZ95QfsjQUy8ik58XFr6Z_uz1vTRKqsLDH51NaUFNWzaN6yiHsFZme2A140KoBXCz2yL2rvmCriQPCQjmPeKED280Lj-x3CxgAXavsafikF-AlTN9oX5iyLa3H0ktZF3eoLyNRKkKgaVer0uJ3Nw
Frame ID: B0671855F235FF5A3FCB341824A97B5C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhiP7eSmATAB&v=APEucNVCbLgTJGSi0AOu0ckwtVxsfdXG8nwayd2s5_j0yqaGRocAmyN37d7fd73hqsNBRJGbYVb69saZ9vxQXkCPMpHOeMouiYHbRvP0HwJlkjV8GNk4HguY9vOmrSgVcuOKuf--HVWc0mDCDkRJkk94Ucd1EUZe9U5V40uC6RLUiKl_1Sh7dEqcdHv_d5iPeF1IWi1wkl886uCrYfOcqBvLSsxXGs0EgA
Frame ID: 00BAD2EA16F4FD32334EB07F8571DDE8
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhiV4-SmATAB&v=APEucNVQR-EMlQj41f9vfOF8Yldj-rRJdBKVbLKmh-MOlFZmOLQnBwwymyTJmmq32q-hXSLX17-ACZzt40zfigxh8uUQMY03e9oArFXkd4Tk6vQLjPWwcOBznnPbZl9iywSRiYu9BmBb_KkIetyzgeZsu2vhNLnTgYGkHA_4f8NWrTBPguo0E32G7hMNUEfQ2xn1Sg_NvOQHbAnc6zbWSVTD9hEbfAutWw
Frame ID: C7D7E234D69BF23FA723B8C48C2DFE21
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: F87C861207DB0C85CF2D0893E014A1F0
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9EC12CE24EAAA4000923A39E6A8D63A8
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8E230E13EB7E402EED10AE0001088EE0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D8811F2F2DEE24411BA14A70703807A1
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3B26A21B993A2279AD5A9D2C1AE176E9
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 92D4DA6895F02A3F84EED0A97EF6E314
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E9766C8CFB9BDC822EE702799EC1F487
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html
Frame ID: C54E7B577D80C3D08BE3996F2265E0A0
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 84D35045A9B274CE753B585DC87BCD0D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 02EA1F403DFF45D95D90D906154FC3D4
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 82162D8DFD30479F4174725BB608B8F0
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9424EE939A5D87935A0DD97014B1748D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A8076ABC4A4C22B2972D289A48A846A9
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4872057FAF4673C0214FF841F207A6D1
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/index.html
Frame ID: 6BEBD295A68B62DC808A42F634B10785
Requests: 16 HTTP requests in this frame

Frame: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html
Frame ID: F1249EA8DB96A05835DEBA6829D29683
Requests: 20 HTTP requests in this frame

Frame: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html
Frame ID: 66928921D4CABA876722466BEF43A858
Requests: 20 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2837&eaup=/1017220/ads_5&eolid=null&eci=null&ct=%7B%7D&w=300&h=600&wsRotSlot=&isda=1
Frame ID: 6EA911233B190187AC8E4BEB4BD37AF2
Requests: 2 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2837&eaup=/1017220/ads_4&eolid=null&eci=null&ct=%7B%7D&w=300&h=600&wsRotSlot=&isda=1
Frame ID: 17A9F41F2A119820E00737F6894C5E64
Requests: 2 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2837&eaup=/1017220/ads_3&eolid=null&eci=null&ct=%7B%7D&w=300&h=600&wsRotSlot=&isda=1
Frame ID: C6BD1A999A369465DE8FDFADCD2EF27C
Requests: 2 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2837&eaup=/1017220/ads_2&eolid=null&eci=null&ct=%7B%7D&w=728&h=90&wsRotSlot=&isda=1
Frame ID: BA5E4CF16AF4B442390BB825F80C3062
Requests: 2 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2837&eaup=/1017220/ads_1&eolid=null&eci=null&ct=%7B%7D&w=728&h=90&wsRotSlot=&isda=1
Frame ID: 6DBFC85C5595D5DCC26D278637E093D6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.controle.diariodorio.com/ HTTP 301
https://controle.diariodorio.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

RightJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /right\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

368
Requests

98 %
HTTPS

45 %
IPv6

38
Domains

61
Subdomains

47
IPs

8
Countries

4127 kB
Transfer

9319 kB
Size

9
Cookies

56 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/diariodorio/

Search URL Search Domain Scan URL

URL: https://instagram.com/diariodorio

Search URL Search Domain Scan URL

URL: https://diariodorio.com/feed/

Search URL Search Domain Scan URL

URL: https://twitter.com/diariodorio

Search URL Search Domain Scan URL

URL: https://youtube.com/diariodorio

Search URL Search Domain Scan URL

URL: https://diariodorio.com/fale-conosco/
Title: Colunistas

Search URL Search Domain Scan URL

URL: https://diariodorio.com/author/alexandrefreitas/
Title: Alexandre Freitas

Search URL Search Domain Scan URL

URL: https://diariodorio.com/author/alvaro/
Title: Álvaro Tallarico – Papo de Tallarico

Search URL Search Domain Scan URL

URL: https://diariodorio.com/author/andreluiz/
Title: André Luiz – Histórias do Futebol

Search URL Search Domain Scan URL

URL: https://diariodorio.com/author/andrea/
Title: Andréa Nakane – Crônicas

Search URL Search Domain Scan URL

URL: https://diariodorio.com/author/cleomir/
Title: Cleomir Tavares – Celebridades

Search URL Search Domain Scan URL

URL: https://diariodorio.com/author/chico-alencar/
Title: Chico Alencar

Search URL Search Domain Scan URL

URL: https://diariodorio.com/author/claudiachaves/
Title: Claudia Chaves – Gastronomia e Teatro

Search URL Search Domain Scan URL

URL: https://diariodorio.com/author/dauro/
Title: Dauro Machado – Opinião

Search URL Search Domain Scan URL

URL: https://diariodorio.com/author/dydimo/
Title: Dydimo Rezende – Poesia

Search URL Search Domain Scan URL

URL: https://diariodorio.com/author/edielribeiro/
Title: Ediel Ribeiro

Search URL Search Domain Scan URL

URL: https://diariodorio.com/author/fernanda/
Title: Fernanda Dias – Nutrição

Search URL Search Domain Scan URL

URL: https://diariodorio.com/author/gradim/
Title: Filipi Gradim – Cultura & Artes

Search URL Search Domain Scan URL

URL: https://diariodorio.com/author/marcia/
Title: Márcia Silveira – Crítica Literária

Search URL Search Domain Scan URL

URL: https://diariodorio.com/author/nobre/
Title: Maria Luiza Nobre – Música Clássica

Search URL Search Domain Scan URL

URL: https://diariodorio.com/author/marroni/
Title: Marroni Alves – Baixada Fluminense

Search URL Search Domain Scan URL

URL: https://diariodorio.com/author/pauloganime/
Title: Paulo Ganime – Política

Search URL Search Domain Scan URL

URL: https://diariodorio.com/author/pedroduarte/
Title: Pedro Duarte

Search URL Search Domain Scan URL

URL: http://diariodorio.com/author/renata/
Title: Renata Granchi – MKT & Outras Histórias

Search URL Search Domain Scan URL

URL: https://diariodorio.com/author/robertoanderson/
Title: Roberto Anderson – Urbanista

Search URL Search Domain Scan URL

URL: https://diariodorio.com/author/rodrigomagalhaes/
Title: Rodrigo Magalhães – Chargista

Search URL Search Domain Scan URL

URL: https://diariodorio.com/author/sonia/
Title: Sonia Rabello – Urbanismo

Search URL Search Domain Scan URL

URL: https://diariodorio.com/author/tanabastos/
Title: Tânia Bastos

Search URL Search Domain Scan URL

URL: https://diariodorio.com/author/yuri/
Title: Yuri Antigo – Gente, Lifestyle & Cotidiano

Search URL Search Domain Scan URL

URL: https://diariodorio.com/c/agenda/
Title: Agenda

Search URL Search Domain Scan URL

URL: https://diariodorio.com/c/historias-do-rio/
Title: História

Search URL Search Domain Scan URL

URL: https://diariodorio.com/c/gastronomia/
Title: Gastronomia

Search URL Search Domain Scan URL

URL: https://diariodorio.com/c/politica/
Title: Política

Search URL Search Domain Scan URL

URL: https://diariodorio.com/c/saude/
Title: Saúde

Search URL Search Domain Scan URL

URL: https://diariodorio.com/poltica-de-privacidade-2/
Title: Política de Privacidade

Search URL Search Domain Scan URL

URL: https://diariodorio.com/c/edital/
Title: Editais

Search URL Search Domain Scan URL

URL: https://diariodorio.com/revitalizacao-da-cinelandia-tera-plantio-de-11-mil-mudas-em-3-meses/

Search URL Search Domain Scan URL

URL: https://diariodorio.com/castro-diz-que-pedido-de-impeachment-por-operacao-no-jacarezinho-e-tentativa-de-politizacao/

Search URL Search Domain Scan URL

URL: https://diariodorio.com/25-da-populacao-do-rio-de-janeiro-ja-esta-vacinada-contra-a-covid-19/

Search URL Search Domain Scan URL

URL: https://diariodorio.com/policia-civil-prende-irmao-do-miliciano-ecko-em-campo-grande/

Search URL Search Domain Scan URL

URL: https://diariodorio.com/novo-secretario-de-fazenda-do-estado-exonerou-boa-parte-do-quadro-tecnico-da-pasta/

Search URL Search Domain Scan URL

URL: https://diariodorio.com/mandetta-pode-ser-candidato-a-governador-do-rio-em-2022/

Search URL Search Domain Scan URL

URL: https://diariodorio.com/parque-dois-irmaos-tera-2-nomes-oficiais-e-1-nao-oficial/

Search URL Search Domain Scan URL

URL: https://diariodorio.com/mprj-institui-forca-tarefa-para-apurar-desdobramentos-da-operacao-policial-no-jacarezinho/

Search URL Search Domain Scan URL

URL: https://diariodorio.com/porto-do-rio-deve-ganhar-polo-gastronomico/

Search URL Search Domain Scan URL

URL: https://diariodorio.com/bondinho-pao-de-acucar-tem-promocao-de-mes-das-maes-com-ingresso-a-r-1/

Search URL Search Domain Scan URL

URL: https://diariodorio.com/critica-gastronomica-triplo-no-meza/

Search URL Search Domain Scan URL

URL: https://diariodorio.com/historia-de-joao-candido-lider-da-revolta-da-chibata-e-tema-de-peca/

Search URL Search Domain Scan URL

URL: https://diariodorio.com/tribas-pizzas-em-ipanema-oferece-massas-com-ingredientes-mais-saudaveis-e-sem-gluten/

Search URL Search Domain Scan URL

URL: https://diariodorio.com/reforma-tributaria-do-rio-pode-gerar-r-500-milhoes-so-em-2021/

Search URL Search Domain Scan URL

URL: https://diariodorio.com/urca-tera-falta-dagua-nesta-quinta-feira/

Search URL Search Domain Scan URL

URL: https://diariodorio.com/reforma-tributaria-municipal-pode-gerar-receita-de-r-500-milhoes-so-em-2021/

Search URL Search Domain Scan URL

URL: https://diariodorio.com/governo-do-estado-lanca-escola-da-cultura-rj-para-capacitar-profissionais-da-area/

Search URL Search Domain Scan URL

URL: https://diariodorio.com/estudo-mostra-que-extrema-pobreza-na-cidade-de-deus-saltou-de-12-para-20-na-pandemia/

Search URL Search Domain Scan URL

URL: https://diariodorio.com/servidores-publicos-terao-acesso-a-curso-gratuito-e-bolsa-de-mestrado-em-escola-alema/

Search URL Search Domain Scan URL

URL: http://bit.ly/anj2019

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.controle.diariodorio.com/ HTTP 301
https://controle.diariodorio.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 147

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1E8XAe2aJmQESABWiCazI&google_cver=1

Request Chain 148

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YJudaeh.Ig30JKFMsS9amAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1E8XAe2aJmQESABWiCazI&google_cver=1&google_hm=2

Request Chain 149

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGZpRDwz_EYcchWUzInGyDc&google_cver=1

Request Chain 150

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI3MjE5NTI5Mzg3NTM4ODI1Mg%3D%3D

Request Chain 183

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOIYBzaqk9YEVv5unWRJjTs&google_cver=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEOIYBzaqk9YEVv5unWRJjTs&google_cver=1

Request Chain 184

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjU4MzU0YTYtNjM2Zi0yYjYxLWM3NDMtYmI2YjAyZDg4OWQ2

Request Chain 185

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESECuHEYy_O8bCITx8NDt_nL0&google_cver=1

Request Chain 186

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NjRhZWE3NTktOWE2MS00Mjc3LWE2MTgtODQyOWNkNDVjZDlm

Request Chain 188

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
https://partners.tremorhub.com/sync?UIGL=CAESEAtPcqoMX5yI260cdRV_Lmw&google_cver=1

Request Chain 189

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELuUWzmO4gACzoH4QzRYOIM&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELuUWzmO4gACzoH4QzRYOIM&google_cver=1&__user_check__=1&sync_id=06c9831d-b303-11eb-9149-16ae82d30106

Request Chain 190

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=06a02449-b303-11eb-bf75-19bfd3920506 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDZhMDI0MTItYjMwMy0xMWViLWJmNzUtMTliZmQzOTIwNTA2

Request Chain 191

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
https://partners.tremorhub.com/sync?UIGL=CAESEAtPcqoMX5yI260cdRV_Lmw&google_cver=1

Request Chain 192

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELuUWzmO4gACzoH4QzRYOIM&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELuUWzmO4gACzoH4QzRYOIM&google_cver=1&__user_check__=1&sync_id=06cb9cbd-b303-11eb-86b7-11a3cbba0506

Request Chain 193

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=06c0e52a-b303-11eb-b05b-1d37f49c0406 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDZjOTgyZTMtYjMwMy0xMWViLTkxNDktMTZhZTgyZDMwMTA2

Request Chain 214

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 218

https://sb.scorecardresearch.com/b?c1=7&c2=22153319&ns__t=1620811114444&ns_c=UTF-8&cv=3.5&c8=Di%C3%A1rio%20do%20Rio%20de%20Janeiro%20-%20O%20Jornal%20100%25%20Carioca&c7=https%3A%2F%2Fcontrole.diariodorio.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1620811114444&ns_c=UTF-8&cv=3.5&c8=Di%C3%A1rio%20do%20Rio%20de%20Janeiro%20-%20O%20Jornal%20100%25%20Carioca&c7=https%3A%2F%2Fcontrole.diariodorio.com%2F&c9=

Request Chain 220

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJgCY62KWGyIw2ziawfkQDYPXP00NE0bN17ND0g8oego8VOT24Rxx_WScJxSz1aWeqzf2lvfB78NSwoyy0jL8Mw1tSI81g&google_gid=CAESEDBwCF10MSt0QQGszly2-mI&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJgCY62KWGyIw2ziawfkQDYPXP00NE0bN17ND0g8oego8VOT24Rxx_WScJxSz1aWeqzf2lvfB78NSwoyy0jL8Mw1tSI81g&google_gid=CAESEDBwCF10MSt0QQGszly2-mI&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA1MTIwOTE4MzUzNzU5NDU5MTg2Njk0OA%3D%3D&google_push=AQvitUJgCY62KWGyIw2ziawfkQDYPXP00NE0bN17ND0g8oego8VOT24Rxx_WScJxSz1aWeqzf2lvfB78NSwoyy0jL8Mw1tSI81g

Request Chain 221

https://rtb.openx.net/sync/dds?google_gid=CAESEJksqCfpvcGoUCWCuOZUyk8&google_cver=1&google_push=AQvitUKYTjK8aiHvm6noAD99wlJz0yLIYFQBzposozn5Arl8t_1blKwmoileYC8JKv3kc2yBylIYadqg3vzBqlCkrMt7gSAgUw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKYTjK8aiHvm6noAD99wlJz0yLIYFQBzposozn5Arl8t_1blKwmoileYC8JKv3kc2yBylIYadqg3vzBqlCkrMt7gSAgUw&google_hm=1roNUAOezOs0161lGyN9DA==

Request Chain 222

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOskRwHXIhG_rA_arpcYjBI&google_cver=1&google_push=AQvitUK04GxZmWDkO_1vx0-IZzjFTZkXTsdq6xDQK7gXLwit6qAq7S17EZcA1jNr84UFubtryTfnnvqSvDg86NZFT8tYgPA7iu4 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOskRwHXIhG_rA_arpcYjBI&google_cver=1&google_push=AQvitUK04GxZmWDkO_1vx0-IZzjFTZkXTsdq6xDQK7gXLwit6qAq7S17EZcA1jNr84UFubtryTfnnvqSvDg86NZFT8tYgPA7iu4&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rXL5FOt3QGGOalBRgU6S7A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUK04GxZmWDkO_1vx0-IZzjFTZkXTsdq6xDQK7gXLwit6qAq7S17EZcA1jNr84UFubtryTfnnvqSvDg86NZFT8tYgPA7iu4

Request Chain 223

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEE4GpwwXo_X6S2AikXlQiso&google_cver=1&google_push=AQvitUIT8F4NITwWSrwVGC4Pt8SP96GHSN5sopfjxu4wVLydzHrhuulINPf7ZJxksbTSy1gUVPc0eWgdexbwDStlChNtfN8EpRM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09MOTM4MzAtMU4tQVpDRw==&google_push=AQvitUIT8F4NITwWSrwVGC4Pt8SP96GHSN5sopfjxu4wVLydzHrhuulINPf7ZJxksbTSy1gUVPc0eWgdexbwDStlChNtfN8EpRM

Request Chain 224

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04if7ZhuFCgMv_7Zm5fICB2wkqSaFK5ZUYDJhWER7fra9qZCB3mOkU8gLks7vYHQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04if7ZhuFCgMv_7Zm5fICB2wkqSaFK5ZUYDJhWER7fra9qZCB3mOkU8gLks7vYHQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04if7ZhuFCgMv_7Zm5fICB2wkqSaFK5ZUYDJhWER7fra9qZCB3mOkU8gLks7vYHQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04if7ZhuFCgMv_7Zm5fICB2wkqSaFK5ZUYDJhWER7fra9qZCB3mOkU8gLks7vYHQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04if7ZhuFCgMv_7Zm5fICB2wkqSaFK5ZUYDJhWER7fra9qZCB3mOkU8gLks7vYHQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04if7ZhuFCgMv_7Zm5fICB2wkqSaFK5ZUYDJhWER7fra9qZCB3mOkU8gLks7vYHQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04if7ZhuFCgMv_7Zm5fICB2wkqSaFK5ZUYDJhWER7fra9qZCB3mOkU8gLks7vYHQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04if7ZhuFCgMv_7Zm5fICB2wkqSaFK5ZUYDJhWER7fra9qZCB3mOkU8gLks7vYHQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04if7ZhuFCgMv_7Zm5fICB2wkqSaFK5ZUYDJhWER7fra9qZCB3mOkU8gLks7vYHQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04if7ZhuFCgMv_7Zm5fICB2wkqSaFK5ZUYDJhWER7fra9qZCB3mOkU8gLks7vYHQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04if7ZhuFCgMv_7Zm5fICB2wkqSaFK5ZUYDJhWER7fra9qZCB3mOkU8gLks7vYHQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04if7ZhuFCgMv_7Zm5fICB2wkqSaFK5ZUYDJhWER7fra9qZCB3mOkU8gLks7vYHQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04if7ZhuFCgMv_7Zm5fICB2wkqSaFK5ZUYDJhWER7fra9qZCB3mOkU8gLks7vYHQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04if7ZhuFCgMv_7Zm5fICB2wkqSaFK5ZUYDJhWER7fra9qZCB3mOkU8gLks7vYHQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04if7ZhuFCgMv_7Zm5fICB2wkqSaFK5ZUYDJhWER7fra9qZCB3mOkU8gLks7vYHQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04if7ZhuFCgMv_7Zm5fICB2wkqSaFK5ZUYDJhWER7fra9qZCB3mOkU8gLks7vYHQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04if7ZhuFCgMv_7Zm5fICB2wkqSaFK5ZUYDJhWER7fra9qZCB3mOkU8gLks7vYHQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04if7ZhuFCgMv_7Zm5fICB2wkqSaFK5ZUYDJhWER7fra9qZCB3mOkU8gLks7vYHQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04if7ZhuFCgMv_7Zm5fICB2wkqSaFK5ZUYDJhWER7fra9qZCB3mOkU8gLks7vYHQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04if7ZhuFCgMv_7Zm5fICB2wkqSaFK5ZUYDJhWER7fra9qZCB3mOkU8gLks7vYHQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04if7ZhuFCgMv_7Zm5fICB2wkqSaFK5ZUYDJhWER7fra9qZCB3mOkU8gLks7vYHQ

Request Chain 225

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESECQaDVVQs7mzq-hG9Mdgc00&google_cver=1&google_push=AQvitUIsXhyad9i65qtOgwnXYv9T1ysb7_Vn0_CiniCTkVdKN6Tk4cnFEF-Gi_hggSAC3ptKYYrkDRPCmr9sfjiHdk_Am4JWln0c HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIsXhyad9i65qtOgwnXYv9T1ysb7_Vn0_CiniCTkVdKN6Tk4cnFEF-Gi_hggSAC3ptKYYrkDRPCmr9sfjiHdk_Am4JWln0c&google_hm=

Request Chain 254

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIatw4qCFXo4ecT0q2TUXJI&google_cver=1&google_push=AQvitUJixiwMDbvKP37AkC866CkqnwdLXPsMbyDm3QO0tWP-AM0rbwnri_Y13wuPQeDdwO4HW6qfR_YWav8qUs4Hq8lUrLMoIyKw HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUJixiwMDbvKP37AkC866CkqnwdLXPsMbyDm3QO0tWP-AM0rbwnri_Y13wuPQeDdwO4HW6qfR_YWav8qUs4Hq8lUrLMoIyKw&google_hm=Z14z_4lcG5k_3TYLGYNwvQ

Request Chain 255

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitULyEXp1HDoGikH5ZVoM-la4f1Vdp_r1znkhHOp8HaxO40wP9_PdH0dwCv3nFOzHynw5bnJ2APZJUIdOtJ3Kc2l5sJldk-Am&google_gid=CAESENUUBA9iYm9IpIfaheKJM7A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUp1ZGFnQUFBY1NhcG4tdg&google_push=AQvitULyEXp1HDoGikH5ZVoM-la4f1Vdp_r1znkhHOp8HaxO40wP9_PdH0dwCv3nFOzHynw5bnJ2APZJUIdOtJ3Kc2l5sJldk-Am

Request Chain 256

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUJ9OoHoRldIBDU_NQCPgJL5E1Z3wTF39G5OwxKsZnfbgm-E5eQ-KyfQFos-xI4pYsiI7-28arDX4-Nnw8KUqouU_bg0x9w&google_gid=CAESED5BqC6WvJDstllNGtZlM4k&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCOu67oQGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BUXZpdFVKOU9vSG9SbGRJQkRVX05RQ1BnSkw1RTFaM3dURjM5RzVPd3hLc1puZmJnbS1FNWVRLUt5ZlFGb3MteEk0cFlzaUk3LTI4YXJEWDQtTm53OEtVcW91VV9iZzB4OXc HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwUmxIOXktam1IY0NnbjRwRTMzRU1lM1ZLUl9jUFl3T2ZXVjFJQUVtdTlTTQ==&google_push

Request Chain 258

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOskRwHXIhG_rA_arpcYjBI&google_cver=1&google_push=AQvitUIXgtCGvm6pPp3z3awbT3Ut3kdu-Jb7HZVQQ2SRqk92XKmmhTdb6-W_pBa9u0yFdcS5nZ0qy8J6Bu-qYQwpQGave-ygk1uN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xZeFsXYlQf-TD0I1HptrVQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIXgtCGvm6pPp3z3awbT3Ut3kdu-Jb7HZVQQ2SRqk92XKmmhTdb6-W_pBa9u0yFdcS5nZ0qy8J6Bu-qYQwpQGave-ygk1uN

Request Chain 259

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEE4GpwwXo_X6S2AikXlQiso&google_cver=1&google_push=AQvitUL_BSbZ90mANINblFPJKE70UCgvw2wQbTtdMPRk96Wnsnvifz90JNreCWQOcqPnasqTm8SYrbcV5oypUfhUkEaHJPzYenM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09MOTM4NTMtMU4tMkRYSA==&google_push=AQvitUL_BSbZ90mANINblFPJKE70UCgvw2wQbTtdMPRk96Wnsnvifz90JNreCWQOcqPnasqTm8SYrbcV5oypUfhUkEaHJPzYenM

Request Chain 260

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-Pt6z-Fzs8k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-Pt6z-Fzs8k&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-Pt6z-Fzs8k&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-Pt6z-Fzs8k&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-Pt6z-Fzs8k&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-Pt6z-Fzs8k&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-Pt6z-Fzs8k&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-Pt6z-Fzs8k&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-Pt6z-Fzs8k&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-Pt6z-Fzs8k&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-Pt6z-Fzs8k&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-Pt6z-Fzs8k&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-Pt6z-Fzs8k&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-Pt6z-Fzs8k&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-Pt6z-Fzs8k&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-Pt6z-Fzs8k&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-Pt6z-Fzs8k&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-Pt6z-Fzs8k&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-Pt6z-Fzs8k&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-Pt6z-Fzs8k&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-Pt6z-Fzs8k&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1

Request Chain 263

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitULMuoAaMWCmWzsf0MkIO1elfTogWZHFnyU4FimZgoIFJrFzomPERkFrTosj1kKcEb_kJCBYth6qoofhOS2IIyyl5MRgA3bl&google_gid=CAESEDBwCF10MSt0QQGszly2-mI&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitULMuoAaMWCmWzsf0MkIO1elfTogWZHFnyU4FimZgoIFJrFzomPERkFrTosj1kKcEb_kJCBYth6qoofhOS2IIyyl5MRgA3bl&google_gid=CAESEDBwCF10MSt0QQGszly2-mI&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA1MTIwOTE4MzUzODUzNTUyNDU5MTI3NQ%3D%3D&google_push=AQvitULMuoAaMWCmWzsf0MkIO1elfTogWZHFnyU4FimZgoIFJrFzomPERkFrTosj1kKcEb_kJCBYth6qoofhOS2IIyyl5MRgA3bl

Request Chain 265

https://rtb.openx.net/sync/dds?google_gid=CAESEJksqCfpvcGoUCWCuOZUyk8&google_cver=1&google_push=AQvitUKjlsTnIkLnhiBuWYa_yg94pbynB8xibyc_k2q8rDNjlVloUqCDIW3h9DSzSb04LfRbi6LbUqdg7Nnd_7w_x0Nwf5ANyW8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKjlsTnIkLnhiBuWYa_yg94pbynB8xibyc_k2q8rDNjlVloUqCDIW3h9DSzSb04LfRbi6LbUqdg7Nnd_7w_x0Nwf5ANyW8&google_hm=1roNUAOezOs0161lGyN9DA==

Request Chain 266

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOskRwHXIhG_rA_arpcYjBI&google_cver=1&google_push=AQvitUL40wgj-b4pXJ4MQg04EMO0VIZ02dHZkrnW232xffv091EubIK0nm8K0EVdMX_CmDoLr09RgOLYEkpsRuW-xnlvu6tcgv-i HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3Pga-UC1SBCIy4JEhy1e_A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUL40wgj-b4pXJ4MQg04EMO0VIZ02dHZkrnW232xffv091EubIK0nm8K0EVdMX_CmDoLr09RgOLYEkpsRuW-xnlvu6tcgv-i

Request Chain 267

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEE4GpwwXo_X6S2AikXlQiso&google_cver=1&google_push=AQvitUKmre0lcMrAkssFpQs18MLmqgf8ZUrSzBZjwrEuTWYbFMcCDefhZEH8rUB6KKVK0owNwyPEdNwdUGz6QXYGQ-DE9vCkoAWv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09MOTM4N1YtMy00QUlT&google_push=AQvitUKmre0lcMrAkssFpQs18MLmqgf8ZUrSzBZjwrEuTWYbFMcCDefhZEH8rUB6KKVK0owNwyPEdNwdUGz6QXYGQ-DE9vCkoAWv

Request Chain 268

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLDoQjcXMp_w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLDoQjcXMp_w&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLDoQjcXMp_w&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLDoQjcXMp_w&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLDoQjcXMp_w&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLDoQjcXMp_w&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLDoQjcXMp_w&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLDoQjcXMp_w&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLDoQjcXMp_w&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLDoQjcXMp_w&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLDoQjcXMp_w&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLDoQjcXMp_w&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLDoQjcXMp_w&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLDoQjcXMp_w&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLDoQjcXMp_w&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLDoQjcXMp_w&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLDoQjcXMp_w&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLDoQjcXMp_w&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLDoQjcXMp_w&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLDoQjcXMp_w&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLDoQjcXMp_w&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M

Request Chain 270

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIatw4qCFXo4ecT0q2TUXJI&google_cver=1&google_push=AQvitUL2PrM0xHG-MbUCZun0KoKymPVjJkJJxzmWFlvWB6KNz0nb2sxvl99uJEoc_z7XYUqyfzBwc4T_w9VAQBMFMwVN7jDCMFA HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUL2PrM0xHG-MbUCZun0KoKymPVjJkJJxzmWFlvWB6KNz0nb2sxvl99uJEoc_z7XYUqyfzBwc4T_w9VAQBMFMwVN7jDCMFA&google_hm=Z14z_4lcG5k_3TYLGYNwvQ

Request Chain 271

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUJwVEZTx6GOoB8cU_GP4kGm91e4-wSlRbV_YwnFwETeZl76dAya0_FIvTE9eDigpj7aIk4gPbVAHMY3-K7szgQiad5VjVWZ&google_gid=CAESENUUBA9iYm9IpIfaheKJM7A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUp1ZGFnQUFBZndsVUZhSg&google_push=AQvitUJwVEZTx6GOoB8cU_GP4kGm91e4-wSlRbV_YwnFwETeZl76dAya0_FIvTE9eDigpj7aIk4gPbVAHMY3-K7szgQiad5VjVWZ

Request Chain 272

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIhqWruiHdSITf2o4OfXVrIusJJxlViJ2A5LDY_ll4ONXCwWezwuKxm5ZyALNe191gFI8MNP7T5iwx1G-iRpprxF4bSPrs&google_gid=CAESEDBwCF10MSt0QQGszly2-mI&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIhqWruiHdSITf2o4OfXVrIusJJxlViJ2A5LDY_ll4ONXCwWezwuKxm5ZyALNe191gFI8MNP7T5iwx1G-iRpprxF4bSPrs&google_gid=CAESEDBwCF10MSt0QQGszly2-mI&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA1MTIwOTE4MzUzODUzNTUyNDU5MTI3NQ%3D%3D&google_push=AQvitUIhqWruiHdSITf2o4OfXVrIusJJxlViJ2A5LDY_ll4ONXCwWezwuKxm5ZyALNe191gFI8MNP7T5iwx1G-iRpprxF4bSPrs

Request Chain 274

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEE4GpwwXo_X6S2AikXlQiso&google_cver=1&google_push=AQvitUJTwS1pf7eRdNmrF-4l8tWEjv8nBSb0RcC7dPnjGof4hky9lwBF2mZFb5YcjzX26nOKCDHwa6p35-4TuhFM3b-Qi9hhUxTK HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09MOTM4OTYtMUItSkxRUw==&google_push=AQvitUJTwS1pf7eRdNmrF-4l8tWEjv8nBSb0RcC7dPnjGof4hky9lwBF2mZFb5YcjzX26nOKCDHwa6p35-4TuhFM3b-Qi9hhUxTK

Request Chain 275

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz_1SSNyqUs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz_1SSNyqUs&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz_1SSNyqUs&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz_1SSNyqUs&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz_1SSNyqUs&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz_1SSNyqUs&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz_1SSNyqUs&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz_1SSNyqUs&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz_1SSNyqUs&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz_1SSNyqUs&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz_1SSNyqUs&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz_1SSNyqUs&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz_1SSNyqUs&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz_1SSNyqUs&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz_1SSNyqUs&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz_1SSNyqUs&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz_1SSNyqUs&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz_1SSNyqUs&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz_1SSNyqUs&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz_1SSNyqUs&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz_1SSNyqUs&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1

Request Chain 276

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESECQaDVVQs7mzq-hG9Mdgc00&google_cver=1&google_push=AQvitULxSvP0Z-NxU-sCNpl16Z72sCQg4ayxPziiCUwPbmbBcsoBKtqTl_drj6FC0rli3kLJeR3IivZIeuyh1_xqPjpGL5a1YVQNZg HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitULxSvP0Z-NxU-sCNpl16Z72sCQg4ayxPziiCUwPbmbBcsoBKtqTl_drj6FC0rli3kLJeR3IivZIeuyh1_xqPjpGL5a1YVQNZg&google_hm=

368 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
controle.diariodorio.com/
Redirect Chain

https://www.controle.diariodorio.com/
https://controle.diariodorio.com/

110 KB
19 KB

1638ms
1385ms

Document
text/html

190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 151dd55b67034cbe33c3f62feb9a9c321b579f2b3b8d6c24aee9e62fe936f8d6

Request headers

Host: controle.diariodorio.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx/1.18.0
Date: Wed, 12 May 2021 09:18:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Link: <https://controle.diariodorio.com/wp-json/>; rel="https://api.w.org/" <https://controle.diariodorio.com/wp-json/wp/v2/pages/74201>; rel="alternate"; type="application/json" <https://diariodorio.com/>; rel=shortlink
Content-Encoding: gzip

Redirect headers

Server: nginx/1.18.0
Date: Wed, 12 May 2021 09:18:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
X-Redirect-By: WordPress
Location: https://controle.diariodorio.com/

GET
H/1.1 200
OK 1617125214-bf6ca16b5b68527245359524ab42be4ff5e60f1f.min.css
controle.diariodorio.com/wp-content/cache/fvm/min/controle.diariodorio.com/ 1 MB
125 KB 164ms
162ms Stylesheet
text/css 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.diariodorio.com/wp-content/cache/fvm/min/controle.diariodorio.com/1617125214-bf6ca16b5b68527245359524ab42be4ff5e60f1f.min.css
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: bdac93dff5e5f4fe527bab63e770cf082671781676af28e9a5cd19f6260210c6

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://controle.diariodorio.com/
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Apr 2021 04:00:16 GMT
Server: nginx/1.18.0
ETag: W/"608a2f50-1084ab"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET newspaper.woff
diariodorio.com/wp-content/themes/Newspaper/images/icons/ 0
0

GET
H/1.1 200
OK jquery.js Show response
controle.diariodorio.com/wp-includes/js/jquery/ 95 KB
33 KB 553ms
182ms Script
application/javascript 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.diariodorio.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://controle.diariodorio.com/
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 May 2019 16:40:13 GMT
Server: nginx/1.18.0
ETag: W/"5ce57b6d-17a69"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 23ms
18ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-367649-10

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b47c4946debbf813d843f92f3f7810f2c448052c73f9afd314491f16ee128413

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:31 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36367
x-xss-protection: 0
expires: Wed, 12 May 2021 09:18:31 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
49 KB 53ms
25ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0c59bd2eacde11afe8a1f60e32086839e62d5e63bc2346ae86cc4bc52bef074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49908
x-xss-protection: 0
server: cafe
etag: 13815580874420029976
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 12 May 2021 09:18:31 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 61 KB
21 KB 113ms
38ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

29ae3cc56392ebe3860727ee5407fdc5fc74b4063c30f500fcda8d5e3ee64d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "869 / 559 of 1000 / last-modified: 1620770910"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21145
x-xss-protection: 0
expires: Wed, 12 May 2021 09:18:31 GMT

GET
H2 200 client.js Show response
cdn.gravitec.net/storage/fd7a61cd2e49e4b4514634ce54148782/ 64 KB
18 KB 110ms
46ms Script
application/javascript 213.174.135.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/storage/fd7a61cd2e49e4b4514634ce54148782/client.js
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8c674957affe04d872564f1289d151136a05e2b45e47589ec7d0dfcec0dcc977

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:31 GMT
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 09:56:41 GMT
server: nginx
etag: W/"60893159-100fb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 28 Apr 2021 10:29:06 GMT
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2 200 logo_site-1.png
diariodorio.com/wp-content/uploads/2019/07/ 6 KB
6 KB 1727ms
1240ms Image
image/webp 190.89.238.20
Under Servicos de...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://diariodorio.com/wp-content/uploads/2019/07/logo_site-1.png
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br86.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: b3f4217e13b9b9352797ed4e09fff58b1dbd4619455e089e271310454d819e24

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:32 GMT
last-modified: Tue, 29 Dec 2020 18:38:57 GMT
server: nginx/1.18.0
etag: "5feb77c1-17b6"
vary: Accept, Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 6070
expires: Thu, 12 May 2022 09:18:32 GMT

GET
H/1.1 200
OK 51170266456_0c0fc0c1c3_k-1536x953-1-150x150.jpg
controle.diariodorio.com/wp-content/uploads/2021/05/ 7 KB
7 KB 164ms
144ms Image
image/jpeg 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.diariodorio.com/wp-content/uploads/2021/05/51170266456_0c0fc0c1c3_k-1536x953-1-150x150.jpg
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: a855c38ea925e5e47468255b6b2e73c70a35806721a5001949f76a381f628d89

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://controle.diariodorio.com/
Cookie: _ga_9B5MLBZ7SJ=GS1.1.1620811111.1.0.1620811111.0; _fbp=fb.1.1620811111619.1002101485; __gads=ID=b20a0ff9e2f93f81-22df3bcbe1c70074:T=1620811111:RT=1620811111:S=ALNI_MYRjZQ5IvzV_Ot841kYtp40M_QOSg; _ga=GA1.2.1273230402.1620811112; _gid=GA1.2.2023127648.1620811112; _gat_gtag_UA_367649_10=1; _pk_id.260.2a41=66c9095758527178.1620811112.1.1620811112.1620811112.; _pk_ses.260.2a41=1
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:32 GMT
Last-Modified: Wed, 12 May 2021 03:24:35 GMT
Server: nginx/1.18.0
ETag: "609b4a73-1c19"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7193

GET
H/1.1 200
OK IMG_2715-150x150.jpg
controle.diariodorio.com/wp-content/uploads/2021/03/ 8 KB
8 KB 185ms
156ms Image
image/jpeg 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.diariodorio.com/wp-content/uploads/2021/03/IMG_2715-150x150.jpg
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 995b51d190d07c43e2503cf1376f304e37f51e814099efbea023fb440daa5d71

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://controle.diariodorio.com/
Cookie: _ga_9B5MLBZ7SJ=GS1.1.1620811111.1.0.1620811111.0; _fbp=fb.1.1620811111619.1002101485; __gads=ID=b20a0ff9e2f93f81-22df3bcbe1c70074:T=1620811111:RT=1620811111:S=ALNI_MYRjZQ5IvzV_Ot841kYtp40M_QOSg; _ga=GA1.2.1273230402.1620811112; _gid=GA1.2.2023127648.1620811112; _gat_gtag_UA_367649_10=1; _pk_id.260.2a41=66c9095758527178.1620811112.1.1620811112.1620811112.; _pk_ses.260.2a41=1
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:32 GMT
Last-Modified: Fri, 26 Mar 2021 14:52:16 GMT
Server: nginx/1.18.0
ETag: "605df520-1e16"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7702

GET
H/1.1 200
OK 20vac0-150x150.jpg
controle.diariodorio.com/wp-content/uploads/2021/01/ 8 KB
9 KB 161ms
154ms Image
image/jpeg 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.diariodorio.com/wp-content/uploads/2021/01/20vac0-150x150.jpg
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: a3c83d85b31a95c72a5af3ca865ebbdd2565d456d0606f4e178734be4e9f6703

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://controle.diariodorio.com/
Cookie: _ga_9B5MLBZ7SJ=GS1.1.1620811111.1.0.1620811111.0; _fbp=fb.1.1620811111619.1002101485; __gads=ID=b20a0ff9e2f93f81-22df3bcbe1c70074:T=1620811111:RT=1620811111:S=ALNI_MYRjZQ5IvzV_Ot841kYtp40M_QOSg; _ga=GA1.2.1273230402.1620811112; _gid=GA1.2.2023127648.1620811112; _gat_gtag_UA_367649_10=1; _pk_id.260.2a41=66c9095758527178.1620811112.1.1620811112.1620811112.; _pk_ses.260.2a41=1
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:32 GMT
Last-Modified: Wed, 20 Jan 2021 18:03:10 GMT
Server: nginx/1.18.0
ETag: "6008705e-21bc"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8636

GET
H/1.1 200
OK foto-eduardo-barreto-cmrj_51173546430_o-150x150.jpg
controle.diariodorio.com/wp-content/uploads/2021/05/ 8 KB
8 KB 610ms
502ms Image
image/jpeg 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.diariodorio.com/wp-content/uploads/2021/05/foto-eduardo-barreto-cmrj_51173546430_o-150x150.jpg
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 61e2da288a7b1510267cec1da8bfd1dc78ce4515d16c6c992498ae6499c62f5f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://controle.diariodorio.com/
Cookie: _ga_9B5MLBZ7SJ=GS1.1.1620811111.1.0.1620811111.0; _fbp=fb.1.1620811111619.1002101485; __gads=ID=b20a0ff9e2f93f81-22df3bcbe1c70074:T=1620811111:RT=1620811111:S=ALNI_MYRjZQ5IvzV_Ot841kYtp40M_QOSg; _ga=GA1.2.1273230402.1620811112; _gid=GA1.2.2023127648.1620811112; _gat_gtag_UA_367649_10=1; _pk_id.260.2a41=66c9095758527178.1620811112.1.1620811112.1620811112.; _pk_ses.260.2a41=1
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:32 GMT
Last-Modified: Tue, 11 May 2021 21:00:32 GMT
Server: nginx/1.18.0
ETag: "609af070-1eac"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7852

