www.edivaldobrito.com.br Open in urlscan Pro
192.124.249.40 Public Scan

URL: https://news.google.com/publications/CAAqBwgKMMCS9wow_KPWAg?hl=pt-BR&gl=BR&ceid=BR%3Apt-419

URL: https://facebook.com/blogdoedivaldo

URL: https://twitter.com/edivaldobrito

URL: https://www.pinterest.com/edivaldobrito

URL: https://www.instagram.com/edivaldo_ma

URL: https://www.youtube.com/c/EdivaldoBezerraBrito/featured

URL: https://br.linkedin.com/in/edivaldobrito/pt-br

URL: https://wa.me/

URL: https://goo.gl/t3eQDt
Title: → Anuncie

URL: https://www.digitalocean.com/?refcode=ea460bfe148d&utm_campaign=Referral_Invite&utm_medium=Referral_Program&utm_source=badge

URL: https://web.telegram.org/#/im?p=@blogdoedivaldo
Title: Canal no Telegram

URL: https://news.google.com/publications/CAAqBwgKMMCS9wow_KPWAg?hl=pt-BR&gl=BR&ceid=BR:pt-419
Title: Blog do Edivaldo no Google News

URL: https://app.vc/blogdoedivaldo
Title: Aplicativo Blog do Edivaldo

URL: https://www.blogarama.com/Technology-Blogs/269000-Blog-Edivaldo-Blog

URL: https://generatepress.com/
Title: GeneratePress

URL: https://clickio.com/?utm_source=www.edivaldobrito.com.br&utm_medium=banner_ad&utm_campaign=hor_sticky_desktop_www.edivaldobrito.com.br
Title: Ads by

URL: https://goadopt.io/porque-aviso
Title: AdOpt

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://www.edivaldobrito.com.br/%3C/div HTTP 301
https://www.edivaldobrito.com.br/divulgada-as-especificacoes-do-teclado-e-bluetooth-do-pinebook-pro/

Request Chain 85

https://sender.clevernt.com/transporter/43670.php?id=454518&ref=aHR0cHM6Ly93d3cuZWRpdmFsZG9icml0by5jb20uYnIvd3Auc2VydmljZXdvcmtlcg%3D%3D&ruri=&r=563448790&tok=33419711310201791433&t=1675409177&cmpId=&fb=0&wl=1&iv=-1&ctr=DE&sz=1200&landing=1&hei=360 HTTP 302
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01133058

Request Chain 146

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true HTTP 302
https://btloader.com/tag?o=5409916045492224&upapi=true

Request Chain 230

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true HTTP 302
https://btloader.com/tag?o=5409916045492224&upapi=true

Request Chain 236

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true HTTP 302
https://btloader.com/tag?o=5409916045492224&upapi=true

Request Chain 240

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true HTTP 302
https://btloader.com/tag?o=5409916045492224&upapi=true

Request Chain 244

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true HTTP 302
https://btloader.com/tag?o=5409916045492224&upapi=true

Request Chain 248

https://sync.search.spotxchange.com/partner?source=82810&sync_limit=7 HTTP 302
https://sync.search.spotxchange.com/partner?source=82810&sync_limit=7&__user_check__=1&sync_id=0d7f81e7-a394-11ed-855d-197e22df0106

Request Chain 281

https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 290

https://c1.adform.net/serving/cookie/match?party=14&cid=C5ECABB8-25C4-4CA3-8361-D348B757F886&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C5ECABB8-25C4-4CA3-8361-D348B757F886&gdpr=0&gdpr_consent=

Request Chain 291

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:268263dc-b71c-4500-a02e-c5d813beb25d&gdpr=0&gdpr_consent=

Request Chain 293

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6293527841731149772

Request Chain 294

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ltM_-cLXavmN0mypkNl2-5LSOqyNgmv7wdSJX1SH

Request Chain 295

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=358998520360634364&gdpr=0&gdpr_consent=

Request Chain 296

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C5ECABB8-25C4-4CA3-8361-D348B757F886&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C5ECABB8-25C4-4CA3-8361-D348B757F886&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 297