GET
H/1.1 200
OK IMG_6614-150x150.jpg
controle.diariodorio.com/wp-content/uploads/2021/04/ 9 KB
9 KB 162ms
161ms Image
image/jpeg 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.diariodorio.com/wp-content/uploads/2021/04/IMG_6614-150x150.jpg
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: b0491bd9e54c8fb5936f69844c94cde3e4681e73828fe63b7f07417ccba5309f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://controle.diariodorio.com/
Cookie: _ga_9B5MLBZ7SJ=GS1.1.1620811111.1.0.1620811111.0; _fbp=fb.1.1620811111619.1002101485; __gads=ID=b20a0ff9e2f93f81-22df3bcbe1c70074:T=1620811111:RT=1620811111:S=ALNI_MYRjZQ5IvzV_Ot841kYtp40M_QOSg; _ga=GA1.2.1273230402.1620811112; _gid=GA1.2.2023127648.1620811112; _gat_gtag_UA_367649_10=1; _pk_id.260.2a41=66c9095758527178.1620811112.1.1620811112.1620811112.; _pk_ses.260.2a41=1
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:32 GMT
Last-Modified: Wed, 21 Apr 2021 09:16:45 GMT
Server: nginx/1.18.0
ETag: "607fed7d-22e5"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8933

GET
H/1.1 200
OK policia_civil_tania_rego-arquivo_agencia_brasil-150x150.jpg
controle.diariodorio.com/wp-content/uploads/2020/09/ 6 KB
6 KB 176ms
130ms Image
image/jpeg 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.diariodorio.com/wp-content/uploads/2020/09/policia_civil_tania_rego-arquivo_agencia_brasil-150x150.jpg
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 06547c7cb19aff41be893b09397ee7001fb1734c603ab3a81d70a81f25fc05fc

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://controle.diariodorio.com/
Cookie: _ga_9B5MLBZ7SJ=GS1.1.1620811111.1.0.1620811111.0; _fbp=fb.1.1620811111619.1002101485; __gads=ID=b20a0ff9e2f93f81-22df3bcbe1c70074:T=1620811111:RT=1620811111:S=ALNI_MYRjZQ5IvzV_Ot841kYtp40M_QOSg; _ga=GA1.2.1273230402.1620811112; _gid=GA1.2.2023127648.1620811112; _gat_gtag_UA_367649_10=1; _pk_id.260.2a41=66c9095758527178.1620811112.1.1620811112.1620811112.; _pk_ses.260.2a41=1
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:32 GMT
Last-Modified: Sat, 19 Sep 2020 18:37:20 GMT
Server: nginx/1.18.0
ETag: "5f664fe0-169a"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5786

GET
H/1.1 200
OK IMG_5895-150x150.jpg
controle.diariodorio.com/wp-content/uploads/2021/03/ 8 KB
8 KB 141ms
139ms Image
image/jpeg 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.diariodorio.com/wp-content/uploads/2021/03/IMG_5895-150x150.jpg
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 7a5b0666fabcea9a8a5c7da97c55ba02acfb6916595c7976e5350f9f0fd8e1a1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://controle.diariodorio.com/
Cookie: _ga_9B5MLBZ7SJ=GS1.1.1620811111.1.0.1620811111.0; _fbp=fb.1.1620811111619.1002101485; __gads=ID=b20a0ff9e2f93f81-22df3bcbe1c70074:T=1620811111:RT=1620811111:S=ALNI_MYRjZQ5IvzV_Ot841kYtp40M_QOSg; _ga=GA1.2.1273230402.1620811112; _gid=GA1.2.2023127648.1620811112; _gat_gtag_UA_367649_10=1; _pk_id.260.2a41=66c9095758527178.1620811112.1.1620811112.1620811112.; _pk_ses.260.2a41=1
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:32 GMT
Last-Modified: Tue, 02 Mar 2021 20:32:43 GMT
Server: nginx/1.18.0
ETag: "603ea0eb-1e64"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7780

GET
H/1.1 200
OK Nelson-Rocha-SEFAZ-1024x685-1-150x150.jpg
controle.diariodorio.com/wp-content/uploads/2021/05/ 5 KB
6 KB 241ms
126ms Image
image/jpeg 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.diariodorio.com/wp-content/uploads/2021/05/Nelson-Rocha-SEFAZ-1024x685-1-150x150.jpg
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: d300307fc61afd3ea7cce5ddb76c2fc86de13f027629ab68610bfb40f33cdcf3

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://controle.diariodorio.com/
Cookie: _ga_9B5MLBZ7SJ=GS1.1.1620811111.1.0.1620811111.0; _fbp=fb.1.1620811111619.1002101485; __gads=ID=b20a0ff9e2f93f81-22df3bcbe1c70074:T=1620811111:RT=1620811111:S=ALNI_MYRjZQ5IvzV_Ot841kYtp40M_QOSg; _ga=GA1.2.1273230402.1620811112; _gid=GA1.2.2023127648.1620811112; _gat_gtag_UA_367649_10=1; _pk_id.260.2a41=66c9095758527178.1620811112.1.1620811112.1620811112.; _pk_ses.260.2a41=1
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:32 GMT
Last-Modified: Tue, 11 May 2021 20:45:01 GMT
Server: nginx/1.18.0
ETag: "609aeccd-151b"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5403

GET
H/1.1 200
OK camara-de-vereadores-150x150.jpg
controle.diariodorio.com/wp-content/uploads/2021/05/ 8 KB
9 KB 146ms
131ms Image
image/jpeg 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.diariodorio.com/wp-content/uploads/2021/05/camara-de-vereadores-150x150.jpg
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: dc6063ce35e06b8d771b124b3d05da70ad1dd050f8fb5c940128053562aee42b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://controle.diariodorio.com/
Cookie: _ga_9B5MLBZ7SJ=GS1.1.1620811111.1.0.1620811111.0; _fbp=fb.1.1620811111619.1002101485; __gads=ID=b20a0ff9e2f93f81-22df3bcbe1c70074:T=1620811111:RT=1620811111:S=ALNI_MYRjZQ5IvzV_Ot841kYtp40M_QOSg; _ga=GA1.2.1273230402.1620811112; _gid=GA1.2.2023127648.1620811112; _gat_gtag_UA_367649_10=1; _pk_id.260.2a41=66c9095758527178.1620811112.1.1620811112.1620811112.; _pk_ses.260.2a41=1
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:32 GMT
Last-Modified: Tue, 11 May 2021 20:39:03 GMT
Server: nginx/1.18.0
ETag: "609aeb67-21de"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8670

GET
H/1.1 200
OK EC-Biblioteca-Parque-7-150x150.jpg
controle.diariodorio.com/wp-content/uploads/2021/05/ 8 KB
8 KB 149ms
137ms Image
image/jpeg 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.diariodorio.com/wp-content/uploads/2021/05/EC-Biblioteca-Parque-7-150x150.jpg
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: bde7cfcf8d6a838f2d09e83abad8c00656dcacbb1bf6a75da69d449394bd2acb

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://controle.diariodorio.com/
Cookie: _ga_9B5MLBZ7SJ=GS1.1.1620811111.1.0.1620811111.0; _fbp=fb.1.1620811111619.1002101485; __gads=ID=b20a0ff9e2f93f81-22df3bcbe1c70074:T=1620811111:RT=1620811111:S=ALNI_MYRjZQ5IvzV_Ot841kYtp40M_QOSg; _ga=GA1.2.1273230402.1620811112; _gid=GA1.2.2023127648.1620811112; _gat_gtag_UA_367649_10=1; _pk_id.260.2a41=66c9095758527178.1620811112.1.1620811112.1620811112.; _pk_ses.260.2a41=1
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:32 GMT
Last-Modified: Tue, 11 May 2021 20:26:23 GMT
Server: nginx/1.18.0
ETag: "609ae86f-1f17"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7959

GET
H/1.1 200
OK Luiz-Henrique-Mandetta-150x150.jpg
controle.diariodorio.com/wp-content/uploads/2021/05/ 6 KB
6 KB 184ms
136ms Image
image/jpeg 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.diariodorio.com/wp-content/uploads/2021/05/Luiz-Henrique-Mandetta-150x150.jpg
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: e967c5426c0c026446fcf3d24e1aeeef5d28c863faba6df24d57cc2c178e7136

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://controle.diariodorio.com/
Cookie: _ga_9B5MLBZ7SJ=GS1.1.1620811111.1.0.1620811111.0; _fbp=fb.1.1620811111619.1002101485; __gads=ID=b20a0ff9e2f93f81-22df3bcbe1c70074:T=1620811111:RT=1620811111:S=ALNI_MYRjZQ5IvzV_Ot841kYtp40M_QOSg; _ga=GA1.2.1273230402.1620811112; _gid=GA1.2.2023127648.1620811112; _gat_gtag_UA_367649_10=1; _pk_id.260.2a41=66c9095758527178.1620811112.1.1620811112.1620811112.; _pk_ses.260.2a41=1
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:32 GMT
Last-Modified: Tue, 11 May 2021 20:15:21 GMT
Server: nginx/1.18.0
ETag: "609ae5d9-1767"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5991

GET
H/1.1 200
OK img_0444_preview-150x150.jpg
controle.diariodorio.com/wp-content/uploads/2020/03/ 10 KB
10 KB 178ms
125ms Image
image/jpeg 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.diariodorio.com/wp-content/uploads/2020/03/img_0444_preview-150x150.jpg
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 5b664000faad040100ff0b62f9c2f87483f21342b3bd42687b53cbde265c228d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://controle.diariodorio.com/
Cookie: _ga_9B5MLBZ7SJ=GS1.1.1620811111.1.0.1620811111.0; _fbp=fb.1.1620811111619.1002101485; __gads=ID=b20a0ff9e2f93f81-22df3bcbe1c70074:T=1620811111:RT=1620811111:S=ALNI_MYRjZQ5IvzV_Ot841kYtp40M_QOSg; _ga=GA1.2.1273230402.1620811112; _gid=GA1.2.2023127648.1620811112; _gat_gtag_UA_367649_10=1; _pk_id.260.2a41=66c9095758527178.1620811112.1.1620811112.1620811112.; _pk_ses.260.2a41=1
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:32 GMT
Last-Modified: Sun, 22 Mar 2020 03:10:30 GMT
Server: nginx/1.18.0
ETag: "5e76d726-277b"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10107

GET
H/1.1 200
OK Screenshot_20210511-164835-043-150x150.png
controle.diariodorio.com/wp-content/uploads/2021/05/ 40 KB
40 KB 152ms
132ms Image
image/png 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.diariodorio.com/wp-content/uploads/2021/05/Screenshot_20210511-164835-043-150x150.png
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 87d25e0d96931355b0f93233c49e86569035de4c2822398ba11dfa3251fe23df

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://controle.diariodorio.com/
Cookie: _ga_9B5MLBZ7SJ=GS1.1.1620811111.1.0.1620811111.0; _fbp=fb.1.1620811111619.1002101485; __gads=ID=b20a0ff9e2f93f81-22df3bcbe1c70074:T=1620811111:RT=1620811111:S=ALNI_MYRjZQ5IvzV_Ot841kYtp40M_QOSg; _ga=GA1.2.1273230402.1620811112; _gid=GA1.2.2023127648.1620811112; _gat_gtag_UA_367649_10=1; _pk_id.260.2a41=66c9095758527178.1620811112.1.1620811112.1620811112.; _pk_ses.260.2a41=1
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:32 GMT
Last-Modified: Tue, 11 May 2021 19:57:08 GMT
Server: nginx/1.18.0
ETag: "609ae194-9e54"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40532

GET
H/1.1 200
OK Parque-Natural-Municipal-Dois-Irmaos-Dois-Cariocas-Sergio-Bernardes-e-Alfredo-Sirkis-150x150.jpg
controle.diariodorio.com/wp-content/uploads/2021/05/ 6 KB
7 KB 156ms
136ms Image
image/jpeg 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.diariodorio.com/wp-content/uploads/2021/05/Parque-Natural-Municipal-Dois-Irmaos-Dois-Cariocas-Sergio-Bernardes-e-Alfredo-Sirkis-150x150.jpg
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: a6919f309cd7dcac32d5fdcc3e0a7c0bfdf40b45fb856fff80fac0e7468afeea

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://controle.diariodorio.com/
Cookie: _ga_9B5MLBZ7SJ=GS1.1.1620811111.1.0.1620811111.0; _fbp=fb.1.1620811111619.1002101485; __gads=ID=b20a0ff9e2f93f81-22df3bcbe1c70074:T=1620811111:RT=1620811111:S=ALNI_MYRjZQ5IvzV_Ot841kYtp40M_QOSg; _ga=GA1.2.1273230402.1620811112; _gid=GA1.2.2023127648.1620811112; _gat_gtag_UA_367649_10=1; _pk_id.260.2a41=66c9095758527178.1620811112.1.1620811112.1620811112.; _pk_ses.260.2a41=1
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:32 GMT
Last-Modified: Tue, 11 May 2021 19:48:37 GMT
Server: nginx/1.18.0
ETag: "609adf95-19f9"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6649

GET
H/1.1 200
OK operacao-jacarezinho-2-150x150.jpg
controle.diariodorio.com/wp-content/uploads/2021/05/ 6 KB
6 KB 181ms
135ms Image
image/jpeg 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.diariodorio.com/wp-content/uploads/2021/05/operacao-jacarezinho-2-150x150.jpg
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 8446c9643836871790f568fe0efe38dfd9bf3277aaf450738945f12a0d092c22

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://controle.diariodorio.com/
Cookie: _ga_9B5MLBZ7SJ=GS1.1.1620811111.1.0.1620811111.0; _fbp=fb.1.1620811111619.1002101485; __gads=ID=b20a0ff9e2f93f81-22df3bcbe1c70074:T=1620811111:RT=1620811111:S=ALNI_MYRjZQ5IvzV_Ot841kYtp40M_QOSg; _ga=GA1.2.1273230402.1620811112; _gid=GA1.2.2023127648.1620811112; _gat_gtag_UA_367649_10=1; _pk_id.260.2a41=66c9095758527178.1620811112.1.1620811112.1620811112.; _pk_ses.260.2a41=1
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:32 GMT
Last-Modified: Fri, 07 May 2021 13:48:59 GMT
Server: nginx/1.18.0
ETag: "6095454b-17c9"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6089

GET
H2 200 diario-anj-footer.png
diariodorio.com/wp-content/uploads/2019/09/ 10 KB
10 KB 1894ms
1442ms Image
image/webp 190.89.238.20
Under Servicos de...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://diariodorio.com/wp-content/uploads/2019/09/diario-anj-footer.png
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br86.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: d57832859e0542c5cd6bdf44568ae22bbca8ea2fc159689c5cf82b01b4e46759

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:32 GMT
last-modified: Tue, 29 Dec 2020 16:11:37 GMT
server: nginx/1.18.0
etag: "5feb5539-270e"
vary: Accept, Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 9998
expires: Thu, 12 May 2022 09:18:32 GMT

GET
H/1.1 200
OK underscore.min.js Show response
controle.diariodorio.com/wp-includes/js/ 16 KB
6 KB 138ms
138ms Script
application/javascript 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.diariodorio.com/wp-includes/js/underscore.min.js?ver=1.8.3
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 7b5fc275c98a58b1073a713920cefa54fab60ad9d85a67cf6907aaf8fbb3c474

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://controle.diariodorio.com/
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:31 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Oct 2020 02:48:10 GMT
Server: nginx/1.18.0
ETag: W/"5f9638ea-3f1a"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK js_posts_autoload.min.js Show response
controle.diariodorio.com/wp-content/plugins/td-cloud-library/assets/js/ 5 KB
2 KB 1001ms
145ms Script
application/javascript 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.diariodorio.com/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=388b2d8ea1192f4a22a4fef9c5911ef0
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 7dadf41d55487432b3b4f5db5e8ed8a757ad7d295b1570567d2d2fc6929bd24f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://controle.diariodorio.com/
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Mar 2020 16:43:25 GMT
Server: nginx/1.18.0
ETag: W/"5e73a12d-13c4"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK tagdiv_theme.min.js Show response
controle.diariodorio.com/wp-content/plugins/td-composer/legacy/Newspaper/js/ 223 KB
52 KB 1014ms
146ms Script
application/javascript 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.diariodorio.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=9.7.4
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 7b14bd2abaaea9469d5f384ea58afa753ad2a3a600a83535949fe4a7e3532b8b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://controle.diariodorio.com/
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Mar 2020 16:43:26 GMT
Server: nginx/1.18.0
ETag: W/"5e73a12e-37c4f"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK comment-reply.min.js Show response
controle.diariodorio.com/wp-includes/js/ 3 KB
2 KB 1056ms
159ms Script
application/javascript 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.diariodorio.com/wp-includes/js/comment-reply.min.js?ver=5.5.3
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: a16df2f75e04129b12a5fde7311c7ea9131418080fd3f6bcb2b28ce1faa2fe8e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://controle.diariodorio.com/
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Oct 2020 21:10:07 GMT
Server: nginx/1.18.0
ETag: W/"5f9b2faf-bdb"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK js_files_for_front.min.js Show response
controle.diariodorio.com/wp-content/plugins/td-cloud-library/assets/js/ 13 KB
4 KB 1050ms
143ms Script
application/javascript 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.diariodorio.com/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=388b2d8ea1192f4a22a4fef9c5911ef0
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 280532fe6539a1a9a19081c6e9dca5cc230254656b01c2314ea71472d7e8a89b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://controle.diariodorio.com/
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Mar 2020 16:43:25 GMT
Server: nginx/1.18.0
ETag: W/"5e73a12d-3300"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK wp-embed.min.js Show response
controle.diariodorio.com/wp-includes/js/ 1 KB
1 KB 1164ms
163ms Script
application/javascript 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.diariodorio.com/wp-includes/js/wp-embed.min.js?ver=5.5.3
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://controle.diariodorio.com/
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:32 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Oct 2020 02:48:10 GMT
Server: nginx/1.18.0
ETag: W/"5f9638ea-59a"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 container_NjKeR1Ss.js Show response
tagmanager.alright.network/manager/js/ 166 KB
47 KB 835ms
495ms Script
application/javascript 13.224.193.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagmanager.alright.network/manager/js/container_NjKeR1Ss.js
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-81.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a6a850617fee76c9ebd84d1eb13e48aabb2a24bace7f0a4df8cba1c6f1f1c9a1

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:32 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 20:58:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: W/"dc857b30c8c23c4c15e1a5b9aa84dc92"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
x-amz-cf-id: _oRO7z8Yl1cgwUVRvq4y_ODqLkLGcC8qkDS8byuJJhhAK9Ds1FF6iA==

GET
H/1.1 200
OK newspaper.woff
controle.diariodorio.com/wp-content/themes/Newspaper/images/icons/ 120 KB
121 KB 250ms
141ms Font
font/woff 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.diariodorio.com/wp-content/themes/Newspaper/images/icons/newspaper.woff
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/wp-content/cache/fvm/min/controle.diariodorio.com/1617125214-bf6ca16b5b68527245359524ab42be4ff5e60f1f.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 0f74eda5ca917f0146ec28a71e0602f7a3b9dae063acfeecfe6549bdb165d47a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://controle.diariodorio.com
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://controle.diariodorio.com/wp-content/cache/fvm/min/controle.diariodorio.com/1617125214-bf6ca16b5b68527245359524ab42be4ff5e60f1f.min.css
Connection: keep-alive
Origin: https://controle.diariodorio.com
Referer: https://controle.diariodorio.com/wp-content/cache/fvm/min/controle.diariodorio.com/1617125214-bf6ca16b5b68527245359524ab42be4ff5e60f1f.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:31 GMT
Last-Modified: Tue, 23 Jul 2019 11:14:08 GMT
Server: nginx/1.18.0
ETag: "5d36ec00-1e17c"
Content-Type: font/woff
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 123260

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxM.woff
fonts.gstatic.com/s/roboto/v20/ 20 KB
20 KB 9ms
9ms Font
font/woff 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxM.woff

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/wp-content/cache/fvm/min/controle.diariodorio.com/1617125214-bf6ca16b5b68527245359524ab42be4ff5e60f1f.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1dc87f99c7ff228806117d58f085c6c573057fa237228081802b7d8d3cf7684

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://controle.diariodorio.com
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 18:02:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 227740
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20268
x-xss-protection: 0
expires: Mon, 09 May 2022 18:02:51 GMT

GET
H3-29 200 tDbI2oqRg1oM3QBjjcaDkOr9rAM.woff
fonts.gstatic.com/s/droidserif/v13/ 26 KB
26 KB 8ms
8ms Font
font/woff 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v13/tDbI2oqRg1oM3QBjjcaDkOr9rAM.woff

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/wp-content/cache/fvm/min/controle.diariodorio.com/1617125214-bf6ca16b5b68527245359524ab42be4ff5e60f1f.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5f63ca46cb266eabe08790686081f4e6cb75468010102db68f0bfb0275472f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://controle.diariodorio.com
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 05:43:45 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:24 GMT
server: sffe
age: 272086
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26120
x-xss-protection: 0
expires: Mon, 09 May 2022 05:43:45 GMT

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0d.woff
fonts.gstatic.com/s/opensans/v18/ 18 KB
18 KB 11ms
10ms Font
font/woff 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0d.woff

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/wp-content/cache/fvm/min/controle.diariodorio.com/1617125214-bf6ca16b5b68527245359524ab42be4ff5e60f1f.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81f0ec27796225ea29f9f1c7b74f083edcd7bc97a09d5fc4e8d03c0134e62445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://controle.diariodorio.com
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 22:23:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:21 GMT
server: sffe
age: 39307
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18100
x-xss-protection: 0
expires: Wed, 11 May 2022 22:23:24 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc-.woff
fonts.gstatic.com/s/roboto/v20/ 20 KB
20 KB 10ms
10ms Font
font/woff 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc-.woff

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/wp-content/cache/fvm/min/controle.diariodorio.com/1617125214-bf6ca16b5b68527245359524ab42be4ff5e60f1f.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba98f991d002c6bfaaf7b874652ffdcde9261a86925db87df3ed2861ea080adf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://controle.diariodorio.com
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 04:37:05 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 535286
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20464
x-xss-protection: 0
expires: Fri, 06 May 2022 04:37:05 GMT

GET
H3-29 200 mem6YaGs126MiZpBA-UFUK0Zdcs.woff
fonts.gstatic.com/s/opensans/v18/ 17 KB
17 KB 7ms
7ms Font
font/woff 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem6YaGs126MiZpBA-UFUK0Zdcs.woff

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/wp-content/cache/fvm/min/controle.diariodorio.com/1617125214-bf6ca16b5b68527245359524ab42be4ff5e60f1f.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ec493a5a688a85b60a1e889a22cfb93f23c900e0fdc0be8ab8543dc9daa783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://controle.diariodorio.com
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 22:59:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:37 GMT
server: sffe
age: 37129
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17440
x-xss-protection: 0
expires: Wed, 11 May 2022 22:59:42 GMT

GET
H3-29 200 KFOkCnqEu92Fr1Mu51xIIzQ.woff
fonts.gstatic.com/s/roboto/v20/ 21 KB
21 KB 7ms
6ms Font
font/woff 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1Mu51xIIzQ.woff

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/wp-content/cache/fvm/min/controle.diariodorio.com/1617125214-bf6ca16b5b68527245359524ab42be4ff5e60f1f.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80815efe3bd9317c666df0f2e6d701335e178954f64eb1e99103fea81c2aa137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://controle.diariodorio.com
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 15:38:15 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:01 GMT
server: sffe
age: 495616
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21952
x-xss-protection: 0
expires: Fri, 06 May 2022 15:38:15 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc-.woff
fonts.gstatic.com/s/roboto/v20/ 20 KB
20 KB 8ms
7ms Font
font/woff 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc-.woff

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/wp-content/cache/fvm/min/controle.diariodorio.com/1617125214-bf6ca16b5b68527245359524ab42be4ff5e60f1f.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

806ea46c426af8fc24e5cf42a210228739696933d36299eb28aee64f69fc71f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://controle.diariodorio.com
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 00:07:21 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 378670
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20356
x-xss-protection: 0
expires: Sun, 08 May 2022 00:07:21 GMT

GET
H/1.1 200
OK 51170266456_0c0fc0c1c3_k-1536x953-1-696x432.jpg
controle.diariodorio.com/wp-content/uploads/2021/05/ 61 KB
62 KB 283ms
251ms Image
image/jpeg 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.diariodorio.com/wp-content/uploads/2021/05/51170266456_0c0fc0c1c3_k-1536x953-1-696x432.jpg
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 81c882c5f5fdad0471019c6ff054d8b87b5e0e1272e25242cf9debb01122f224

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://controle.diariodorio.com/
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:31 GMT
Last-Modified: Wed, 12 May 2021 03:24:36 GMT
Server: nginx/1.18.0
ETag: "609b4a74-f54b"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 62795

GET
H/1.1 200
OK IMG_2715-696x464.jpg
controle.diariodorio.com/wp-content/uploads/2021/03/ 51 KB
52 KB 610ms
166ms Image
image/jpeg 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.diariodorio.com/wp-content/uploads/2021/03/IMG_2715-696x464.jpg
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 088136c9ad8d6e2c56ea25315859bf8d96414969654c6fa3b0cd0f456c8511a4

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://controle.diariodorio.com/
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:31 GMT
Last-Modified: Fri, 26 Mar 2021 14:52:18 GMT
Server: nginx/1.18.0
ETag: "605df522-cd97"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 52631

GET
H/1.1 200
OK 20vac0-696x392.jpg
controle.diariodorio.com/wp-content/uploads/2021/01/ 62 KB
62 KB 322ms
281ms Image
image/jpeg 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.diariodorio.com/wp-content/uploads/2021/01/20vac0-696x392.jpg
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: b15cc698932d45dea03dd060f0d637258d2dcd38d36864a7dbaf557d2b63e599

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://controle.diariodorio.com/
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:31 GMT
Last-Modified: Wed, 20 Jan 2021 18:03:12 GMT
Server: nginx/1.18.0
ETag: "60087060-f693"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63123

GET
H/1.1 200
OK policia_civil_tania_rego-arquivo_agencia_brasil-485x360.jpg
controle.diariodorio.com/wp-content/uploads/2020/09/ 29 KB
29 KB 664ms
139ms Image
image/jpeg 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.diariodorio.com/wp-content/uploads/2020/09/policia_civil_tania_rego-arquivo_agencia_brasil-485x360.jpg
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 60c82b6cad00ba08e1345862fd0a5a9df957cd101ee07e842ed08130294570e8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://controle.diariodorio.com/
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:31 GMT
Last-Modified: Fri, 11 Sep 2020 21:01:30 GMT
Server: nginx/1.18.0
ETag: "5f5be5aa-7295"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29333

GET
H/1.1 200
OK Nelson-Rocha-SEFAZ-1024x685-1-485x360.jpg
controle.diariodorio.com/wp-content/uploads/2021/05/ 21 KB
21 KB 1168ms
759ms Image
image/jpeg 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.diariodorio.com/wp-content/uploads/2021/05/Nelson-Rocha-SEFAZ-1024x685-1-485x360.jpg
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: c291e643f95bd3a6477157e03b7f7a7c51e11d264d01e14b0b572eac82a0b7e5

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://controle.diariodorio.com/
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:32 GMT
Last-Modified: Tue, 11 May 2021 20:45:03 GMT
Server: nginx/1.18.0
ETag: "609aeccf-54ad"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21677

GET
H/1.1 200
OK Luiz-Henrique-Mandetta-485x360.jpg
controle.diariodorio.com/wp-content/uploads/2021/05/ 22 KB
22 KB 674ms
132ms Image
image/jpeg 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.diariodorio.com/wp-content/uploads/2021/05/Luiz-Henrique-Mandetta-485x360.jpg
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 44b8d6ec23fdc0f0f4064dbe482450cacda5af966c109a5cb035083aa99b8cb1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://controle.diariodorio.com/
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:31 GMT
Last-Modified: Tue, 11 May 2021 20:15:22 GMT
Server: nginx/1.18.0
ETag: "609ae5da-5870"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22640

GET
H/1.1 200
OK Parque-Natural-Municipal-Dois-Irmaos-Dois-Cariocas-Sergio-Bernardes-e-Alfredo-Sirkis-485x360.jpg
controle.diariodorio.com/wp-content/uploads/2021/05/ 44 KB
45 KB 512ms
143ms Image
image/jpeg 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.diariodorio.com/wp-content/uploads/2021/05/Parque-Natural-Municipal-Dois-Irmaos-Dois-Cariocas-Sergio-Bernardes-e-Alfredo-Sirkis-485x360.jpg
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 3ed9504271075ad6930250549ad37889791a19e6a9863b59d7a509be82ce68f8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://controle.diariodorio.com/
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:31 GMT
Last-Modified: Tue, 11 May 2021 19:48:37 GMT
Server: nginx/1.18.0
ETag: "609adf95-b111"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 45329

GET
H/1.1 200
OK operacao-jacarezinho-2-485x360.jpg
controle.diariodorio.com/wp-content/uploads/2021/05/ 30 KB
30 KB 538ms
152ms Image
image/jpeg 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.diariodorio.com/wp-content/uploads/2021/05/operacao-jacarezinho-2-485x360.jpg
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 72c0ca1c34c4cdc07cd0c1e250fe786ea018c7663002f8d21acd92f4047ad318

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://controle.diariodorio.com/
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:31 GMT
Last-Modified: Fri, 07 May 2021 13:48:59 GMT
Server: nginx/1.18.0
ETag: "6095454b-7798"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30616

GET
H/1.1 200
OK IMG_5895-534x462.jpg
controle.diariodorio.com/wp-content/uploads/2021/03/ 58 KB
58 KB 633ms
148ms Image
image/jpeg 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.diariodorio.com/wp-content/uploads/2021/03/IMG_5895-534x462.jpg
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: a05eb43dc50ba8dbfc78ea4a438072a42e9f8e7c96ed4dc5dc81e49d5ee2657d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://controle.diariodorio.com/
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:31 GMT
Last-Modified: Tue, 02 Mar 2021 20:32:44 GMT
Server: nginx/1.18.0
ETag: "603ea0ec-e8c2"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 59586

GET
H/1.1 200
OK bondinho-pao-de-acucar-534x462.jpg
controle.diariodorio.com/wp-content/uploads/2021/02/ 89 KB
89 KB 193ms
145ms Image
image/jpeg 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.diariodorio.com/wp-content/uploads/2021/02/bondinho-pao-de-acucar-534x462.jpg
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: ae411c551e67c1986801f36356f9e12aee5a700088952ce02f30950a12df8f70

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://controle.diariodorio.com/
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:31 GMT
Last-Modified: Sat, 27 Feb 2021 17:16:43 GMT
Server: nginx/1.18.0
ETag: "603a7e7b-1627b"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 90747

GET
H/1.1 200
OK meza-oyo-534x462.jpeg
controle.diariodorio.com/wp-content/uploads/2021/05/ 34 KB
34 KB 360ms
315ms Image
image/jpeg 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.diariodorio.com/wp-content/uploads/2021/05/meza-oyo-534x462.jpeg
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 7f82e85dac419126ca761347dad3bd90f4beb45bd1606c3e3f36d691b136100a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://controle.diariodorio.com/
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:31 GMT
Last-Modified: Fri, 07 May 2021 21:59:55 GMT
Server: nginx/1.18.0
ETag: "6095b85b-885f"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34911

GET
H/1.1 200
OK IMG-20210507-WA0002-534x462.jpg
controle.diariodorio.com/wp-content/uploads/2021/05/ 46 KB
46 KB 482ms
138ms Image
image/jpeg 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.diariodorio.com/wp-content/uploads/2021/05/IMG-20210507-WA0002-534x462.jpg
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: da3dc72903ff69b290f606c86516d4af3492c08c856fa95ff391c6b2813cb4ae

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://controle.diariodorio.com/
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:31 GMT
Last-Modified: Fri, 07 May 2021 18:55:41 GMT
Server: nginx/1.18.0
ETag: "60958d2d-b816"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 47126

GET
H/1.1 200
OK WhatsApp-Image-2021-05-07-at-15.58.50-534x462.jpeg
controle.diariodorio.com/wp-content/uploads/2021/05/ 71 KB
71 KB 338ms
137ms Image
image/jpeg 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.diariodorio.com/wp-content/uploads/2021/05/WhatsApp-Image-2021-05-07-at-15.58.50-534x462.jpeg
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 04971121453cc8669eb53131a2b03c343faa5718cd5b03b398c7fc70782765f5

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://controle.diariodorio.com/
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:31 GMT
Last-Modified: Fri, 07 May 2021 18:59:06 GMT
Server: nginx/1.18.0
ETag: "60958dfa-11bec"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 72684

GET
H3-29 200 BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rl.woff
fonts.gstatic.com/s/robotoslab/v13/ 23 KB
23 KB 7ms
6ms Font
font/woff 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v13/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rl.woff

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/wp-content/cache/fvm/min/controle.diariodorio.com/1617125214-bf6ca16b5b68527245359524ab42be4ff5e60f1f.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7541859c7b0ad4363a8b8e73422139a2e3ad1c478b70aa9ac96e6d080a1a5775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://controle.diariodorio.com
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 22:10:05 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:04:05 GMT
server: sffe
age: 40106
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23704
x-xss-protection: 0
expires: Wed, 11 May 2022 22:10:05 GMT

GET
H/1.1 200
OK Logo_ANJ_RGB-1-300x58.jpg
controle.diariodorio.com/wp-content/uploads/2019/07/ 8 KB
8 KB 166ms
124ms Image
image/jpeg 190.89.239.47
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.diariodorio.com/wp-content/uploads/2019/07/Logo_ANJ_RGB-1-300x58.jpg
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.47 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us222.serverdo.in
Software: nginx/1.18.0 /
Resource Hash: 5021c2a5ef305f164f759c201847584a7a5645b9d2b6fb9b591395918afee5eb

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: controle.diariodorio.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://controle.diariodorio.com/
Cookie: _ga_9B5MLBZ7SJ=GS1.1.1620811111.1.0.1620811111.0; _fbp=fb.1.1620811111619.1002101485; __gads=ID=b20a0ff9e2f93f81-22df3bcbe1c70074:T=1620811111:RT=1620811111:S=ALNI_MYRjZQ5IvzV_Ot841kYtp40M_QOSg; _ga=GA1.2.1273230402.1620811112; _gid=GA1.2.2023127648.1620811112; _gat_gtag_UA_367649_10=1; _pk_id.260.2a41=66c9095758527178.1620811112.1.1620811112.1620811112.; _pk_ses.260.2a41=1
Connection: keep-alive
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:32 GMT
Last-Modified: Thu, 31 Oct 2019 12:05:15 GMT
Server: nginx/1.18.0
ETag: "5dbacdfb-1f6f"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8047

GET
H2 200 pubads_impl_2021050601.js Show response
securepubads.g.doubleclick.net/gpt/ 303 KB
107 KB 338ms
37ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

9eb83620a305b5cfbd47a770dd1f649d9ae99d34becf19308f9cc75106d1b5b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 08:40:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109330
x-xss-protection: 0
expires: Wed, 12 May 2021 09:18:31 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210510/r20190131/ 223 KB
82 KB 44ms
30ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210510/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3475011114767287&plah=controle.diariodorio.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6130fe8ded2255439c42cf9e805c28b1a72bfcad166d9dcd720243d33557628b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84099
x-xss-protection: 0
server: cafe
etag: 12011922212658401594
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 12 May 2021 09:18:31 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210510/r20190131/ Frame 2536 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210510/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210510/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controle.diariodorio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://controle.diariodorio.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 11 May 2021 18:01:56 GMT
expires: Tue, 25 May 2021 18:01:56 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 54995
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23959
x-fb-rlafr: 0
pragma: public
x-fb-debug: UqTcm4kNenNoCHZea4C5wtitMUQI+DQowGzcVFAbpiRtEN/id4ti+uHJmgDBCblx7X+YcRjT+vCUW5OYBD+KfA==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Wed, 12 May 2021 09:18:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 117 KB
45 KB 41ms
39ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9B5MLBZ7SJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-367649-10

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ad14814962c7e5c91572a4eac8093fe0df9fe7b419c7d395d841c7fbfb68b06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:31 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46112
x-xss-protection: 0
expires: Wed, 12 May 2021 09:18:31 GMT

GET
H3-29 200 486707224859203 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 64ms
64ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/486707224859203?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6ddb87ea83b51e54ecf51b70a8d836acc56e52b26d613e9fa5d392fc9a87b45f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: OPeb2wf69BC6qVP+qEONJl7s5Nprak7Gb732GQIaxbDWWvXUx3RdiXpkY6t54HVi99dCuD8yqPuA3rZR4DVctg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 12 May 2021 09:18:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 205 B
441 B 89ms
88ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=controle.diariodorio.com&callback=_gfp_s_&client=ca-pub-3475011114767287

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210510/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3475011114767287&plah=controle.diariodorio.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

078c5a319b27b4b97fa1f2194c5a5d611c4587f069a2bcd342572c0dd83faefa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 36ms
14ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=controle.diariodorio.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 09:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
317 B 16ms
14ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=controle.diariodorio.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 09:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BF7F 0
19 B 74ms
73ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3475011114767287&output=html&adk=1812271804&adf=3025194257&lmt=1620811111&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcontrole.diariodorio.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620811111410&bpp=4&bdt=941&idt=101&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=776379003530&frm=20&pv=2&ga_vid=1273230402.1620811112&ga_sid=1620811112&ga_hid=800897183&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061033&oid=3&pvsid=1799629773953198&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=122

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3475011114767287&output=html&adk=1812271804&adf=3025194257&lmt=1620811111&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcontrole.diariodorio.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620811111410&bpp=4&bdt=941&idt=101&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=776379003530&frm=20&pv=2&ga_vid=1273230402.1620811112&ga_sid=1620811112&ga_hid=800897183&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061033&oid=3&pvsid=1799629773953198&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=122
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controle.diariodorio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://controle.diariodorio.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 12 May 2021 09:18:31 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 12-May-2021 09:33:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 12 May 2021 09:18:31 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 74ms
52ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ef9a18aef9847638b3b4344a0b2ebed14e84fb0aeb8ce29292af06826a2580a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620696588139699"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28014
x-xss-protection: 0
expires: Wed, 12 May 2021 09:18:31 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
77 B 46ms
45ms Ping
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-9B5MLBZ7SJ&gtm=2oe550&_p=800897183&sr=1600x1200&ul=en-us&cid=1273230402.1620811112&_s=1&dl=https%3A%2F%2Fcontrole.diariodorio.com%2F&dt=Di%C3%A1rio%20do%20Rio%20de%20Janeiro%20-%20O%20Jornal%20100%25%20Carioca&sid=1620811111&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9B5MLBZ7SJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://controle.diariodorio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-367649-10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3099
date: Wed, 12 May 2021 08:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 12 May 2021 10:26:52 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=486707224859203&ev=PageView&dl=https%3A%2F%2Fcontrole.diariodorio.com%2F&rl=&if=false&ts=1620811111621&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1620811111619.1002101485&it=1620811111460&coo=false&exp=l0&rqm=GET

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 12 May 2021 09:18:31 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&aip=1&a=800897183&t=pageview&_s=1&dl=https%3A%2F%2Fcontrole.diariodorio.com%2F&ul=en-us&de=UTF-8&dt=Di%C3%A1rio%20do%20Rio%20de%20Janeiro%20-%20O%20Jornal%20100%25%20Carioca&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1118214552&gjid=1766548146&cid=1273230402.1620811112&tid=UA-367649-10&_gid=2023127648.1620811112&_r=1&gtm=2ou550&did=dZTNiMT&z=420409185

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://controle.diariodorio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
93 B 37ms
37ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-367649-10&cid=1273230402.1620811112&jid=1118214552&gjid=1766548146&_gid=2023127648.1620811112&_u=YADAAUAAAAAAAC~&z=1738936728

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 12 May 2021 09:18:31 GMT
content-type: text/plain
access-control-allow-origin: https://controle.diariodorio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 20ms
19ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-367649-10&cid=1273230402.1620811112&jid=1118214552&_u=YADAAUAAAAAAAC~&z=1347345597

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
18ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-367649-10&cid=1273230402.1620811112&jid=1118214552&_u=YADAAUAAAAAAAC~&z=1347345597

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
165 B 17ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=controle.diariodorio.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 09:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=controle.diariodorio.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 09:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 719 KB
108 KB 1578ms
1277ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1799629773953198&correlator=3618459104726547&output=ldjh&impl=fifs&eid=31060411&vrg=2021050601&ptt=17&sc=1&sfv=1-0-38&ecs=20210512&iu_parts=1017220%2Cads_1%2Cads_2%2Cads_3%2Cads_4%2Cads_5%2Cads_6%2Cads_7%2Cads_8%2Cads_9%2Cads_10%2Cads_11%2Cads_12%2Cads_13%2Cads_14%2Cads_15&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13%2C%2F0%2F14%2C%2F0%2F15&prev_iu_szs=970x90%7C970x250%7C728x90%2C970x90%7C970x250%7C728x90%2C300x600%7C300x250%2C300x600%7C300x250%2C300x600%7C300x250%2C970x90%7C970x250%7C728x90%2C468x60%2C468x60%2C468x60%2C468x60%2C468x60%2C468x60%2C468x60%2C468x60%2C468x60&cust_params=tipo%3Dcapa&cookie=ID%3Db20a0ff9e2f93f81-22df3bcbe1c70074%3AT%3D1620811111%3ART%3D1620811111%3AS%3DALNI_MYRjZQ5IvzV_Ot841kYtp40M_QOSg&bc=31&abxe=1&lmt=1620811111&dt=1620811111792&dlt=1620811110469&idt=1293&frm=20&biw=1600&bih=1200&oid=3&adxs=315%2C315%2C1022%2C1022%2C1022%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=294%2C1398%2C1467%2C1935%2C2095%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adks=1201374722%2C952920527%2C3679555441%2C3023805252%2C780150953%2C3885159674%2C1926690160%2C521073279%2C3038698122%2C4022550131%2C1947152619%2C2701396933%2C1292382740%2C3915177849%2C3188841689&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcontrole.diariodorio.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x21%7C1600x21%7C324x21%7C324x21%7C324x21%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=970x21%7C970x21%7C300x21%7C300x21%7C300x21%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=1273230402.1620811112&ga_sid=1620811112&ga_hid=800897183&ga_fc=false&fws=4%2C4%2C4%2C4%2C4%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2&ohw=1600%2C1600%2C324%2C324%2C324%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C1%7C2%7C3%7C4%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e97e523339ded0e0de3b2acd9cbc4e0bd56fc28907abcfacb7b5e903bce8a519

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ7N3PTnw_ACFVCFewodYgAEjg&gqi=&layout=/sadbundle/%24csp%253Der3%24/12132108151055701416/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18005275361648635775/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18005275361648635775/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKjN3PTnw_ACFVCFewodYgAEjg&gqi=&layout=/sadbundle/%24csp%253Der3%24/18005275361648635775/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18005275361648635775/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18005275361648635775/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKrN3PTnw_ACFVCFewodYgAEjg&gqi=&layout=/sadbundle/%24csp%253Der3%24/18005275361648635775/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKLN3PTnw_ACFVCFewodYgAEjg&gqi=&layout=/sadbundle/%24csp%253Der3%24/12132108151055701416/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ7N3PTnw_ACFVCFewodYgAEjg&gqi=&layout=/sadbundle/%24csp%253Der3%24/12132108151055701416/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18005275361648635775/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18005275361648635775/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKjN3PTnw_ACFVCFewodYgAEjg&gqi=&layout=/sadbundle/%24csp%253Der3%24/18005275361648635775/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18005275361648635775/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18005275361648635775/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKrN3PTnw_ACFVCFewodYgAEjg&gqi=&layout=/sadbundle/%24csp%253Der3%24/18005275361648635775/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKLN3PTnw_ACFVCFewodYgAEjg&gqi=&layout=/sadbundle/%24csp%253Der3%24/12132108151055701416/index.html
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
google-creative-id: -1,-1,-1,-1,-1,-1,-2,-1,-1,-1,-1,-1,-1,-1,-1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107423
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-1,-2,-1,-1,-1,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
date: Wed, 12 May 2021 09:18:33 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controle.diariodorio.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 70ms
14ms Other
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 26ms
5ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 prebid_alright.js Show response
cdn.a-latam.com/ 305 KB
88 KB 129ms
53ms Script
application/javascript 2606:4700:3033::ac43:ae4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.a-latam.com/prebid_alright.js
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/manager/js/container_NjKeR1Ss.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:ae4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad346d3ec39d7709cc170da7b5df6f0ed2f17c9589653f2320f0cf7b0936c094

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5257
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: ETWF1KX1DR5HHXRQ
x-amz-id-2: unJzjHWi2Nx8zEd4k4ZsfYffbnIsK4YUPiivXL86lJPpStPEdOlAxHizS4Vf6QCXDDgMRaJi5cw=
last-modified: Tue, 23 Feb 2021 20:03:09 GMT
server: cloudflare
etag: W/"cf84cfd284cdbc421158e00fe081a1b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6Rf46YTm5i7%2FzU36Cois2n30RNMqmLQsVnUvfWSsQ8UZ5FIHy0KyOmTmvpatLC6%2BufQIZr31LH%2FpF4mxh7i1IgKRkfXt5TcmjylOhnIm6QSlyEwqcL13ah%2FBe9A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-request-id: 0a0177f6e50000bebf80a01000000001
cf-ray: 64e28f6b0990bebf-FRA

GET
H2 200 matomo.php
analytics.alright.network/manager/ 43 B
161 B 507ms
287ms Image
image/gif 34.206.101.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.alright.network/manager/matomo.php?action_name=Di%C3%A1rio%20do%20Rio%20de%20Janeiro%20-%20O%20Jornal%20100%25%20Carioca&idsite=260&rec=1&r=806978&h=11&m=18&s=32&url=https%3A%2F%2Fcontrole.diariodorio.com%2F&_id=66c9095758527178&_idts=1620811112&_idvc=1&_idn=0&_refts=0&_viewts=1620811112&send_image=1&cookie=1&res=1600x1200&gt_ms=1386&pv_id=3Tup0v
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.101.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-101-169.compute-1.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:32 GMT
cache-control: no-store
server: nginx/1.16.1
content-encoding: none
content-length: 43
content-type: image/gif

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 8ms
7ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary5GDG6q1UXWLbu0wY

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Wed, 12 May 2021 09:18:32 GMT
content-type: text/plain
access-control-allow-origin: https://controle.diariodorio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 27ms
7ms XHR
application/json 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210512

Requested by

Host: cdn.a-latam.com
URL: https://cdn.a-latam.com/prebid_alright.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

383e242f4d01436295f56ff9ee0179b9216a6c5cbfba737dbf155741fd0d6090

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 14366
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 939
etag: W/"6a0-UVUYH68seO+ykhC02SYX+GwEFXM"
x-served-by: cache-fra19153-FRA, cache-hhn4024-HHN
date: Wed, 12 May 2021 09:18:32 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 t3m.js Show response
tags.t.tailtarget.com/ 19 KB
8 KB 77ms
20ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.t.tailtarget.com/t3m.js?i=TT-11953-9/CT-806
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: nginx/1.8.1 /
Resource Hash: f8e6dd34a206f494e2bee249d03f71175000831e704e8fbad5e54801037f4a95

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 08:33:09 GMT
content-encoding: gzip
age: 2723
x-guploader-uploadid: ABg5-UxaA2zGa95oqG57CffotTjudqz3gPTMW7bwD3PED_rQGKsPqTmd7-HJEzYnbODot-JwlydnBakCLJ_2n47NzWnOJP62fw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 7785
last-modified: Tue, 11 May 2021 14:37:39 GMT
server: nginx/1.8.1
etag: "d2cd23e18fb8c54ac4914f23afbe8504"
vary: Accept-Encoding
x-goog-hash: crc32c=AJcbpA==, md5=0s0j4Y+4xUrEkU8jr76FBA==
x-goog-generation: 1620743859035744
via: 1.1 google
cache-control: max-age=7200,public
x-goog-stored-content-length: 7785
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 12 May 2021 10:33:09 GMT

GET
H3-29 200 KFOjCnqEu92Fr1Mu51S7ACc6CsI.woff
fonts.gstatic.com/s/roboto/v20/ 22 KB
22 KB 7ms
6ms Font
font/woff 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOjCnqEu92Fr1Mu51S7ACc6CsI.woff

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/wp-content/cache/fvm/min/controle.diariodorio.com/1617125214-bf6ca16b5b68527245359524ab42be4ff5e60f1f.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f2974a396dc0695d071e842551e7af9c72f0ef8d2d076fe73a523b1a3c2d0e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://controle.diariodorio.com
Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:47:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:47 GMT
server: sffe
age: 45041
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22020
x-xss-protection: 0
expires: Wed, 11 May 2022 20:47:51 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 29ms
14ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=controle.diariodorio.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 09:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=controle.diariodorio.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 09:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 pastoclockp.js Show response
data.gblcdn.com/data/ 21 KB
6 KB 41ms
15ms Script
application/javascript 2606:4700:3036::6815:5b0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://data.gblcdn.com/data/pastoclockp.js?aid=6f4889f8e38ca8e79c6a&pubid=50f05b00-2f19-11eb-8892-9542e7fb0cbd&pid=hedsxwzjocmnvx&renderD=0&limitT=0&limitH=24&parent=body&t=i&mt=b
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e164b18bde0c8cb2d5b27728b03406fccd9e02b6a8ea597f726d003b6db7eb2f

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:32 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 446401
x-amz-server-side-encryption: AES256
cf-ray: 64e28f6c4ac32c3a-FRA
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a0177f7b100002c3a043a5000000001
last-modified: Thu, 22 Apr 2021 09:46:57 GMT
server: cloudflare
etag: W/"6f4889f8e38ca8e79c6ad96629f9b993"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cq3gs01xCV9Jq%2BXzvmY4a0fP9LCVodEEqHLOHf184wBk%2FD2KKHNuRk2U0uXkCJr61OFL67S%2BGGV6M0rS3QLWMwIZ7OOWfgFYQuVH4tIMCGKtU1mNPbzTdNwmqYA%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: gvINWuD4fBMlRF7uBJja9X6ULElLmTnQ
cache-control: max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: _2_bUiVrV6QE0kspVkKuBDSIA_Ue_BDyPSmqoCQnpnn41ZqvqKA2Aw==
cf-bgj: minify

GET p
server.gblcdn.com/pool/ 0
0

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
7 KB 33ms
19ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210510&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60c978bdf44475cf54ca04af4ff618f96e4554047b6a93fedbc1f15c5c177ea6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 09:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7594
x-xss-protection: 0

GET
H2 200 ws-6UQPXFMN.js Show response
wfpscripts.webspectator.com/bootstrap/ 1 KB
935 B 645ms
140ms Script
application/x-javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/bootstrap/ws-6UQPXFMN.js
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/manager/js/container_NjKeR1Ss.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 88b4d7d6cd251e7d1e5b8d702df001a3289b81283329ca90b29c2b74c5e6c615

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:33 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 17:22:02 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"deb368648f84cddd296e1d742c4a73eb"
x-cache-status: HIT
content-type: application/x-javascript
cache-control: max-age=31536000

GET
H2 200 conversion.js Show response
d.tailtarget.com/ 15 KB
6 KB 31ms
20ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/conversion.js
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 16:26:14 GMT
content-encoding: gzip
age: 60739
x-guploader-uploadid: ABg5-Uzi7H32FqzTGNrY9qn-r8bLQEURe5L9yQbcfpu-pDyLAzkrN6dwFLwKG_4CkR0ehddN3Ekv3T_BZnLJTLEvmLhE6HmrTg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 6114
last-modified: Mon, 19 Apr 2021 15:43:33 GMT
server: UploadServer
etag: "090fb4b641b03e182ef8a7fdc93d72de"
x-goog-hash: crc32c=VQO11g==, md5=CQ+0tkGwPhgu+Kf9yT1y3g==
content-language: en
x-goog-generation: 1618847013991944
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 6114
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 12 May 2021 16:26:14 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 28ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 12 May 2021 09:18:33 GMT

GET
H2 200 base.js Show response
d.tailtarget.com/ 20 KB
8 KB 20ms
20ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/base.js
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 16:26:10 GMT
content-encoding: gzip
age: 60743
x-guploader-uploadid: ABg5-UyaPL4d5e_2gBnUqa0DSwWWViCtex4jLX-HnD2_tJZqcBs1EKaSyBnljeXHtntkaGUMbOBz9iL17DJ4MZ7_-lzAKJUB9A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 8332
last-modified: Mon, 19 Apr 2021 15:43:33 GMT
server: UploadServer
etag: "3f338dc5c15f92841113b0350587be44"
x-goog-hash: crc32c=sfk3og==, md5=PzONxcFfkoQRE7A1BYe+RA==
content-language: en
x-goog-generation: 1618847013907660
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 8332
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 12 May 2021 16:26:10 GMT

GET
H2 200 trk
tt-11953-9.seg.t.tailtarget.com/ 70 B
589 B 185ms
109ms Image
image/png 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt-11953-9.seg.t.tailtarget.com/trk?tA=TT-11953-9&tJ=_channel:alr-diariodorio:1&tK=1620811113&tM=direct&tL=direct&tN=direct&tY=3&tZ=266270423
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:33 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-disposition: inline
content-type: image/png
alt-svc: clear
content-length: 70

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 8C73 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controle.diariodorio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://controle.diariodorio.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Wed, 12 May 2021 08:53:15 GMT
expires: Thu, 12 May 2022 08:53:15 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1518
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 u Show response
b.t.tailtarget.com/ 71 B
481 B 165ms
112ms Script
application/x-javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?env=_ttq_tt_art
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 937866902e522ba08d7a3005826b7116a73269ec66b3a3b606b6eb238962d34e

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:33 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
cache-control: private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H3-29 200 VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js Show response
pagead2.googlesyndication.com/bg/ Frame 8C73 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:02:08 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 985
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Thu, 12 May 2022 09:02:08 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 30ms
30ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210510&jk=1799629773953198&bg=!QEOlQwfNAAY59bwoOfU7ACkAdvg8WnRcjjPXD3EzrYCdASFkJ8L7GPPREbwDnjr5N_Zh0_LoPvn8CwIAAAB0UgAAAA9oAQcKAP9vO7eCy6MvfwAT0dU35zVdpqsByMyeDr9G2_UpkU1hyIDUeYNUED5DksnU0rUaql3ehsLmkFXx9lhdGKvlhWynkdtHap6JxlmSKVwXwVHEL8yqlOVs5p6gZsJTZgit7zfeL6LCAzvt-YsbQ-WPoUha7uLJ47vk6f3Y4XZXTRXo5VdGS4CfLJJKNR65A-pwHLAgKc3DLYmIBcgl_BbGQJDhvvgLBtstSOB7Prh5YSfMDgeLli2xOV3e7X7yut3bzQ1wRYauL1CrXTF2rntM1PlJkwe5FY74N4xYJimaw-Giz_5jGpN3Wp1pmtfloKkinvHpFmqOekPzXifnF59t4JqZAk3SVseBmHCgG7tI78jW-DhkIyR2RCIs-u3g6mzHdiA-0B7bDoWVfDowkZ3kcr5NQsRfXY1zsPJfTCEkAMZ774zZcwgFMdkW0lHwF0xR9ti9AQ0BnJMYqnf-7_7F1ByPRmsZfVCzOXf9bgf0UkZTp3RM5lQhajFMqveO57s2HB4uu7VpwZkzIeKTkSixX-L13K2ecIh8xVppogWhHbTghHPPQO_6rAZel-aE7_t0RizJAnMtTa_ZCUyeej32sPHuk1qDINbnsVzK1tKZQYvbmprb2-Hc1MMWh9Ixh-opY9P7NaU-a3b-rGq4wyQziHLUGxlJRTa4VgYA6GhWsw6ShBA4_eWVcCKsKdn1_2h3J7USa6ti0quYxTs4oZPbuexYW46eVpb7AOec_K5Qf1vDizZLWGtTNgC6uUMxktrf14oVXbYnO7YUAymm4Xh5y1V1k0R3033QxdcFXhAvxlmFTmQlYXfnv-0rf2IJy96R0bDq9sFb1x4-NRHSp4k_hoy1fQH4VOe8yvGqchFXhdfF8TbORFVi2lY1qg9qlE57N8tsGj7QB__g0B9XVf09BGQpmBfKbl07ARoxGVSBQx39RkdDePX7rB5g3Un0r9N1CFp1rW4lHQ8TcDuyXv6JqqF0ac6LtYnf1N7t_r2jR_FQc9t__bJ6hrkF1csVeFr3OOdKm9BoYf_R0bLGIsodmdVPxsmMAAJ3P1cgxx_-VI72mHIEFllM7oP63vZpQj_gIbhNszHyuNH4N_2ZS6Xn37XS_dG50yM_h-pElBtK06U5

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 b Show response
b.t.tailtarget.com/ 144 B
585 B 109ms
109ms Script
application/javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-11953-9&tY=1&tS=2&tU=0100007F699D9B607D0652AB02B3A504&tX=b.52&tZ=309548131&env=_ttq_tt_art
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 956c23115c4d120f111eafc93bb2eb20bec08e430ea1b90308a3a1f0276995c5

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:33 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H3-29 200 container.html Show response
b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BA6F 6 KB
3 KB 20ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controle.diariodorio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://controle.diariodorio.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 12 May 2021 09:18:31 GMT
expires: Thu, 12 May 2022 09:18:31 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame ADB9 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controle.diariodorio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://controle.diariodorio.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 12 May 2021 09:18:31 GMT
expires: Thu, 12 May 2022 09:18:31 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B6A2 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controle.diariodorio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://controle.diariodorio.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 12 May 2021 09:18:31 GMT
expires: Thu, 12 May 2022 09:18:31 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2810 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controle.diariodorio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://controle.diariodorio.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 12 May 2021 09:18:31 GMT
expires: Thu, 12 May 2022 09:18:31 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3745 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controle.diariodorio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://controle.diariodorio.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 12 May 2021 09:18:31 GMT
expires: Thu, 12 May 2022 09:18:31 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6C6A 624 B
297 B 17ms
17ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhjZg-WmATAB&v=APEucNWnrNVCiLpR1JoMA7hf7yz_t5BLgvXbxdcEuCFZHRicRp_yuwFyjYd9lw2F2WRuVzxyibwhJA16Yp1aBDQnyrqacPZj8fOoajtxa9HpNJoE88fEIR3PJlPTHiV8q7WDbL0nksss4S_dqfT90j58fjSeJNYvVnMBVD-HD8hnBoHljA-I6f8vVszEGz87zT2njghywDezLdqyoTTLYiRc_TICpBVcqQ

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CNyuyAIQpovKAhjZg-WmATAB&v=APEucNWnrNVCiLpR1JoMA7hf7yz_t5BLgvXbxdcEuCFZHRicRp_yuwFyjYd9lw2F2WRuVzxyibwhJA16Yp1aBDQnyrqacPZj8fOoajtxa9HpNJoE88fEIR3PJlPTHiV8q7WDbL0nksss4S_dqfT90j58fjSeJNYvVnMBVD-HD8hnBoHljA-I6f8vVszEGz87zT2njghywDezLdqyoTTLYiRc_TICpBVcqQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmw1flgirFi2Afpp6xgRbmvD4qdGs-mSlb2ohvDbxS40B2bmYVEBZt-oXgdvAk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 12 May 2021 09:18:33 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C0CC 23 KB
12 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AZJrXqlwr0TQJiEsG6HAX-yWUnb7ZuvcneRM8zDHdksb1jGkl_mKR05SITVlj6i5gwhmhX9H8NpmWBTUKLlY60yDTL_6KstP3vARCoooEm1aaLtHPDn_ZpxS3IjDI0tn132mAeNrlBhIryCncOwQlSrACtag&dbm_d=AKAmf-B6JOp_qkndvPFzPw59imSHEhkqSeFWv4bQtq3yqIdfuMamfkUehoPO4MgLW-qcPJ0v3Ulu22TPO23kmC0JAHn3PyvwFOf_kt_UvURA-KNaX5bOaW85iCDEBhQdVK98LOsdOb8yN4xwDiLX8w7SFfQE31Ye3YEZ7jpa5G6pTBQJzJs8ZA9XOhIsgpGxiRYKKLZBcKMYXTxMH3mH6TxtGadywtk8h3rXXA7a1LxTx4ZMXDrWeNEn12Cq3-tKWKz9kxX6clTXJPOhEL0UGd9zie6FGQXIqjT5LAX3GAtxOkduPkO4H14diFDZTvVMFh5ZCs3LaGFFMijcM3wd7Tq-GiR4EytV7v2XHUsVUVOhL1kkcZkjbPG9tWyV9SWdBZeRXXibCgdnpMJW4TqgJUBURBLXaE_7NH2purdYtgGLpjV_MbcpsOgOFNvKsTMzaL6phkOFuyKI2-L0rsofMfiGLnq4W7shVg0le0gC7pcfQKlkgtAqHWfogXpSg-0IlgJuCO9EXQEyMMxbhnBInuiKy9quTxhSF29yHHclfzr2_IxwIt7ykaDrtzbGTxgJB0rWPNl6yfngPXOmnsQbdDeC5f7SE4HDqI2xO1b9BQAtJ8pBbYZpK_dnxEVXL8lVb2epY95JxD66I-83-b1rwjW7WpK5jmEBeqC1lCZpeTSWHFmE9bDkJziU-SMnhoWPGmnow-gkDKybzxYRMjjDnMozjxjvltKRkLcccadypVDHw82QHa8305O3hyTggd9_5-B2KgmEf2nKblebvX3aSaJqyF9A9gWV9j5UK781LiedXpWoriDiU1y-LzrqcvPgNI8tQQIBXKisTL5si9VX9VZcc3Q0aGgqG0FVjZPeIxOV6I-q68MyA7zY025ull6qPqdYJGruE1yepRjpabGnDD-umccG8BXM31CsFVCX7tfIuC6Esvuo3JpZULHhE87tZcENMobEZT4w46qpv8TFOLXoWp0_rTyji9NaKwOj4Toue9lfHUV7xiQnDifvcvL8aaqsoMTl6zft480GtkPYPgFQ-YiMbH7Hu5pWZAJz--OhsRZjdcHrCVP-BojRSr0GNbbv4thVjcSxXp6ysrXMEVDuC8XD_76z-hda_oldTiDnikcCSJHL5xeesssZ8ZPddUcMkKGJdz5zp67AC-5gdiymcGFEW9smXfSPaMdXPDVUQwR43ucB2WeHYaekMFk4DIJrol8zEQpwa8I32cQqcJbe8Sp_5Vsrge4npEuLpiR751Rbx-b437J0qAHfmP1YomrRVPedbJy4_q8IPOqv35coUoM9apyoFcGVTDFUtMPvGNzSyeFkoQsNL-2KeRCQmEwVzNg_Job8FLKykj2OIdeCsN2QjnH29_ALdS4lZg5hPm04MDQYkzHCTePbdBT1ZmZ3Jow4mUCJu5ZW7cHaKzDceR3rJ0cGUzN75lAABO1_WZV2gqZE2preKcxXz0KvRnEf9qOWOhWhgol7ar6e2N0dWT8V-hzb6PVwHjW_4jNENQ3j4ppfPDpvntD-aJ3f5pnx7kr_vYdMlbl5SLPbwWunRSldyac80bsFq_a7tdBTZ4Jpoj1odL2q6ioaOl8cqy1VTsIKWC0A5SaX-xeFwEsEa-0zHDYW9rGUSkP9f11zJYcYjhrSGan8J9jU3VyJ7iBc9kIxIkAqB0zcOfPkcuiw3aWmdO4ZXIY4dKtWpV28j1QCUwA7abVFyPv1IR9CKHNizmd8-gULbQlmjZo4wSehvzuBIXIEk2-ArbdjEvqFn2tTQC4jFWicPy9OvHrH8II8IeLg4AmhL3zf-kNdSli23f8vBmfwt0U3Lh6MV12Emcp761FSTQp3YqnA_54ZGuQoybyExQorpcEKmZXs9jqpYnDPLwggDHPUX6Yq4aBL9zbz1bmDB5IPQO0gRuIAni08004pK_QXt6fUU9WbpV6ahUQKhOuwhSphfifg_hkTNr8APHsFV2A1IXYWn5yzoRelX9FjqYoWebCR1fnDbOyRJG-_bTX-VH-doO8QKBWgR9xKsfHrARJFDrk-VkVnGuVbY009s40T4gbQmb5cEzT9Q9MGkX2cDrVXIlDo4RSVGzoB-1Bfd6-VtAH9jKMFjlXmp_F7KP7KoEMypLmbUPSe3dJTd_fZSoK9LBwyOAEpI12ZvmywRpaxS9YPzgO9yNUvPVo9ujVV_aVUCUGK9zL8xiIWIGVgdX6ocakEIadfh017jzrf0Nv3aEiiPSWM4miVTdouGDp0qC3_lqsXpnnREF7mfvJlLhflqcwmP_7t6iXb7gUXcCN3YEIhhK7ndCfzOHT_--OtqrEEnSfHoWr7PggfuV8AJCKmYa8DMRsNUod54QgqWPVM4XmqGUbExzAkX-l9p3yc4ZWuD9gDJAN2AKdySmqyZyQ-iBycY9A0BpSAKCyotprWr3awaf09Af2RryLaRMWEijgqKpLfQemLxosuaFy4UZ_K5PZnVB8bamr113CQ_rR0rEjbAbfVnMuK8DkNQBXq8elvJveU3qRKXnyWtBG2vAaby-8L6WlVOO4o1uq3HqM5_lSIYVtw6TiHBg07oinEpQzgOoKywuHFaQOVbt1upkmrc7yPaNXgSOmJQK1o7sE8DtC9LREpi85PLFjOijxF3uewaRuRq7g4vqbcC0K0Msz7ELehm-sGdf4FbfQOD4UhT38QdTYZZWPZpKNkRoITyK-0ipL8YCTlFPy6ssSQV8tmmmXy0xQLAddBuOVWzVtT6DKrGhhHZu-AIa4lbQ9cI_0jhymTXIBoxzDi6VkCT02XpCaET5ZlTFbodfeKhOFn76lG5ctdgn2pwFr-yZ6cinHGE2LRadk7vhzEQtY5cY5-2onmMY2Q1fRJQmwfhJ9xcxUqmRAPsgJ5gXpOE1xkK4dPaTbIH0w96mQeRVtMZ_HDSEnCQ_vnFF6v-fhmOiDKDxR2wnOa1nCYqe_6bdptiulMGUDkCCLI9G2Qc3lyARjbk8lJMGVWcxiX-OLyInc&cid=CAASEuRo875iL39RnUZhHPC8dUj6vg&rfl=2%2Chttps%253A%252F%252Fcontrole.diariodorio.com%252F%240

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ca267d6917355d34abaf589ba8fa3f05bb1639d681df1c8d298d0fde6e26f7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12115
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clk Show response
ad.doubleclick.net/ddm/adj/N1246177.3716415IGNITIONONE/B25723610.302216553;gdpr=;gdpr_consent=;sz=728x90;click=https://googleads.g.doubleclick.net/dbm/ Frame C0CC 43 KB
19 KB 162ms
74ms Script
text/javascript 172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1246177.3716415IGNITIONONE/B25723610.302216553;gdpr=;gdpr_consent=;sz=728x90;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CS2n5aJ2bYJ35C9CK7gPigJDwCL23xcxiia6lzIcOv-EeEAEg5sHRB2D7gYCAiAqgAeLd28sCyAEJqQLDerZZmVe0PqgDAaoE2AFP0AB5KN5v3SeXVaidF5nYE9iyaLPzZJ5VNrId8Sg89CR2PdyJGj4lh1HAZkNirYRjsLIqAwNPJeYHX6CcKCUJ5jalngzkLpskliNkctJfx_5w7mZy2rSyl4cZ1eQWOXsP3CEueVHf3bHUtGcNK6fsaD8C8EIKPhdObqKSHq69EbWnc8JpKagxPJdC4NVLjwSfyTLtHm_5Y66ABRDdmkPZcFwoGNffqbPAo1DXPM1JVTEnYoDDF6eX_wYCYWPn5upCQgJUT8IkRYgTGqqyvit4bdlWbn9AF3DABPP9mdSuA-AEA5AGAaAGTYAHhqKktAGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB2ACgGYCwHICwGADAGwE-WJugvQEwDYEwPYFAHQFQGAFwE&ae=1&num=1&cid=CAASEuRo875iL39RnUZhHPC8dUj6vg&sig=AOD64_25CtEupOL96e1_1QyliKZKcuXbEQ&client=ca-pub-3475011114767287&dbm_c=AKAmf-BBJ1d5MReJ3uoGjqnMCXUPq7h9Rt2zlFNU3t_cCHFcPnhtpcQcC92J_wt_1HRASUT5BSFMDDdpDrw3d7j-xuk9GPh3K8CB9j04EiMfDK30gcuZ6GddX1rXwl5ZLU10X8Jg3VANSDRIgvnPu-MfwQAaJNE9ww&dbm_d=AKAmf-BrOEvesEZJBwpDSN-5SzAWOa2EOLHmXRH9RRtoP8ebjAv8GbjG_jLrulMU2CJm-z-5SWsRHkZ8lcqSVS4lrSNwJGVZUJUqvCN6KHXw46kn1fmQT6gpzhVkSspeqWyYajIwVGeSaGktuYV02qVCOvFTeP7_0Mp33jPVVrXdLnpj1--R3HzF2ZvuPgSAN4wl6TxetWUe6umfXC04v8nX82ObzcGX8tRMtt3U_GwR4D_uTRFenm5-VrEaQL3ka-_XTtntInEQFtthhb8NSoENi1ivOVh40cO4S1vTgkixc8hhs6YL1_tJPftH8ut9W5IldxsDEdBP5rQYssTRd-sj1uS3QGMmwg0S9uEWroqdXo-9jOPBb7btbtIVji63Rno-4slJvB-TICuU8pbX-GL442j9DBSHKD22cR7Xo2PDmLLGG2MxFTW2QxcPOSwNT-yjrWbIjf4QGWqfpGBOhE3QOerdHH8ZwA&adurl=;ord=1620811112195741;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f102.1e100.net

Software

cafe /

Resource Hash

4d32f6d38c123e55c3fe7d50a8bd79d33086dc4c28385fbf38ed92773ae11f56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19007
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame C0CC 2 KB
1 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/window_focus_fy2019.js

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 08:59:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 08:59:45 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C0CC 116 KB
35 KB 49ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e3de2e14d9c8708fe42cbb220f1c4d52b720493b1503aa266fac9361b64ac31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620696594685118"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36097
x-xss-protection: 0
expires: Wed, 12 May 2021 09:18:33 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame C0CC 13 KB
6 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:17:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 09:17:04 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame C0CC 0
0 32ms
31ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSuB3uX06SS7pblshPCM0hPISBC4wXRPgg9y665sIb8WiqbtjqTTEBpUcaWMNh1ruoTjVVOdn0hD8KpvgMmj6UH1aYyKw
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C0CC 42 B
63 B 33ms
31ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ACHRokkJxoUvn4miHEAc5HtUb3830QaThP5CNOKgVF3PiRL6rsMWa2lKmuNxCuRUJjhQ0cxaU01L-ojqWAao_BxegXW3UCh6_1_QBMZXna9zBEJBk

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/ Frame B9C8 4 KB
1 KB 8ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24c97fea4b5ca3bbd1127731b895a86921e99d914971ae60beea7c51bd613dcb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/12132108151055701416/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1334
date: Tue, 11 May 2021 10:42:50 GMT
expires: Wed, 11 May 2022 10:42:50 GMT
last-modified: Tue, 11 May 2021 07:47:40 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 81343
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F448 0
0 155ms
155ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C1lDQaJ2bYJ75C9CK7gPigJDwCLjPhtNiu9uQuOsNv-EeEAEg5sHRB2D7gYCAiAqgAer8rM4DyAEJqQLDerZZmVe0PuACAKgDAcgDCKoE4gFP0OAn1ifMZuTu3lAQdODbrBQ1R99lZDIArFA-2WKu7w9ICOGYWBMB9lphHtRdIqw66boC5jR1ehdVuH7TFxCfBb4nbbo6x57oNSpiHPJ6wU8HrOC0I_ad-lS8wP_gz-gI0ujNqY0IxBPLGXsFJfbViVv3bFtdbL7LjC8ZDXb-z6OSb-2zc3iOrHifaZeEQdjP-yBe2_dQKcc92HDlIVqXh2uWaIaexDx_VBRSxGIiCE9Kq-Ca4SdkCdSsxmgFqS1CvvyAa9tPSo8jhQEArtK8WGNfMlw2LUpQlVEgraNSxzv3wASrms740APgBAGSBQQIBBgBkgUECAUYBKAGLoAH_oLTMagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCNqwfSCAkIgOGAEBABGB2ACgHICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItMzQ3NTAxMTExNDc2NzI4Nw&sigh=xsLbAiOLoYE&template_id=419
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/ Frame F448 17 KB
7 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/abg_lite_fy2019.js

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0489619b42dc28c6d135cf946eaea95f6206229dedbad28a2636d3525fdb3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:15:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7042
x-xss-protection: 0
server: cafe
etag: 8099588968410230469
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 09:15:05 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame F448 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/window_focus_fy2019.js

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 08:59:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 08:59:45 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F448 116 KB
35 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e3de2e14d9c8708fe42cbb220f1c4d52b720493b1503aa266fac9361b64ac31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620696594685118"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36097
x-xss-protection: 0
expires: Wed, 12 May 2021 09:18:33 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame F448 13 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:17:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 09:17:04 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame F448 0
0 17ms
15ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSLnSGsLJO272buSdfmRS6z6t7gI9qjjObB7QV-PuxcML0suIR_nL2i_GkHUYnEV4_R_XcLU1vpxo327wCh7bSnYPfGog
Requested by: Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B067 640 B
316 B 25ms
20ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhj2ieWmATAB&v=APEucNUzK83VviEQWhO4Glo-XhpLAl_WQY2SxjpjmnxMztbGBNfJFFFcnGOWaPAwFmxA7JqcclmGaEVZ95QfsjQUy8ik58XFr6Z_uz1vTRKqsLDH51NaUFNWzaN6yiHsFZme2A140KoBXCz2yL2rvmCriQPCQjmPeKED280Lj-x3CxgAXavsafikF-AlTN9oX5iyLa3H0ktZF3eoLyNRKkKgaVer0uJ3Nw

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CNyuyAIQpovKAhj2ieWmATAB&v=APEucNUzK83VviEQWhO4Glo-XhpLAl_WQY2SxjpjmnxMztbGBNfJFFFcnGOWaPAwFmxA7JqcclmGaEVZ95QfsjQUy8ik58XFr6Z_uz1vTRKqsLDH51NaUFNWzaN6yiHsFZme2A140KoBXCz2yL2rvmCriQPCQjmPeKED280Lj-x3CxgAXavsafikF-AlTN9oX5iyLa3H0ktZF3eoLyNRKkKgaVer0uJ3Nw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmw1flgirFi2Afpp6xgRbmvD4qdGs-mSlb2ohvDbxS40B2bmYVEBZt-oXgdvAk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 12 May 2021 09:18:33 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B6A2 23 KB
12 KB 81ms
75ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CH0AkGZtB4CSQe_rqp2Q0KDFSJ29M_8jILap_pMP0-xib4QjCQz4fpgSQ7w-7QidAzhykH9dMwUk60JLkS1Faqz5ThcdGNyOcxejOF97IjsTG_2aF4hlw4tKmcsVnJ5fBdIbdsXQL6sMqgT0kcBpGKlB0vOQ&dbm_d=AKAmf-DOJrLPGLc9kWZ4VubB5wpWAWPT62LftYI3uobEJRLyEyoSGM3XpokBt2b-hlkghc1yT8Foa_iYi8PFJiOiOctclW8tjP7WQDnKGUGCRu0Dmtr0DdmhqXvjjGtzx5vt8fr6muyUlwc3oVE5tXMs-1YWVZSoBA23l9K0zRn-iUH8F9eGpIMejL6bRGb3mhF190PUbY2Mastt1iCKbTUt1pqJs0ULJ84D3f-06qniz03WqO2ARHeE0fxGTw-vU4r0K-IY6TFcCuM_0AX-i-D089L7L63X9r7d33B--1BQHm2WkXzzryM2S0WT53grgZMc_rK3bkLHoRluEs3747Fm1TxYuwd3GGLhEsLdY2d3X3vZxic8UUGqncgWxYQlPp3tmOkHjOjBCeCsU1D2zYucSn-Z_FPl1mK6BuQ-9Kenx50GdWbtgT53Y-7S5qFB52wpkJCaJ7ygRP0VUhAa4wMpy5UoTav8bWlu-d6ZmWB4c7m_Zz1tpAx1J_NX23oH4wNUvZi5eR2VroIaF38csp4oC9L8jU3wwL2jutpjBp_2wXljaE8as3NXwEV1nUJDzjzG2FuPqw4_0mdHRZGBa25AZuVCE1uO-r0QKHocjUr29E65zqRX4rcm97XrXnBYi5P5RhbmuKXkvXGwBXb66JBYH-3RhWQk6cvx6jrvh9z_YFehXKDbG4zVo5POwktJbAtQc3u9ZjIlu-Ib3lZ-ldOCD3izg2quJzYW1qTCb70XCTiTQIUYO1ydFNSFgSOiDM6rBz0ixfY1HntaEPqOEZfLgxaJ-_jlNL32aWQBCLJ5X74sDVf4r3cN8dYdc_cZlzt5Ouo0OvI-CcMqn4uxgYCNmi9xsRonFFCRT50i58SMDy8Mn-pWYvzu2TUHutz-aYuCBc7M3EYSRYwNLI34im11EzqAevgMvI1_90dXIMTPU8EMPquNU6hLTetRF2b6kjA3vcYDB5Tr9TopmEZWqNuls34_jFM4egT_Qh9ddl9EFXMFA8hSoBx2ztltELKW1rr_cGmfE-BaGa4lqMh_pRA0w4uGtgXHjjbXLNowAJuqSFvoi-LxuCTze3uBW2NVDpjcgxDcAYJWdLvmIOUDz9oEDh6W5rmzLPLrGNe770vZUxpDs4ykQadVz1sY9s231YKYcuC2vYoWsDWhZzjEjjjzL1HCXeTsf_SuD4mKSyPRg_RJ7Z5098n-2fkI8dUeJiuJM3PlI-FPYEgqWiMvsuUKWGDwlORa1ZTj8IqUGkmqMTp1qwJS45EQRkahWrew3tBa69ZEbFOxeeJIkVQqMO4esIrCGgJnyGDnOvihijUitSmcFeJW-o0b8cLpXvjCGhnOJF4saEwmMvXs6gtF5RkxpwXzFj7nuey7yIiyNuyXKzyW7reTheTcz91ERLpqPqvWAdR2hNu6xCxfQu8-cFVaE96oCucNkz2ryd_V8chQynnPhc3ZkSQbg8y3oyfI-lRSwhTpcWfgFXjWMfCH0TkFR09k2k9azgy8NnxZWzBewoGamlOIBpo-9Zz9Wsv2kp_rQoeuT4gEEMnj5PjztAnLpOgQ0yLItI-vonIizp0L9ihlCh3C3MjT-J4bcAhktAJ_66eMzLO9NGrgCctuv0QkXOMcV8IRzR_OwiK4R2AjodJsetNPfU_lfvEMFyNxGKZKcP41q7PST0iv9WQQCv14yzx1ZMZRm2ln0x9e1hFcSBqMfHwdLfCUnUDmvXdtVUN5s2Bgg8C3UAFUCvP2UOUnwzkrZWnzfTfWdXObdDTl0X6llMQyAHAqxj4FKUbQyeUrkIb4T50PVfTGMNrl-gdEO6WfuPIsvW7Vhrx_hKGamwu8aydU5q-nQUqJ-CzgfGpZJ_UgTdYbRvR0Fr16EnXNydBWUPtuJ56LMvT2tAuBr7sfwCWL_Cvq95rC5W7WGJUTTf1CUT_wB6K7B2czwbdniFSkKI-msPCAKHhAFaVpiJguyCtT6tWIqVUCZCRXp3ISBDnyl3gvNDj17kTl3M2EEIrOUoilOHgoqp2gOYigvhkugDxIAnWofmJdLn8ypwgPQSh6tNXUD9faSv8jKmoibSraRz8Fkl-XcpnwEli3UsTsqcjijbXIsw4ZZZYdcYjhKlixzfYAAWOEeU8QL4b3TuECQIkKsbhTDi_A26S67ow50axqGlvlT5pz5EdRgEaQe4yJAx_JgGeJXxtHrDNIixkPm2BjaXPNIHh3mzY24A8FXnV03n7ViCmZm7dpdN1-fC94goa14MPqKJsXl_ujfpd8DvV5up6N8SXLAEP_t07h5PlRZEGD2nWtFdRGGo8gmD-iB-3tC3RcpZxQZiJB1PAj-z_cSKCTpqRKQTjRwnq9q6xQw52TrkJyityikPIfqh_ticulA6PgC3HBUuSfz870woT_5lW4DvdFNi4P_m2znZYruVIn0lYaVR0MoMAHIR9eHayj6OWV8kv5pGIRp-SkxEU-jZ25AMEhVVhxDGf1kz6ZjyeMgy5eosEkOUcTP_dfJ5zcWbyogtqdnvn6zRZQr2imIlNKcnD_vtKpnn4BmynE_zBnUkOGaHKnoP8zIivwA58v-9iz5fpxnjcisee4IPbMPq0gL9IfVdlGhYykmKQRfAj9Lp_cGN0lFhPI5jz2h4owD2Xly3utKB_Re4xjGnQzR1iJwSIpQl91k-aaUoKnXlDqgxbVoIf2_39UcYM8N-HLdjTGLU2IKfgf8_RqN56UiKn6_ZGpcpC_28mquGSGu8FlZE09CTU9rSa7UbIVUCUiDMQxo1hLC05AnQ49yfiv6z_wABT27zek0SxCs6iE1SVTKZNQ00yHVvpYk-WAJz6Zr06j-jW8sw3YLYSfLQkK8ybahXBiOfJkaz3n3jkWy2Lvr6wHqdqnzUYxV550cRi8o6ZJTNH8aJw8Pa5GQQ3F3ywH-BhH1jaTncc719pw_ZC0HTPpiA34qn2T46kNUwqQx6e2bkUNpHe70jZiyDyZl8g0kC4qdJXfSKMIT5zoQ5tpbcNva_D1pIVlSn9PRGtk&cid=CAASEuRoZurDCRBFJHfSRh9KKRvffw&rfl=1%2Chttps%253A%252F%252Fcontrole.diariodorio.com%252F%240

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec4cb9edd8f93082e3acf18b6d9115c4480ae1f2221a590014d6ace5cef91a36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11943
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B6A2 42 B
63 B 83ms
72ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B1ojRmDqJGkeHpBD15vCsNjg9BgjFil8z-dHImrjmS9ioDGJqB4opdYEKBkT-NjD7ztHQ1_NqhvZB-GhWqL2Hnp4Ba1IScXs7BeCmW7djT6qXf_4Q

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clk Show response
ad.doubleclick.net/ddm/adj/N1246177.3716415IGNITIONONE/B25723610.302450104;gdpr=;gdpr_consent=;sz=300x600;click=https://googleads.g.doubleclick.net/dbm/ Frame B6A2 43 KB
19 KB 173ms
145ms Script
text/javascript 172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1246177.3716415IGNITIONONE/B25723610.302450104;gdpr=;gdpr_consent=;sz=300x600;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CQ5e1aJ2bYJ_5C9CK7gPigJDwCNuxxcxiv-G81akOv-EeEAEg5sHRB2D7gYCAiAqgAeLd28sCyAEJqQLDerZZmVe0PqgDAaoE3AFP0BITvXh8WVD5wp8xlGPEgrYzQF-IHzhh47rjlaHvOPAJOwnJZfjrvv7LdFlqv8AblkLkUhLQvW66DYvKJStEdPBqHsafDVIpLC58wJWKgaNk-w8CMUPGss8xVG6hr5w1Yccw1RdxStzHO5npvhSmawYtea5b8vQB3HkeHwPva3dx9KAKqy8Ga0nDctGNxf-W1zCIzkF9HWs4vde38oNPd5Wdw5r9lSblQqpON8GKTKqm-nLZVL2P9a_eNHtXYTnm2hzz2En2uycmot2hIHpATw86E-FCjnq1itFgwASfk-iXrQPgBAOQBgGgBk2AB4aipLQBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgdgAoBmAsByAsBgAwBsBPliboL0BMA2BMD2BQB0BUBgBcB&ae=1&num=1&cid=CAASEuRoZurDCRBFJHfSRh9KKRvffw&sig=AOD64_3Top9ILJO_QGuTof6Dc8ciVNt9yw&client=ca-pub-3475011114767287&dbm_c=AKAmf-C76eX0LubX8u0VXrYKx1NpzTOCLkMh-rc9jw3gZJEyLnff7c56U68W5yXW1gs_v-y9zgs50yNytRvOl3ly8JBXezT9K1_kwrw7Jq3vapCR26pgmACuyMRDb_OrvP-vSVGUAEdygQF2PC1KaNvhqVq5MgBqqA&dbm_d=AKAmf-Avu1pElp1yLzlAr0LXE18OwwgxPnPQ5NfYNB8-8jCBGWjVz17QVoHZPmZS8vYnRZrRo6xNvC67YtledSF7eSGFfppNzJz99M36c_DGhVcQqxmzuIuPe-eTU4S0t2T1ixDOpCEEvlO7AEF-k0P0sSI-KfBmgH4eYiyBMiz6LhhAvzCwInxkwF9C6Y48QtC_nObDYMg_MRFbOEpk3bydErKbsgN2hmZk32xlLjKFLM65SxKRDFv6DxF3ej_ag8baGNEIE8iItdc2TQJ-YYaOA1VmhFAzTkCs1cS-NyEGCQgvBuUEB9HhmxtRct8l6v-Ou92ogv4d7bxA1vYMCi7CItag0iXJxyYLqmNChYQtRYNX0f7n7EMeNTWpj1wf_1kGKscn4J4zECd9jLuBMWbH1qv6T-M-drD9nLf681sz7Y2KpCkEBOuKt1WyY3-tQeeFO95DLK8pBNPQjhgE0I_mO3x3c247hw&adurl=;ord=1620811112195743;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f102.1e100.net