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7195827635527481488&gdpr=0&gdpr_consent=

Request Chain 298

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Y5eMGOjtTXV_9V1YMmyE7yU6OvY&gdpr=0&gdpr_consent=

Request Chain 299

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=Y9y3HAAEPXjgrQAh HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y9y3HAAEPXjgrQAh&gdpr=1&gdpr_consent=&_test=Y9y3HAAEPXjgrQAh

Request Chain 300

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFIRmpVN0h1VzRBQUNDQzFZYUhSZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAHFjU7HuW4AACCC1YaHRg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=5085710362323476089&gdpr=0&gdpr_consent= HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAHFjU7HuW4AACCC1YaHRg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5085710362323476089%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=5085710362323476089&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAHFjU7HuW4AACCC1YaHRg&pid=558502&do=add&gdpr=0 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAHFjU7HuW4AACCC1YaHRg&gdpr=0&gdpr_consent=

Request Chain 302

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1675409180179 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7057616349

Request Chain 304

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 305

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

Request Chain 307

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=3f31f3e6cbb6641f/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNrGB8F9IYMYbMYnUjhhUUWbM%2526gdpr%253D0%2526gdpr_consent%253D

Request Chain 308

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xeyruCXETKODYdNIt1f4hg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 309

https://pixel.onaudience.com/?partner=214&mapped=C5ECABB8-25C4-4CA3-8361-D348B757F886&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

Request Chain 310

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C5ECABB8-25C4-4CA3-8361-D348B757F886&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C5ECABB8-25C4-4CA3-8361-D348B757F886&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C5ECABB8-25C4-4CA3-8361-D348B757F886&addseg=19,36,42

Request Chain 311

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzVFQ0FCQjgtMjVDNC00Q0EzLTgzNjEtRDM0OEI3NTdGODg2&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 312

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJoVngwp0Wkw_Q0v8rh6k6c&google_cver=1

Request Chain 314

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8114478069488513173

Request Chain 316

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=e6525337-6e5b-477c-ae85-027a02169df3&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_5248ef91-3f84-4181-a17e-671108933c5b&bsw_param=e6525337-6e5b-477c-ae85-027a02169df3&expires=10 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e6525337-6e5b-477c-ae85-027a02169df3&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 318

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C5ECABB8-25C4-4CA3-8361-D348B757F886&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C5ECABB8-25C4-4CA3-8361-D348B757F886&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4N_1sJlE2uV4Whybs3Jis.9RkJiPyR8-~A&gdpr=0

Request Chain 321

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:447aa6e0-2ac1-4d12-a45a-f97518901d13&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 322

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3711314036603321161&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 323

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=358998520360634364

Request Chain 327

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y9y3HGQZSZe3VrOGdnYKPAAAFDIAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEM9FwpZ8wHsyJPrfnDj29Cw&google_cver=1

Request Chain 329

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9y3HGQZSZe3VrOGdnYKPAAAFDIAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9y3HGQZSZe3VrOGdnYKPAAAFDIAAAAB&dcc=t

Request Chain 330

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y9y3HGQZSZe3VrOGdnYKPAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEMKX9s0WitgEfaKFR4eYls&google_cver=1

Request Chain 331

https://ad.turn.com/r/cs?pid=21 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3639256442565393225

Request Chain 332

https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y9y3HGQZSZe3VrOGdnYKPAAA%265170 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=4466a81d-a962-4942-851f-7276d7e8f742-tuctad63c9c

Request Chain 333

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5349700048823979731&expiration=1676618780

Request Chain 334

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y9y3HGQZSZe3VrOGdnYKPAAAFDIAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/Y9y3HGQZSZe3VrOGdnYKPAAAFDIAAAAB

Request Chain 342

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERPN0Q4QkktTC04S1JJ

Request Chain 343

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5ft2tIyHRNONEJaMI_FR7g&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5ft2tIyHRNONEJaMI_FR7g

Request Chain 344

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDO7D8BI-L-8KRI

Request Chain 345

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMviHJgFmyz0SRNOfDThdnY&google_cver=1