Software

cafe /

Resource Hash

507832f865a080c1d3f9488bcd0dd96ac40ccdd326f8017094453c10851022e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19104
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame B6A2 2 KB
1 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/window_focus_fy2019.js

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 08:59:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 08:59:45 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B6A2 116 KB
35 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e3de2e14d9c8708fe42cbb220f1c4d52b720493b1503aa266fac9361b64ac31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620696594685118"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36097
x-xss-protection: 0
expires: Wed, 12 May 2021 09:18:33 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame B6A2 13 KB
6 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:17:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 09:17:04 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame B6A2 0
0 26ms
15ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQeXUHesRvGG6IHI4Zh3KTfw3I0UxZBmGaKTyKnccu9tjXzoUCQE0Nk3-HWb21RkVysjBQueAxUUHHr6VuF9gDtVv_s2g
Requested by: Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 00BA 482 B
274 B 59ms
52ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhiP7eSmATAB&v=APEucNVCbLgTJGSi0AOu0ckwtVxsfdXG8nwayd2s5_j0yqaGRocAmyN37d7fd73hqsNBRJGbYVb69saZ9vxQXkCPMpHOeMouiYHbRvP0HwJlkjV8GNk4HguY9vOmrSgVcuOKuf--HVWc0mDCDkRJkk94Ucd1EUZe9U5V40uC6RLUiKl_1Sh7dEqcdHv_d5iPeF1IWi1wkl886uCrYfOcqBvLSsxXGs0EgA

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7599e0a5ce1ba2a12f036e998e19e60b6e982178e4363d4630ab3a91ca73bf62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CNyuyAIQpovKAhiP7eSmATAB&v=APEucNVCbLgTJGSi0AOu0ckwtVxsfdXG8nwayd2s5_j0yqaGRocAmyN37d7fd73hqsNBRJGbYVb69saZ9vxQXkCPMpHOeMouiYHbRvP0HwJlkjV8GNk4HguY9vOmrSgVcuOKuf--HVWc0mDCDkRJkk94Ucd1EUZe9U5V40uC6RLUiKl_1Sh7dEqcdHv_d5iPeF1IWi1wkl886uCrYfOcqBvLSsxXGs0EgA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmw1flgirFi2Afpp6xgRbmvD4qdGs-mSlb2ohvDbxS40B2bmYVEBZt-oXgdvAk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 12 May 2021 09:18:33 GMT
server: cafe
cache-control: private
content-length: 253
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2810 23 KB
12 KB 74ms
61ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CyEB7Lr0FKnDGVYdonXcTWrbXlP5tByRA5XbToFaRZtIC6Yh7IjRkqPvU-wVyEoSLdAOx87uz7lxI1wfmdxTkinGLlOT2m0a4Sn6Xz_9SIsWdXsa5zPtXeneE8SJIYA90TTHkCduKBRvkhglE8jtpYC52D4w&dbm_d=AKAmf-C5wOsHnzEsAd0AdoEjy8EGkFwBPstjl1mG7sz0OjxYY6ejTmTY4AJg-RlSH9HBI0pV8Jye3XHwMM2ahhXo8TgGGHJ08bLks3omYwYzOKodwH04xFkTYCB0AYIu3nFvYFntBmHH7POVIiURvIfo5Qjj1a1j4KwFy9JWDVEezJ1gDkUfqtrxlcOqVV9rf5wfABgZNJZsMM5hT3Q4ptYq2e0Z573zyJSrIWnI8ehkLC7Kh9D4sOPx1AwfD_qoJw9VvTLkuKVlkiX91g6IT2amAqdHqIXW6qSAyi3RnU73mxmgjmL0LZjHiyl_SATlS6CP0FIMZSOiIAtXh5x1ucHT-9X-vF9Ef2GqtzL9A4dLG-B76etgOnm0SJulZlt5ZnUWGdtE7tm6F40NBQbaXxrAgWocnh3VfLF-Z9e5CRuJmukxKirUX7Dmr5y5-0eBn3faLnJJ5vJE-6cmYdxx4MwBuSBYqohr2SYLwykBLPxUi4SGrnYCNhUA6aqPeCyJhI1kvn0CzWcX0gLF4Gu4Vox5QwGRO0myJZCbfUWGXf81EZ16631aLUmIqesedYjpiXgG_ow5ENVUGOjF_HpNxVajG7ULa8fto8Gu4BKJrJAsevB1vtd0FVWBlQMSw4JBSkW5YJMEg1-2iPW6jWrNPUgNE_EiGhuX7RTIvggmmFRm5K82s8VHFrxyBBZWkM0yoY5RlEoOhx0C7ugFyMAWkpdKab1bhnTjInGSgDmccB7OtmcLHi3c4gWkbfyrrciPgl6eFf48vZawAUFSzdkqCSBoZY_P0gPuvZnZC8QpeD2BCfXjM-3WCBo_p11jyOWut_QH-b-iueoG-hbyG5bfck8yx5yPohqp9-EWacSSqus0xMgyYFpkG1d-ppRI0FADH06esw1xFR1Jb5_7AtEHwv0M8Gn2t6sgw72LvstQUzuuJisW-sRGrGFdD8E-qvy_c3rmkUe_v0SjZqTZAN0_BexZhCL0nz9XLPoRu6ZSzFcybIVIKckZYgmoDOhjHyCeqR5neMMWgn4toDKH_ZEdZEoM8IryhwRLIR3d27MYj-yWMredbEr8sONbedMvMhsoNAcQCgK6j7F2_Qq2xjS1JWx7icPgyjWdsCckoCcYv8lcIlnRigqvlUzB_7KyYq_m4cUwxOpa76B7ZR-lzbmh9wDIZKytAZhzRPNeRL96ibYJaXWlv3cw59ZOjUaP8iwUuNM2Q8nrY-rETa0GZZSL8ah90LB4yeB_8Lan4y08YO-DYXrZRU34GqmtffuGtXfux7WSdlEe7GDYPDH1Dxvip4PfSU7qR3HV4G4k8Id8p6jocHJ4OsYJvQiOUBSLieq1hOKUOWBpz3rbxqXeiUK7PhOAEiHm_A2iGQzRUU8N_1nHu6raphiokpVa493H7od_urEpiumZQgwRz-edhAcm6AiIeHI6j5Kj1Sl6dUkiDTNpL-Vu0wSgf4erG6Z1yVJNFmRSFp2OfOTx-LUam4KqPhRUMRe2SAl0GUmPUjuSGfuQyGTh0GRMd33MOmilgKoHpPnDYwEGKgzp3p9Vf9p-2kpqlSsSwhj-AR5ELSwfdQwP9nHgD_tq5gNEiAKT9unzntuqPY5OHqR_qvd1Dym4Aoaa-qNvtPE0Gc7M23g3WUsh1dV7B07ZSLyQDEl98dVxTpEhQiu2Si2zGFsvA9Qu89EU9QZlG8leK8XzM5hEWXtWWA2gyoEWYWexfo3tdbYSWnrDEsBRwX3wH1pO_nlmu-xmNjlbwVi4fuVzK7YFdog0zOz2bhD3ZlzV3RuDa01pRksl2wmcdQJwOQF2e6-iZqbfva_nh8js74jOzAOTPEU3Isfzqa_av_TqudfhQtlRyTeTZhJB_NpiMqzebCPRVVtDJg6YR5xeLl_DStAUkyONzKr1cgelGS9xrg02-GPgV5w-cLrbJlQy7mCFdw5c1RTHGXjcuWP2TkNWsNONSqNpN3MVqKCGUcqNqs9xt9gAe-5Fosr22Mu9OOLeCm7hjUzLEFSQtDA8t80sW1lEyDRcKf_pjXrJfLo0bYrq1Ck7rhYLD-oBVaWJxdLvUraH-dkYkQboixSq6OLWklMNheY8-Kdb5kMbqR6NPyxgMJ0ZJQTsAKjlX-Mr8Ei5Zo87DCNSP-7a2u9V0ZtIPPElSfQoXxrybbulkDmH4AnZVnfklJTptu4hBlR7jIiK-hVeoUuwQUjZMJzWPHCbRtgA4ohsItGa9-6YODJqdhADe0Ko0HGEocVsQPP6xccNxa4_zc9jDzF2iUqMk8_xju92POmHGB9nMqHF99ZhC8u9KHH8oRANYuek5SymQGdFBoHPNqpYjt3nBL65X7xRWmOT1V3VFJXmCLwyKKuhmDx_MjSC_lJORykVmQoG7hPVezhWU56QS6pZpsYBrZAL4RgsPCw8rGOnq4XB2zJDT9NTCG5FlBjb6joYst2UBckhR91bdhata9flL8fdqsOcfY7yCihFp10j9VP02-QlVigGccsyMhqPc9lU_ea2mVA4dBvxXV_0k4mZGazxT1BSRLyq8EscU3p5xvChlhqpOwnaHcWs4ge_ti9nGPQqPUr2rtkL4eRBI0d5jLaVlbeGhCPNLf_7a-jpQ6r1hqKNhELqEcyo_Qw-agS9C9acS_ucJGoAZViVEGZ8IqRZS2roOMBHFT5r8I9cLePhF1Z8c7W70R9yYdh-93JKauPhXSywi4bQN9lW2ofKE2MJ43xXlV1q_Fn2rmlQxudZe0cvSNWl6tjnpCBnR9KvbX905JEAIikk7674sJ4Jp6gE4Z2eLdbXzN9jBxeNd_JTKLGLiFXKC2YOXn5Ux7duRl1lW-muKwCKbrK6xry4MFDjxDfZTCJdi1q32zO8roU0xczJYax00TaubbkJ6rLIUU1UEkhGoiVtoMd2YZ0xbwVcG0ch6fjgVh3I6SUbLButXH6raqjwlK-U0ewjr4rSxg-ERGrEoj19R3b98_Icl_sgoJf5k74er3kzpsRG_J4mQhNttRrJ-MpqVUwocSlk9xdp&cid=CAASEuRoRrZ-Hn1BK5dmcXdPK8idEA&rfl=1%2Chttps%253A%252F%252Fcontrole.diariodorio.com%252F%240

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aaef3bd0f4afcd3203e3f0275f4a83b3fa4d39e82e221aad5cc65cc7ff210dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12109
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2810 42 B
63 B 74ms
52ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DAjEfyzf_kMMReabIIOxuL4VtbOt8fL4ZXVSmGf-yGz8eRjSXv1iqsq116ft-jMNmXMJtKDDKAwQ54Ows3qje_l19Xi13-V1F0D4nxC6ohPr1-kng

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clk Show response
ad.doubleclick.net/ddm/adj/N1246177.3716415IGNITIONONE/B25723610.302135378;gdpr=;gdpr_consent=;sz=300x600;click=https://googleads.g.doubleclick.net/dbm/ Frame 2810 43 KB
19 KB 77ms
56ms Script
text/javascript 172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1246177.3716415IGNITIONONE/B25723610.302135378;gdpr=;gdpr_consent=;sz=300x600;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CXX9SaJ2bYKD5C9CK7gPigJDwCPiQsctiyb_EkfENv-EeEAEg5sHRB2D7gYCAiAqgAeLd28sCyAEJqQLDerZZmVe0PqgDAaoE3AFP0GWy_-ftiMUXZLAVx08j8AV2-xonRX2WISZ-jegBDh8kP0VfYGlheAMrGaqETUrccvTsqnQl8xvzbEnrVfSEt8OVAnTF6Eh6N3_SXpVf0uqIPmpllPxnsJhIjvrZTk2FSKVD_wVkQe3CYeTz46vBb9vOy77q9_p3CxXOscKCkFox2BuPr_ntqPC6S1BcqHkh2sP7X74Z6VsR-7c_dAJzAkYqy3OQVzqPkm1lK1_DrUE-6fvqiOpWoACbFA0m-566X2fR0Mls0MElEjTb3zbdJvLyR5bxrV04CkPhwASu6uzPqwPgBAOQBgGgBk2AB4aipLQBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgdgAoBmAsByAsBgAwBsBPliboL0BMA2BMD2BQB0BUBgBcB&ae=1&num=1&cid=CAASEuRoRrZ-Hn1BK5dmcXdPK8idEA&sig=AOD64_1YKg40w9juWLFrnZq6p9llIVQ4ig&client=ca-pub-3475011114767287&dbm_c=AKAmf-AOp5be01DdQnjVQBZ0cZTbxX7ZZIXbs3lt2jDxkxTP91qgKixufI9x3jgvWYHjqpH3rStrpi3QEuTcItNto3qeedQ3H3AiAUMzkhHdGqbUWE4UUdWtdu0K3R-EzatHWoWX7iDYy3cSRd9nlGFwapYpOKJY5A&dbm_d=AKAmf-C9EvJkU6BbvWgGVL_ojcRwIsz4o57WUTlqCh9z6gyusNRk-K-MasqY3IC3aPDzWP51jkwGuW61lOCVLi6O-BIfsS9cchZShF9zz0Y-iJiHqHxg_3fEiAVT7rdQGDJBdrmMIwpWqcRHaW1KnbWDqdq51k8LzKYufp_6YAGsqXopLCFs9qXHXeVWR5g5Y1g3PERC0bxYM1zt_xJRgM-kkF6loiuSEajOwLzvExxcXEWGOgyPaDRJ8HFvaSszwjmM4WRmcAkoWp6PBVcLB6tu1aBy9lHttE4LX0dnLT4jMNcanFMC9tzhEhykMcEVLkDvIpuwglBsM8gcxV35xVyYY8FUlCc5gblv9eYOoZ0CcklRKVdLqOJCqYxCmVuoY2fsFOk7vX7PZySaP970mkeA6Xay0V5j_602NJ6-hBiVh2i7hcHiSfg7ZALcpr-56KkzUFkXjy3Qe8qdvZxSWIqfI2rJvQsgbQ&adurl=;ord=1620811112195744;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f102.1e100.net

Software

cafe /

Resource Hash

83a1c4d8030b0610b4165adc26f68d671aacc2725196d5122998b4ea71bb4385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19004
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame 2810 2 KB
1 KB 17ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/window_focus_fy2019.js

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 08:59:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 08:59:45 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2810 116 KB
35 KB 67ms
57ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e3de2e14d9c8708fe42cbb220f1c4d52b720493b1503aa266fac9361b64ac31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620696594685118"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36097
x-xss-protection: 0
expires: Wed, 12 May 2021 09:18:33 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame 2810 13 KB
6 KB 18ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:17:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 09:17:04 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 2810 0
0 73ms
52ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQyu1XkcW9vDMZjST0O5gpvfz6bwlg4901mq0KeuOD-5e9brPewXkeBpFhavOOh45Q1W4FX9BBwbYGI-7leYV7slyjdOQ
Requested by: Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C7D7 482 B
274 B 57ms
50ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhiV4-SmATAB&v=APEucNVQR-EMlQj41f9vfOF8Yldj-rRJdBKVbLKmh-MOlFZmOLQnBwwymyTJmmq32q-hXSLX17-ACZzt40zfigxh8uUQMY03e9oArFXkd4Tk6vQLjPWwcOBznnPbZl9iywSRiYu9BmBb_KkIetyzgeZsu2vhNLnTgYGkHA_4f8NWrTBPguo0E32G7hMNUEfQ2xn1Sg_NvOQHbAnc6zbWSVTD9hEbfAutWw

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7599e0a5ce1ba2a12f036e998e19e60b6e982178e4363d4630ab3a91ca73bf62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CNyuyAIQpovKAhiV4-SmATAB&v=APEucNVQR-EMlQj41f9vfOF8Yldj-rRJdBKVbLKmh-MOlFZmOLQnBwwymyTJmmq32q-hXSLX17-ACZzt40zfigxh8uUQMY03e9oArFXkd4Tk6vQLjPWwcOBznnPbZl9iywSRiYu9BmBb_KkIetyzgeZsu2vhNLnTgYGkHA_4f8NWrTBPguo0E32G7hMNUEfQ2xn1Sg_NvOQHbAnc6zbWSVTD9hEbfAutWw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmw1flgirFi2Afpp6xgRbmvD4qdGs-mSlb2ohvDbxS40B2bmYVEBZt-oXgdvAk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 12 May 2021 09:18:33 GMT
server: cafe
cache-control: private
content-length: 253
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3745 23 KB
12 KB 71ms
57ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DoAVfZ0w9otMwgY2t9vZfLD4nEygW12wDfskNHP6e-cBJ1A9HfkRW8P-Azs1hSYQQPADgmSYEnVX8778S6tojgVcfvAF3D6LTeu-RPStmsxNHpmDaJad4Mb2XDH6RKQEYwUIAO0X2a-Ceq2PvLsBuSdXsDMg&dbm_d=AKAmf-DZ1Ad695GwRvmOTfNxK-vuGDS95XtxKa6DiItu5Opu49F910feCHINKknmygW67mfhMO5CyoZHxJmr8it_F2mgTJ4RHlB_rWCvgNCEEsofTk_ypGfWKZ-2dfgNUnUFttGlAw76YOCALjFvZhMOIZMj-V30uJ2XA6_Y68v7KX1cqgnRMdR0uXQiaA8FKhef4PGX97BAlF0iJHrm-iaA9-WH4FjLtBv3QyslVEGtIq9w1dTH-pW3d1B8Tc8fzV4zaioRbZWG9dsvvn-hd3NWNGYbsyD1KHU08yP3fP5aCqu9pYUB_mMIpX4n2kjnEacCdDYBqyDHcUhfufj99np3fgqFg1iyXDk0SI5L3npXB2s4FKaaSzx3RxzU96s5Wwv9uS6dxZgK2Um4ctEc6b_8pnw61OINR4-VyoxXsdX3moofVFVqnw1CPzp_NU2nDW0jEc_kSTEyOiXOGbAB-cXjWDFMGvKEX4BwL1qGv5dA-UCywULDUcA3pdlzVykUVtwqEA-FwWKo4CDapK0aGoVwRud1e_aa-ZQrxjrnU2KLerscvWX0TxIFzbAm5HI7XCAsvtoKvW5A64s3XQvSdWAReHG_NeNFDuaJNym43y4h5-51YnUgJ2pmQYRhZdJLnLdqDCfxkEEbzRm3ijydwBmLoo-K2xMmcK8Fu7ttVvmwsd_dWvZYProp7ukD48fhxND9nJdDuzsOiXGV3eWXcvhckuVgOgaRni9xbGVh97EEKfIWrZGUHxUmfrkzw-KiPyd4mW9sbaNmKhbcGbVxBJ8yK8KX3gZL9peWmMG63dhQqWcBW81wF5VADPvHYHJUIxp4E5Bc8IBgAAio4FcgfshnCFZBEFIIveA11nS-C87nkQtAJjXrLpJ5kE_fGRfDqkssci8buQ3duYqDnGDO9sPBZ2xtbCJKS-6mBvdZWCrh-Ba4GH6LyVYh4Osyt72qWiGQTc8uS-pqn9Y20BuR0PpkkX7dxH0ywFkDqQrdqUg8yIiZW2iv7onuAHEJMInWv_BHShqNAsng5pJ3odOB3t6Sx3VD1bXxE9UhpHD7GZ4mQa_8YunXGHicSz_1ro-kmeskx485A5Q7Uc06jjeziT9NNjDK1aXAwVA0KfoCUEtDWZq0iJEFFH4ZIBxfVr1Nk_RvdkWlgENORBz2_58S4_d2zB-EVsye2UuA7dSSFb7iccJAc2ELyf_S_OnP8wMZwJYp8l3cNfIl_UWp6oPHMwq7RKrXOTWxx1j9eCyG56nvGXTGLxn0uKmErQav6oxhKhg4-mtbhgQDamJu-GRLayyTmfDNAZ4Fz2AVC8apQvPw6oEicbG1_3Hlbjw8L0Ovk1jiOXuX7gc0IErazuyQLLEDMcvrND7ewHhGZ-Ig0IKa9Mj8dChtTr7c2Ce_R3YMyA7wRdG1sBSYOr8ReLJx88t3-7Co41hSkZ2G53FXnrwKrq5xt2oOApSheAmcSMflpu_XGUkrUZ3FWhQY1avGuc5al4CmFqlous0mJgbNE_dwkkjHggyzqcezDca566Wt5yGHFXS0gXCncTrGE4ml0MuPkxV4rl3oBr8aVnQSyS5xW49PZsnau7OgX_wcKKwoCoB5Mw3owcdG7NB69JEjs2Ypg4jRuWkoaIZ5rKLbrK1SjbRQoCEZvpGHDLHx9GTwgREqFa0A5f-JisSHpzc1a6gqWltqQtAUpIYqBB0Fpba2VKImvcV8msh_nXXFbKxcqBTT7YxMQQvhFfFPdM_M4OGa0TKGcob2h7_rBWoB4XQpHsove1DHKnbWvWn2z_ZQTf0HEHJ-HJwse20YZNjrgBq4a6oMGVYbOVrAdIpbaAYHF8ZtYpEXkybh6Xh6K3ahz7EKvd0Lti8c2j-QqfyJx-0Uk3RfznWtE2HomdltZYjyCKNx7tOaslGjIk_Dhp9y0yelbcHXfx6joSC8oQqX0ffu6v5uONVztJZMOiIfDOr-qSIO2tz8J4EgWOqGfq9FMAw9yASdE4XmbVU8PumaLJVCSVH9wvhmxSk2S-tGJxkyccS1qGu3jl73Uwo_dXz-IL2Rv5V5l7tTy1ceZyFoowjD_maCWcnGqU_khuz0WE10SC4pfspw1k33X2ieX452Ad5R9GiBYPcpMpoJPipVvWXGncP0nuvaKiIpjO8VKP5SXlLRQ1SqHqRbU8MyipBnhBY5LoNV-cT0dS_OEdvrevbIUIdE8z-VRGPN-i10VoTNgOynt14QWoS9Zag-aZ1Jo4Zqu-aVjj_IT0mjnG-LZkObhJtaV6U8Sn53oX9RQbS4dGkXR9rucSherMOPWRPF-E5W2xKCCwY-5TaqxCZXvaH4uNvDPTkwSkaAlSXa6qX0q8qbw6ReOJtBx5_x9LKtEZr6n9YINekaXIDGeyahVI--Lfcjor35V_2T4dtF7agSMWLZ2LmEfsuvoUGV4ytuNLdxMvDNc29orIL5nrl4wKZHDJ3GacUdUdeD4b8O6AT14xGtqjUc_2C09NMWQ4QiyafWEe1r3U2HYfJkpHUkMsTO3wXlm1GteIgpc_dBpAM4Kj6XEcnKZjE-v2aowZ0emlhNk3mMUMb8V2ceFkky-qioXVWJpT6cIy5hKwoAuQ_bUR7PcyCOyhC3UKs-dSrlfWHht_hJzSy8ssADfMdyQ0jqa2U2AxWW5iIe42iww8BEZ59CpeI4mGPi3pJj6z6ImEIbONhMhoiY3wLOfieZ3z2cveIqKJOk460re-wcixVPNa4bKYkAt8A1m2_02DbYUd5y7ejIFOHTnFqSAKQTO5REzOeslU0OSK6LJQHbu0Pzi0FwpGhJ2LYqIkXxYSj0nS0nf5JeJ9TcDXeQ4SYt3on3UbFCPH3sg6dG7GhCu9xbraj3jxEONFiH3e8-Xokdj78HuK6pucrVVpHUzeq2QjNPwmMpRcb_0-FBCCKLv4fy8mvhE-U3Q5HvaEWINoxXQ7qHNhK6tOlr4EHJakydnZcrWGV9OilB3cJDqpjJjSqqQaIxCvLEvnIE2B_r4D4qj9TSMF2N3vY0&cid=CAASEuRo0TIgthNSmsFk7GdjL45FBw&rfl=1%2Chttps%253A%252F%252Fcontrole.diariodorio.com%252F%240

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c131b72d6b2195b1993d5617b9a120a8bfb4422c5fc89c1aa06cffb5bf57aed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12029
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3745 42 B
63 B 70ms
49ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DeXhS7LQ0c_MoT95WtFK3nF6NWL4XBjTTKGa6wWdFSQ8hOwzsJHW5WaFN2lsAAVt_gOlYL7F3WYxhnsMtpVUuH3a1q1MlXVutjuMhH-YB-ffwyZ9o

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clk Show response
ad.doubleclick.net/ddm/adj/N1246177.3716415IGNITIONONE/B25723610.302450101;gdpr=;gdpr_consent=;sz=300x600;click=https://googleads.g.doubleclick.net/dbm/ Frame 3745 43 KB
19 KB 97ms
84ms Script
text/javascript 172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1246177.3716415IGNITIONONE/B25723610.302450101;gdpr=;gdpr_consent=;sz=300x600;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CAconaJ2bYKH5C9CK7gPigJDwCPiQsctigb7EkfENv-EeEAEg5sHRB2D7gYCAiAqgAeLd28sCyAEJqQLDerZZmVe0PqgDAaoE3AFP0NyJFNX5Q1oLRbxT0NQ2ATXEPczt3piTp3k82gFi3kNenifbd0c0zuXPitDlJqxe2haUHVZRzGtLX6id27iGuUgKWE45wCRE0hm_iCUYPkAu4hfgwLyCic-NmZeNCf_CQwh1jg20OZMPg2AW8S__Mcwy31nFHlVtVqRYaJjQOnaciMkKMZVoo4IA4giL-wkA51uqVuLJMRoUGKk106GE8tbGbSF7jIwGIYs8XisxojRwGedsoOYzELLLyzGrAGcmUYghCZIyubegbK_YWPUsQWPZ4Fga-UXPwfRjwASu6uzPqwPgBAOQBgGgBk2AB4aipLQBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgdgAoBmAsByAsBgAwBsBPliboL0BMA2BMD2BQB0BUBgBcB&ae=1&num=1&cid=CAASEuRo0TIgthNSmsFk7GdjL45FBw&sig=AOD64_1uxbPyhOSatGjeXF-uFwfL2L1yTQ&client=ca-pub-3475011114767287&dbm_c=AKAmf-DYuBagTwHfxoUJ8Ctaz1N4aMoiN-Lq3YEk_fLU1DzXwfncJVUoFdLk2URpTZoarSpZx9RHGrAgsEQHdiPxF4FwqNV9v_Q4mOrqDvkNMbHGjhgtUFQteLWNFCBVoSdnRVAIp5hFPvMEXHVWtMVI8N-NHDm6Ug&dbm_d=AKAmf-CfPv2_SUHOIDjNP8O0c_sKrdqgqyUUkHKh6iJjDJEr-Ah2IhjH8RrSdsBk8UgX16OGFn_kqh7Kr1KqafxSKZdibAvvT-RRLGUcAuq4OpmI192tIVNBdIAdWZcerIe9sWrXmV5UK5YNO-saijpkSO9OOLUmE4wQBt7BAlwECoOUoQ6MXyTbVZ69mwhkRjfBx82Hrin5QQIpaZIqVOG6TSKy13kIToxE84vuTQaUJF-Pk2-CoJvv2xqGWF4ybwUrNDiiaT8xoCKrYwJIsRHhRD05VLPZcADyhQUzGWLmqRXoXlPK0EBqlqJPOdNsgWIxI2NGAy8B0_43L_A_1H-LRFoPzcA_7B0ifbZie_mIvllxQ2_OACPWM8GimN1kJQ9lETP1RIQFhT_hNEr5bRXbrOFzG_hT17_aeD_KoRzW16zIaXmQPm95RX9Y0cu7hpbp3rXaC4DGOHBYI3cyQTGbi2znSJDZsw&adurl=;ord=1620811112195745;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f102.1e100.net

Software

cafe /

Resource Hash

aa9165d986f4a1d2d5168f811751009a6df4383dcee6e1d3c97e11157c802cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19219
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame 3745 2 KB
1 KB 16ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/window_focus_fy2019.js

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 08:59:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 08:59:45 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3745 116 KB
35 KB 60ms
54ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e3de2e14d9c8708fe42cbb220f1c4d52b720493b1503aa266fac9361b64ac31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620696594685118"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36097
x-xss-protection: 0
expires: Wed, 12 May 2021 09:18:33 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame 3745 13 KB
6 KB 13ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:17:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 09:17:04 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 3745 0
0 71ms
16ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTGVYU1cCKmgWpM_3Tw1X1XSBQWLdc86XN05ilBDHMrBWxkEisVnSe_ywU5pFHfzps4591L-Eo9x3fj-0dBiXkHz4i0kQ
Requested by: Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ca Show response
tt-11953-9.seg.t.tailtarget.com/ 78 B
370 B 169ms
104ms Script
application/javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-11953-9.seg.t.tailtarget.com/ca?tZ=598172573&env=_ttq_tt_art
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 739be0b00a47284c58f80b051a81060f6af9ee955e5250c731439e8bfed2c6eb

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:33 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/ Frame C0CC 22 KB
8 KB 61ms
8ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AZJrXqlwr0TQJiEsG6HAX-yWUnb7ZuvcneRM8zDHdksb1jGkl_mKR05SITVlj6i5gwhmhX9H8NpmWBTUKLlY60yDTL_6KstP3vARCoooEm1aaLtHPDn_ZpxS3IjDI0tn132mAeNrlBhIryCncOwQlSrACtag&dbm_d=AKAmf-B6JOp_qkndvPFzPw59imSHEhkqSeFWv4bQtq3yqIdfuMamfkUehoPO4MgLW-qcPJ0v3Ulu22TPO23kmC0JAHn3PyvwFOf_kt_UvURA-KNaX5bOaW85iCDEBhQdVK98LOsdOb8yN4xwDiLX8w7SFfQE31Ye3YEZ7jpa5G6pTBQJzJs8ZA9XOhIsgpGxiRYKKLZBcKMYXTxMH3mH6TxtGadywtk8h3rXXA7a1LxTx4ZMXDrWeNEn12Cq3-tKWKz9kxX6clTXJPOhEL0UGd9zie6FGQXIqjT5LAX3GAtxOkduPkO4H14diFDZTvVMFh5ZCs3LaGFFMijcM3wd7Tq-GiR4EytV7v2XHUsVUVOhL1kkcZkjbPG9tWyV9SWdBZeRXXibCgdnpMJW4TqgJUBURBLXaE_7NH2purdYtgGLpjV_MbcpsOgOFNvKsTMzaL6phkOFuyKI2-L0rsofMfiGLnq4W7shVg0le0gC7pcfQKlkgtAqHWfogXpSg-0IlgJuCO9EXQEyMMxbhnBInuiKy9quTxhSF29yHHclfzr2_IxwIt7ykaDrtzbGTxgJB0rWPNl6yfngPXOmnsQbdDeC5f7SE4HDqI2xO1b9BQAtJ8pBbYZpK_dnxEVXL8lVb2epY95JxD66I-83-b1rwjW7WpK5jmEBeqC1lCZpeTSWHFmE9bDkJziU-SMnhoWPGmnow-gkDKybzxYRMjjDnMozjxjvltKRkLcccadypVDHw82QHa8305O3hyTggd9_5-B2KgmEf2nKblebvX3aSaJqyF9A9gWV9j5UK781LiedXpWoriDiU1y-LzrqcvPgNI8tQQIBXKisTL5si9VX9VZcc3Q0aGgqG0FVjZPeIxOV6I-q68MyA7zY025ull6qPqdYJGruE1yepRjpabGnDD-umccG8BXM31CsFVCX7tfIuC6Esvuo3JpZULHhE87tZcENMobEZT4w46qpv8TFOLXoWp0_rTyji9NaKwOj4Toue9lfHUV7xiQnDifvcvL8aaqsoMTl6zft480GtkPYPgFQ-YiMbH7Hu5pWZAJz--OhsRZjdcHrCVP-BojRSr0GNbbv4thVjcSxXp6ysrXMEVDuC8XD_76z-hda_oldTiDnikcCSJHL5xeesssZ8ZPddUcMkKGJdz5zp67AC-5gdiymcGFEW9smXfSPaMdXPDVUQwR43ucB2WeHYaekMFk4DIJrol8zEQpwa8I32cQqcJbe8Sp_5Vsrge4npEuLpiR751Rbx-b437J0qAHfmP1YomrRVPedbJy4_q8IPOqv35coUoM9apyoFcGVTDFUtMPvGNzSyeFkoQsNL-2KeRCQmEwVzNg_Job8FLKykj2OIdeCsN2QjnH29_ALdS4lZg5hPm04MDQYkzHCTePbdBT1ZmZ3Jow4mUCJu5ZW7cHaKzDceR3rJ0cGUzN75lAABO1_WZV2gqZE2preKcxXz0KvRnEf9qOWOhWhgol7ar6e2N0dWT8V-hzb6PVwHjW_4jNENQ3j4ppfPDpvntD-aJ3f5pnx7kr_vYdMlbl5SLPbwWunRSldyac80bsFq_a7tdBTZ4Jpoj1odL2q6ioaOl8cqy1VTsIKWC0A5SaX-xeFwEsEa-0zHDYW9rGUSkP9f11zJYcYjhrSGan8J9jU3VyJ7iBc9kIxIkAqB0zcOfPkcuiw3aWmdO4ZXIY4dKtWpV28j1QCUwA7abVFyPv1IR9CKHNizmd8-gULbQlmjZo4wSehvzuBIXIEk2-ArbdjEvqFn2tTQC4jFWicPy9OvHrH8II8IeLg4AmhL3zf-kNdSli23f8vBmfwt0U3Lh6MV12Emcp761FSTQp3YqnA_54ZGuQoybyExQorpcEKmZXs9jqpYnDPLwggDHPUX6Yq4aBL9zbz1bmDB5IPQO0gRuIAni08004pK_QXt6fUU9WbpV6ahUQKhOuwhSphfifg_hkTNr8APHsFV2A1IXYWn5yzoRelX9FjqYoWebCR1fnDbOyRJG-_bTX-VH-doO8QKBWgR9xKsfHrARJFDrk-VkVnGuVbY009s40T4gbQmb5cEzT9Q9MGkX2cDrVXIlDo4RSVGzoB-1Bfd6-VtAH9jKMFjlXmp_F7KP7KoEMypLmbUPSe3dJTd_fZSoK9LBwyOAEpI12ZvmywRpaxS9YPzgO9yNUvPVo9ujVV_aVUCUGK9zL8xiIWIGVgdX6ocakEIadfh017jzrf0Nv3aEiiPSWM4miVTdouGDp0qC3_lqsXpnnREF7mfvJlLhflqcwmP_7t6iXb7gUXcCN3YEIhhK7ndCfzOHT_--OtqrEEnSfHoWr7PggfuV8AJCKmYa8DMRsNUod54QgqWPVM4XmqGUbExzAkX-l9p3yc4ZWuD9gDJAN2AKdySmqyZyQ-iBycY9A0BpSAKCyotprWr3awaf09Af2RryLaRMWEijgqKpLfQemLxosuaFy4UZ_K5PZnVB8bamr113CQ_rR0rEjbAbfVnMuK8DkNQBXq8elvJveU3qRKXnyWtBG2vAaby-8L6WlVOO4o1uq3HqM5_lSIYVtw6TiHBg07oinEpQzgOoKywuHFaQOVbt1upkmrc7yPaNXgSOmJQK1o7sE8DtC9LREpi85PLFjOijxF3uewaRuRq7g4vqbcC0K0Msz7ELehm-sGdf4FbfQOD4UhT38QdTYZZWPZpKNkRoITyK-0ipL8YCTlFPy6ssSQV8tmmmXy0xQLAddBuOVWzVtT6DKrGhhHZu-AIa4lbQ9cI_0jhymTXIBoxzDi6VkCT02XpCaET5ZlTFbodfeKhOFn76lG5ctdgn2pwFr-yZ6cinHGE2LRadk7vhzEQtY5cY5-2onmMY2Q1fRJQmwfhJ9xcxUqmRAPsgJ5gXpOE1xkK4dPaTbIH0w96mQeRVtMZ_HDSEnCQ_vnFF6v-fhmOiDKDxR2wnOa1nCYqe_6bdptiulMGUDkCCLI9G2Qc3lyARjbk8lJMGVWcxiX-OLyInc&cid=CAASEuRo875iL39RnUZhHPC8dUj6vg&rfl=2%2Chttps%253A%252F%252Fcontrole.diariodorio.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df0df39146c8995f0d40836e1e0839ad95f81ad1c9d24ba85169e3c2f0560ac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:17:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8628
x-xss-protection: 0
server: cafe
etag: 4958886646989192229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 09:17:42 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C0CC 41 KB
15 KB 69ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 11:33:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164712
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 May 2022 11:33:21 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F87C 143 B
163 B 8ms
7ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmw1flgirFi2Afpp6xgRbmvD4qdGs-mSlb2ohvDbxS40B2bmYVEBZt-oXgdvAk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 12 May 2021 08:57:10 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1283
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame F448 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fa615f6fd088b5b0ff107ed0ad0be3e1a675e247e62e4cb5c3a021f096544c3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6C6A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1E8XAe2aJmQESABWiCazI&google_cver=1

43 B
1014 B

65ms
61ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1E8XAe2aJmQESABWiCazI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhjZg-WmATAB&v=APEucNWnrNVCiLpR1JoMA7hf7yz_t5BLgvXbxdcEuCFZHRicRp_yuwFyjYd9lw2F2WRuVzxyibwhJA16Yp1aBDQnyrqacPZj8fOoajtxa9HpNJoE88fEIR3PJlPTHiV8q7WDbL0nksss4S_dqfT90j58fjSeJNYvVnMBVD-HD8hnBoHljA-I6f8vVszEGz87zT2njghywDezLdqyoTTLYiRc_TICpBVcqQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 09:18:34 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 12 May 2021 09:18:34 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:33 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1E8XAe2aJmQESABWiCazI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6C6A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YJudaeh.Ig30JKFMsS9amAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1E8XAe2aJmQESABWiCazI&google_cver=1&google_hm=2

43 B
894 B

41ms
41ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1E8XAe2aJmQESABWiCazI&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhjZg-WmATAB&v=APEucNWnrNVCiLpR1JoMA7hf7yz_t5BLgvXbxdcEuCFZHRicRp_yuwFyjYd9lw2F2WRuVzxyibwhJA16Yp1aBDQnyrqacPZj8fOoajtxa9HpNJoE88fEIR3PJlPTHiV8q7WDbL0nksss4S_dqfT90j58fjSeJNYvVnMBVD-HD8hnBoHljA-I6f8vVszEGz87zT2njghywDezLdqyoTTLYiRc_TICpBVcqQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 09:18:34 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 12 May 2021 09:18:34 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1E8XAe2aJmQESABWiCazI&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 6C6A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGZpRDwz_EYcchWUzInGyDc&google_cver=1

43 B
1019 B

69ms
65ms

Image
image/gif

185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGZpRDwz_EYcchWUzInGyDc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhjZg-WmATAB&v=APEucNWnrNVCiLpR1JoMA7hf7yz_t5BLgvXbxdcEuCFZHRicRp_yuwFyjYd9lw2F2WRuVzxyibwhJA16Yp1aBDQnyrqacPZj8fOoajtxa9HpNJoE88fEIR3PJlPTHiV8q7WDbL0nksss4S_dqfT90j58fjSeJNYvVnMBVD-HD8hnBoHljA-I6f8vVszEGz87zT2njghywDezLdqyoTTLYiRc_TICpBVcqQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 09:18:34 GMT
X-Proxy-Origin: 89.40.183.22; 89.40.183.22; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.4:80
AN-X-Request-Uuid: 37db52bd-46fe-4554-a16b-d2f59f6c75e7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:33 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGZpRDwz_EYcchWUzInGyDc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 6C6A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI3MjE5NTI5Mzg3NTM4ODI1Mg%3D%3D