Request Chain 346

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=l-KEACpFRcChDVQFzhe_YA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=l-KEACpFRcChDVQFzhe_YA

Request Chain 347

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjZhZTc4Yjg2NzAxZjk0MTNmYTg3OTg3MjljMTNlNmU5M2UwZTk3NQ

Request Chain 348

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/1Yhx6aDgc50GiP9SsaYu5A?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-MLAWd5VE2oJN.436K19HGOCzr6XqTDIG.kW6Hw--~A

Request Chain 376

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true HTTP 302
https://btloader.com/tag?o=5409916045492224&upapi=true

Request Chain 384

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true HTTP 302
https://btloader.com/tag?o=5409916045492224&upapi=true

Request Chain 387

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true HTTP 302
https://btloader.com/tag?o=5409916045492224&upapi=true

Request Chain 390

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true HTTP 302
https://btloader.com/tag?o=5409916045492224&upapi=true

Request Chain 425

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=EBFD74D54BF342E0B075C9DB0CD7D554&RedC=c.clarity.ms&MXFR=204D234EF88D616C0C7431E3FC8D6F0A HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=EBFD74D54BF342E0B075C9DB0CD7D554&MUID=238A79960835675522316B3B095E66C8

Request Chain 462

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEH1ZZ1zKRvH6jDwMPCqk6aE&google_cver=1&google_push=Aa02lx-WcsHKijQiDnP-UJ_nFzfebWl5lXleQkm4Z96VQrXWcYUpkJ_wlYuF9Yk46oYJeAwfiMncJfd6j0MJB2ogZjcFlhVp6Mjw HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEH1ZZ1zKRvH6jDwMPCqk6aE&google_cver=1&google_push=Aa02lx-WcsHKijQiDnP-UJ_nFzfebWl5lXleQkm4Z96VQrXWcYUpkJ_wlYuF9Yk46oYJeAwfiMncJfd6j0MJB2ogZjcFlhVp6Mjw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dDdEeWQyWk8xUG5Rc0o1&google_gid=CAESEH1ZZ1zKRvH6jDwMPCqk6aE&google_cver=1&google_push=Aa02lx-WcsHKijQiDnP-UJ_nFzfebWl5lXleQkm4Z96VQrXWcYUpkJ_wlYuF9Yk46oYJeAwfiMncJfd6j0MJB2ogZjcFlhVp6Mjw

Request Chain 464

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELC2vdJQ7hqPJLZhdNEx0ag&google_cver=1&google_push=Aa02lx-VaYMfhBS9Z-19D1UFlsmv3h1_jAmOSQlc7mbb0R5Kh_sFgkQNtsLukkCZ26K-CDZKVVmF3ua-NdbOGoJhOGugqO0mOUA7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx-VaYMfhBS9Z-19D1UFlsmv3h1_jAmOSQlc7mbb0R5Kh_sFgkQNtsLukkCZ26K-CDZKVVmF3ua-NdbOGoJhOGugqO0mOUA7&google_hm=eS1nM3RaNDBWRTJwRmNqVzNzM0ZEaDR1TW9Ka0hkVVphQn5B

Request Chain 465

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKYBmDJH6kLala6cArQ1IZQ&google_cver=1&google_push=Aa02lx_oC0pgcGZ6CNLFg_zEqegL9LChIt09Xb-FDtsDBtCJ8uc-Ub3_if98ZrOBKMoU6ax-MLeG-aZR932hR2z7s5JzxhwRGLHa HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKYBmDJH6kLala6cArQ1IZQ&google_cver=1&google_push=Aa02lx_oC0pgcGZ6CNLFg_zEqegL9LChIt09Xb-FDtsDBtCJ8uc-Ub3_if98ZrOBKMoU6ax-MLeG-aZR932hR2z7s5JzxhwRGLHa&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_oC0pgcGZ6CNLFg_zEqegL9LChIt09Xb-FDtsDBtCJ8uc-Ub3_if98ZrOBKMoU6ax-MLeG-aZR932hR2z7s5JzxhwRGLHa&google_hm=GF_euGZHQ3cUqqYJR_2ta9_q

Request Chain 466

https://match.360yield.com/match/ebda?google_gid=CAESEMIxdNAVHFl45BwWzra_Svg&google_cver=1&google_push=Aa02lx-jYdqBC2GZLjKmEraEcDkEzjsSShnZwaywua3l6qw5iDCUb1mPMYMVp0yeSbpjEWaoKiSxllEtDr_1Eni34Wipbgxvdp5v HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEMIxdNAVHFl45BwWzra_Svg&google_cver=1&google_push=Aa02lx-jYdqBC2GZLjKmEraEcDkEzjsSShnZwaywua3l6qw5iDCUb1mPMYMVp0yeSbpjEWaoKiSxllEtDr_1Eni34Wipbgxvdp5v HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=kYsrOsN-QjWjRhVvSojlag&google_push=Aa02lx-jYdqBC2GZLjKmEraEcDkEzjsSShnZwaywua3l6qw5iDCUb1mPMYMVp0yeSbpjEWaoKiSxllEtDr_1Eni34Wipbgxvdp5v

Request Chain 468

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEEJ9IoorZuytjDs7vPQuW4M&google_cver=1&google_push=Aa02lx-m8WnIDJYmAVGMhuF1O_xOXiZMz2OSRNzCszbtYOgf6JI_FQPD9dn2fLhcSmT9Ocv-C9wBmgmVhSWBrXGeThHaGDdTLsHY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1BN2pqRkdWRTJ1RzViVnRNU2lRTWhiT1BGUUx0dGNocn5B&google_push=Aa02lx-m8WnIDJYmAVGMhuF1O_xOXiZMz2OSRNzCszbtYOgf6JI_FQPD9dn2fLhcSmT9Ocv-C9wBmgmVhSWBrXGeThHaGDdTLsHY

Request Chain 470

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGRWwDpGD6uFJWCeZXfguhw&google_cver=1

Request Chain 471

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9y3HGQZSZe3VrOGdnYKPAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGRWwDpGD6uFJWCeZXfguhw&google_cver=1

Request Chain 472

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBmhzAh921lYgRT2CBs3BWs&google_cver=1

Request Chain 473

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU4OTk4NTIwMzYwNjM0MzY0

Request Chain 529

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEH1ZZ1zKRvH6jDwMPCqk6aE&google_cver=1&google_push=Aa02lx8x-Hg44qnU5A1cR2aXoobHtkZxIQKntaiKRmra3Qmr-FPPiWDZFqUvocYiaErMnhA-XtPPE-KvyNOoh9sQxGztTXYjbPJA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dDdEeWQyWk8xUG5Rc0o1&google_gid=CAESEH1ZZ1zKRvH6jDwMPCqk6aE&google_cver=1&google_push=Aa02lx8x-Hg44qnU5A1cR2aXoobHtkZxIQKntaiKRmra3Qmr-FPPiWDZFqUvocYiaErMnhA-XtPPE-KvyNOoh9sQxGztTXYjbPJA

Request Chain 532

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELTnCNIrf3AlExJLWk5je_c&google_cver=1&google_push=Aa02lx_PrnwRjTOR_NbRKC4b6Q6Ks3giw8NiwKBp24UzYs78BFlNa3qZEWTsDlh8p7vET6O0ZEM4jMSy8o8bP9ppQ12FfX_k9rNb HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELTnCNIrf3AlExJLWk5je_c&google_hm=Y9y3HGQZSZe3VrOGdnYKPAAAFDIAAAAB&google_nid=index&google_push=Aa02lx_PrnwRjTOR_NbRKC4b6Q6Ks3giw8NiwKBp24UzYs78BFlNa3qZEWTsDlh8p7vET6O0ZEM4jMSy8o8bP9ppQ12FfX_k9rNb