170 B
188 B

38ms
38ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI3MjE5NTI5Mzg3NTM4ODI1Mg%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 09:18:34 GMT
X-Proxy-Origin: 89.40.183.22; 89.40.183.22; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.235:80
AN-X-Request-Uuid: 07fdabad-f4cb-4484-9a6a-0922a76ca3d1
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI3MjE5NTI5Mzg3NTM4ODI1Mg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/ Frame B6A2 22 KB
8 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CH0AkGZtB4CSQe_rqp2Q0KDFSJ29M_8jILap_pMP0-xib4QjCQz4fpgSQ7w-7QidAzhykH9dMwUk60JLkS1Faqz5ThcdGNyOcxejOF97IjsTG_2aF4hlw4tKmcsVnJ5fBdIbdsXQL6sMqgT0kcBpGKlB0vOQ&dbm_d=AKAmf-DOJrLPGLc9kWZ4VubB5wpWAWPT62LftYI3uobEJRLyEyoSGM3XpokBt2b-hlkghc1yT8Foa_iYi8PFJiOiOctclW8tjP7WQDnKGUGCRu0Dmtr0DdmhqXvjjGtzx5vt8fr6muyUlwc3oVE5tXMs-1YWVZSoBA23l9K0zRn-iUH8F9eGpIMejL6bRGb3mhF190PUbY2Mastt1iCKbTUt1pqJs0ULJ84D3f-06qniz03WqO2ARHeE0fxGTw-vU4r0K-IY6TFcCuM_0AX-i-D089L7L63X9r7d33B--1BQHm2WkXzzryM2S0WT53grgZMc_rK3bkLHoRluEs3747Fm1TxYuwd3GGLhEsLdY2d3X3vZxic8UUGqncgWxYQlPp3tmOkHjOjBCeCsU1D2zYucSn-Z_FPl1mK6BuQ-9Kenx50GdWbtgT53Y-7S5qFB52wpkJCaJ7ygRP0VUhAa4wMpy5UoTav8bWlu-d6ZmWB4c7m_Zz1tpAx1J_NX23oH4wNUvZi5eR2VroIaF38csp4oC9L8jU3wwL2jutpjBp_2wXljaE8as3NXwEV1nUJDzjzG2FuPqw4_0mdHRZGBa25AZuVCE1uO-r0QKHocjUr29E65zqRX4rcm97XrXnBYi5P5RhbmuKXkvXGwBXb66JBYH-3RhWQk6cvx6jrvh9z_YFehXKDbG4zVo5POwktJbAtQc3u9ZjIlu-Ib3lZ-ldOCD3izg2quJzYW1qTCb70XCTiTQIUYO1ydFNSFgSOiDM6rBz0ixfY1HntaEPqOEZfLgxaJ-_jlNL32aWQBCLJ5X74sDVf4r3cN8dYdc_cZlzt5Ouo0OvI-CcMqn4uxgYCNmi9xsRonFFCRT50i58SMDy8Mn-pWYvzu2TUHutz-aYuCBc7M3EYSRYwNLI34im11EzqAevgMvI1_90dXIMTPU8EMPquNU6hLTetRF2b6kjA3vcYDB5Tr9TopmEZWqNuls34_jFM4egT_Qh9ddl9EFXMFA8hSoBx2ztltELKW1rr_cGmfE-BaGa4lqMh_pRA0w4uGtgXHjjbXLNowAJuqSFvoi-LxuCTze3uBW2NVDpjcgxDcAYJWdLvmIOUDz9oEDh6W5rmzLPLrGNe770vZUxpDs4ykQadVz1sY9s231YKYcuC2vYoWsDWhZzjEjjjzL1HCXeTsf_SuD4mKSyPRg_RJ7Z5098n-2fkI8dUeJiuJM3PlI-FPYEgqWiMvsuUKWGDwlORa1ZTj8IqUGkmqMTp1qwJS45EQRkahWrew3tBa69ZEbFOxeeJIkVQqMO4esIrCGgJnyGDnOvihijUitSmcFeJW-o0b8cLpXvjCGhnOJF4saEwmMvXs6gtF5RkxpwXzFj7nuey7yIiyNuyXKzyW7reTheTcz91ERLpqPqvWAdR2hNu6xCxfQu8-cFVaE96oCucNkz2ryd_V8chQynnPhc3ZkSQbg8y3oyfI-lRSwhTpcWfgFXjWMfCH0TkFR09k2k9azgy8NnxZWzBewoGamlOIBpo-9Zz9Wsv2kp_rQoeuT4gEEMnj5PjztAnLpOgQ0yLItI-vonIizp0L9ihlCh3C3MjT-J4bcAhktAJ_66eMzLO9NGrgCctuv0QkXOMcV8IRzR_OwiK4R2AjodJsetNPfU_lfvEMFyNxGKZKcP41q7PST0iv9WQQCv14yzx1ZMZRm2ln0x9e1hFcSBqMfHwdLfCUnUDmvXdtVUN5s2Bgg8C3UAFUCvP2UOUnwzkrZWnzfTfWdXObdDTl0X6llMQyAHAqxj4FKUbQyeUrkIb4T50PVfTGMNrl-gdEO6WfuPIsvW7Vhrx_hKGamwu8aydU5q-nQUqJ-CzgfGpZJ_UgTdYbRvR0Fr16EnXNydBWUPtuJ56LMvT2tAuBr7sfwCWL_Cvq95rC5W7WGJUTTf1CUT_wB6K7B2czwbdniFSkKI-msPCAKHhAFaVpiJguyCtT6tWIqVUCZCRXp3ISBDnyl3gvNDj17kTl3M2EEIrOUoilOHgoqp2gOYigvhkugDxIAnWofmJdLn8ypwgPQSh6tNXUD9faSv8jKmoibSraRz8Fkl-XcpnwEli3UsTsqcjijbXIsw4ZZZYdcYjhKlixzfYAAWOEeU8QL4b3TuECQIkKsbhTDi_A26S67ow50axqGlvlT5pz5EdRgEaQe4yJAx_JgGeJXxtHrDNIixkPm2BjaXPNIHh3mzY24A8FXnV03n7ViCmZm7dpdN1-fC94goa14MPqKJsXl_ujfpd8DvV5up6N8SXLAEP_t07h5PlRZEGD2nWtFdRGGo8gmD-iB-3tC3RcpZxQZiJB1PAj-z_cSKCTpqRKQTjRwnq9q6xQw52TrkJyityikPIfqh_ticulA6PgC3HBUuSfz870woT_5lW4DvdFNi4P_m2znZYruVIn0lYaVR0MoMAHIR9eHayj6OWV8kv5pGIRp-SkxEU-jZ25AMEhVVhxDGf1kz6ZjyeMgy5eosEkOUcTP_dfJ5zcWbyogtqdnvn6zRZQr2imIlNKcnD_vtKpnn4BmynE_zBnUkOGaHKnoP8zIivwA58v-9iz5fpxnjcisee4IPbMPq0gL9IfVdlGhYykmKQRfAj9Lp_cGN0lFhPI5jz2h4owD2Xly3utKB_Re4xjGnQzR1iJwSIpQl91k-aaUoKnXlDqgxbVoIf2_39UcYM8N-HLdjTGLU2IKfgf8_RqN56UiKn6_ZGpcpC_28mquGSGu8FlZE09CTU9rSa7UbIVUCUiDMQxo1hLC05AnQ49yfiv6z_wABT27zek0SxCs6iE1SVTKZNQ00yHVvpYk-WAJz6Zr06j-jW8sw3YLYSfLQkK8ybahXBiOfJkaz3n3jkWy2Lvr6wHqdqnzUYxV550cRi8o6ZJTNH8aJw8Pa5GQQ3F3ywH-BhH1jaTncc719pw_ZC0HTPpiA34qn2T46kNUwqQx6e2bkUNpHe70jZiyDyZl8g0kC4qdJXfSKMIT5zoQ5tpbcNva_D1pIVlSn9PRGtk&cid=CAASEuRoZurDCRBFJHfSRh9KKRvffw&rfl=1%2Chttps%253A%252F%252Fcontrole.diariodorio.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df0df39146c8995f0d40836e1e0839ad95f81ad1c9d24ba85169e3c2f0560ac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:17:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8628
x-xss-protection: 0
server: cafe
etag: 4958886646989192229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 09:17:42 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B6A2 41 KB
15 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 11:33:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164712
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 May 2022 11:33:21 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/ Frame 2810 22 KB
8 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CyEB7Lr0FKnDGVYdonXcTWrbXlP5tByRA5XbToFaRZtIC6Yh7IjRkqPvU-wVyEoSLdAOx87uz7lxI1wfmdxTkinGLlOT2m0a4Sn6Xz_9SIsWdXsa5zPtXeneE8SJIYA90TTHkCduKBRvkhglE8jtpYC52D4w&dbm_d=AKAmf-C5wOsHnzEsAd0AdoEjy8EGkFwBPstjl1mG7sz0OjxYY6ejTmTY4AJg-RlSH9HBI0pV8Jye3XHwMM2ahhXo8TgGGHJ08bLks3omYwYzOKodwH04xFkTYCB0AYIu3nFvYFntBmHH7POVIiURvIfo5Qjj1a1j4KwFy9JWDVEezJ1gDkUfqtrxlcOqVV9rf5wfABgZNJZsMM5hT3Q4ptYq2e0Z573zyJSrIWnI8ehkLC7Kh9D4sOPx1AwfD_qoJw9VvTLkuKVlkiX91g6IT2amAqdHqIXW6qSAyi3RnU73mxmgjmL0LZjHiyl_SATlS6CP0FIMZSOiIAtXh5x1ucHT-9X-vF9Ef2GqtzL9A4dLG-B76etgOnm0SJulZlt5ZnUWGdtE7tm6F40NBQbaXxrAgWocnh3VfLF-Z9e5CRuJmukxKirUX7Dmr5y5-0eBn3faLnJJ5vJE-6cmYdxx4MwBuSBYqohr2SYLwykBLPxUi4SGrnYCNhUA6aqPeCyJhI1kvn0CzWcX0gLF4Gu4Vox5QwGRO0myJZCbfUWGXf81EZ16631aLUmIqesedYjpiXgG_ow5ENVUGOjF_HpNxVajG7ULa8fto8Gu4BKJrJAsevB1vtd0FVWBlQMSw4JBSkW5YJMEg1-2iPW6jWrNPUgNE_EiGhuX7RTIvggmmFRm5K82s8VHFrxyBBZWkM0yoY5RlEoOhx0C7ugFyMAWkpdKab1bhnTjInGSgDmccB7OtmcLHi3c4gWkbfyrrciPgl6eFf48vZawAUFSzdkqCSBoZY_P0gPuvZnZC8QpeD2BCfXjM-3WCBo_p11jyOWut_QH-b-iueoG-hbyG5bfck8yx5yPohqp9-EWacSSqus0xMgyYFpkG1d-ppRI0FADH06esw1xFR1Jb5_7AtEHwv0M8Gn2t6sgw72LvstQUzuuJisW-sRGrGFdD8E-qvy_c3rmkUe_v0SjZqTZAN0_BexZhCL0nz9XLPoRu6ZSzFcybIVIKckZYgmoDOhjHyCeqR5neMMWgn4toDKH_ZEdZEoM8IryhwRLIR3d27MYj-yWMredbEr8sONbedMvMhsoNAcQCgK6j7F2_Qq2xjS1JWx7icPgyjWdsCckoCcYv8lcIlnRigqvlUzB_7KyYq_m4cUwxOpa76B7ZR-lzbmh9wDIZKytAZhzRPNeRL96ibYJaXWlv3cw59ZOjUaP8iwUuNM2Q8nrY-rETa0GZZSL8ah90LB4yeB_8Lan4y08YO-DYXrZRU34GqmtffuGtXfux7WSdlEe7GDYPDH1Dxvip4PfSU7qR3HV4G4k8Id8p6jocHJ4OsYJvQiOUBSLieq1hOKUOWBpz3rbxqXeiUK7PhOAEiHm_A2iGQzRUU8N_1nHu6raphiokpVa493H7od_urEpiumZQgwRz-edhAcm6AiIeHI6j5Kj1Sl6dUkiDTNpL-Vu0wSgf4erG6Z1yVJNFmRSFp2OfOTx-LUam4KqPhRUMRe2SAl0GUmPUjuSGfuQyGTh0GRMd33MOmilgKoHpPnDYwEGKgzp3p9Vf9p-2kpqlSsSwhj-AR5ELSwfdQwP9nHgD_tq5gNEiAKT9unzntuqPY5OHqR_qvd1Dym4Aoaa-qNvtPE0Gc7M23g3WUsh1dV7B07ZSLyQDEl98dVxTpEhQiu2Si2zGFsvA9Qu89EU9QZlG8leK8XzM5hEWXtWWA2gyoEWYWexfo3tdbYSWnrDEsBRwX3wH1pO_nlmu-xmNjlbwVi4fuVzK7YFdog0zOz2bhD3ZlzV3RuDa01pRksl2wmcdQJwOQF2e6-iZqbfva_nh8js74jOzAOTPEU3Isfzqa_av_TqudfhQtlRyTeTZhJB_NpiMqzebCPRVVtDJg6YR5xeLl_DStAUkyONzKr1cgelGS9xrg02-GPgV5w-cLrbJlQy7mCFdw5c1RTHGXjcuWP2TkNWsNONSqNpN3MVqKCGUcqNqs9xt9gAe-5Fosr22Mu9OOLeCm7hjUzLEFSQtDA8t80sW1lEyDRcKf_pjXrJfLo0bYrq1Ck7rhYLD-oBVaWJxdLvUraH-dkYkQboixSq6OLWklMNheY8-Kdb5kMbqR6NPyxgMJ0ZJQTsAKjlX-Mr8Ei5Zo87DCNSP-7a2u9V0ZtIPPElSfQoXxrybbulkDmH4AnZVnfklJTptu4hBlR7jIiK-hVeoUuwQUjZMJzWPHCbRtgA4ohsItGa9-6YODJqdhADe0Ko0HGEocVsQPP6xccNxa4_zc9jDzF2iUqMk8_xju92POmHGB9nMqHF99ZhC8u9KHH8oRANYuek5SymQGdFBoHPNqpYjt3nBL65X7xRWmOT1V3VFJXmCLwyKKuhmDx_MjSC_lJORykVmQoG7hPVezhWU56QS6pZpsYBrZAL4RgsPCw8rGOnq4XB2zJDT9NTCG5FlBjb6joYst2UBckhR91bdhata9flL8fdqsOcfY7yCihFp10j9VP02-QlVigGccsyMhqPc9lU_ea2mVA4dBvxXV_0k4mZGazxT1BSRLyq8EscU3p5xvChlhqpOwnaHcWs4ge_ti9nGPQqPUr2rtkL4eRBI0d5jLaVlbeGhCPNLf_7a-jpQ6r1hqKNhELqEcyo_Qw-agS9C9acS_ucJGoAZViVEGZ8IqRZS2roOMBHFT5r8I9cLePhF1Z8c7W70R9yYdh-93JKauPhXSywi4bQN9lW2ofKE2MJ43xXlV1q_Fn2rmlQxudZe0cvSNWl6tjnpCBnR9KvbX905JEAIikk7674sJ4Jp6gE4Z2eLdbXzN9jBxeNd_JTKLGLiFXKC2YOXn5Ux7duRl1lW-muKwCKbrK6xry4MFDjxDfZTCJdi1q32zO8roU0xczJYax00TaubbkJ6rLIUU1UEkhGoiVtoMd2YZ0xbwVcG0ch6fjgVh3I6SUbLButXH6raqjwlK-U0ewjr4rSxg-ERGrEoj19R3b98_Icl_sgoJf5k74er3kzpsRG_J4mQhNttRrJ-MpqVUwocSlk9xdp&cid=CAASEuRoRrZ-Hn1BK5dmcXdPK8idEA&rfl=1%2Chttps%253A%252F%252Fcontrole.diariodorio.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df0df39146c8995f0d40836e1e0839ad95f81ad1c9d24ba85169e3c2f0560ac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:17:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8628
x-xss-protection: 0
server: cafe
etag: 4958886646989192229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 09:17:42 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2810 41 KB
15 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 11:33:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164712
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 May 2022 11:33:21 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/ Frame 3745 22 KB
8 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DoAVfZ0w9otMwgY2t9vZfLD4nEygW12wDfskNHP6e-cBJ1A9HfkRW8P-Azs1hSYQQPADgmSYEnVX8778S6tojgVcfvAF3D6LTeu-RPStmsxNHpmDaJad4Mb2XDH6RKQEYwUIAO0X2a-Ceq2PvLsBuSdXsDMg&dbm_d=AKAmf-DZ1Ad695GwRvmOTfNxK-vuGDS95XtxKa6DiItu5Opu49F910feCHINKknmygW67mfhMO5CyoZHxJmr8it_F2mgTJ4RHlB_rWCvgNCEEsofTk_ypGfWKZ-2dfgNUnUFttGlAw76YOCALjFvZhMOIZMj-V30uJ2XA6_Y68v7KX1cqgnRMdR0uXQiaA8FKhef4PGX97BAlF0iJHrm-iaA9-WH4FjLtBv3QyslVEGtIq9w1dTH-pW3d1B8Tc8fzV4zaioRbZWG9dsvvn-hd3NWNGYbsyD1KHU08yP3fP5aCqu9pYUB_mMIpX4n2kjnEacCdDYBqyDHcUhfufj99np3fgqFg1iyXDk0SI5L3npXB2s4FKaaSzx3RxzU96s5Wwv9uS6dxZgK2Um4ctEc6b_8pnw61OINR4-VyoxXsdX3moofVFVqnw1CPzp_NU2nDW0jEc_kSTEyOiXOGbAB-cXjWDFMGvKEX4BwL1qGv5dA-UCywULDUcA3pdlzVykUVtwqEA-FwWKo4CDapK0aGoVwRud1e_aa-ZQrxjrnU2KLerscvWX0TxIFzbAm5HI7XCAsvtoKvW5A64s3XQvSdWAReHG_NeNFDuaJNym43y4h5-51YnUgJ2pmQYRhZdJLnLdqDCfxkEEbzRm3ijydwBmLoo-K2xMmcK8Fu7ttVvmwsd_dWvZYProp7ukD48fhxND9nJdDuzsOiXGV3eWXcvhckuVgOgaRni9xbGVh97EEKfIWrZGUHxUmfrkzw-KiPyd4mW9sbaNmKhbcGbVxBJ8yK8KX3gZL9peWmMG63dhQqWcBW81wF5VADPvHYHJUIxp4E5Bc8IBgAAio4FcgfshnCFZBEFIIveA11nS-C87nkQtAJjXrLpJ5kE_fGRfDqkssci8buQ3duYqDnGDO9sPBZ2xtbCJKS-6mBvdZWCrh-Ba4GH6LyVYh4Osyt72qWiGQTc8uS-pqn9Y20BuR0PpkkX7dxH0ywFkDqQrdqUg8yIiZW2iv7onuAHEJMInWv_BHShqNAsng5pJ3odOB3t6Sx3VD1bXxE9UhpHD7GZ4mQa_8YunXGHicSz_1ro-kmeskx485A5Q7Uc06jjeziT9NNjDK1aXAwVA0KfoCUEtDWZq0iJEFFH4ZIBxfVr1Nk_RvdkWlgENORBz2_58S4_d2zB-EVsye2UuA7dSSFb7iccJAc2ELyf_S_OnP8wMZwJYp8l3cNfIl_UWp6oPHMwq7RKrXOTWxx1j9eCyG56nvGXTGLxn0uKmErQav6oxhKhg4-mtbhgQDamJu-GRLayyTmfDNAZ4Fz2AVC8apQvPw6oEicbG1_3Hlbjw8L0Ovk1jiOXuX7gc0IErazuyQLLEDMcvrND7ewHhGZ-Ig0IKa9Mj8dChtTr7c2Ce_R3YMyA7wRdG1sBSYOr8ReLJx88t3-7Co41hSkZ2G53FXnrwKrq5xt2oOApSheAmcSMflpu_XGUkrUZ3FWhQY1avGuc5al4CmFqlous0mJgbNE_dwkkjHggyzqcezDca566Wt5yGHFXS0gXCncTrGE4ml0MuPkxV4rl3oBr8aVnQSyS5xW49PZsnau7OgX_wcKKwoCoB5Mw3owcdG7NB69JEjs2Ypg4jRuWkoaIZ5rKLbrK1SjbRQoCEZvpGHDLHx9GTwgREqFa0A5f-JisSHpzc1a6gqWltqQtAUpIYqBB0Fpba2VKImvcV8msh_nXXFbKxcqBTT7YxMQQvhFfFPdM_M4OGa0TKGcob2h7_rBWoB4XQpHsove1DHKnbWvWn2z_ZQTf0HEHJ-HJwse20YZNjrgBq4a6oMGVYbOVrAdIpbaAYHF8ZtYpEXkybh6Xh6K3ahz7EKvd0Lti8c2j-QqfyJx-0Uk3RfznWtE2HomdltZYjyCKNx7tOaslGjIk_Dhp9y0yelbcHXfx6joSC8oQqX0ffu6v5uONVztJZMOiIfDOr-qSIO2tz8J4EgWOqGfq9FMAw9yASdE4XmbVU8PumaLJVCSVH9wvhmxSk2S-tGJxkyccS1qGu3jl73Uwo_dXz-IL2Rv5V5l7tTy1ceZyFoowjD_maCWcnGqU_khuz0WE10SC4pfspw1k33X2ieX452Ad5R9GiBYPcpMpoJPipVvWXGncP0nuvaKiIpjO8VKP5SXlLRQ1SqHqRbU8MyipBnhBY5LoNV-cT0dS_OEdvrevbIUIdE8z-VRGPN-i10VoTNgOynt14QWoS9Zag-aZ1Jo4Zqu-aVjj_IT0mjnG-LZkObhJtaV6U8Sn53oX9RQbS4dGkXR9rucSherMOPWRPF-E5W2xKCCwY-5TaqxCZXvaH4uNvDPTkwSkaAlSXa6qX0q8qbw6ReOJtBx5_x9LKtEZr6n9YINekaXIDGeyahVI--Lfcjor35V_2T4dtF7agSMWLZ2LmEfsuvoUGV4ytuNLdxMvDNc29orIL5nrl4wKZHDJ3GacUdUdeD4b8O6AT14xGtqjUc_2C09NMWQ4QiyafWEe1r3U2HYfJkpHUkMsTO3wXlm1GteIgpc_dBpAM4Kj6XEcnKZjE-v2aowZ0emlhNk3mMUMb8V2ceFkky-qioXVWJpT6cIy5hKwoAuQ_bUR7PcyCOyhC3UKs-dSrlfWHht_hJzSy8ssADfMdyQ0jqa2U2AxWW5iIe42iww8BEZ59CpeI4mGPi3pJj6z6ImEIbONhMhoiY3wLOfieZ3z2cveIqKJOk460re-wcixVPNa4bKYkAt8A1m2_02DbYUd5y7ejIFOHTnFqSAKQTO5REzOeslU0OSK6LJQHbu0Pzi0FwpGhJ2LYqIkXxYSj0nS0nf5JeJ9TcDXeQ4SYt3on3UbFCPH3sg6dG7GhCu9xbraj3jxEONFiH3e8-Xokdj78HuK6pucrVVpHUzeq2QjNPwmMpRcb_0-FBCCKLv4fy8mvhE-U3Q5HvaEWINoxXQ7qHNhK6tOlr4EHJakydnZcrWGV9OilB3cJDqpjJjSqqQaIxCvLEvnIE2B_r4D4qj9TSMF2N3vY0&cid=CAASEuRo0TIgthNSmsFk7GdjL45FBw&rfl=1%2Chttps%253A%252F%252Fcontrole.diariodorio.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df0df39146c8995f0d40836e1e0839ad95f81ad1c9d24ba85169e3c2f0560ac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:17:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8628
x-xss-protection: 0
server: cafe
etag: 4958886646989192229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 09:17:42 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3745 41 KB
15 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 11:33:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164712
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 May 2022 11:33:21 GMT

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame B9C8 9 KB
3 KB 12ms
5ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 03:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19292
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 13 May 2021 03:57:01 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B9C8 26 KB
10 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 18:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51833
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 12 May 2021 18:54:40 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ Frame B9C8 87 KB
31 KB 59ms
7ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 11:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252472
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 May 2022 11:10:41 GMT

GET
H3-29 200 vmouse.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/js/ Frame B9C8 4 KB
2 KB 12ms
8ms Script
application/x-javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/js/vmouse.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd663da386f5e809875f3ad2cbf63a33edeca1d32fd975ccc1542c9658aab092

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 81709
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1787
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:40 GMT
server: sffe
date: Tue, 11 May 2021 10:36:44 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:36:44 GMT

GET
H3-29 200 jquery.scrollTo.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/js/ Frame B9C8 2 KB
1 KB 12ms
8ms Script
application/x-javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/js/jquery.scrollTo.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b83fcee9839111a1815ecc23fc714b7bf2c2f40c0f130d96aa9587d25388970e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 81709
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1305
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:40 GMT
server: sffe
date: Tue, 11 May 2021 10:36:44 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:36:44 GMT

GET
H3-29 200 in5.config.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/js/ Frame B9C8 44 KB
13 KB 12ms
8ms Script
application/x-javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/js/in5.config.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01300f75a9a482e057635d1d1d5a232767706eba3f0868d019e004f053ba4495

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 81709
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13740
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:40 GMT
server: sffe
date: Tue, 11 May 2021 10:36:44 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:36:44 GMT

GET
H3-29 200 pages.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/css/ Frame B9C8 19 KB
5 KB 10ms
7ms Stylesheet
text/css 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/css/pages.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f46ae63e1f30f9c5b6f1422fe0e4b8c79b902ea76e38ed9328d8d7d8a6add24

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 81709
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5183
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:40 GMT
server: sffe
date: Tue, 11 May 2021 10:36:44 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:36:44 GMT

GET
H3-29 200 loading.gif
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/ Frame B9C8 6 KB
6 KB 46ms
45ms Image
image/gif 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/loading.gif

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3036bee9f749fdca0544a5592ce8da4204fab8f2b68edc6ac3905c90266014d4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 81710
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6224
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:40 GMT
server: sffe
date: Tue, 11 May 2021 10:36:44 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:36:44 GMT

GET
H3-29 200 item_234.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/ Frame B9C8 10 KB
10 KB 44ms
44ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/item_234.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68ffa15d880b918a604c4bf5a316fc700d8f71b6b06335074fdf0018cf34ccf8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 81710
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10593
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:40 GMT
server: sffe
date: Tue, 11 May 2021 10:36:44 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:36:44 GMT

GET
H3-29 200 item_248.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/ Frame B9C8 5 KB
5 KB 13ms
9ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/item_248.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e19f0180a799683bba1c03944f8f93145928c9bb079907025329d14260f2b2ab

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 81710
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5099
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:40 GMT
server: sffe
date: Tue, 11 May 2021 10:36:44 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:36:44 GMT

GET
H3-29 200 item_289.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/ Frame B9C8 10 KB
10 KB 24ms
21ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/item_289.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68ffa15d880b918a604c4bf5a316fc700d8f71b6b06335074fdf0018cf34ccf8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 81710
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10593
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:40 GMT
server: sffe
date: Tue, 11 May 2021 10:36:44 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:36:44 GMT

GET
H3-29 200 item_282.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/ Frame B9C8 3 KB
3 KB 23ms
20ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/item_282.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

593e3f4cea11f807d0e6950fbf1fe559b0badeb75aa87a4b040600eafb9fd5db

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 81710
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3089
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:40 GMT
server: sffe
date: Tue, 11 May 2021 10:36:44 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:36:44 GMT

GET
H3-29 200 item_339.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/ Frame B9C8 10 KB
10 KB 19ms
16ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/item_339.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68ffa15d880b918a604c4bf5a316fc700d8f71b6b06335074fdf0018cf34ccf8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 81710
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10593
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:40 GMT
server: sffe
date: Tue, 11 May 2021 10:36:44 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:36:44 GMT

GET
H3-29 200 item_361.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/ Frame B9C8 2 KB
2 KB 22ms
19ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/item_361.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

685c56af1c171a28b6453dcf77aed041f7bcee6a30efff15247c4248449255a2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 81710
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1642
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:40 GMT
server: sffe
date: Tue, 11 May 2021 10:36:44 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:36:44 GMT

GET
H3-29 200 item_411.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/ Frame B9C8 10 KB
10 KB 12ms
10ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/item_411.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

071dc7f330af3cbf3e8026aacdcbe92c25b80fa573858a19d257407fea385b3f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 81710
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9957
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:40 GMT
server: sffe
date: Tue, 11 May 2021 10:36:44 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:36:44 GMT

GET
H3-29 200 item_394.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/ Frame B9C8 1 KB
1 KB 21ms
19ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/item_394.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5355f8dd9c277c28e05f47621a4e9813d6652fb43614ed4273a11be48ca8f34

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 81710
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1128
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:40 GMT
server: sffe
date: Tue, 11 May 2021 10:36:44 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:36:44 GMT

GET
H3-29 200 item_399.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/ Frame B9C8 3 KB
3 KB 24ms
22ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/item_399.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d34b670139c7b5662f5c236451f1873b40d53497277ecb0e0859c2ea40f4f734

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 81710
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3277
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:40 GMT
server: sffe
date: Tue, 11 May 2021 10:36:44 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:36:44 GMT

GET
H3-29 200 item_242.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/ Frame B9C8 4 KB
4 KB 23ms
21ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/item_242.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c817675d9f661d56fc48e850c76e7d5fbdec5783a2c191982e740359bb569b8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 81710
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4153
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:40 GMT
server: sffe
date: Tue, 11 May 2021 10:36:44 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 10:36:44 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame C0CC 111 KB
39 KB 41ms
7ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 14:18:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68391
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 May 2021 14:18:42 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/elements/html/ Frame C0CC 8 KB
3 KB 13ms
8ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1246177.3716415IGNITIONONE/B25723610.302216553;gdpr=;gdpr_consent=;sz=728x90;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CS2n5aJ2bYJ35C9CK7gPigJDwCL23xcxiia6lzIcOv-EeEAEg5sHRB2D7gYCAiAqgAeLd28sCyAEJqQLDerZZmVe0PqgDAaoE2AFP0AB5KN5v3SeXVaidF5nYE9iyaLPzZJ5VNrId8Sg89CR2PdyJGj4lh1HAZkNirYRjsLIqAwNPJeYHX6CcKCUJ5jalngzkLpskliNkctJfx_5w7mZy2rSyl4cZ1eQWOXsP3CEueVHf3bHUtGcNK6fsaD8C8EIKPhdObqKSHq69EbWnc8JpKagxPJdC4NVLjwSfyTLtHm_5Y66ABRDdmkPZcFwoGNffqbPAo1DXPM1JVTEnYoDDF6eX_wYCYWPn5upCQgJUT8IkRYgTGqqyvit4bdlWbn9AF3DABPP9mdSuA-AEA5AGAaAGTYAHhqKktAGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB2ACgGYCwHICwGADAGwE-WJugvQEwDYEwPYFAHQFQGAFwE&ae=1&num=1&cid=CAASEuRo875iL39RnUZhHPC8dUj6vg&sig=AOD64_25CtEupOL96e1_1QyliKZKcuXbEQ&client=ca-pub-3475011114767287&dbm_c=AKAmf-BBJ1d5MReJ3uoGjqnMCXUPq7h9Rt2zlFNU3t_cCHFcPnhtpcQcC92J_wt_1HRASUT5BSFMDDdpDrw3d7j-xuk9GPh3K8CB9j04EiMfDK30gcuZ6GddX1rXwl5ZLU10X8Jg3VANSDRIgvnPu-MfwQAaJNE9ww&dbm_d=AKAmf-BrOEvesEZJBwpDSN-5SzAWOa2EOLHmXRH9RRtoP8ebjAv8GbjG_jLrulMU2CJm-z-5SWsRHkZ8lcqSVS4lrSNwJGVZUJUqvCN6KHXw46kn1fmQT6gpzhVkSspeqWyYajIwVGeSaGktuYV02qVCOvFTeP7_0Mp33jPVVrXdLnpj1--R3HzF2ZvuPgSAN4wl6TxetWUe6umfXC04v8nX82ObzcGX8tRMtt3U_GwR4D_uTRFenm5-VrEaQL3ka-_XTtntInEQFtthhb8NSoENi1ivOVh40cO4S1vTgkixc8hhs6YL1_tJPftH8ut9W5IldxsDEdBP5rQYssTRd-sj1uS3QGMmwg0S9uEWroqdXo-9jOPBb7btbtIVji63Rno-4slJvB-TICuU8pbX-GL442j9DBSHKD22cR7Xo2PDmLLGG2MxFTW2QxcPOSwNT-yjrWbIjf4QGWqfpGBOhE3QOerdHH8ZwA&adurl=;ord=1620811112195741;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 09:16:32 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C0CC 41 KB
15 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 11:33:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164712
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 May 2022 11:33:21 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9EC1 1 KB
749 B 11ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 12 May 2021 03:14:09 GMT
expires: Thu, 13 May 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 21864
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame C0CC 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4ada0c7f8426bb3ffec705d953f3b10490b6d48be8262eda371dc9624ffc6c6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK init Show response
webservices.webspectator.com/ 3 KB
2 KB 739ms
99ms Script
application/javascript 34.228.251.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/init?appId=6UQPXFMN&h=https%3A%2F%2Fcontrole.diariodorio.com%2F&t=1620811113971
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-6UQPXFMN.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.228.251.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-251-145.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: 62afe05582b082a3aded6d954f6e5e483c90774e37a2ea594b8f86a767cddb09

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 09:18:34 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 135ms
50ms Script
application/javascript 13.224.95.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-6UQPXFMN.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-50.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:06:45 GMT
via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 710
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: gMTvJg9sLdTYv8rHVHjYCnrUZbUf9W0e7QqNuCPyWR1dG4WgwZ7d5A==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 50ms
7ms Script
application/javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-6UQPXFMN.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:34 GMT
content-encoding: gzip
etag: "9iaPKZLFg6XYoMRMhilE8g=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Wed, 19 May 2021 09:18:34 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame B067
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOIYBzaqk9YEVv5unWRJjTs&google_cver=1
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEOIYBzaqk9YEVv5unWRJjTs&google_cver=1

43 B
163 B

31ms
31ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEOIYBzaqk9YEVv5unWRJjTs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhj2ieWmATAB&v=APEucNUzK83VviEQWhO4Glo-XhpLAl_WQY2SxjpjmnxMztbGBNfJFFFcnGOWaPAwFmxA7JqcclmGaEVZ95QfsjQUy8ik58XFr6Z_uz1vTRKqsLDH51NaUFNWzaN6yiHsFZme2A140KoBXCz2yL2rvmCriQPCQjmPeKED280Lj-x3CxgAXavsafikF-AlTN9oX5iyLa3H0ktZF3eoLyNRKkKgaVer0uJ3Nw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:34 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEOIYBzaqk9YEVv5unWRJjTs&google_cver=1
date: Wed, 12 May 2021 09:18:34 GMT
via: 1.1 google
server: OXGW/16.207.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B067
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjU4MzU0YTYtNjM2Zi0yYjYxLWM3NDMtYmI2YjAyZDg4OWQ2

170 B
188 B

39ms
38ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjU4MzU0YTYtNjM2Zi0yYjYxLWM3NDMtYmI2YjAyZDg4OWQ2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhj2ieWmATAB&v=APEucNUzK83VviEQWhO4Glo-XhpLAl_WQY2SxjpjmnxMztbGBNfJFFFcnGOWaPAwFmxA7JqcclmGaEVZ95QfsjQUy8ik58XFr6Z_uz1vTRKqsLDH51NaUFNWzaN6yiHsFZme2A140KoBXCz2yL2rvmCriQPCQjmPeKED280Lj-x3CxgAXavsafikF-AlTN9oX5iyLa3H0ktZF3eoLyNRKkKgaVer0uJ3Nw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 12 May 2021 09:18:34 GMT
content-encoding: gzip
server: OXGW/16.207.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjU4MzU0YTYtNjM2Zi0yYjYxLWM3NDMtYmI2YjAyZDg4OWQ2
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame B067
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESECuHEYy_O8bCITx8NDt_nL0&google_cver=1

23 B
172 B

66ms
55ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESECuHEYy_O8bCITx8NDt_nL0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhj2ieWmATAB&v=APEucNUzK83VviEQWhO4Glo-XhpLAl_WQY2SxjpjmnxMztbGBNfJFFFcnGOWaPAwFmxA7JqcclmGaEVZ95QfsjQUy8ik58XFr6Z_uz1vTRKqsLDH51NaUFNWzaN6yiHsFZme2A140KoBXCz2yL2rvmCriQPCQjmPeKED280Lj-x3CxgAXavsafikF-AlTN9oX5iyLa3H0ktZF3eoLyNRKkKgaVer0uJ3Nw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:34 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 12 May 2021 09:18:34 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESECuHEYy_O8bCITx8NDt_nL0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B067
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NjRhZWE3NTktOWE2MS00Mjc3LWE2MTgtODQyOWNkNDVjZDlm

170 B
188 B

38ms
37ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NjRhZWE3NTktOWE2MS00Mjc3LWE2MTgtODQyOWNkNDVjZDlm

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:34 GMT
server: akka-http/10.2.3
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NjRhZWE3NTktOWE2MS00Mjc3LWE2MTgtODQyOWNkNDVjZDlm
cache-control: max-age=0, no-cache, no-store
content-length: 189
expires: Wed, 12 May 2021 09:18:34 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8E23 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Tue, 11 May 2021 18:48:31 GMT
expires: Wed, 11 May 2022 18:48:31 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 52203
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

sync
partners.tremorhub.com/ Frame C7D7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
https://partners.tremorhub.com/sync?UIGL=CAESEAtPcqoMX5yI260cdRV_Lmw&google_cver=1

43 B
182 B

303ms
95ms

Image
image/gif

2600:1f18:612b:4264:7659:1bf:d736:fba9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIGL=CAESEAtPcqoMX5yI260cdRV_Lmw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhiV4-SmATAB&v=APEucNVQR-EMlQj41f9vfOF8Yldj-rRJdBKVbLKmh-MOlFZmOLQnBwwymyTJmmq32q-hXSLX17-ACZzt40zfigxh8uUQMY03e9oArFXkd4Tk6vQLjPWwcOBznnPbZl9iywSRiYu9BmBb_KkIetyzgeZsu2vhNLnTgYGkHA_4f8NWrTBPguo0E32G7hMNUEfQ2xn1Sg_NvOQHbAnc6zbWSVTD9hEbfAutWw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:7659:1bf:d736:fba9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:34 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://partners.tremorhub.com/sync?UIGL=CAESEAtPcqoMX5yI260cdRV_Lmw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 283
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame C7D7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELuUWzmO4gACzoH4QzRYOIM&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELuUWzmO4gACzoH4QzRYOIM&google_cver=1&__user_check__=1&sync_id=06c9831d-b303-11eb-9149-16ae82d30106

43 B
548 B

86ms
36ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELuUWzmO4gACzoH4QzRYOIM&google_cver=1&__user_check__=1&sync_id=06c9831d-b303-11eb-9149-16ae82d30106
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhiV4-SmATAB&v=APEucNVQR-EMlQj41f9vfOF8Yldj-rRJdBKVbLKmh-MOlFZmOLQnBwwymyTJmmq32q-hXSLX17-ACZzt40zfigxh8uUQMY03e9oArFXkd4Tk6vQLjPWwcOBznnPbZl9iywSRiYu9BmBb_KkIetyzgeZsu2vhNLnTgYGkHA_4f8NWrTBPguo0E32G7hMNUEfQ2xn1Sg_NvOQHbAnc6zbWSVTD9hEbfAutWw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.126 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:34 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 91
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 12 May 2021 09:18:34 GMT
Server: nginx
Location: /partner?adv_id=7025&uid=CAESELuUWzmO4gACzoH4QzRYOIM&google_cver=1&__user_check__=1&sync_id=06c9831d-b303-11eb-9149-16ae82d30106
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 77
Connection: keep-alive
Content-Length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C7D7
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDZhMDI0MTItYjMwMy0xMWViLWJmNzUtMTliZmQzOTIwNTA2

170 B
188 B

69ms
61ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDZhMDI0MTItYjMwMy0xMWViLWJmNzUtMTliZmQzOTIwNTA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhiV4-SmATAB&v=APEucNVQR-EMlQj41f9vfOF8Yldj-rRJdBKVbLKmh-MOlFZmOLQnBwwymyTJmmq32q-hXSLX17-ACZzt40zfigxh8uUQMY03e9oArFXkd4Tk6vQLjPWwcOBznnPbZl9iywSRiYu9BmBb_KkIetyzgeZsu2vhNLnTgYGkHA_4f8NWrTBPguo0E32G7hMNUEfQ2xn1Sg_NvOQHbAnc6zbWSVTD9hEbfAutWw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 12 May 2021 09:18:34 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDZhMDI0MTItYjMwMy0xMWViLWJmNzUtMTliZmQzOTIwNTA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 91
Connection: keep-alive
Content-Length: 0

GET
H2

200

sync
partners.tremorhub.com/ Frame 00BA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
https://partners.tremorhub.com/sync?UIGL=CAESEAtPcqoMX5yI260cdRV_Lmw&google_cver=1

43 B
183 B

303ms
95ms

Image
image/gif

2600:1f18:612b:4264:7659:1bf:d736:fba9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIGL=CAESEAtPcqoMX5yI260cdRV_Lmw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhiP7eSmATAB&v=APEucNVCbLgTJGSi0AOu0ckwtVxsfdXG8nwayd2s5_j0yqaGRocAmyN37d7fd73hqsNBRJGbYVb69saZ9vxQXkCPMpHOeMouiYHbRvP0HwJlkjV8GNk4HguY9vOmrSgVcuOKuf--HVWc0mDCDkRJkk94Ucd1EUZe9U5V40uC6RLUiKl_1Sh7dEqcdHv_d5iPeF1IWi1wkl886uCrYfOcqBvLSsxXGs0EgA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:7659:1bf:d736:fba9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:34 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://partners.tremorhub.com/sync?UIGL=CAESEAtPcqoMX5yI260cdRV_Lmw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 283
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 00BA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELuUWzmO4gACzoH4QzRYOIM&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELuUWzmO4gACzoH4QzRYOIM&google_cver=1&__user_check__=1&sync_id=06cb9cbd-b303-11eb-86b7-11a3cbba0506

43 B
548 B

38ms
37ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELuUWzmO4gACzoH4QzRYOIM&google_cver=1&__user_check__=1&sync_id=06cb9cbd-b303-11eb-86b7-11a3cbba0506
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhiP7eSmATAB&v=APEucNVCbLgTJGSi0AOu0ckwtVxsfdXG8nwayd2s5_j0yqaGRocAmyN37d7fd73hqsNBRJGbYVb69saZ9vxQXkCPMpHOeMouiYHbRvP0HwJlkjV8GNk4HguY9vOmrSgVcuOKuf--HVWc0mDCDkRJkk94Ucd1EUZe9U5V40uC6RLUiKl_1Sh7dEqcdHv_d5iPeF1IWi1wkl886uCrYfOcqBvLSsxXGs0EgA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.126 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 09:18:34 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 17
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 12 May 2021 09:18:34 GMT
Server: nginx
Location: /partner?adv_id=7025&uid=CAESELuUWzmO4gACzoH4QzRYOIM&google_cver=1&__user_check__=1&sync_id=06cb9cbd-b303-11eb-86b7-11a3cbba0506
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 32
Connection: keep-alive
Content-Length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 00BA
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDZjOTgyZTMtYjMwMy0xMWViLTkxNDktMTZhZTgyZDMwMTA2

170 B
188 B

38ms
38ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDZjOTgyZTMtYjMwMy0xMWViLTkxNDktMTZhZTgyZDMwMTA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhiP7eSmATAB&v=APEucNVCbLgTJGSi0AOu0ckwtVxsfdXG8nwayd2s5_j0yqaGRocAmyN37d7fd73hqsNBRJGbYVb69saZ9vxQXkCPMpHOeMouiYHbRvP0HwJlkjV8GNk4HguY9vOmrSgVcuOKuf--HVWc0mDCDkRJkk94Ucd1EUZe9U5V40uC6RLUiKl_1Sh7dEqcdHv_d5iPeF1IWi1wkl886uCrYfOcqBvLSsxXGs0EgA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 12 May 2021 09:18:34 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDZjOTgyZTMtYjMwMy0xMWViLTkxNDktMTZhZTgyZDMwMTA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 126
Connection: keep-alive
Content-Length: 0