Request Chain 533

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKYBmDJH6kLala6cArQ1IZQ&google_cver=1&google_push=Aa02lx8hJ_c_ktCpXwhDycX0SLWdBolwl8a90tosbjJtJ-u7ap9y1C-siQEYOfWq2wUjYD5XNLqcfBD8wy7AaLrNy9f9ZuVvc0_S HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx8hJ_c_ktCpXwhDycX0SLWdBolwl8a90tosbjJtJ-u7ap9y1C-siQEYOfWq2wUjYD5XNLqcfBD8wy7AaLrNy9f9ZuVvc0_S&google_hm=GF_euGZHQ3cUqqYJR_2ta9_q

Request Chain 534

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELTqX3w-rMF3TBR7a0STbq0&google_cver=1&google_push=Aa02lx9yTnmmfNsfj-QL4VOT3pOq4-YxgbjWatzs8fgsLWn9JLaVi1X0fgX2tB6UbxLUNwfB8KSPtTmRLAG74QZjB4CluzyPk4M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9yTnmmfNsfj-QL4VOT3pOq4-YxgbjWatzs8fgsLWn9JLaVi1X0fgX2tB6UbxLUNwfB8KSPtTmRLAG74QZjB4CluzyPk4M

Request Chain 568

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECtusmoofy1tRg9XU2odunE&google_cver=1&google_push=Aa02lx_420r5qhz9Kqq73cgVL6OIpN0SXa-hTokMHNmX_ydqEWBpC1nnv-jn1IrkpfdqFJVh3lUzvtU9Mw6JxHZ-j79v0AbGbQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=JoJj3LccRQCgLsXYE76yXQ&google_push=Aa02lx_420r5qhz9Kqq73cgVL6OIpN0SXa-hTokMHNmX_ydqEWBpC1nnv-jn1IrkpfdqFJVh3lUzvtU9Mw6JxHZ-j79v0AbGbQ

Request Chain 570

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGC_kbm3SbXgjFQZs50RGnI&google_cver=1&google_push=Aa02lx-Y7oD4P8dWfLqz1vo3_puBk-FtSVwnXtcqNTc_hTBxCFoGIWf9B4elnnvZ2MTKSP3mnHpL2SHrlOdHX8cLjWbJ5hGYww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xeyruCXETKODYdNIt1f4hg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-Y7oD4P8dWfLqz1vo3_puBk-FtSVwnXtcqNTc_hTBxCFoGIWf9B4elnnvZ2MTKSP3mnHpL2SHrlOdHX8cLjWbJ5hGYww

Request Chain 571

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKYBmDJH6kLala6cArQ1IZQ&google_cver=1&google_push=Aa02lx94DH2fSM2gajec5Sbmi6HwU05hEJmtUl8GNK_St1HOtZ8Ngf-EZVZcVFfJPDu284DPnd5x-x1CjKR_MAU4tl6ci-FPDiI HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx94DH2fSM2gajec5Sbmi6HwU05hEJmtUl8GNK_St1HOtZ8Ngf-EZVZcVFfJPDu284DPnd5x-x1CjKR_MAU4tl6ci-FPDiI&google_hm=GF_euGZHQ3cUqqYJR_2ta9_q

Request Chain 572

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPKyJEM9KQXHWQJ7WtXwcTM&google_cver=1&google_push=Aa02lx_Ww6UA8BOORYAKY9SEFgKABSqqAv21gKNBl4eUdsDfAZ0dnwiVuu3rzaqRbWYdSR1sHHHrVesJsFMW7O8nNwO4Fst-_DQ HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx_Ww6UA8BOORYAKY9SEFgKABSqqAv21gKNBl4eUdsDfAZ0dnwiVuu3rzaqRbWYdSR1sHHHrVesJsFMW7O8nNwO4Fst-_DQ&google_gid=CAESEPKyJEM9KQXHWQJ7WtXwcTM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQ4MzUwNjMxNzM3MDE2NjE0NzY0MQ%3D%3D&google_push=Aa02lx_Ww6UA8BOORYAKY9SEFgKABSqqAv21gKNBl4eUdsDfAZ0dnwiVuu3rzaqRbWYdSR1sHHHrVesJsFMW7O8nNwO4Fst-_DQ