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D881 22 KB
8 KB 25ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Tue, 11 May 2021 18:48:31 GMT
expires: Wed, 11 May 2022 18:48:31 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 52203
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3B26 22 KB
8 KB 22ms
9ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Tue, 11 May 2021 18:48:31 GMT
expires: Wed, 11 May 2022 18:48:31 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 52203
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 92D4 22 KB
8 KB 23ms
10ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Tue, 11 May 2021 18:48:31 GMT
expires: Wed, 11 May 2022 18:48:31 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 52203
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E976 22 KB
8 KB 22ms
10ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Tue, 11 May 2021 18:48:31 GMT
expires: Wed, 11 May 2022 18:48:31 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 52203
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 index.html Show response
s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/ Frame C54E 5 KB
2 KB 56ms
8ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8b34626df06b7e8b2d19b296f48b78a070629defef7c480d4612c941aa1aaf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 1527
date: Tue, 11 May 2021 13:01:50 GMT
expires: Wed, 12 May 2021 13:01:50 GMT
last-modified: Sun, 31 Jan 2021 23:28:34 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 73004
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C0CC 0
528 B 180ms
99ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsufF-bVSj-0qVrdt8TA_o9W3SxjU-u1ORO3AC353dtqQhLX2eDNiUz46KHT_diHzIXg5fJto5cnJbwnvU9wTCsJ7QsQocnEBhnr42nKDJkMyJOV8tY_55E7SZ3YBCp9StVDZjf83rcBgczoJZqd7vzyJ5mzfyZEufbUhlsOB1KuOPstcI-Erfekj_79GjmOfamREq2SeDL6PbYsI_72Dzz5tcY&sig=Cg0ArKJSzEjBsJvvdhT3EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=295&cbvp=1&cstd=291&cisv=r20210510.69051&adurl=

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 09:18:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame B6A2 111 KB
38 KB 47ms
6ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 14:18:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68392
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 May 2021 14:18:42 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/elements/html/ Frame B6A2 8 KB
3 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1246177.3716415IGNITIONONE/B25723610.302450104;gdpr=;gdpr_consent=;sz=300x600;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CQ5e1aJ2bYJ_5C9CK7gPigJDwCNuxxcxiv-G81akOv-EeEAEg5sHRB2D7gYCAiAqgAeLd28sCyAEJqQLDerZZmVe0PqgDAaoE3AFP0BITvXh8WVD5wp8xlGPEgrYzQF-IHzhh47rjlaHvOPAJOwnJZfjrvv7LdFlqv8AblkLkUhLQvW66DYvKJStEdPBqHsafDVIpLC58wJWKgaNk-w8CMUPGss8xVG6hr5w1Yccw1RdxStzHO5npvhSmawYtea5b8vQB3HkeHwPva3dx9KAKqy8Ga0nDctGNxf-W1zCIzkF9HWs4vde38oNPd5Wdw5r9lSblQqpON8GKTKqm-nLZVL2P9a_eNHtXYTnm2hzz2En2uycmot2hIHpATw86E-FCjnq1itFgwASfk-iXrQPgBAOQBgGgBk2AB4aipLQBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgdgAoBmAsByAsBgAwBsBPliboL0BMA2BMD2BQB0BUBgBcB&ae=1&num=1&cid=CAASEuRoZurDCRBFJHfSRh9KKRvffw&sig=AOD64_3Top9ILJO_QGuTof6Dc8ciVNt9yw&client=ca-pub-3475011114767287&dbm_c=AKAmf-C76eX0LubX8u0VXrYKx1NpzTOCLkMh-rc9jw3gZJEyLnff7c56U68W5yXW1gs_v-y9zgs50yNytRvOl3ly8JBXezT9K1_kwrw7Jq3vapCR26pgmACuyMRDb_OrvP-vSVGUAEdygQF2PC1KaNvhqVq5MgBqqA&dbm_d=AKAmf-Avu1pElp1yLzlAr0LXE18OwwgxPnPQ5NfYNB8-8jCBGWjVz17QVoHZPmZS8vYnRZrRo6xNvC67YtledSF7eSGFfppNzJz99M36c_DGhVcQqxmzuIuPe-eTU4S0t2T1ixDOpCEEvlO7AEF-k0P0sSI-KfBmgH4eYiyBMiz6LhhAvzCwInxkwF9C6Y48QtC_nObDYMg_MRFbOEpk3bydErKbsgN2hmZk32xlLjKFLM65SxKRDFv6DxF3ej_ag8baGNEIE8iItdc2TQJ-YYaOA1VmhFAzTkCs1cS-NyEGCQgvBuUEB9HhmxtRct8l6v-Ou92ogv4d7bxA1vYMCi7CItag0iXJxyYLqmNChYQtRYNX0f7n7EMeNTWpj1wf_1kGKscn4J4zECd9jLuBMWbH1qv6T-M-drD9nLf681sz7Y2KpCkEBOuKt1WyY3-tQeeFO95DLK8pBNPQjhgE0I_mO3x3c247hw&adurl=;ord=1620811112195743;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 09:16:32 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 84D3 1 KB
749 B 43ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 12 May 2021 03:14:09 GMT
expires: Thu, 13 May 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 21865
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame B6A2 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cfce8ba789f8080004cc8e9f13826c3f56d257ae2499b86c6db04e65ab44ef5c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 2810 111 KB
38 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 14:18:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68392
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 May 2021 14:18:42 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/elements/html/ Frame 2810 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1246177.3716415IGNITIONONE/B25723610.302135378;gdpr=;gdpr_consent=;sz=300x600;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CXX9SaJ2bYKD5C9CK7gPigJDwCPiQsctiyb_EkfENv-EeEAEg5sHRB2D7gYCAiAqgAeLd28sCyAEJqQLDerZZmVe0PqgDAaoE3AFP0GWy_-ftiMUXZLAVx08j8AV2-xonRX2WISZ-jegBDh8kP0VfYGlheAMrGaqETUrccvTsqnQl8xvzbEnrVfSEt8OVAnTF6Eh6N3_SXpVf0uqIPmpllPxnsJhIjvrZTk2FSKVD_wVkQe3CYeTz46vBb9vOy77q9_p3CxXOscKCkFox2BuPr_ntqPC6S1BcqHkh2sP7X74Z6VsR-7c_dAJzAkYqy3OQVzqPkm1lK1_DrUE-6fvqiOpWoACbFA0m-566X2fR0Mls0MElEjTb3zbdJvLyR5bxrV04CkPhwASu6uzPqwPgBAOQBgGgBk2AB4aipLQBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgdgAoBmAsByAsBgAwBsBPliboL0BMA2BMD2BQB0BUBgBcB&ae=1&num=1&cid=CAASEuRoRrZ-Hn1BK5dmcXdPK8idEA&sig=AOD64_1YKg40w9juWLFrnZq6p9llIVQ4ig&client=ca-pub-3475011114767287&dbm_c=AKAmf-AOp5be01DdQnjVQBZ0cZTbxX7ZZIXbs3lt2jDxkxTP91qgKixufI9x3jgvWYHjqpH3rStrpi3QEuTcItNto3qeedQ3H3AiAUMzkhHdGqbUWE4UUdWtdu0K3R-EzatHWoWX7iDYy3cSRd9nlGFwapYpOKJY5A&dbm_d=AKAmf-C9EvJkU6BbvWgGVL_ojcRwIsz4o57WUTlqCh9z6gyusNRk-K-MasqY3IC3aPDzWP51jkwGuW61lOCVLi6O-BIfsS9cchZShF9zz0Y-iJiHqHxg_3fEiAVT7rdQGDJBdrmMIwpWqcRHaW1KnbWDqdq51k8LzKYufp_6YAGsqXopLCFs9qXHXeVWR5g5Y1g3PERC0bxYM1zt_xJRgM-kkF6loiuSEajOwLzvExxcXEWGOgyPaDRJ8HFvaSszwjmM4WRmcAkoWp6PBVcLB6tu1aBy9lHttE4LX0dnLT4jMNcanFMC9tzhEhykMcEVLkDvIpuwglBsM8gcxV35xVyYY8FUlCc5gblv9eYOoZ0CcklRKVdLqOJCqYxCmVuoY2fsFOk7vX7PZySaP970mkeA6Xay0V5j_602NJ6-hBiVh2i7hcHiSfg7ZALcpr-56KkzUFkXjy3Qe8qdvZxSWIqfI2rJvQsgbQ&adurl=;ord=1620811112195744;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 09:16:32 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 02EA 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 12 May 2021 03:14:09 GMT
expires: Thu, 13 May 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 21865
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 2810 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03c10b8e04d5a29bf8f865e84a9d392f2f8b795853c5ab1b44767012f7676806

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 3745 111 KB
38 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 14:18:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68392
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 May 2021 14:18:42 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/elements/html/ Frame 3745 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1246177.3716415IGNITIONONE/B25723610.302450101;gdpr=;gdpr_consent=;sz=300x600;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CAconaJ2bYKH5C9CK7gPigJDwCPiQsctigb7EkfENv-EeEAEg5sHRB2D7gYCAiAqgAeLd28sCyAEJqQLDerZZmVe0PqgDAaoE3AFP0NyJFNX5Q1oLRbxT0NQ2ATXEPczt3piTp3k82gFi3kNenifbd0c0zuXPitDlJqxe2haUHVZRzGtLX6id27iGuUgKWE45wCRE0hm_iCUYPkAu4hfgwLyCic-NmZeNCf_CQwh1jg20OZMPg2AW8S__Mcwy31nFHlVtVqRYaJjQOnaciMkKMZVoo4IA4giL-wkA51uqVuLJMRoUGKk106GE8tbGbSF7jIwGIYs8XisxojRwGedsoOYzELLLyzGrAGcmUYghCZIyubegbK_YWPUsQWPZ4Fga-UXPwfRjwASu6uzPqwPgBAOQBgGgBk2AB4aipLQBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgdgAoBmAsByAsBgAwBsBPliboL0BMA2BMD2BQB0BUBgBcB&ae=1&num=1&cid=CAASEuRo0TIgthNSmsFk7GdjL45FBw&sig=AOD64_1uxbPyhOSatGjeXF-uFwfL2L1yTQ&client=ca-pub-3475011114767287&dbm_c=AKAmf-DYuBagTwHfxoUJ8Ctaz1N4aMoiN-Lq3YEk_fLU1DzXwfncJVUoFdLk2URpTZoarSpZx9RHGrAgsEQHdiPxF4FwqNV9v_Q4mOrqDvkNMbHGjhgtUFQteLWNFCBVoSdnRVAIp5hFPvMEXHVWtMVI8N-NHDm6Ug&dbm_d=AKAmf-CfPv2_SUHOIDjNP8O0c_sKrdqgqyUUkHKh6iJjDJEr-Ah2IhjH8RrSdsBk8UgX16OGFn_kqh7Kr1KqafxSKZdibAvvT-RRLGUcAuq4OpmI192tIVNBdIAdWZcerIe9sWrXmV5UK5YNO-saijpkSO9OOLUmE4wQBt7BAlwECoOUoQ6MXyTbVZ69mwhkRjfBx82Hrin5QQIpaZIqVOG6TSKy13kIToxE84vuTQaUJF-Pk2-CoJvv2xqGWF4ybwUrNDiiaT8xoCKrYwJIsRHhRD05VLPZcADyhQUzGWLmqRXoXlPK0EBqlqJPOdNsgWIxI2NGAy8B0_43L_A_1H-LRFoPzcA_7B0ifbZie_mIvllxQ2_OACPWM8GimN1kJQ9lETP1RIQFhT_hNEr5bRXbrOFzG_hT17_aeD_KoRzW16zIaXmQPm95RX9Y0cu7hpbp3rXaC4DGOHBYI3cyQTGbi2znSJDZsw&adurl=;ord=1620811112195745;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 09:16:32 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8216 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 12 May 2021 03:14:09 GMT
expires: Thu, 13 May 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 21865
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 3745 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9e93c250149bb9b14ff9d99919a5a7ef197e63905dc351fc95cd2f6ecf513f0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 rules-p-HGAVM7nQJ_sep.js Show response
rules.quantcount.com/ 3 B
429 B 50ms
13ms Script
application/javascript 2600:9000:2190:7200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-HGAVM7nQJ_sep.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:7200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 00:53:30 GMT
via: 1.1 d92debab8d9ca0518390aebaec8733a7.cloudfront.net (CloudFront)
age: 30313
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:26:00 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: hP270GwA1G-YtagYdCm-j0DTyrLPs8Ji9yXg5P2QTDcOITN04mTk8Q==

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
298 B 129ms
109ms Image
image/gif 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-11953-9&tE=0&tF=&tI=_paris_ile-de-france_fr_1620811113431_1495840534&tJ=&tQ=alr-diariodorio&tU=0100007F699D9B607D0652AB02B3A504&tX=b.52&tY=1&tZ=299996270
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:34 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F87C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
39ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmw1flgirFi2Afpp6xgRbmvD4qdGs-mSlb2ohvDbxS40B2bmYVEBZt-oXgdvAk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 12 May 2021 09:18:34 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 12-May-2021 10:18:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 12 May 2021 09:18:34 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 12 May 2021 09:18:34 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9424 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Tue, 11 May 2021 18:48:31 GMT
expires: Wed, 11 May 2022 18:48:31 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 52203
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A807 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Tue, 11 May 2021 18:48:31 GMT
expires: Wed, 11 May 2022 18:48:31 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 52203
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4872 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Tue, 11 May 2021 18:48:31 GMT
expires: Wed, 11 May 2022 18:48:31 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 52203
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=22153319&ns__t=1620811114444&ns_c=UTF-8&cv=3.5&c8=Di%C3%A1rio%20do%20Rio%20de%20Janeiro%20-%20O%20Jornal%20100%25%20Carioca&c7=https%3A%2F%2Fcontrole.diar...
https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1620811114444&ns_c=UTF-8&cv=3.5&c8=Di%C3%A1rio%20do%20Rio%20de%20Janeiro%20-%20O%20Jornal%20100%25%20Carioca&c7=https%3A%2F%2Fcontrole.dia...

64 B
331 B

53ms
53ms

Image
image/gif

13.224.95.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1620811114444&ns_c=UTF-8&cv=3.5&c8=Di%C3%A1rio%20do%20Rio%20de%20Janeiro%20-%20O%20Jornal%20100%25%20Carioca&c7=https%3A%2F%2Fcontrole.diariodorio.com%2F&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-50.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:34 GMT
via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: XXbqDkxn9utbOgniRMeM2GttGQ6OwnE4BeIkCMefqHWAO_bMD6VvKQ==

Redirect headers

date: Wed, 12 May 2021 09:18:34 GMT
via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1620811114444&ns_c=UTF-8&cv=3.5&c8=Di%C3%A1rio%20do%20Rio%20de%20Janeiro%20-%20O%20Jornal%20100%25%20Carioca&c7=https%3A%2F%2Fcontrole.diariodorio.com%2F&c9=
content-length: 238
x-amz-cf-id: WuYiK7PePijLxafl5g1f_WhoF_k7C3TXLWQpgjfM88icfK97vaD0Mw==

GET
H2 200 dpixel
cms.quantserve.com/ Frame 9EC1 35 B
462 B 11ms
8ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIatw4qCFXo4ecT0q2TUXJI&google_cver=1&google_push=AQvitUJCNJsw-mtIUha76O1iL5VFq-UotTAHHyjA95GeEnk-plp77Jw4TqT--sAbEM5rPhZVeCflipfRUiLnbXQ5X9SEPlnCVgA

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:34 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 9EC1
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJgCY62...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJgCY62...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA1MTIwOTE4MzUzNzU5NDU5MTg2Njk0OA%3D%3D&google_push=AQvitUJgCY62KWGyIw2ziawfkQDYPXP00NE0bN17ND0g8oego8VOT24Rxx_WScJxSz1aWe...

170 B
188 B

39ms
39ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA1MTIwOTE4MzUzNzU5NDU5MTg2Njk0OA%3D%3D&google_push=AQvitUJgCY62KWGyIw2ziawfkQDYPXP00NE0bN17ND0g8oego8VOT24Rxx_WScJxSz1aWeqzf2lvfB78NSwoyy0jL8Mw1tSI81g

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA1MTIwOTE4MzUzNzU5NDU5MTg2Njk0OA%3D%3D&google_push=AQvitUJgCY62KWGyIw2ziawfkQDYPXP00NE0bN17ND0g8oego8VOT24Rxx_WScJxSz1aWeqzf2lvfB78NSwoyy0jL8Mw1tSI81g
Pragma: no-cache
Date: Wed, 12 May 2021 09:18:35 GMT
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 9EC1
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEJksqCfpvcGoUCWCuOZUyk8&google_cver=1&google_push=AQvitUKYTjK8aiHvm6noAD99wlJz0yLIYFQBzposozn5Arl8t_1blKwmoileYC8JKv3kc2yBylIYadqg3vzBqlCkrMt7gSAgUw
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKYTjK8aiHvm6noAD99wlJz0yLIYFQBzposozn5Arl8t_1blKwmoileYC8JKv3kc2yBylIYadqg3vzBqlCkrMt7gSAgUw&google_hm=1roNUAOezOs0161lGyN9DA==

170 B
188 B

39ms
38ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKYTjK8aiHvm6noAD99wlJz0yLIYFQBzposozn5Arl8t_1blKwmoileYC8JKv3kc2yBylIYadqg3vzBqlCkrMt7gSAgUw&google_hm=1roNUAOezOs0161lGyN9DA==

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:33 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKYTjK8aiHvm6noAD99wlJz0yLIYFQBzposozn5Arl8t_1blKwmoileYC8JKv3kc2yBylIYadqg3vzBqlCkrMt7gSAgUw&google_hm=1roNUAOezOs0161lGyN9DA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: ljp35n645d74u72bu0otsct2ltvb151j

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 9EC1
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rXL5FOt3QGGOalBRgU6S7A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

39ms
38ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rXL5FOt3QGGOalBRgU6S7A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUK04GxZmWDkO_1vx0-IZzjFTZkXTsdq6xDQK7gXLwit6qAq7S17EZcA1jNr84UFubtryTfnnvqSvDg86NZFT8tYgPA7iu4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rXL5FOt3QGGOalBRgU6S7A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUK04GxZmWDkO_1vx0-IZzjFTZkXTsdq6xDQK7gXLwit6qAq7S17EZcA1jNr84UFubtryTfnnvqSvDg86NZFT8tYgPA7iu4
Date: Wed, 12 May 2021 09:18:33 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 9EC1
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEE4GpwwXo_X6S2AikXlQiso&google_cver=1&google_push=AQvitUIT8F4NITwWSrwVGC4Pt8SP96GHSN5sopfjxu4wVLydzHrhuulINPf7ZJxksbTSy1gUVPc...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09MOTM4MzAtMU4tQVpDRw==&google_push=AQvitUIT8F4NITwWSrwVGC4Pt8SP96GHSN5sopfjxu4wVLydzHrhuulINPf7ZJxksbTSy1gUVPc0eWgdexbwDStlChNtfN8EpRM

170 B
188 B

86ms
85ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09MOTM4MzAtMU4tQVpDRw==&google_push=AQvitUIT8F4NITwWSrwVGC4Pt8SP96GHSN5sopfjxu4wVLydzHrhuulINPf7ZJxksbTSy1gUVPc0eWgdexbwDStlChNtfN8EpRM

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09MOTM4MzAtMU4tQVpDRw==&google_push=AQvitUIT8F4NITwWSrwVGC4Pt8SP96GHSN5sopfjxu4wVLydzHrhuulINPf7ZJxksbTSy1gUVPc0eWgdexbwDStlChNtfN8EpRM
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 9EC1
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04...

0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 9EC1
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESECQaDVVQs7mzq-hG9Mdgc00&google_cver=1&google_push=AQvitUIsXhyad9i65qtOgwnX...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIsXhyad9i65qtOgwnXYv9T1ysb7_Vn0_CiniCTkVdKN6Tk4cnFEF-Gi_hggSAC3ptKYYrkDRPCmr9sfjiHdk_Am4JWln0c&google_hm=

170 B
188 B

79ms
79ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIsXhyad9i65qtOgwnXYv9T1ysb7_Vn0_CiniCTkVdKN6Tk4cnFEF-Gi_hggSAC3ptKYYrkDRPCmr9sfjiHdk_Am4JWln0c&google_hm=

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:34 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIsXhyad9i65qtOgwnXYv9T1ysb7_Vn0_CiniCTkVdKN6Tk4cnFEF-Gi_hggSAC3ptKYYrkDRPCmr9sfjiHdk_Am4JWln0c&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Tue, 11 May 2021 09:18:34 GMT

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 9EC1 0
12 B 37ms
36ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Km-3uiPy5QC6QwfSfJgzYeCd_VO_b5lMk0rrnBYrmjDoovg5blMxLBeTKF3ZimlYvyXlr_qw

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:34 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 index.html Show response
s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/ Frame 6BEB 4 KB
1 KB 8ms
6ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cea081d31d4dafc311e608cbed1f29fb24792200d3e23317eae91a0f518eec11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 1498
date: Wed, 12 May 2021 08:31:58 GMT
expires: Thu, 13 May 2021 08:31:58 GMT
last-modified: Sun, 31 Jan 2021 23:23:39 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 2796
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame B6A2 0
23 B 137ms
64ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuPLvdif5_Eti9rSWxtBdroOb-WHxPalI0s-r2jHl0629DgBBGtWrwuX2BZiEByDlGbcKOGgmttf-nlJOS1AS2ml7uHUsKOp16bRR2FvczUh3F3yo58wrc26BtOou-fNWKikzkvXGmOCriGMtzfY6ZHFmpTc-xLYu4UISYSby8-m0uUvK5VDHTjU2Cdssg1SvA3zAI2hB7We52ZPqi6&sig=Cg0ArKJSzCP-0YgPgnlxEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=366&cbvp=1&cstd=364&cisv=r20210510.13888&adurl=

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 09:18:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 index.html Show response
s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/ Frame F124 5 KB
2 KB 6ms
6ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38248ccf49644768343a57a9221af53c4cd5a6f5067a530b586af8f677d11832

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 1519
date: Tue, 11 May 2021 12:52:04 GMT
expires: Wed, 12 May 2021 12:52:04 GMT
last-modified: Sun, 31 Jan 2021 23:22:02 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 73590
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2810 0
23 B 131ms
64ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu-u-NG448jSJSKrxY9QqSFfG69duedmnbVHZA--ftuqjFpMDunTbndaJ4QAzJZWIHlKI5J9RQ_twxnZcDuIUesY8LrnylCXu6Ltp5w_PTGhM7AXiWgmq-Di48_YQ7hu_L5Nqo1OuFNWpfrS9PX7nqh0ZIf9FRz7uUpavPrLhWBFycd1DZLle7_2G83z9CgduxZAIsznxQy6twJ6p-Z&sig=Cg0ArKJSzAy5Cyijqj2eEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=299&cbvp=1&cstd=297&cisv=r20210510.37745&adurl=

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 09:18:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 index.html Show response
s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/ Frame 6692 5 KB
2 KB 7ms
6ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38248ccf49644768343a57a9221af53c4cd5a6f5067a530b586af8f677d11832

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 1519
date: Tue, 11 May 2021 13:03:30 GMT
expires: Wed, 12 May 2021 13:03:30 GMT
last-modified: Sun, 31 Jan 2021 23:24:35 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 72904
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3745 0
23 B 122ms
64ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstABHGh4jbB34cxnLMrD5EVY7Msb-wwWI_lWf41RH0fTu6PBBWBGR5VuNjjztwxWMyt_URe4DssykVTZCz0PkPcBPwnUgn-0zrQmAupd4_8XHFx9UQ93fetQO3sFebQ4tdVCgrn09LJqTrLLP-94IPjOd9CwDPlh8WGdG3roacA9IhJPLBtRQbnLbxttliYGvy78Fu6tjKb3_i68eln&sig=Cg0ArKJSzKIO1XqZGntHEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=267&cbvp=1&cstd=265&cisv=r20210510.27169&adurl=

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 09:18:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 pixel;r=942339098;rf=0;a=p-HGAVM7nQJ_sep;url=https%3A%2F%2Fcontrole.diariodorio.com%2F;uht=2;fpan=1;fpa=P0-904154199-1620811114563;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=1558287b-20210421211215;cm=;gdpr=0;...
pixel.quantserve.com/ 35 B
210 B 43ms
40ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=942339098;rf=0;a=p-HGAVM7nQJ_sep;url=https%3A%2F%2Fcontrole.diariodorio.com%2F;uht=2;fpan=1;fpa=P0-904154199-1620811114563;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=1558287b-20210421211215;cm=;gdpr=0;ref=;d=diariodorio.com;je=0;sr=1600x1200x24;dst=1;et=1620811114563;tzo=-120;ogl=locale.pt_BR%2Ctype.website%2Ctitle.Di%C3%A1rio%20do%20Rio%20de%20Janeiro%20-%20O%20Jornal%20100%25%20Carioca%2Cdescription.As%20principais%20not%C3%ADcias%20e%20coment%C3%A1rios%20do%20estado%20e%20da%20cidade%20do%20Rio%20de%20Janeiro%252E%20Cu%2Curl.https%3A%2F%2Fdiariodorio%252Ecom%2F%2Csite_name.Di%C3%A1rio%20do%20Rio%20de%20Janeiro%2Cimage.https%3A%2F%2Fcontrole%252Ediariodorio%252Ecom%2Fwp-content%2Fuploads%2F2019%2F07%2FLOGO_DDR_redondo%252Epng%2Cimage%3Asecure_url.https%3A%2F%2Fcontrole%252Ediariodorio%252Ecom%2Fwp-content%2Fuploads%2F2019%2F07%2FLOGO_DDR_redondo%252Epng%2Cimage%3Awidth.500%2Cimage%3Aheight.499

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:34 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29 200 style.css
s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/ Frame C54E 1 KB
559 B 50ms
7ms Stylesheet
text/css 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d014fe20933612bcc800fcd866327836eb165d15be6360bac248c519ce141fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:01:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73004
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 535
x-xss-protection: 0
last-modified: Sun, 31 Jan 2021 23:28:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 12 May 2021 13:01:50 GMT

GET
H3-29 200 main.js Show response
s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/ Frame C54E 2 KB
603 B 51ms
9ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b4f3d9a482315852b45392fae2cb7f06373674eb4a3fbaafb7c6f7ea17a00f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:01:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73004
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 579
x-xss-protection: 0
last-modified: Sun, 31 Jan 2021 23:28:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 12 May 2021 13:01:50 GMT

GET
H3-29 200 tweenmax_1.19.1_92cf05aba6ca4ea5cbc62b5a7cb924e3_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame C54E 110 KB
37 KB 26ms
18ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.1_92cf05aba6ca4ea5cbc62b5a7cb924e3_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62b1cff44a5e34b9587ad49f7ca951160f1559c5c545bcf99e13574ccaa5425a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37930
x-xss-protection: 0
last-modified: Tue, 20 Jun 2017 21:14:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 May 2021 09:18:34 GMT

GET
H3-29 200 back3.jpg
s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/ Frame C54E 26 KB
26 KB 9ms
6ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/back3.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ce76c1a5edbfaa86d3d95d93c25a5a8022c70bf53177acee5067c1dfc85fda3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 12:56:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:28:34 GMT
server: sffe
age: 73306
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26721
x-xss-protection: 0
expires: Wed, 12 May 2021 12:56:48 GMT

GET
H3-29 200 text4.png
s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/ Frame C54E 1 KB
1 KB 11ms
7ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/text4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd57db2457291c5e7b829b76a495abbc7cd5d149a65209f1013ac7fd80353630

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 12:56:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:28:34 GMT
server: sffe
age: 73305
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1026
x-xss-protection: 0
expires: Wed, 12 May 2021 12:56:49 GMT

GET
H3-29 200 cta.png
s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/ Frame C54E 1 KB
1 KB 10ms
6ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d860da576d9d8ec4cc3f57f4d58cd93c2096d30a55980297d59c9447c0a4a52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:01:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:28:34 GMT
server: sffe
age: 73003
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1093
x-xss-protection: 0
expires: Wed, 12 May 2021 13:01:51 GMT

GET
H3-29 200 nissan_black.png
s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/ Frame C54E 1 KB
1 KB 11ms
7ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/nissan_black.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37bc97ea35a020adb37d83ea9b4c63dc4ca34cc8ef9ba731e15a7914a3852b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:01:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:28:34 GMT
server: sffe
age: 73003
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1492
x-xss-protection: 0
expires: Wed, 12 May 2021 13:01:51 GMT

GET
H3-29 200 back3a.jpg
s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/ Frame C54E 27 KB
27 KB 17ms
13ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/back3a.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2accbcd4db6f651afc7dc798ba46e1c826bbbebb03a089de2c39388a6748748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:01:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:28:34 GMT
server: sffe
age: 73003
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27431
x-xss-protection: 0
expires: Wed, 12 May 2021 13:01:51 GMT

GET
H3-29 200 text3.png
s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/ Frame C54E 1 KB
1 KB 16ms
13ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/text3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

123ee0825b070529e70d7a127a533a8e33f7f6e0b004bb1b368ce7d78fd0cca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:01:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:28:34 GMT
server: sffe
age: 73003
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1225
x-xss-protection: 0
expires: Wed, 12 May 2021 13:01:51 GMT

GET
H3-29 200 text3a.png
s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/ Frame C54E 2 KB
2 KB 16ms
12ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/text3a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f0ac3e7e1d780529840e49909253f122e5b56036832b19e034fa3289dc95355

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:01:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:28:34 GMT
server: sffe
age: 73003
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2520
x-xss-protection: 0
expires: Wed, 12 May 2021 13:01:51 GMT

GET
H3-29 200 text3b.png
s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/ Frame C54E 2 KB
2 KB 15ms
12ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/text3b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

194dd165a2f7fa82f65c2d5e4eabb13a352d6cbdb24ea248dee23a92058a36ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:01:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:28:34 GMT
server: sffe
age: 73003
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2267
x-xss-protection: 0
expires: Wed, 12 May 2021 13:01:51 GMT

GET
H3-29 200 text3c.png
s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/ Frame C54E 3 KB
3 KB 14ms
11ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/text3c.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e220ef583f653ea5dd0ad93e7ed543097839c1752591d4b7ecb5bd46c25e2769

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:01:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:28:34 GMT
server: sffe
age: 73003
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3169
x-xss-protection: 0
expires: Wed, 12 May 2021 13:01:51 GMT

GET
H3-29 200 ml.png
s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/ Frame C54E 400 B
422 B 23ms
20ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/ml.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8adf7b5c55881bc2c83bdc0e5b88d82cfa037700b6fb944427e4b333a84562ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:01:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:28:34 GMT
server: sffe
age: 73003
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 400
x-xss-protection: 0
expires: Wed, 12 May 2021 13:01:51 GMT

GET
H3-29 200 back2.jpg
s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/ Frame C54E 16 KB
16 KB 23ms
20ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/back2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd60724cb9210212ed76686b7e74dce2c2c7cfa5fc7a5408c4b75fec59cfb1f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:01:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:28:34 GMT
server: sffe
age: 73003
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16096
x-xss-protection: 0
expires: Wed, 12 May 2021 13:01:51 GMT

GET
H3-29 200 text2.png
s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/ Frame C54E 565 B
587 B 23ms
19ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/text2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2ba9ffa08b8c4d5ce2ea6c83f0223e1cf987602d7fbcd56bfe3e8cc60be773a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:01:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:28:34 GMT
server: sffe
age: 73003
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 565
x-xss-protection: 0
expires: Wed, 12 May 2021 13:01:51 GMT

GET
H3-29 200 text2b.png
s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/ Frame C54E 1006 B
1 KB 22ms
19ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/text2b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289fb9eed8d8ebb41e4a1ed1e50fe919a7dccebf01e01480312b226e2aa4a93e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:09:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:28:34 GMT
server: sffe
age: 7736
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1006
x-xss-protection: 0
expires: Thu, 13 May 2021 07:09:38 GMT

GET
H3-29 200 back1.jpg
s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/ Frame C54E 25 KB
25 KB 16ms
13ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/back1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c40b9ac364e7c77ac95e53a6b382d82a2fa966722d2e3a0cad83474a4feb53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:01:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:28:34 GMT
server: sffe
age: 73003
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25890
x-xss-protection: 0
expires: Wed, 12 May 2021 13:01:51 GMT

GET
H3-29 200 text1.png
s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/ Frame C54E 480 B
502 B 22ms
19ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/text1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d6fedc4798eb727f5368a1764f155c0482f111c8b573dc17834b3939ca1ee43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:01:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:28:34 GMT
server: sffe
age: 73003
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 480
x-xss-protection: 0
expires: Wed, 12 May 2021 13:01:51 GMT

GET
H3-29 200 logo.png
s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/ Frame C54E 4 KB
4 KB 15ms
12ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40ccd6bbb4279e57d63e1dba047c33455247a6eca6571f35d59e9c9afd574737

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135714163/JUKE_OFFRE-PROFITEZ_728x90_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:01:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:28:34 GMT
server: sffe
age: 73003
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3772
x-xss-protection: 0
expires: Wed, 12 May 2021 13:01:51 GMT

GET
H3-29 200 VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js Show response
pagead2.googlesyndication.com/bg/ Frame 8E23 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:02:08 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 986
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Thu, 12 May 2022 09:02:08 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 84D3
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIatw4qCFXo4ecT0q2TUXJI&google_cver=1&google_push=AQvitUJixiwMDbvKP37AkC866CkqnwdLXPsMbyDm3QO0tWP-AM0rbwnri_...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUJixiwMDbvKP37AkC866CkqnwdLXPsMbyDm3QO0tWP-AM0rbwnri_Y13wuPQeDdwO4HW6qfR_YWav8qUs4Hq8lUrLMoIyKw&google_hm=Z14z_4...

170 B
188 B

40ms
40ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUJixiwMDbvKP37AkC866CkqnwdLXPsMbyDm3QO0tWP-AM0rbwnri_Y13wuPQeDdwO4HW6qfR_YWav8qUs4Hq8lUrLMoIyKw&google_hm=Z14z_4lcG5k_3TYLGYNwvQ

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUJixiwMDbvKP37AkC866CkqnwdLXPsMbyDm3QO0tWP-AM0rbwnri_Y13wuPQeDdwO4HW6qfR_YWav8qUs4Hq8lUrLMoIyKw&google_hm=Z14z_4lcG5k_3TYLGYNwvQ
pragma: no-cache
date: Wed, 12 May 2021 09:18:34 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 84D3
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitULyEXp1HDoGikH5ZVoM-la4f1Vdp_r1znkhHOp...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUp1ZGFnQUFBY1NhcG4tdg&google_push=AQvitULyEXp1HDoGikH5ZVoM-la4f1Vdp_r1znkhHOp8HaxO40wP9_PdH0dwCv3nFOzHynw5bnJ2APZJUIdOtJ3Kc2l5sJldk-Am

170 B
188 B

43ms
38ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUp1ZGFnQUFBY1NhcG4tdg&google_push=AQvitULyEXp1HDoGikH5ZVoM-la4f1Vdp_r1znkhHOp8HaxO40wP9_PdH0dwCv3nFOzHynw5bnJ2APZJUIdOtJ3Kc2l5sJldk-Am

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUp1ZGFnQUFBY1NhcG4tdg&google_push=AQvitULyEXp1HDoGikH5ZVoM-la4f1Vdp_r1znkhHOp8HaxO40wP9_PdH0dwCv3nFOzHynw5bnJ2APZJUIdOtJ3Kc2l5sJldk-Am
Date: Wed, 12 May 2021 09:18:34 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 84D3
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUJ9OoHoRldIBDU_NQCPgJL5E1Z3wTF39G5OwxKsZnfbgm-E5eQ-KyfQFos-xI4pYsiI7-28arDX4-Nnw8KUqouU_bg0x9w&google_gid=CAESED5BqC6WvJDstllNGtZlM4k&goog...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCOu67oQGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BUXZpdFVKOU9vSG9SbGRJQkRVX05RQ1BnSkw1RTFaM3dURjM5RzVPd3hLc1puZmJnbS1FNWVRLUt5ZlFGb3MteEk0cFlzaUk3LTI4YXJEWDQtTm53OE...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwUmxIOXktam1IY0NnbjRwRTMzRU1lM1ZLUl9jUFl3T2ZXVjFJQUVtdTlTTQ==&google_push

170 B
188 B

39ms
37ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwUmxIOXktam1IY0NnbjRwRTMzRU1lM1ZLUl9jUFl3T2ZXVjFJQUVtdTlTTQ==&google_push

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 12 May 2021 09:18:35 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwUmxIOXktam1IY0NnbjRwRTMzRU1lM1ZLUl9jUFl3T2ZXVjFJQUVtdTlTTQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 84D3 43 B
324 B 118ms
32ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEDy8s2fhgboC6z8McMF6yss&google_push=AQvitULD1Mx9-zJ5k8NSwQ0nZUSyzFlrPkOfltActryq3A2380YDPZGOQG1IYzyepZEqip4Yqtkhbs1AEYRBdC40jvHXfAVvv-A&google_cver=1
Requested by: Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:34 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 84D3
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xZeFsXYlQf-TD0I1HptrVQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

41ms
40ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xZeFsXYlQf-TD0I1HptrVQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIXgtCGvm6pPp3z3awbT3Ut3kdu-Jb7HZVQQ2SRqk92XKmmhTdb6-W_pBa9u0yFdcS5nZ0qy8J6Bu-qYQwpQGave-ygk1uN

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xZeFsXYlQf-TD0I1HptrVQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIXgtCGvm6pPp3z3awbT3Ut3kdu-Jb7HZVQQ2SRqk92XKmmhTdb6-W_pBa9u0yFdcS5nZ0qy8J6Bu-qYQwpQGave-ygk1uN
Date: Wed, 12 May 2021 09:18:34 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 84D3
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEE4GpwwXo_X6S2AikXlQiso&google_cver=1&google_push=AQvitUL_BSbZ90mANINblFPJKE70UCgvw2wQbTtdMPRk96Wnsnvifz90JNreCWQOcqPnasqTm8S...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09MOTM4NTMtMU4tMkRYSA==&google_push=AQvitUL_BSbZ90mANINblFPJKE70UCgvw2wQbTtdMPRk96Wnsnvifz90JNreCWQOcqPnasqTm8SYrbcV5oypUfhUkEaHJPzYenM

170 B
188 B

84ms
83ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09MOTM4NTMtMU4tMkRYSA==&google_push=AQvitUL_BSbZ90mANINblFPJKE70UCgvw2wQbTtdMPRk96Wnsnvifz90JNreCWQOcqPnasqTm8SYrbcV5oypUfhUkEaHJPzYenM

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09MOTM4NTMtMU4tMkRYSA==&google_push=AQvitUL_BSbZ90mANINblFPJKE70UCgvw2wQbTtdMPRk96Wnsnvifz90JNreCWQOcqPnasqTm8SYrbcV5oypUfhUkEaHJPzYenM
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 84D3
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-...

0
0

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 84D3 0
12 B 81ms
79ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kbdx2Y7lvhIPme5L2fTM1uQwkq-dWni4uAqhmcFwidQpLvw2yaLzaFQYRI62X1RKGe9yP9

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:34 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame 02EA 35 B
210 B 10ms
8ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIatw4qCFXo4ecT0q2TUXJI&google_cver=1&google_push=AQvitUKHp___SGRHW76wDJfy4yb_arLQFn_aSxb2D4EnX1yFZzpVnJPvGscZEO4rGAdfKJqTONT9edXA0RaSeYUISrxEeNGfBixQ

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:34 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 02EA
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitULMuoAa...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitULMuoAa...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA1MTIwOTE4MzUzODUzNTUyNDU5MTI3NQ%3D%3D&google_push=AQvitULMuoAaMWCmWzsf0MkIO1elfTogWZHFnyU4FimZgoIFJrFzomPERkFrTosj1kKcEb...

170 B
188 B

80ms
76ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA1MTIwOTE4MzUzODUzNTUyNDU5MTI3NQ%3D%3D&google_push=AQvitULMuoAaMWCmWzsf0MkIO1elfTogWZHFnyU4FimZgoIFJrFzomPERkFrTosj1kKcEb_kJCBYth6qoofhOS2IIyyl5MRgA3bl

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA1MTIwOTE4MzUzODUzNTUyNDU5MTI3NQ%3D%3D&google_push=AQvitULMuoAaMWCmWzsf0MkIO1elfTogWZHFnyU4FimZgoIFJrFzomPERkFrTosj1kKcEb_kJCBYth6qoofhOS2IIyyl5MRgA3bl
Pragma: no-cache
Date: Wed, 12 May 2021 09:18:35 GMT
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 02EA 43 B
106 B 87ms
32ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEDy8s2fhgboC6z8McMF6yss&google_push=AQvitUI-FPS1BvHGJATxZMYd6HI2jHtWJ0mMOLMb2sBTWErQlX5c5nLLKBwzyaUA1A1CdTUMBuuhPnYZTYKDy9KkYRKskg4ZUy04&google_cver=1
Requested by: Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:34 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 02EA
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEJksqCfpvcGoUCWCuOZUyk8&google_cver=1&google_push=AQvitUKjlsTnIkLnhiBuWYa_yg94pbynB8xibyc_k2q8rDNjlVloUqCDIW3h9DSzSb04LfRbi6LbUqdg7Nnd_7w_x0Nwf5ANyW8
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKjlsTnIkLnhiBuWYa_yg94pbynB8xibyc_k2q8rDNjlVloUqCDIW3h9DSzSb04LfRbi6LbUqdg7Nnd_7w_x0Nwf5ANyW8&google_hm=1roNUAOezOs0161lGyN9DA==

170 B
188 B

72ms
60ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKjlsTnIkLnhiBuWYa_yg94pbynB8xibyc_k2q8rDNjlVloUqCDIW3h9DSzSb04LfRbi6LbUqdg7Nnd_7w_x0Nwf5ANyW8&google_hm=1roNUAOezOs0161lGyN9DA==

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:33 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKjlsTnIkLnhiBuWYa_yg94pbynB8xibyc_k2q8rDNjlVloUqCDIW3h9DSzSb04LfRbi6LbUqdg7Nnd_7w_x0Nwf5ANyW8&google_hm=1roNUAOezOs0161lGyN9DA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: ojqddtb3a0srinaletcce7i46f9qsmbt

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 02EA
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3Pga-UC1SBCIy4JEhy1e_A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

41ms
41ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3Pga-UC1SBCIy4JEhy1e_A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUL40wgj-b4pXJ4MQg04EMO0VIZ02dHZkrnW232xffv091EubIK0nm8K0EVdMX_CmDoLr09RgOLYEkpsRuW-xnlvu6tcgv-i

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3Pga-UC1SBCIy4JEhy1e_A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUL40wgj-b4pXJ4MQg04EMO0VIZ02dHZkrnW232xffv091EubIK0nm8K0EVdMX_CmDoLr09RgOLYEkpsRuW-xnlvu6tcgv-i
Date: Wed, 12 May 2021 09:18:33 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 02EA
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEE4GpwwXo_X6S2AikXlQiso&google_cver=1&google_push=AQvitUKmre0lcMrAkssFpQs18MLmqgf8ZUrSzBZjwrEuTWYbFMcCDefhZEH8rUB6KKVK0owNwyP...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09MOTM4N1YtMy00QUlT&google_push=AQvitUKmre0lcMrAkssFpQs18MLmqgf8ZUrSzBZjwrEuTWYbFMcCDefhZEH8rUB6KKVK0owNwyPEdNwdUGz6QXYGQ-DE9vCkoAWv

170 B
188 B

39ms
39ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09MOTM4N1YtMy00QUlT&google_push=AQvitUKmre0lcMrAkssFpQs18MLmqgf8ZUrSzBZjwrEuTWYbFMcCDefhZEH8rUB6KKVK0owNwyPEdNwdUGz6QXYGQ-DE9vCkoAWv

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09MOTM4N1YtMy00QUlT&google_push=AQvitUKmre0lcMrAkssFpQs18MLmqgf8ZUrSzBZjwrEuTWYbFMcCDefhZEH8rUB6KKVK0owNwyPEdNwdUGz6QXYGQ-DE9vCkoAWv
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 02EA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLD...

0
0

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 02EA 0
12 B 50ms
49ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IZnmIos68i4XpAdFzk6Av9-ALmDLmKj6xEs8rA2zcy3a04KjlURm6ZozCDfKvQ_ruhmuwK

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:34 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8216
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIatw4qCFXo4ecT0q2TUXJI&google_cver=1&google_push=AQvitUL2PrM0xHG-MbUCZun0KoKymPVjJkJJxzmWFlvWB6KNz0nb2sxvl9...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUL2PrM0xHG-MbUCZun0KoKymPVjJkJJxzmWFlvWB6KNz0nb2sxvl99uJEoc_z7XYUqyfzBwc4T_w9VAQBMFMwVN7jDCMFA&google_hm=Z14z_4l...

170 B
188 B

82ms
82ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUL2PrM0xHG-MbUCZun0KoKymPVjJkJJxzmWFlvWB6KNz0nb2sxvl99uJEoc_z7XYUqyfzBwc4T_w9VAQBMFMwVN7jDCMFA&google_hm=Z14z_4lcG5k_3TYLGYNwvQ

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUL2PrM0xHG-MbUCZun0KoKymPVjJkJJxzmWFlvWB6KNz0nb2sxvl99uJEoc_z7XYUqyfzBwc4T_w9VAQBMFMwVN7jDCMFA&google_hm=Z14z_4lcG5k_3TYLGYNwvQ
pragma: no-cache
date: Wed, 12 May 2021 09:18:34 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8216
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUJwVEZTx6GOoB8cU_GP4kGm91e4-wSlRbV_Ywn...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUp1ZGFnQUFBZndsVUZhSg&google_push=AQvitUJwVEZTx6GOoB8cU_GP4kGm91e4-wSlRbV_YwnFwETeZl76dAya0_FIvTE9eDigpj7aIk4gPbVAHMY3-K7szgQiad5VjVWZ

170 B
188 B

41ms
41ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUp1ZGFnQUFBZndsVUZhSg&google_push=AQvitUJwVEZTx6GOoB8cU_GP4kGm91e4-wSlRbV_YwnFwETeZl76dAya0_FIvTE9eDigpj7aIk4gPbVAHMY3-K7szgQiad5VjVWZ

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUp1ZGFnQUFBZndsVUZhSg&google_push=AQvitUJwVEZTx6GOoB8cU_GP4kGm91e4-wSlRbV_YwnFwETeZl76dAya0_FIvTE9eDigpj7aIk4gPbVAHMY3-K7szgQiad5VjVWZ
Date: Wed, 12 May 2021 09:18:34 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8216
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIhqWru...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIhqWru...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA1MTIwOTE4MzUzODUzNTUyNDU5MTI3NQ%3D%3D&google_push=AQvitUIhqWruiHdSITf2o4OfXVrIusJJxlViJ2A5LDY_ll4ONXCwWezwuKxm5ZyALNe191...

170 B
188 B

40ms
38ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA1MTIwOTE4MzUzODUzNTUyNDU5MTI3NQ%3D%3D&google_push=AQvitUIhqWruiHdSITf2o4OfXVrIusJJxlViJ2A5LDY_ll4ONXCwWezwuKxm5ZyALNe191gFI8MNP7T5iwx1G-iRpprxF4bSPrs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA1MTIwOTE4MzUzODUzNTUyNDU5MTI3NQ%3D%3D&google_push=AQvitUIhqWruiHdSITf2o4OfXVrIusJJxlViJ2A5LDY_ll4ONXCwWezwuKxm5ZyALNe191gFI8MNP7T5iwx1G-iRpprxF4bSPrs
Pragma: no-cache
Date: Wed, 12 May 2021 09:18:35 GMT
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 8216 43 B
106 B 80ms
33ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEDy8s2fhgboC6z8McMF6yss&google_push=AQvitUICxxSDauIp3luzHmfo__kUxnCAUVJgW8y2LDCH22-WXc1RTbEtO1pKALCG0b3iG67DVL0BLO9NENv21Y-pkCsUl5Cjd5ek&google_cver=1
Requested by: Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:34 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8216
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEE4GpwwXo_X6S2AikXlQiso&google_cver=1&google_push=AQvitUJTwS1pf7eRdNmrF-4l8tWEjv8nBSb0RcC7dPnjGof4hky9lwBF2mZFb5YcjzX26nOKCDH...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09MOTM4OTYtMUItSkxRUw==&google_push=AQvitUJTwS1pf7eRdNmrF-4l8tWEjv8nBSb0RcC7dPnjGof4hky9lwBF2mZFb5YcjzX26nOKCDHwa6p35-4TuhFM3b-Qi9hhUxTK

170 B
188 B

40ms
40ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09MOTM4OTYtMUItSkxRUw==&google_push=AQvitUJTwS1pf7eRdNmrF-4l8tWEjv8nBSb0RcC7dPnjGof4hky9lwBF2mZFb5YcjzX26nOKCDHwa6p35-4TuhFM3b-Qi9hhUxTK

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09MOTM4OTYtMUItSkxRUw==&google_push=AQvitUJTwS1pf7eRdNmrF-4l8tWEjv8nBSb0RcC7dPnjGof4hky9lwBF2mZFb5YcjzX26nOKCDHwa6p35-4TuhFM3b-Qi9hhUxTK
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 8216
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz...

0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8216
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESECQaDVVQs7mzq-hG9Mdgc00&google_cver=1&google_push=AQvitULxSvP0Z-NxU-sCNpl1...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitULxSvP0Z-NxU-sCNpl16Z72sCQg4ayxPziiCUwPbmbBcsoBKtqTl_drj6FC0rli3kLJeR3IivZIeuyh1_xqPjpGL5a1YVQNZg&google_hm=

170 B
188 B

73ms
64ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitULxSvP0Z-NxU-sCNpl16Z72sCQg4ayxPziiCUwPbmbBcsoBKtqTl_drj6FC0rli3kLJeR3IivZIeuyh1_xqPjpGL5a1YVQNZg&google_hm=

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:34 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitULxSvP0Z-NxU-sCNpl16Z72sCQg4ayxPziiCUwPbmbBcsoBKtqTl_drj6FC0rli3kLJeR3IivZIeuyh1_xqPjpGL5a1YVQNZg&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Tue, 11 May 2021 09:18:34 GMT

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 8216 0
12 B 44ms
42ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JaFJIAty0pjyU9YpzaQmLGAuaJhTKcyREYYefkpBUlR4sfEQ48sBvw21L1yk66R8saz5H4Fg

Requested by

Host: b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
URL: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:34 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js Show response
pagead2.googlesyndication.com/bg/ Frame D881 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:02:08 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 986
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Thu, 12 May 2022 09:02:08 GMT

GET
H3-29 200 eO7zG6GhPbnIN9dahbnWn5817R3A2AWEjlpR17NmnVM.js Show response
pagead2.googlesyndication.com/bg/ Frame E976 14 KB
6 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eO7zG6GhPbnIN9dahbnWn5817R3A2AWEjlpR17NmnVM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78eef31ba1a13db9c837d75a85b9d69f9f35ed1dc0d805848e5a51d7b3669d53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 08:51:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 1648
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5642
x-xss-protection: 0
expires: Thu, 12 May 2022 08:51:06 GMT

GET
H3-29 200 VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js Show response
pagead2.googlesyndication.com/bg/ Frame 3B26 14 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:02:08 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 986
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Thu, 12 May 2022 09:02:08 GMT

GET
H3-29 200 VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js Show response
pagead2.googlesyndication.com/bg/ Frame 92D4 14 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:02:08 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 986
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Thu, 12 May 2022 09:02:08 GMT

GET
H3-29 200 style.css
s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/ Frame 6BEB 1 KB
536 B 14ms
7ms Stylesheet
text/css 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

051025522b6efc405929fb00ccf5e7bf3fc5d38cf56cf38f51d0ffa896938376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 08:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2796
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 511
x-xss-protection: 0
last-modified: Sun, 31 Jan 2021 23:23:40 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 13 May 2021 08:31:58 GMT

GET
H3-29 200 main.js Show response
s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/ Frame 6BEB 1 KB
588 B 12ms
7ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e3441f0da47965d475c902c09d9c269054457d568226269c23335e0d43d766

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 08:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2796
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 563
x-xss-protection: 0
last-modified: Sun, 31 Jan 2021 23:23:40 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 13 May 2021 08:31:58 GMT

GET
H3-29 200 tweenmax_1.19.1_92cf05aba6ca4ea5cbc62b5a7cb924e3_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 6BEB 110 KB
37 KB 18ms
14ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.1_92cf05aba6ca4ea5cbc62b5a7cb924e3_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62b1cff44a5e34b9587ad49f7ca951160f1559c5c545bcf99e13574ccaa5425a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37930
x-xss-protection: 0
last-modified: Tue, 20 Jun 2017 21:14:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 May 2021 09:18:34 GMT

GET
H3-29 200 back3.jpg
s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/ Frame 6BEB 68 KB
68 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/back3.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f16b6f2446d8033654e9a08cde0b506d305976ad691b07d997e8b5524f701b1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:05:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:23:40 GMT
server: sffe
age: 72804
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70086
x-xss-protection: 0
expires: Wed, 12 May 2021 13:05:10 GMT

GET
H3-29 200 text4.png
s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/ Frame 6BEB 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/text4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d85680431f6b18d6f462d4fd0166441cb06c35351adebeeb2b663fa91859487f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:05:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:23:40 GMT
server: sffe
age: 72804
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1672
x-xss-protection: 0
expires: Wed, 12 May 2021 13:05:10 GMT

GET
H3-29 200 text4b.png
s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/ Frame 6BEB 5 KB
5 KB 37ms
28ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/text4b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97c405fb30858b66356a8b099d4dbaa5ec5508cee66bdbb26f2d40f7b2384ff4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:05:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:23:40 GMT
server: sffe
age: 72804
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4931
x-xss-protection: 0
expires: Wed, 12 May 2021 13:05:10 GMT

GET
H3-29 200 cta.png
s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/ Frame 6BEB 2 KB
2 KB 36ms
27ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2c3036edd0f028bd90ae9be8620137f52b1a08e34912212e5de382244401efa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:05:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:23:40 GMT
server: sffe
age: 72804
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1667
x-xss-protection: 0
expires: Wed, 12 May 2021 13:05:10 GMT

GET
H3-29 200 nissan_black.png
s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/ Frame 6BEB 2 KB
2 KB 41ms
7ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/nissan_black.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbfc676ffc58261e482dfc6072f65837e6414cd871e21046bcf9625dd770a20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:05:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:23:40 GMT
server: sffe
age: 72805
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1545
x-xss-protection: 0
expires: Wed, 12 May 2021 13:05:10 GMT

GET
H3-29 200 back2.jpg
s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/ Frame 6BEB 81 KB
81 KB 44ms
9ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/back2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ade8431495c374af2d6164cd2e020a9e6363ec0d9ccf5557c75b09dd88ec2c67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:05:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:23:40 GMT
server: sffe
age: 72805
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83172
x-xss-protection: 0
expires: Wed, 12 May 2021 13:05:10 GMT

GET
H3-29 200 text2.png
s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/ Frame 6BEB 798 B
825 B 44ms
9ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/text2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bba7e1e38dfcc2787ad5e4958a3c8d4cb556c1c58462d24ddab7d9d9e1ef84ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:05:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:23:40 GMT
server: sffe
age: 72805
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 798
x-xss-protection: 0
expires: Wed, 12 May 2021 13:05:10 GMT

GET
H3-29 200 text2b.png
s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/ Frame 6BEB 1 KB
1 KB 44ms
9ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/text2b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

205c0957c7659e11e8922b1897eb462bc05384d34ecc6d4d2750c55fb49d42ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:05:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:23:40 GMT
server: sffe
age: 72805
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1308
x-xss-protection: 0
expires: Wed, 12 May 2021 13:05:10 GMT

GET
H3-29 200 nissan_white.png
s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/ Frame 6BEB 2 KB
2 KB 42ms
7ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/nissan_white.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ea6b8f377d11a2df7a9e07d4e81cf9af1b00fcebef57f838ba3e40c4e7cd8cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:05:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:23:39 GMT
server: sffe
age: 72805
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1562
x-xss-protection: 0
expires: Wed, 12 May 2021 13:05:10 GMT

GET
H3-29 200 back1.jpg
s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/ Frame 6BEB 57 KB
57 KB 45ms
11ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/back1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c85766d7829d100be7b0101187341d5402c983ec04c8dbbd9629c37f6f5497b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:05:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:23:40 GMT
server: sffe
age: 72805
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57949
x-xss-protection: 0
expires: Wed, 12 May 2021 13:05:10 GMT

GET
H3-29 200 text1.png
s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/ Frame 6BEB 642 B
669 B 47ms
12ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/text1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67285ce4e1875aad5c46db74e433565d15221806b24ca2a24a219e202b5e19e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:05:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:23:40 GMT
server: sffe
age: 72805
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 642
x-xss-protection: 0
expires: Wed, 12 May 2021 13:05:10 GMT

GET
H3-29 200 logo.png
s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/ Frame 6BEB 9 KB
9 KB 46ms
12ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

150ac46705ccaf733372fa01a038ca6ed5ea2b763bea0a7e462e02841c6bfe16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135419942/JUKE_STOCK-INVENTORY_300x600_03/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:05:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:23:40 GMT
server: sffe
age: 72805
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9518
x-xss-protection: 0
expires: Wed, 12 May 2021 13:05:10 GMT

GET
H3-29 200 style.css
s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/ Frame F124 1 KB
537 B 10ms
7ms Stylesheet
text/css 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

051025522b6efc405929fb00ccf5e7bf3fc5d38cf56cf38f51d0ffa896938376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71546
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 511
x-xss-protection: 0
last-modified: Sun, 31 Jan 2021 23:22:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 12 May 2021 13:26:08 GMT

GET
H3-29 200 main.js Show response
s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/ Frame F124 2 KB
632 B 12ms
8ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37d971369b157cc4d0dc92e9f1cd3d7f1ca991c3722593e3031a2aaaf6a5925a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 12:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73590
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 606
x-xss-protection: 0
last-modified: Sun, 31 Jan 2021 23:22:02 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 12 May 2021 12:52:04 GMT

GET
H3-29 200 tweenmax_1.19.1_92cf05aba6ca4ea5cbc62b5a7cb924e3_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame F124 110 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.1_92cf05aba6ca4ea5cbc62b5a7cb924e3_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62b1cff44a5e34b9587ad49f7ca951160f1559c5c545bcf99e13574ccaa5425a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37930
x-xss-protection: 0
last-modified: Tue, 20 Jun 2017 21:14:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 May 2021 09:18:34 GMT

GET
H3-29 200 back3.jpg
s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/ Frame F124 68 KB
68 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/back3.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f16b6f2446d8033654e9a08cde0b506d305976ad691b07d997e8b5524f701b1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:26:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:22:05 GMT
server: sffe
age: 71545
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70086
x-xss-protection: 0
expires: Wed, 12 May 2021 13:26:09 GMT

GET
H3-29 200 text3.png
s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/ Frame F124 8 KB
8 KB 9ms
9ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/text3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db399886c635ebbfa97d2eae22892462958aa92977cc5399ac6f23e379fef659

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:26:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:22:03 GMT
server: sffe
age: 71546
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8506
x-xss-protection: 0
expires: Wed, 12 May 2021 13:26:09 GMT

GET
H3-29 200 text3a.png
s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/ Frame F124 844 B
871 B 12ms
11ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/text3a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0886ad4e02a958c119d183ad3130a3b76e5019426388640b420d58563de08c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:26:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:22:03 GMT
server: sffe
age: 71546
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 844
x-xss-protection: 0
expires: Wed, 12 May 2021 13:26:09 GMT

GET
H3-29 200 text3b.png
s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/ Frame F124 869 B
896 B 12ms
8ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/text3b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de1a96d073ef88b7bb7ad36228ba75ecd0a9fa573b477ef6339ada437cfabf91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:26:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:22:04 GMT
server: sffe
age: 71546
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 869
x-xss-protection: 0
expires: Wed, 12 May 2021 13:26:09 GMT

GET
H3-29 200 text3c.png
s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/ Frame F124 1 KB
1 KB 12ms
8ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/text3c.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fe20f95e6eafcb276f426a630c8be4930f840428eb0a9ccdb9b979fe2ab8b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:26:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:22:05 GMT
server: sffe
age: 71546
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1043
x-xss-protection: 0
expires: Wed, 12 May 2021 13:26:09 GMT

GET
H3-29 200 ml.png
s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/ Frame F124 513 B
541 B 17ms
12ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/ml.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c507d4f136f4f8f4be277f9b03c9cc81f8d9ea2db9d17a93e1354703021c6183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:26:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:22:02 GMT
server: sffe
age: 71546
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 513
x-xss-protection: 0
expires: Wed, 12 May 2021 13:26:09 GMT

GET
H3-29 200 text4.png
s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/ Frame F124 2 KB
2 KB 16ms
11ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/text4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d85680431f6b18d6f462d4fd0166441cb06c35351adebeeb2b663fa91859487f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:26:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:22:05 GMT
server: sffe
age: 71546
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1672
x-xss-protection: 0
expires: Wed, 12 May 2021 13:26:09 GMT

GET
H3-29 200 cta.png
s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/ Frame F124 6 KB
6 KB 17ms
12ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39c1fc98599a6003d039bd133e2bef6837dba8cd2105bbca50bc7753523e2727

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:26:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:22:04 GMT
server: sffe
age: 71546
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6258
x-xss-protection: 0
expires: Wed, 12 May 2021 13:26:09 GMT

GET
H3-29 200 nissan_black.png
s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/ Frame F124 2 KB
2 KB 16ms
12ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/nissan_black.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbfc676ffc58261e482dfc6072f65837e6414cd871e21046bcf9625dd770a20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:26:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:22:04 GMT
server: sffe
age: 71546
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1545
x-xss-protection: 0
expires: Wed, 12 May 2021 13:26:09 GMT

GET
H3-29 200 back2.jpg
s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/ Frame F124 81 KB
81 KB 17ms
13ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/back2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ade8431495c374af2d6164cd2e020a9e6363ec0d9ccf5557c75b09dd88ec2c67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:26:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:22:03 GMT
server: sffe
age: 71546
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83172
x-xss-protection: 0
expires: Wed, 12 May 2021 13:26:09 GMT

GET
H3-29 200 text2.png
s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/ Frame F124 798 B
825 B 18ms
14ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/text2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bba7e1e38dfcc2787ad5e4958a3c8d4cb556c1c58462d24ddab7d9d9e1ef84ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:26:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:22:05 GMT
server: sffe
age: 71546
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 798
x-xss-protection: 0
expires: Wed, 12 May 2021 13:26:09 GMT

GET
H3-29 200 text2b.png
s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/ Frame F124 1 KB
1 KB 17ms
14ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/text2b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

205c0957c7659e11e8922b1897eb462bc05384d34ecc6d4d2750c55fb49d42ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:26:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:22:05 GMT
server: sffe
age: 71546
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1308
x-xss-protection: 0
expires: Wed, 12 May 2021 13:26:09 GMT

GET
H3-29 200 nissan_white.png
s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/ Frame F124 2 KB
2 KB 21ms
12ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/nissan_white.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ea6b8f377d11a2df7a9e07d4e81cf9af1b00fcebef57f838ba3e40c4e7cd8cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:26:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:22:05 GMT
server: sffe
age: 71546
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1562
x-xss-protection: 0
expires: Wed, 12 May 2021 13:26:09 GMT

GET
H3-29 200 back1.jpg
s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/ Frame F124 57 KB
57 KB 21ms
13ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/back1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c85766d7829d100be7b0101187341d5402c983ec04c8dbbd9629c37f6f5497b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:26:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:22:02 GMT
server: sffe
age: 71546
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57949
x-xss-protection: 0
expires: Wed, 12 May 2021 13:26:09 GMT

GET
H3-29 200 text1.png
s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/ Frame F124 642 B
669 B 21ms
12ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/text1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67285ce4e1875aad5c46db74e433565d15221806b24ca2a24a219e202b5e19e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:26:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:22:04 GMT
server: sffe
age: 71546
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 642
x-xss-protection: 0
expires: Wed, 12 May 2021 13:26:09 GMT

GET
H3-29 200 logo.png
s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/ Frame F124 9 KB
9 KB 24ms
16ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

150ac46705ccaf733372fa01a038ca6ed5ea2b763bea0a7e462e02841c6bfe16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135322242/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:42:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:22:04 GMT
server: sffe
age: 70557
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9518
x-xss-protection: 0
expires: Wed, 12 May 2021 13:42:38 GMT

GET
H3-29 200 style.css
s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/ Frame 6692 1 KB
538 B 9ms
8ms Stylesheet
text/css 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

051025522b6efc405929fb00ccf5e7bf3fc5d38cf56cf38f51d0ffa896938376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:03:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72904
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 511
x-xss-protection: 0
last-modified: Sun, 31 Jan 2021 23:24:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 12 May 2021 13:03:30 GMT

GET
H3-29 200 main.js Show response
s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/ Frame 6692 2 KB
632 B 9ms
8ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37d971369b157cc4d0dc92e9f1cd3d7f1ca991c3722593e3031a2aaaf6a5925a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:03:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72904
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 606
x-xss-protection: 0
last-modified: Sun, 31 Jan 2021 23:24:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 12 May 2021 13:03:30 GMT

GET
H3-29 200 tweenmax_1.19.1_92cf05aba6ca4ea5cbc62b5a7cb924e3_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 6692 110 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.1_92cf05aba6ca4ea5cbc62b5a7cb924e3_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62b1cff44a5e34b9587ad49f7ca951160f1559c5c545bcf99e13574ccaa5425a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37930
x-xss-protection: 0
last-modified: Tue, 20 Jun 2017 21:14:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 May 2021 09:18:34 GMT

GET
H3-29 200 back3.jpg
s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/ Frame 6692 68 KB
68 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/back3.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f16b6f2446d8033654e9a08cde0b506d305976ad691b07d997e8b5524f701b1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:01:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:24:35 GMT
server: sffe
age: 72997
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70086
x-xss-protection: 0
expires: Wed, 12 May 2021 13:01:57 GMT

GET
H3-29 200 text3.png
s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/ Frame 6692 8 KB
8 KB 25ms
15ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/text3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db399886c635ebbfa97d2eae22892462958aa92977cc5399ac6f23e379fef659

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:01:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:24:35 GMT
server: sffe
age: 72998
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8506
x-xss-protection: 0
expires: Wed, 12 May 2021 13:01:57 GMT

GET
H3-29 200 text3a.png
s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/ Frame 6692 844 B
872 B 53ms
37ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/text3a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0886ad4e02a958c119d183ad3130a3b76e5019426388640b420d58563de08c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:01:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:24:35 GMT
server: sffe
age: 72998
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 844
x-xss-protection: 0
expires: Wed, 12 May 2021 13:01:57 GMT

GET
H3-29 200 text3b.png
s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/ Frame 6692 869 B
897 B 51ms
36ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/text3b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de1a96d073ef88b7bb7ad36228ba75ecd0a9fa573b477ef6339ada437cfabf91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:01:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:24:35 GMT
server: sffe
age: 72998
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 869
x-xss-protection: 0
expires: Wed, 12 May 2021 13:01:57 GMT

GET
H3-29 200 text3c.png
s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/ Frame 6692 1 KB
1 KB 50ms
36ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/text3c.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fe20f95e6eafcb276f426a630c8be4930f840428eb0a9ccdb9b979fe2ab8b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:01:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:24:35 GMT
server: sffe
age: 72998
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1043
x-xss-protection: 0
expires: Wed, 12 May 2021 13:01:57 GMT

GET
H3-29 200 ml.png
s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/ Frame 6692 513 B
541 B 50ms
36ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/ml.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c507d4f136f4f8f4be277f9b03c9cc81f8d9ea2db9d17a93e1354703021c6183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:01:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:24:35 GMT
server: sffe
age: 72998
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 513
x-xss-protection: 0
expires: Wed, 12 May 2021 13:01:57 GMT

GET
H3-29 200 text4.png
s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/ Frame 6692 2 KB
2 KB 56ms
42ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/text4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d85680431f6b18d6f462d4fd0166441cb06c35351adebeeb2b663fa91859487f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:01:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:24:36 GMT
server: sffe
age: 72998
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1672
x-xss-protection: 0
expires: Wed, 12 May 2021 13:01:57 GMT

GET
H3-29 200 cta.png
s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/ Frame 6692 2 KB
2 KB 54ms
40ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8266c5e89cbe14806366ba3fcfddc727aae46b2f3190313b546b7f22a0591a76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:01:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:24:35 GMT
server: sffe
age: 72998
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1541
x-xss-protection: 0
expires: Wed, 12 May 2021 13:01:57 GMT

GET
H3-29 200 nissan_black.png
s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/ Frame 6692 2 KB
2 KB 53ms
40ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/nissan_black.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbfc676ffc58261e482dfc6072f65837e6414cd871e21046bcf9625dd770a20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:01:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:24:36 GMT
server: sffe
age: 72998
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1545
x-xss-protection: 0
expires: Wed, 12 May 2021 13:01:57 GMT

GET
H3-29 200 back2.jpg
s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/ Frame 6692 81 KB
81 KB 52ms
39ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/back2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ade8431495c374af2d6164cd2e020a9e6363ec0d9ccf5557c75b09dd88ec2c67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:01:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:24:35 GMT
server: sffe
age: 72998
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83172
x-xss-protection: 0
expires: Wed, 12 May 2021 13:01:57 GMT

GET
H3-29 200 text2.png
s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/ Frame 6692 798 B
825 B 53ms
40ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/text2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bba7e1e38dfcc2787ad5e4958a3c8d4cb556c1c58462d24ddab7d9d9e1ef84ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:01:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:24:36 GMT
server: sffe
age: 72998
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 798
x-xss-protection: 0
expires: Wed, 12 May 2021 13:01:57 GMT

GET
H3-29 200 text2b.png
s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/ Frame 6692 1 KB
1 KB 52ms
39ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/text2b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

205c0957c7659e11e8922b1897eb462bc05384d34ecc6d4d2750c55fb49d42ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:01:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:24:35 GMT
server: sffe
age: 72998
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1308
x-xss-protection: 0
expires: Wed, 12 May 2021 13:01:57 GMT

GET
H3-29 200 nissan_white.png
s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/ Frame 6692 2 KB
2 KB 51ms
38ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/nissan_white.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ea6b8f377d11a2df7a9e07d4e81cf9af1b00fcebef57f838ba3e40c4e7cd8cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:01:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:24:35 GMT
server: sffe
age: 72998
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1562
x-xss-protection: 0
expires: Wed, 12 May 2021 13:01:57 GMT

GET
H3-29 200 back1.jpg
s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/ Frame 6692 57 KB
57 KB 49ms
36ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/back1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c85766d7829d100be7b0101187341d5402c983ec04c8dbbd9629c37f6f5497b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:01:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:24:36 GMT
server: sffe
age: 72998
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57949
x-xss-protection: 0
expires: Wed, 12 May 2021 13:01:57 GMT

GET
H3-29 200 text1.png
s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/ Frame 6692 642 B
670 B 51ms
38ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/text1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67285ce4e1875aad5c46db74e433565d15221806b24ca2a24a219e202b5e19e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:01:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:24:35 GMT
server: sffe
age: 72998
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 642
x-xss-protection: 0
expires: Wed, 12 May 2021 13:01:57 GMT

GET
H3-29 200 logo.png
s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/ Frame 6692 9 KB
9 KB 56ms
43ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

150ac46705ccaf733372fa01a038ca6ed5ea2b763bea0a7e462e02841c6bfe16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135475186/JUKE_OFFRE-PROFITEZ_300x600_04/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:01:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:24:35 GMT
server: sffe
age: 72998
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9518
x-xss-protection: 0
expires: Wed, 12 May 2021 13:01:57 GMT

GET
H3-29 200 eO7zG6GhPbnIN9dahbnWn5817R3A2AWEjlpR17NmnVM.js Show response
pagead2.googlesyndication.com/bg/ Frame 9424 14 KB
6 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eO7zG6GhPbnIN9dahbnWn5817R3A2AWEjlpR17NmnVM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78eef31ba1a13db9c837d75a85b9d69f9f35ed1dc0d805848e5a51d7b3669d53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 08:51:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 1648
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5642
x-xss-protection: 0
expires: Thu, 12 May 2022 08:51:06 GMT

GET
H/1.1 200
OK initcb Show response
webservices.webspectator.com/ 2 KB
1 KB 399ms
398ms Script
application/javascript 34.228.251.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/initcb?appId=2837&vId=B4FA7403CFA8847A&dads=0&lts=0&nv=1&s=5418&res=1600x1200&c=1&l=en&r=&sr=&ts=1620811114862&rs=0&h=https%3A%2F%2Fcontrole.diariodorio.com%2F&npv=1&ltsss=0&ltsvs=0
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/init?appId=6UQPXFMN&h=https%3A%2F%2Fcontrole.diariodorio.com%2F&t=1620811113971
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.228.251.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-251-145.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: 66bc1d4934b3e67ecb4be1b45da5121bb8fd51a3a1cb863ac13f04d4639b7316

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 09:18:35 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 eO7zG6GhPbnIN9dahbnWn5817R3A2AWEjlpR17NmnVM.js Show response
pagead2.googlesyndication.com/bg/ Frame A807 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eO7zG6GhPbnIN9dahbnWn5817R3A2AWEjlpR17NmnVM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78eef31ba1a13db9c837d75a85b9d69f9f35ed1dc0d805848e5a51d7b3669d53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 08:51:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 1648
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5642
x-xss-protection: 0
expires: Thu, 12 May 2022 08:51:06 GMT

GET
H3-29 200 eO7zG6GhPbnIN9dahbnWn5817R3A2AWEjlpR17NmnVM.js Show response
pagead2.googlesyndication.com/bg/ Frame 4872 14 KB
6 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eO7zG6GhPbnIN9dahbnWn5817R3A2AWEjlpR17NmnVM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78eef31ba1a13db9c837d75a85b9d69f9f35ed1dc0d805848e5a51d7b3669d53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 08:51:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 1648
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5642
x-xss-protection: 0
expires: Thu, 12 May 2022 08:51:06 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame C0CC 0
23 B 80ms
80ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 09:18:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C0CC 42 B
64 B 35ms
34ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvB-uhMMpL1UJ7jeBNAcAZqT6PnNKBinA1gPJPxAsusMjr19odsx9PGNyxLBtqFfMKi5iSw3jnVtQSOE4sSrwV9GZjj0FWwq888lndCw7jhSQGtUMgngVOt0q-5cw&sai=AMfl-YR9NIPSVWhjLF5obScLlkQ8-gua2uPBUJ6qqT67-L4zYA_khoFU0dugubLQQ4yiGGZJzzUk9s8x1gC-Af1nIvvtpNO0EwgI7zqXk2zwigmoRoysIhR73nZMhH5_&sig=Cg0ArKJSzBD79ijoJGZVEAE&cid=CAASEuRo875iL39RnUZhHPC8dUj6vg&id=lidar2&mcvt=1156&p=341,315,431,1043&mtos=1156,1156,1156,1156,1156&tos=1156,0,0,0,0&v=20210510&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1201374722&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&rst=1620811113417&dlt=150&rpt=2&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame B6A2 0
23 B 63ms
63ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 09:18:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2810 0
23 B 64ms
64ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 09:18:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3745 0
23 B 63ms
63ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: controle.diariodorio.com
URL: https://controle.diariodorio.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 09:18:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C0CC 42 B
64 B 30ms
28ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssri8g-HlsGbs0Kd-Ex-N2MnQSgHNWAfpZlaMx9f1TpSFIY_5s5GrNKveD5NOCvqXuJ0wKKmttGL6vMD4Vt-l5MfXlyLyj8uo4&sig=Cg0ArKJSzDU3oTkCcwyBEAE&id=lidar2&mcvt=1057&p=0,0,90,728&mtos=1057,1057,1057,1057,1057&tos=1057,0,0,0,0&v=20210510&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=34&adk=0&rs=6&met=mue&la=0&cr=0&vs=4&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ortc-heartbeat1sec-min.js Show response
wfpscripts.webspectator.com/ 76 KB
19 KB 220ms
218ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ortc-heartbeat1sec-min.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2837&vId=B4FA7403CFA8847A&dads=0&lts=0&nv=1&s=5418&res=1600x1200&c=1&l=en&r=&sr=&ts=1620811114862&rs=0&h=https%3A%2F%2Fcontrole.diariodorio.com%2F&npv=1&ltsss=0&ltsvs=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 80a6c8fd3fd83054bdd51a596217f806cec456cd5b176ec5e44a407201a82d2a

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:35 GMT
content-encoding: gzip
last-modified: Wed, 30 Nov 2016 17:07:44 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "ae07ae40393a03d603b6341bf9f7f923"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=2592000
content-length: 19153
x-amz-meta-s3b-last-modified: 20161130T162538Z

GET
H3-29 200 swfobject.js Show response
ajax.googleapis.com/ajax/libs/swfobject/2.2/ 10 KB
4 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/swfobject/2.2/swfobject.js

Requested by

Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2837&vId=B4FA7403CFA8847A&dads=0&lts=0&nv=1&s=5418&res=1600x1200&c=1&l=en&r=&sr=&ts=1620811114862&rs=0&h=https%3A%2F%2Fcontrole.diariodorio.com%2F&npv=1&ltsss=0&ltsvs=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 03:57:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 451272
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3974
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 03:57:23 GMT

GET
H2 200 blockadblock.js Show response
wfpscripts.webspectator.com/adblocker/ 8 KB
3 KB 302ms
300ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/adblocker/blockadblock.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2837&vId=B4FA7403CFA8847A&dads=0&lts=0&nv=1&s=5418&res=1600x1200&c=1&l=en&r=&sr=&ts=1620811114862&rs=0&h=https%3A%2F%2Fcontrole.diariodorio.com%2F&npv=1&ltsss=0&ltsvs=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 7ed1947cb1ec4f11c68e3b281741c4214839a262843c339c1f1e3bc357434183

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:35 GMT
content-encoding: gzip
last-modified: Tue, 11 Oct 2016 13:22:22 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "0dcdd7a190caf42e7d287645d9ba0303"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=2592000
content-length: 2696

GET
H2 200 ws-4.4.62.js Show response
wfpscripts.webspectator.com/ 81 KB
23 KB 304ms
303ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2837&vId=B4FA7403CFA8847A&dads=0&lts=0&nv=1&s=5418&res=1600x1200&c=1&l=en&r=&sr=&ts=1620811114862&rs=0&h=https%3A%2F%2Fcontrole.diariodorio.com%2F&npv=1&ltsss=0&ltsvs=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 2e8fac6fa9527aaae83a3fc6200472418e1aa0cf42d9ed4422683e8e0192a861

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:35 GMT
content-encoding: gzip
last-modified: Wed, 06 Mar 2019 17:07:49 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "4e7c8880fbc1b585c27bd698eb84469f"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=2592000
content-length: 23796

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E23 0
20 B 35ms
35ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BOwaHaZ2bYPrnI8nk3wOR5r2ABQAAAAA4AeAEAg&bg=!i4iliMzNAAY59bwoOfU7ACkAdvg8WnDJHQEQwq0IKQ6rN64wXuBgoZ2J6DaP5EK6pXk5hn30gjF9-QIAAAOEUgAAAMNoAQeZAuikaj03sYbHDO82dZ90XseNFacgdQnHWbFKUVE-yjaqoYq2ZRYLm7vCh125emdtV8SDMpbkmFvTh73niJ1QNiCA9Sftsc9DALTkeQtfouw1mFSdr1XR7Gw6dvi2OnEoDHHQgvlOkqdZyLhSvZkuUPWaj4-_4eD7kGrMfIQcEFDvlCfx_5ch1VaQ6wAzaxjfnnZa460KAXE3-j8-7Bs9Dj4LRUjvmoegfbzmzYaECwWQhVg7SPHAfCr131xeDovzrB2_B-vzUSypvsETBSsipoe-ws_qTJrrKqWtWr53fdJmTnjvKWo59uE1qrFWOml8mhQ6-1Tv9FrgK277iH3aPQyxberkvKObqaHZ_QW6HX94RKggNegGApKBMrvQI0KYYsSi-HVF5qMdR5kaUxsbsVpirLCbUYmktwkLqnM_0qgoEknk7Ckuep6PE02R3mDlwG6mG93OdqZploGtkGf-GfEayZ9lnWt81o1N7ZKu2EluDCNt8zzenfhr0J7HZnYvtwzOLwhg2hnp5mCcT7hjXlThBfUhvUifcHuJYDuzCuH0McsMcx3cvCT47o9PydubR58MoApziumcxEtVTovdivQTODy7i6TbVnrZr7w6fixQdWMM_Dp0y_W_Uj7JY51iPHunam4M1z2EbewNq_ZZVHCiMLOEYiCRKc5Z0wNe3M5K6DJiiw4TcaL2egpR1lwyqlgVKg3-tljwl_mmJXkymCeCNXrexcz2VD4FtLPZIRz9JkHUURrSa0MvT6LGQvO1g_kJUCem8CawB-yoLZDSZytL_GlK0Wzn4ZErRRqQuDVsiZCiIEG_eVYh74tAfv3PM4jWDXSnLYeIdpPCXOXK6jibQ3ybN32hCTbl6urfY305FNUG9zO_dfzPQE6Duw_FLkJ2JMvLIth93YjxgihRgq3HqRxxsTxtquWT8G0DZ6y_iGs9bAiMnVnnkrqkDbofnkLra0LBOQ1zZYXX09iePrtmMqnbleLzXZQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK adunitMapping Show response
webservices.webspectator.com/ Frame 6EA9 718 B
754 B 176ms
175ms Script
text/javascript 34.228.251.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/adunitMapping?appId=2837&eaup=/1017220/ads_5&eolid=null&eci=null&ct=%7B%7D&w=300&h=600&wsRotSlot=&isda=1
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.228.251.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-251-145.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: b4ef6248695b6341d7e21858774f609ff9bdf96da69d1ef567a6f4fcea2d3a62

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 09:18:36 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK adunitMapping Show response
webservices.webspectator.com/ Frame 17A9 718 B
754 B 273ms
99ms Script
text/javascript 34.228.251.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/adunitMapping?appId=2837&eaup=/1017220/ads_4&eolid=null&eci=null&ct=%7B%7D&w=300&h=600&wsRotSlot=&isda=1
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.228.251.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-251-145.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: b4ef6248695b6341d7e21858774f609ff9bdf96da69d1ef567a6f4fcea2d3a62

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 09:18:36 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK adunitMapping Show response
webservices.webspectator.com/ Frame C6BD 718 B
754 B 318ms
98ms Script
text/javascript 34.228.251.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/adunitMapping?appId=2837&eaup=/1017220/ads_3&eolid=null&eci=null&ct=%7B%7D&w=300&h=600&wsRotSlot=&isda=1
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.228.251.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-251-145.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: b4ef6248695b6341d7e21858774f609ff9bdf96da69d1ef567a6f4fcea2d3a62

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 09:18:36 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK adunitMapping Show response
webservices.webspectator.com/ Frame BA5E 717 B
757 B 315ms
98ms Script
text/javascript 34.228.251.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/adunitMapping?appId=2837&eaup=/1017220/ads_2&eolid=null&eci=null&ct=%7B%7D&w=728&h=90&wsRotSlot=&isda=1
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.228.251.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-251-145.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: e7207a314e36b6f9fb724d97a305a8fabaa278aee827468ab77e258b9ea22093

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 09:18:36 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK adunitMapping Show response
webservices.webspectator.com/ Frame 6DBF 717 B
757 B 357ms
99ms Script
text/javascript 34.228.251.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/adunitMapping?appId=2837&eaup=/1017220/ads_1&eolid=null&eci=null&ct=%7B%7D&w=728&h=90&wsRotSlot=&isda=1
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.228.251.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-251-145.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: e7207a314e36b6f9fb724d97a305a8fabaa278aee827468ab77e258b9ea22093

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 09:18:36 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK / Show response
msgws.webspectator.com/server/ssl/2.1/ 67 B
248 B 724ms
100ms Script
text/javascript 34.234.139.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://msgws.webspectator.com/server/ssl/2.1/?guid=acceda20-64ca-afed-df96-9842aebd289c&appkey=w5tlOg
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ortc-heartbeat1sec-min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.139.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-139-177.compute-1.amazonaws.com
Software: / Express
Resource Hash: 4a2a801c9c80fdddf923fc6b0c364467a102da2ca6a46afaffca59819f030539

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 12 May 2021 09:18:36 GMT
X-Powered-By: Express
Transfer-Encoding: chunked
Content-Type: text/javascript

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E976 0
20 B 31ms
31ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjsZ1aZ2bYK3PKY6VgQet65bACgAAAAA4AeAEAg&bg=!ODulO3_NAAY59bwoOfU7ACkAdvg8WhhcZWyjwE_pAI7bezLHFMj3FaU61ioSRHakGk5Wl9y6WJDWXgIAAAQUUgAAAD1oAQeZAuZKUen6xJYsKisH_hjGMoXhtc6831l5F4jllHWX6n_4QQE6IIAt6jZVpBRC3SmtzioQzpkKbHAcxV91tYOrPuHVeSNeptStBUZJurFvXFZxzkpEAQTnDGnEu8JLNcdVaenGV30_xbzIfmuQAboyqWsxxsLUjHbrQtY60qi8AGMsCRF1uVnPO9037eO6b5w6ZgOIKrYyRKtwtaAMr0MpBH9H6ImqRgBmeBj76sKlX2n3fGdvsxD7AcNLPnDeAOqDh1dMcCUzKGBCNzVTXqnfko2qqF5ykmwuEe89EWabM4nq4yi3ZjebCDrjWRGrDhYr6Rp_csqkh1Ww8RUOh2BOSnOkOSPKvE7C2uYFtGiKiCJsrkubwFRhalgnIQ6JBDz1bh06hEAnraEn_WVqzrWtWzvDtIbPE8b2MPloQn1uqqnNA2g08hX0t8BHnCNSzRWI4Ye-8BjGaBNY29RM8-bU7w0yQqGMvSKLkjVGbsWBsrTr-DPYzox6gjKkPPaoFjYvuZj29tmbONqAvbGRj9VYjDp3-fuQU6tNwIkbqMtsNd3BO0qv89fI8AEbQlgO5iyzJe1oMxm3vc97S_lol2mm-uds1eUVONJB3GDs5YMdKMl1wKjJYbOzsb5dThEhGxUEPp770nxJ27gQY_wB8DRVnvHUskGjzv3x9-JTz1QrL8WfcyfmXa5scgrVSkYxGu3wnrHTRCGtHQuz9mgNrnX4w5qOlwKorx05woh9Ke2uI0o9raQl3mU8Lzltqab41dy8vj15VV6HYvYHV4NjyqvW3ytEiFI2D38T1stdv_3qfRj3kzrLm4LCesPQEGbQiMqgp3PSLqeXHBFsvB-7L4TyEMh0Tx1Mtu3PzAXn4oxF3WU8S97oFpbaKyCOZAEqUMH3tmM62mt8KDHJrJFe6tYCAToX3fPmN90h2PKKAdqJWeN46dIkOEoNdlpOxWkVrm7RnJsiwDiL0R885RWmCmx5RIYP3r2gaAMr

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3B26 0
20 B 30ms
30ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BbIpYaZ2bYKnQKImZrAS0kIPoAgAAAAA4AeAEAg&bg=!cXKlcjbNAAY59bwoOfU7ACkAdvg8WhgBZI8El3IkO5bGSQNeb16H-tbU7J3mb9GF6GfB4veXNbf_RgIAAAP6UgAAAD5oAQeZApCCLQcmadYU1oZ8AXp-FK0grdUDc77toU5Pmu-XkinNmbtDA9-TRYxpxmm9zfCe2CApeG25XKDul0GaNMicKgIfWrzwYyJByb9SSlMc9DCXBH14MT-oy52_clgGeRvA__CkjegcVz6JN11VatDgopO9ZtWOGEOvIp5kAMKERJDqMzW8tnHqM7n_X02QYvdpaqQPIdQp2nwC91CvcYmzeEHD8EvP7KaYgjkB8qYKv7AYm-L-G-WDO5nH-ctRNUpggzmoN5Xi6v2GfRe8HpyrRFEpaOl4ckh_3t7mf7hVkJal0WNgejSZ6q7r2eZb6kLXHWqzGdY1d2Xm9XEIlWcoxzAAkf1fKzvMQ7G4dx9wIwSqB9647vH_cMuEPiXaJ5mChOpXMl46fi-5S7p4kQYHxz9GBdWiAlJnjZsAlRNnHKSDGmeOKT8xC8AInItLtgTSy7D1kN8-lPkOIvccVu8suSO3k6lPHs2ISB2r9HUOBno4Dmi-HLnPaXRMY85GmkLfXo0Qe_mwee126mwl4S-qHsqs6Sxj5LHeFtiu7a4XyWtnw1nK9MQ_l-CtGRucD06u7OdiuCNxfiu_WJHZ6JLmCw5ImVDjNyffSb21JS7LM56jqWvj1A1gm3Qj40Iaiy7y_uS-WjxSNEUsbpvrtZFX_nEiqEjdk-qjYevU68d4TbeWWmdaFbxOsHePIUHg411O8HLP_-tZs5FZAclj5GF_f9RdSRHHphLgxqNe0XRjT9-Z7G9CJ0hdPPncePcABt0156CmYyMi0Ysf-HOp56Ki6vQ_y5cFUhqfYUpifm4ByssEc7dTRjfWhp1kcgEMK_c5B_zm1gtrnKF8ofg9cIHLFBTWqEO23ALy7LWde-NOgNnszw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 92D4 0
20 B 31ms
31ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BndVGaZ2bYPGNKcnk3wOR5r2ABQAAAAA4AeAEAg&bg=!7e6l7qrNAAY59bwoOfU7ACkAdvg8Wks8_btD91W9Qs6zw9UPBKRalb8X-fBiT7OUopzhVWPjPY-w3QIAAAPzUgAAAEBoAQeZApKlWym3tDUFn4SRVB2KKsl6ElQwU_BqqV4YbF4u5VloXQhsMhdlTvkeqaUseN1BniUxWcK15DAFUGDBoxgG_Ou-ACQQPkKmfhlvhPj9mmsIupCwEabt7klqqfC0B-w9-bvwEZQjDQTkPUTdiSjTVVDVm3VT5mflXlFiadQX9zfCeZvUOuX2jD0bsrINxe6OA94mF_zU_BENEnqXC8WT1O7EcK26h6sX7e2JmPyVMpr-6DP3YYG4zVaPoUAv5ytngKHk0V44ueBXNNiC-nMkA19s155KQMeHzS285WhxX4_0mdl_XkxOgseaUZOT-Lq6hiHholvqB0c1mSqtVBScwh8XIlIKu6EjthjeVwfUXamTLmV9VaDPS6IHn1V48ZZKuRTHPnrEnzjmxHZzpb-SNycZC_IubdrXK2F0d9CcDM1rudn3Yg6oboHOEz0ltEYMNFgZs4M1zy2BWnoIHj0wmqjkTSeULdpikjXMgMdvSF9yHeNlONAVm7Bc3T4E5aaIvm3mnlay57ZzHDgLOzic3_INzowwbm10ivi6Sw3Jm6oYVrm9bz-KE33ST1tZxMg7OidqpFBr1UXE-Rp0q4Z2klz9PH3Bah87GRskBZckeAN423KhHRk5dSD_gKS78Bx5wZYbyjs5Z7nkXhA9tnh8P0WuZJ5A28jIMYgbBYEn_9iTbXZBwYpkb3v5h86xtPskiQI1aW7PB6uEKEXZfAyL0kSeWIGSibSuK8xSH0HCFH2bf1I2XpQKXRiyawG3hvAsD4Wptd2QVidD3v5wme_SktyF7ckdGGD3dBSfpKzHZQTizjwNSpB4En2ggag8rBDta5XTPRFeZdGcVzK6987RcZcefrk6fXxIIsIebanwJqk2cXJn

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4872 0
20 B 32ms
32ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BseDSaZ2bYIjQKcj43wP_9KOABQAAAAA4AeAEAg&bg=!cnGlcTXNAAY59bwoOfU7ACkAdvg8WqynAqBB-1HCn-oyGVG7GZuqIkMfHx3gJhi1rwUI4J0RGPZoBwIAAAM2UgAAAEJoAQcKAKhBpoQ12AIsPQ7XludhHqa4qwZk4Kb9he9_N-tMTotKKmi0yPybH3fKBwQO2eyRhJD0w7yL9UvAJ3jsc8AsuErjfGkuUbHygTZDmtfILTQV802cUpU779UmaooNjqbGw7LR3NxDfw7Muw6c3qMdHZnydQudqwwwuuWZp_y2eEDeJepPg1ZeIM2B4S8tjSzGV7V2EVbeiQYFiokPn-7kP1jhDPAlqbEqU4mZAo_2D6ISJhhy4CAZT1G50BgXQbnykmbeYgj-krPWwmRnGulkqtISAHM6pkvgSghkNIP2gRXBSbD_dC7Xx32JHZv3Fj8Q88e9ZKLIIeyPzPurRFzfsow7bSGSHhF9UjfhKFYkuAMBTxt40r8FEtZ_BVThX56D0MpPuiq45boyJrEYzO17iDNUdQrQVo2LF7jF6jaRKhVT27uLymrUBD8NvSRdcZ402clG5qSREcm5Qx33IfT-eT6YcP6ptZd46Wpe4Edl8CoIAdUi20q7BVATsqSc5NH3NFHjGISoJTLvFei_SBCElRCNhSZu9lE4XMl0K09cCjVr2KQOL4nkTCvIjdG5r3-T-RrdPzqqVYwqnVTt7s1PJnZs4af8T6v3IpDDnWsNZqLDeELJu13-DPcsQMHGeDYMbCteaxcqehAqkcZ6p9IwUgYfRZpoRIdsqNHg4T0kVwhKHCPAhZ3u-cl2GmMgSu2PXJXxO0Seyx8I8fzPkAXydoQ2nheOqwwa5CF-UvnuyoiHss3F5mXf9JyR5Snizb65ATkwzk5WaVlm9ZqP9YNKcvBX-eZl6Iog6lBOzN3VYBTI5NKkPsGoQ6HOfwPPbBB1i9c-o9dwKdCMlJMe0tXRe_-Z3YtH4UqL2b9k7-T7k4oLvQwv4pBUd9ZzUDe-Nxmpx6kQj8sQWcuks4fjC_Kvf97fD4DDCFckYlW67KlTxswx1H26cOLcvFnLLUv3fN0E5nc-u94w2SbBxP0x5444b8ofd9lGqS__fg_rmPPpO74NkkfFtFd4QwS7GesL3z03axMP4GFAL-zmuZMiM2SwjMckVLDVCq86k9blf3bXCScMX7lxOxbVf_IIaTLruLp8I8gM_d18ClizpdIk

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D881 0
20 B 30ms
30ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BwdHYaZ2bYNDOJ_O07_UPtdK9qA0AAAAAOAHgBAI&bg=!zs2lzYnNAAY59bwoOfU7ACkAdvg8Wvwyz-N5szKuoYODUF0wdBekjDv1OJZKX1b0XFCW1XO9v8LkUQIAAARTUgAAAERoAQcKAEFqVH5GRAX79FXqn0J0CCnNHEm1rG9pWsO6C00Uz07pPDEPE_XrGnZRst74MtEUkcTwjgH2Vu_hF2rVKDN0CZP5R5kCkJG6O2e1wszjpFlYDQ_aggaz-y0xuLlw7XlsBlCG8Ab4_U4YcoRtzrGjir1bO0Ncv8ykRlwVKUWg65S3ckNB_Tknat4F1lHMnd2ZJrevw0ZISBO8Dc_jGVZFYKmgkh79mYLfc38fBjDm-LtIMimewWutPvNJ9cBApAsMXnxrienQfYrREbU_pT-kCtmBPDj8WYvQnRGJpOJcDBUTwIJ0PSuHuj9voePWBu9exb_cPlOasQViLSphTNkB6913ywQ3K6eSIOkTDdBz213kCIAfPk92-ePvrc8OTeIs9L07llmm6aNWFuXUmiUstfYShXjN-Fh7tNnj7L_kXW2cqddjBx0ONFZKoKS5PGzxTOGU9_GV3IQ2m2itymXpAAWJcunjA-ZZcn9xcLrrVkng5sQ0tSib9qhj8MoziyyNFl90np4kGCX9u1mw7bBPyWpxaY_1ztmWBzG8fioNCXh-HJX6MUuFUQJv38Drqg5ez61QkhIS_9rMkN-QzIPtr0K1g8IZxbd7d1U5Jmp-NgF0hkfW6mP-X3ff6TIpdE87v7avbMzFFphgZRGRP8BKp3jISVs7KTEGGwJBkj7ex8uiTRUP2vx8EaBwMJpNaQ1LbC0B72UxTAFUsJLMhYqhSJHt41Y3ClWyCxEkeAhpydIW6rLYp4NCTEfhbQ1MSobqU1R7DkeAhgOig7mEcJ8DND8aASoUV12TtdD_FP1HOGimMegdKeFShXeabam9rfpIlYB5MQXA4BjsJXkbovEI8rDI3ADOF4YejH_o2JmxMBS170-jwkhEu61nDGQqq-OOEBOqsUGREk0aqqs6pPKvSJnDNEbczFK6bAsflr_SgugSM_RddLb2GS-SMtZjwKyS-eD_FNtu

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9424 0
20 B 31ms
30ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BvOoBaZ2bYPXNLbGDlQf-rqLIBAAAAAA4AeAEAg&bg=!k5ClkNTNAAY59bwoOfU7ACkAdvg8WsOqwSKoyvnJfbq2FGaWvY2oBNYXHFBIHX6OKDzO3tUdBTyNLQIAAAQOUgAAADBoAQcKAKV8aQrS9MNOQB_Qtp6a97oiamg3leytquqiGrl6dV2PIE0NtqetYB_Fr7d-0Rv4PpM9OfHceBaON6gMwkexMKf2pXLK5r4Y25LsYSLY3csn3eBsqLRNhKhCBce2kex43ibwQuH6dr7W064vWMSc5wXb7mFv16iStjQdUzzDuFrsU7WW67LlwSTbpkovOniI1LZtMfgfKMJGUrA9PfwkgHlKsv0WCt6ZArOjWekkJeXsKWE3amRIya_foXGVAHVHAzvMnRrjCtk__ox3YpVvdKa0VAskBBb2qO2e3nDUWT1s4XALkErD0i_m3X-89PK7zbRt_7ltQeli7zR54KTHtjGkagOimqZzNG699cauYEakLbWmRwCuLk7UabuhR8Ya4vPwW5TtTsPhJg8uGcVQU8Fwrl0hIXl7buTIlWTzUHO_v1etWNyY6FbiA0I9-HNgt9pKHsBgyHjxrE5_O1hXLzfldDWwUQDzBrIIWso1PtF5qwmgyfA1akZqZsH6ProWeHpeOkZtxUrqS34aeGMICE_bOQp6noMatAVlO9SwDKTUS-LVdY-sfUxG0znzZ5n4L2o3aohuVUfBiUH3IHjxvexZLT3RkhicPr8Ph-OaeNbl4ttPFcuyz8dgm2ix6kIitOvteru5VU2bvpsVhGru_J9EP-n_p9pyW41Hxk-OLPNU8Ob8yVB5TjuVBXCmJ99NvX1RtxxaYfBSLIBLZQmP_19vyy2xiJD8kCiH10-mNzUhXGTeJG6JqlMe6FUKH6UG0zOg44n2OGYmZpzH-mSua9uAVajCuUjw4JbMJkTsMuijedZ7Kk6l7JhBAFqNrm_aASL8VF9f7oWMPyKnP0bXesbo9WXAktJMl0wD9juSIrbEO-0nXz16By7j65Ay9A98aOR5ld8kwF0jkWcZN3iAQd3oDr09eWRDlf7K3SzCIfQgeb2d1EYbxjcIHIcSDarOHIzNBTR1hg373hEqfilxifWSmeQsUaMlDFt-jPMyE9IlY4sUqjN8KinZpdwYnNRr4fVfMXeE2f4VTwovXdFjyOOmPUTJpg7wuTpDEpLREuDj_r8Gqij0iG6Ux2rO_AMbyD0dUntu3F7Hpp7rtEnFTjW2WnfNFXHlE4b48sqXZt0fNiifNfzj_d05YtZm

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A807 0
20 B 31ms
30ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJ_1kaZ2bYM_LKeOqlQfV3YjgDgAAAAA4AeAEAg&bg=!4OOl46fNAAY59bwoOfU7ACkAdvg8Wh3p0ayJXPqLOcOcz0SPCdlyi-3x74IvxFz0SqOKRnrPcAf7EwIAAAQGUgAAAC9oAQcKANYgN7UjDNENDH_I0xrdfggI4yoxOUzow_DaR3Pb0fQ4wk-8B-rLxWNvXUO38-NOsp203uTxGviZD9J-gF6IGEQQ-Gcz0uWd3uk14TWmdOqEYfFDdVxtTkO-BUlcFpT4EzbbcbK697EjxXRFyfwGtsydfbGKPUpcH8J-C1ZG5NpsGzGmBVntPKDMjB4Yjo5eqwA5PawKhRj0MKx00Uh5vlE0bYNsRGJTFpJH9dcGJqlP2Fd4hAAgYMrUKSTGcxWmja2_07Ig0sRKpcAXbVuYpygEz3UBXzeRmQKZle9R30e2gJW_u8nyfa66CCZxDb2ybJeyYSeGj1pp7QTEjN3mBKezDquodLPJmNgFKy46M3MSdslrc1tXMaM-qct937cPxiAd37EzSSkZ731-kFiRhJC1Vu_1qeL30u_LuvAL1MMB7pTGYThnLbDjF65yshRBmgYI99D45hhnFKTAW9kawaG8LdnUi6mIpYnE4QcQVAfGMrYo084yH6c548Ek2zuXl3pZt4_DLfvMbpLkaK0xzD82JdGgKTyoHIOdE4roHSq8TlbFc1P7EpkWWk7eWL0Dif6i9OxVcIk7L6K8U02le-WJcK7yg7bgaerVUHoh44BrWXA2URF9EAoOSv96xofG7TWqVFuTFN9z-H0g0Y4qX2ftyj8-ri0OGiro_dtiCuty6P4HdNwcT6Uzr0Q1Ux0f79wAW-bW4ga6qkASoB7umqc_ZONl50JjZUqDwL2qrDeSM9CgDHbDt4QrVcZVb8Hm8o4dn1tnQUe8767ZWNKpQtMWmH35FCAKcHGLZZD4unPYcW51nGHMx2PoeMo7mxI7pYF5jFMMFnpxt3dte9GeB9k5-eTnnG7_4YWDNpSaS3XwC4YbkCDbwyFyKcqa590v9Wjrvx6lnR-eKUEHL80Fqf74npcslpuOprSAwohnnpz6M1uGf9lECZGcw4Z6ALi_slM9OUkMbXPkX4adv2cy9bogtFJFtcCPQmHXysHrDyGoIgHLInzg8WqWQdKb6bfk7PcBAg9uP_iTJnpHUPjApX6KMQtC-_L5J71xZeAKUY-d_2Vv-JHGjOFKL8AO-FIGOHKqN4o2catYzJFr-WT06StjqeZl6O5P7k1L4IAu7p9ynG8QfHhZEPUK-xlbJA3YjCCj13PgLms4P9LslD7CEGvyTnY

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame 6EA9 21 KB
9 KB 106ms
104ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2837&eaup=/1017220/ads_5&eolid=null&eci=null&ct=%7B%7D&w=300&h=600&wsRotSlot=&isda=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:36 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame 17A9 21 KB
9 KB 102ms
101ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2837&eaup=/1017220/ads_4&eolid=null&eci=null&ct=%7B%7D&w=300&h=600&wsRotSlot=&isda=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:36 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame C6BD 21 KB
9 KB 103ms
102ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2837&eaup=/1017220/ads_3&eolid=null&eci=null&ct=%7B%7D&w=300&h=600&wsRotSlot=&isda=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:36 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame BA5E 21 KB
9 KB 103ms
102ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2837&eaup=/1017220/ads_2&eolid=null&eci=null&ct=%7B%7D&w=728&h=90&wsRotSlot=&isda=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:36 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame 6DBF 21 KB
9 KB 110ms
104ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2837&eaup=/1017220/ads_1&eolid=null&eci=null&ct=%7B%7D&w=728&h=90&wsRotSlot=&isda=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://controle.diariodorio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 09:18:36 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 dc_oe=ChMI7ae39efD8AIVjkrgCh2ttQWoEAAYACCHhptF;met=1;&timestamp=1620811124933;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame C0CC 42 B
498 B 126ms
61ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI7ae39efD8AIVjkrgCh2ttQWoEAAYACCHhptF;met=1;&timestamp=1620811124933;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 dc_oe=ChMItaa79efD8AIVsUHlCh1-lwhJEAAYACDL7plF;met=1;&timestamp=1620811125411;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame B6A2 42 B
63 B 96ms
61ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMItaa79efD8AIVsUHlCh1-lwhJEAAYACDL7plF;met=1;&timestamp=1620811125411;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 dc_oe=ChMIj6S39efD8AIVY1XlCh3VLgLsEAAYACDd7plF;met=1;&timestamp=1620811125453;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 2810 42 B
63 B 88ms
88ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIj6S39efD8AIVY1XlCh3VLgLsEAAYACDd7plF;met=1;&timestamp=1620811125453;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 dc_oe=ChMIyKi39efD8AIVSPx3Ch1_-ghQEAAYACC27plF;met=1;&timestamp=1620811125462;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 3745 42 B
63 B 85ms
85ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyKi39efD8AIVSPx3Ch1_-ghQEAAYACC27plF;met=1;&timestamp=1620811125462;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 09:18:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: diariodorio.com
URL: https://diariodorio.com/wp-content/themes/Newspaper/images/icons/newspaper.woff

Domain: server.gblcdn.com
URL: https://server.gblcdn.com/pool/p?pubid=50f05b00-2f19-11eb-8892-9542e7fb0cbd&l=1&mck_o=&mck_b=&mck_c=&mck_ov=&mck_bv=&t=i&mt=b&dco=0&fq=&fqc=&wh=controle.diariodorio.com&w=300&h=250

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_push=AQvitULsIWv25nXW0I4regs2ti7M079FBaK04if7ZhuFCgMv_7Zm5fICB2wkqSaFK5ZUYDJhWER7fra9qZCB3mOkU8gLks7vYHQ

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUJ5yAbF7ELeF-isZ1yUaz6y6vaKohb2R8nUD_YU7wQERyWfxWnQ3kOmlrCgQfuKrT7-zFTfb8tg57lk4Wgoe-Pt6z-Fzs8k&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKdnXVozldq1HNSXADHBB1cTP3NNiT5RwjBgbwkxzAYEbglAT95di3wBjZVDIJMprL16h5Q59APVWfYkZbbLDoQjcXMp_w&google_cver=1&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJudaeh-Ig30JKFMsS9amAAABFwAAAAB&google_push=AQvitUKDB8WqjkkbfZKKMMvHMBU3gQQ3vcd_MN1Z9ElB2Il1XwuzvpbZqt0Xa0Dtx3SITy52QDEVjVecxSG4T2Dtpz_1SSNyqUs&google_gid=CAESEET1yqDaWVZ9suOotT_pQ_M&google_cver=1

Verdicts & Comments Add Verdict or Comment

292 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
controle.diariodorio.com/	1970-01-19 18:13:32	Name: _pk_ses.260.2a41 Value: 1
controle.diariodorio.com/	1970-01-20 03:39:26	Name: _pk_id.260.2a41 Value: 66c9095758527178.1620811112.1.1620811112.1620811112.
.doubleclick.net/	1970-01-19 18:13:32	Name: test_cookie Value: CheckForPermission
.diariodorio.com/	1970-01-19 18:14:57	Name: _gid Value: GA1.2.2023127648.1620811112
.diariodorio.com/	1970-01-19 18:13:31	Name: _gat_gtag_UA_367649_10 Value: 1
.diariodorio.com/	1970-01-19 20:23:07	Name: _fbp Value: fb.1.1620811111619.1002101485
.diariodorio.com/	1970-01-20 11:44:43	Name: _ga Value: GA1.2.1273230402.1620811112
.diariodorio.com/	1970-01-20 03:35:07	Name: __gads Value: ID=b20a0ff9e2f93f81-22df3bcbe1c70074:T=1620811111:RT=1620811111:S=ALNI_MYRjZQ5IvzV_Ot841kYtp40M_QOSg
.diariodorio.com/	1970-01-20 11:44:43	Name: _ga_9B5MLBZ7SJ Value: GS1.1.1620811111.1.0.1620811111.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://data.gblcdn.com/data/pastoclockp.js?aid=6f4889f8e38ca8e79c6a&pubid=50f05b00-2f19-11eb-8892-9542e7fb0cbd&pid=hedsxwzjocmnvx&renderD=0&limitT=0&limitH=24&parent=body&t=i&mt=b(Line 1) Message: TypeError: Failed to fetch

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ade.googlesyndication.com
adservice.google.com
adservice.google.de
adservice.google.fr
ajax.googleapis.com
analytics.alright.network
b.t.tailtarget.com
b4a3aeefcbe3af05bd02986e118403d8.safeframe.googlesyndication.com
cdn.a-latam.com
cdn.gravitec.net
cdn.jsdelivr.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
controle.diariodorio.com
d.tailtarget.com
data.gblcdn.com
diariodorio.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
msgws.webspectator.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
partners.tremorhub.com
pixel.everesttech.net
pixel.quantserve.com
pixel.rubiconproject.com
rtb.openx.net
rules.quantcount.com
s0.2mdn.net
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
server.gblcdn.com
stats.g.doubleclick.net
sync.search.spotxchange.com
sync.teads.tv
t.tailtarget.com
tagmanager.alright.network
tags.t.tailtarget.com
tpc.googlesyndication.com
tt-11953-9.seg.t.tailtarget.com
us-u.openx.net
webservices.webspectator.com
wfpscripts.webspectator.com
www.controle.diariodorio.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
cm.g.doubleclick.net
diariodorio.com
server.gblcdn.com
104.111.242.245
107.23.233.216
13.224.193.81
13.224.95.50
142.250.181.226
142.250.184.194
142.250.185.194
142.250.186.130
172.217.23.102
185.33.221.53
185.64.190.78
185.94.180.126
190.89.238.20
190.89.239.47
2.18.234.21
213.174.135.2
217.182.200.20
2600:1f18:612b:4264:7659:1bf:d736:fba9
2600:9000:2190:7200:6:44e3:f8c0:93a1
2606:4700:3033::ac43:ae4e
2606:4700:3036::6815:5b0c
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:801::2002
2a00:1450:4001:801::200a
2a00:1450:4001:803::2003
2a00:1450:4001:808::2004
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2008
2a00:1450:4001:812::2006
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c04::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::621
34.102.185.99
34.206.101.169
34.228.251.145
34.234.139.177
34.98.67.61
35.186.253.211
35.201.123.184
35.244.159.8
35.244.174.68
52.1.252.251
69.173.144.138
99.80.199.35
01300f75a9a482e057635d1d1d5a232767706eba3f0868d019e004f053ba4495
03c10b8e04d5a29bf8f865e84a9d392f2f8b795853c5ab1b44767012f7676806
04971121453cc8669eb53131a2b03c343faa5718cd5b03b398c7fc70782765f5
051025522b6efc405929fb00ccf5e7bf3fc5d38cf56cf38f51d0ffa896938376
06547c7cb19aff41be893b09397ee7001fb1734c603ab3a81d70a81f25fc05fc
071dc7f330af3cbf3e8026aacdcbe92c25b80fa573858a19d257407fea385b3f
078c5a319b27b4b97fa1f2194c5a5d611c4587f069a2bcd342572c0dd83faefa
088136c9ad8d6e2c56ea25315859bf8d96414969654c6fa3b0cd0f456c8511a4
0b4f3d9a482315852b45392fae2cb7f06373674eb4a3fbaafb7c6f7ea17a00f2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d014fe20933612bcc800fcd866327836eb165d15be6360bac248c519ce141fc
0d860da576d9d8ec4cc3f57f4d58cd93c2096d30a55980297d59c9447c0a4a52
0e3de2e14d9c8708fe42cbb220f1c4d52b720493b1503aa266fac9361b64ac31
0f74eda5ca917f0146ec28a71e0602f7a3b9dae063acfeecfe6549bdb165d47a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
123ee0825b070529e70d7a127a533a8e33f7f6e0b004bb1b368ce7d78fd0cca9
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
150ac46705ccaf733372fa01a038ca6ed5ea2b763bea0a7e462e02841c6bfe16
151dd55b67034cbe33c3f62feb9a9c321b579f2b3b8d6c24aee9e62fe936f8d6
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
194dd165a2f7fa82f65c2d5e4eabb13a352d6cbdb24ea248dee23a92058a36ab
1d6fedc4798eb727f5368a1764f155c0482f111c8b573dc17834b3939ca1ee43
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1f0ac3e7e1d780529840e49909253f122e5b56036832b19e034fa3289dc95355
205c0957c7659e11e8922b1897eb462bc05384d34ecc6d4d2750c55fb49d42ee
24c97fea4b5ca3bbd1127731b895a86921e99d914971ae60beea7c51bd613dcb
280532fe6539a1a9a19081c6e9dca5cc230254656b01c2314ea71472d7e8a89b
289fb9eed8d8ebb41e4a1ed1e50fe919a7dccebf01e01480312b226e2aa4a93e
29ae3cc56392ebe3860727ee5407fdc5fc74b4063c30f500fcda8d5e3ee64d14
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2e8fac6fa9527aaae83a3fc6200472418e1aa0cf42d9ed4422683e8e0192a861
3036bee9f749fdca0544a5592ce8da4204fab8f2b68edc6ac3905c90266014d4
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
37bc97ea35a020adb37d83ea9b4c63dc4ca34cc8ef9ba731e15a7914a3852b90
37d971369b157cc4d0dc92e9f1cd3d7f1ca991c3722593e3031a2aaaf6a5925a
38248ccf49644768343a57a9221af53c4cd5a6f5067a530b586af8f677d11832
383e242f4d01436295f56ff9ee0179b9216a6c5cbfba737dbf155741fd0d6090
39c1fc98599a6003d039bd133e2bef6837dba8cd2105bbca50bc7753523e2727
39ec493a5a688a85b60a1e889a22cfb93f23c900e0fdc0be8ab8543dc9daa783
3c817675d9f661d56fc48e850c76e7d5fbdec5783a2c191982e740359bb569b8
3ed9504271075ad6930250549ad37889791a19e6a9863b59d7a509be82ce68f8
40ccd6bbb4279e57d63e1dba047c33455247a6eca6571f35d59e9c9afd574737
44b8d6ec23fdc0f0f4064dbe482450cacda5af966c109a5cb035083aa99b8cb1
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
4a2a801c9c80fdddf923fc6b0c364467a102da2ca6a46afaffca59819f030539
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ca267d6917355d34abaf589ba8fa3f05bb1639d681df1c8d298d0fde6e26f7a
4d32f6d38c123e55c3fe7d50a8bd79d33086dc4c28385fbf38ed92773ae11f56
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea6b8f377d11a2df7a9e07d4e81cf9af1b00fcebef57f838ba3e40c4e7cd8cd
4ef9a18aef9847638b3b4344a0b2ebed14e84fb0aeb8ce29292af06826a2580a
4fa615f6fd088b5b0ff107ed0ad0be3e1a675e247e62e4cb5c3a021f096544c3
5021c2a5ef305f164f759c201847584a7a5645b9d2b6fb9b591395918afee5eb
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
507832f865a080c1d3f9488bcd0dd96ac40ccdd326f8017094453c10851022e0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f
593e3f4cea11f807d0e6950fbf1fe559b0badeb75aa87a4b040600eafb9fd5db
5b664000faad040100ff0b62f9c2f87483f21342b3bd42687b53cbde265c228d
5d0886ad4e02a958c119d183ad3130a3b76e5019426388640b420d58563de08c
60c82b6cad00ba08e1345862fd0a5a9df957cd101ee07e842ed08130294570e8
60c978bdf44475cf54ca04af4ff618f96e4554047b6a93fedbc1f15c5c177ea6
6130fe8ded2255439c42cf9e805c28b1a72bfcad166d9dcd720243d33557628b
61e2da288a7b1510267cec1da8bfd1dc78ce4515d16c6c992498ae6499c62f5f
62afe05582b082a3aded6d954f6e5e483c90774e37a2ea594b8f86a767cddb09
62b1cff44a5e34b9587ad49f7ca951160f1559c5c545bcf99e13574ccaa5425a
66bc1d4934b3e67ecb4be1b45da5121bb8fd51a3a1cb863ac13f04d4639b7316
67285ce4e1875aad5c46db74e433565d15221806b24ca2a24a219e202b5e19e7
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
685c56af1c171a28b6453dcf77aed041f7bcee6a30efff15247c4248449255a2
68ffa15d880b918a604c4bf5a316fc700d8f71b6b06335074fdf0018cf34ccf8
6c0489619b42dc28c6d135cf946eaea95f6206229dedbad28a2636d3525fdb3e
6dbfc676ffc58261e482dfc6072f65837e6414cd871e21046bcf9625dd770a20
6ddb87ea83b51e54ecf51b70a8d836acc56e52b26d613e9fa5d392fc9a87b45f
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
6f2974a396dc0695d071e842551e7af9c72f0ef8d2d076fe73a523b1a3c2d0e7
6f46ae63e1f30f9c5b6f1422fe0e4b8c79b902ea76e38ed9328d8d7d8a6add24
72c0ca1c34c4cdc07cd0c1e250fe786ea018c7663002f8d21acd92f4047ad318
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
739be0b00a47284c58f80b051a81060f6af9ee955e5250c731439e8bfed2c6eb
7541859c7b0ad4363a8b8e73422139a2e3ad1c478b70aa9ac96e6d080a1a5775
7599e0a5ce1ba2a12f036e998e19e60b6e982178e4363d4630ab3a91ca73bf62
78eef31ba1a13db9c837d75a85b9d69f9f35ed1dc0d805848e5a51d7b3669d53
7a5b0666fabcea9a8a5c7da97c55ba02acfb6916595c7976e5350f9f0fd8e1a1
7b14bd2abaaea9469d5f384ea58afa753ad2a3a600a83535949fe4a7e3532b8b
7b5fc275c98a58b1073a713920cefa54fab60ad9d85a67cf6907aaf8fbb3c474
7dadf41d55487432b3b4f5db5e8ed8a757ad7d295b1570567d2d2fc6929bd24f
7ed1947cb1ec4f11c68e3b281741c4214839a262843c339c1f1e3bc357434183
7f82e85dac419126ca761347dad3bd90f4beb45bd1606c3e3f36d691b136100a
7fe20f95e6eafcb276f426a630c8be4930f840428eb0a9ccdb9b979fe2ab8b0f
8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629
806ea46c426af8fc24e5cf42a210228739696933d36299eb28aee64f69fc71f1
80815efe3bd9317c666df0f2e6d701335e178954f64eb1e99103fea81c2aa137
80a6c8fd3fd83054bdd51a596217f806cec456cd5b176ec5e44a407201a82d2a
81c882c5f5fdad0471019c6ff054d8b87b5e0e1272e25242cf9debb01122f224
81f0ec27796225ea29f9f1c7b74f083edcd7bc97a09d5fc4e8d03c0134e62445
8266c5e89cbe14806366ba3fcfddc727aae46b2f3190313b546b7f22a0591a76
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
83a1c4d8030b0610b4165adc26f68d671aacc2725196d5122998b4ea71bb4385
8446c9643836871790f568fe0efe38dfd9bf3277aaf450738945f12a0d092c22
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4
87d25e0d96931355b0f93233c49e86569035de4c2822398ba11dfa3251fe23df
88b4d7d6cd251e7d1e5b8d702df001a3289b81283329ca90b29c2b74c5e6c615
8adf7b5c55881bc2c83bdc0e5b88d82cfa037700b6fb944427e4b333a84562ee
8c674957affe04d872564f1289d151136a05e2b45e47589ec7d0dfcec0dcc977
937866902e522ba08d7a3005826b7116a73269ec66b3a3b606b6eb238962d34e
956c23115c4d120f111eafc93bb2eb20bec08e430ea1b90308a3a1f0276995c5
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
97c405fb30858b66356a8b099d4dbaa5ec5508cee66bdbb26f2d40f7b2384ff4
995b51d190d07c43e2503cf1376f304e37f51e814099efbea023fb440daa5d71
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c85766d7829d100be7b0101187341d5402c983ec04c8dbbd9629c37f6f5497b
9ce76c1a5edbfaa86d3d95d93c25a5a8022c70bf53177acee5067c1dfc85fda3
9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5
9eb83620a305b5cfbd47a770dd1f649d9ae99d34becf19308f9cc75106d1b5b4
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a05eb43dc50ba8dbfc78ea4a438072a42e9f8e7c96ed4dc5dc81e49d5ee2657d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a16df2f75e04129b12a5fde7311c7ea9131418080fd3f6bcb2b28ce1faa2fe8e
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2ba9ffa08b8c4d5ce2ea6c83f0223e1cf987602d7fbcd56bfe3e8cc60be773a
a2c3036edd0f028bd90ae9be8620137f52b1a08e34912212e5de382244401efa
a3c83d85b31a95c72a5af3ca865ebbdd2565d456d0606f4e178734be4e9f6703
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c40b9ac364e7c77ac95e53a6b382d82a2fa966722d2e3a0cad83474a4feb53
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a6919f309cd7dcac32d5fdcc3e0a7c0bfdf40b45fb856fff80fac0e7468afeea
a6a850617fee76c9ebd84d1eb13e48aabb2a24bace7f0a4df8cba1c6f1f1c9a1
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a855c38ea925e5e47468255b6b2e73c70a35806721a5001949f76a381f628d89
aa9165d986f4a1d2d5168f811751009a6df4383dcee6e1d3c97e11157c802cb3
aaef3bd0f4afcd3203e3f0275f4a83b3fa4d39e82e221aad5cc65cc7ff210dd6
ad14814962c7e5c91572a4eac8093fe0df9fe7b419c7d395d841c7fbfb68b06e
ad346d3ec39d7709cc170da7b5df6f0ed2f17c9589653f2320f0cf7b0936c094
ade8431495c374af2d6164cd2e020a9e6363ec0d9ccf5557c75b09dd88ec2c67
ae411c551e67c1986801f36356f9e12aee5a700088952ce02f30950a12df8f70
b0491bd9e54c8fb5936f69844c94cde3e4681e73828fe63b7f07417ccba5309f
b0c59bd2eacde11afe8a1f60e32086839e62d5e63bc2346ae86cc4bc52bef074
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15cc698932d45dea03dd060f0d637258d2dcd38d36864a7dbaf557d2b63e599
b3f4217e13b9b9352797ed4e09fff58b1dbd4619455e089e271310454d819e24
b47c4946debbf813d843f92f3f7810f2c448052c73f9afd314491f16ee128413
b4ef6248695b6341d7e21858774f609ff9bdf96da69d1ef567a6f4fcea2d3a62
b83fcee9839111a1815ecc23fc714b7bf2c2f40c0f130d96aa9587d25388970e
ba98f991d002c6bfaaf7b874652ffdcde9261a86925db87df3ed2861ea080adf
bba7e1e38dfcc2787ad5e4958a3c8d4cb556c1c58462d24ddab7d9d9e1ef84ab
bd60724cb9210212ed76686b7e74dce2c2c7cfa5fc7a5408c4b75fec59cfb1f1
bd663da386f5e809875f3ad2cbf63a33edeca1d32fd975ccc1542c9658aab092
bdac93dff5e5f4fe527bab63e770cf082671781676af28e9a5cd19f6260210c6
bde7cfcf8d6a838f2d09e83abad8c00656dcacbb1bf6a75da69d449394bd2acb
c131b72d6b2195b1993d5617b9a120a8bfb4422c5fc89c1aa06cffb5bf57aed5
c1dc87f99c7ff228806117d58f085c6c573057fa237228081802b7d8d3cf7684
c291e643f95bd3a6477157e03b7f7a7c51e11d264d01e14b0b572eac82a0b7e5
c2accbcd4db6f651afc7dc798ba46e1c826bbbebb03a089de2c39388a6748748
c507d4f136f4f8f4be277f9b03c9cc81f8d9ea2db9d17a93e1354703021c6183
c5f63ca46cb266eabe08790686081f4e6cb75468010102db68f0bfb0275472f7
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cea081d31d4dafc311e608cbed1f29fb24792200d3e23317eae91a0f518eec11
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfce8ba789f8080004cc8e9f13826c3f56d257ae2499b86c6db04e65ab44ef5c
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d300307fc61afd3ea7cce5ddb76c2fc86de13f027629ab68610bfb40f33cdcf3
d34b670139c7b5662f5c236451f1873b40d53497277ecb0e0859c2ea40f4f734
d57832859e0542c5cd6bdf44568ae22bbca8ea2fc159689c5cf82b01b4e46759
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d85680431f6b18d6f462d4fd0166441cb06c35351adebeeb2b663fa91859487f
da3dc72903ff69b290f606c86516d4af3492c08c856fa95ff391c6b2813cb4ae
db399886c635ebbfa97d2eae22892462958aa92977cc5399ac6f23e379fef659
dc6063ce35e06b8d771b124b3d05da70ad1dd050f8fb5c940128053562aee42b
dd57db2457291c5e7b829b76a495abbc7cd5d149a65209f1013ac7fd80353630
de1a96d073ef88b7bb7ad36228ba75ecd0a9fa573b477ef6339ada437cfabf91
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df0df39146c8995f0d40836e1e0839ad95f81ad1c9d24ba85169e3c2f0560ac1
e164b18bde0c8cb2d5b27728b03406fccd9e02b6a8ea597f726d003b6db7eb2f
e19f0180a799683bba1c03944f8f93145928c9bb079907025329d14260f2b2ab
e220ef583f653ea5dd0ad93e7ed543097839c1752591d4b7ecb5bd46c25e2769
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ada0c7f8426bb3ffec705d953f3b10490b6d48be8262eda371dc9624ffc6c6
e5355f8dd9c277c28e05f47621a4e9813d6652fb43614ed4273a11be48ca8f34
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7207a314e36b6f9fb724d97a305a8fabaa278aee827468ab77e258b9ea22093
e967c5426c0c026446fcf3d24e1aeeef5d28c863faba6df24d57cc2c178e7136
e97e523339ded0e0de3b2acd9cbc4e0bd56fc28907abcfacb7b5e903bce8a519
e9e93c250149bb9b14ff9d99919a5a7ef197e63905dc351fc95cd2f6ecf513f0
ec4cb9edd8f93082e3acf18b6d9115c4480ae1f2221a590014d6ace5cef91a36
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16b6f2446d8033654e9a08cde0b506d305976ad691b07d997e8b5524f701b1e
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f4e3441f0da47965d475c902c09d9c269054457d568226269c23335e0d43d766
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8b34626df06b7e8b2d19b296f48b78a070629defef7c480d4612c941aa1aaf7
f8e6dd34a206f494e2bee249d03f71175000831e704e8fbad5e54801037f4a95

controle.diariodorio.com Open in urlscan Pro 190.89.239.47 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

368 Requests

98 %HTTPS

45 %IPv6

38 Domains

61 Subdomains

47 IPs

8 Countries

4127 kBTransfer

9319 kBSize

9 Cookies

56 Outgoing links

Page URL History

Redirected requests

368 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

controle.diariodorio.com Open in urlscan Pro
190.89.239.47 Public Scan

Screenshot
Live screenshot

Full Image

368
Requests

98 %
HTTPS

45 %
IPv6

38
Domains

61
Subdomains

47
IPs

8
Countries

4127 kB
Transfer

9319 kB
Size

9
Cookies

368 HTTP transactions
5 data transactions