Request Chain 573

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEEJ9IoorZuytjDs7vPQuW4M&google_cver=1&google_push=Aa02lx_LHUI7xd2_rxcTYdqWRfh5w6wjGxQ4Lcjw86xG4y-sX9LR20Dy6ZjBrcQmdX9SZXdbcYkR8EYOweELADa5VTwBA8qoghSE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1BN2pqRkdWRTJ1RzViVnRNU2lRTWhiT1BGUUx0dGNocn5B&google_push=Aa02lx_LHUI7xd2_rxcTYdqWRfh5w6wjGxQ4Lcjw86xG4y-sX9LR20Dy6ZjBrcQmdX9SZXdbcYkR8EYOweELADa5VTwBA8qoghSE

Request Chain 576

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFOLtGbJznh_rrxY27ihj_c&google_cver=1

Request Chain 578

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESENBOnZavloz8HQr3uYXRQ54&google_cver=1

Request Chain 593

https://gum.criteo.com/sid/json?origin=publishertag&domain=edivaldobrito.com.br&sn=ChromeSyncframe&so=0&topUrl=www.edivaldobrito.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=l2LT-HxzYWljZ2w3dGpFVml3dEcyU0dqc0lsdS9uWkdOQm9yeVhRU2hHV01pdUUvWThpdTFwbmZvMzFoMnh1SnZZQjNvc0ZMYkZHNWh2WXhJckE5LzVaK3JmZmg2SjBqQ09UV3JhYU9sdkpJWVhnaS93Y0xSbDdTODNjUEdnNTdhTGZnYmJud1JDblE2emRuUFFuTDFoaGdJWWNpSDBBRTZwbitMVWo0VDZ4SWhVZnBxcHJOMytEL21BK2N5eHZHOE1xTktEbzFRQ2RpZ28rQncvbHNGTEZaMWFFZ3JuMW8ySW4xVVdkTFNtd1NwdGVqOXdqRGR0Rjl4UzIwUWkxOXYwSDZ1cHcvMURpaDZRY1pqeXo2bEpzM0hBaUNxVnlkRjlEb0lTOHI2Rld5aS9Hdz18&cppv=2

579 HTTP transactions
17 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request wp.serviceworker Show response
www.edivaldobrito.com.br/ 122 KB
26 KB 267ms
7ms Document
text/html 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

b2932cb15093d144e0b4f1358c511c26ed7c5e3596dabc70f65d0a4e38794452

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-length: 26349
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
date: Fri, 03 Feb 2023 07:26:14 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://www.edivaldobrito.com.br/wp-json/>; rel="https://api.w.org/"
server: nginx
vary: Accept-Encoding X-Forwarded-Proto,Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-sucuri-cache: HIT
x-sucuri-id: 15040
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 177 KB
66 KB 71ms
30ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-87XS8XZJ6G

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

952738ef5e9c7273c0847ae7259e1c01bd4ba858491485d3247aae3e50e768bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 67126
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 03 Feb 2023 07:26:14 GMT

GET
H2 200 style.min.css
www.edivaldobrito.com.br/wp-includes/css/dist/block-library/ 93 KB
13 KB 13ms
6ms Stylesheet
text/css 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edivaldobrito.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/wp.serviceworker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:14 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 12518
x-xss-protection: 1; mode=block
last-modified: Tue, 15 Nov 2022 19:54:04 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, X-Forwarded-Proto,Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=315360000
x-sucuri-id: 15040
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 classic-themes.min.css
www.edivaldobrito.com.br/wp-includes/css/ 217 B
575 B 13ms
7ms Stylesheet
text/css 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edivaldobrito.com.br/wp-includes/css/classic-themes.min.css?ver=1

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/wp.serviceworker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:14 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 189
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Nov 2022 18:19:08 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, X-Forwarded-Proto,Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=315360000
x-sucuri-id: 15040
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 add-to-home-screen.css
www.edivaldobrito.com.br/wp-content/plugins/iworks-pwa/assets/styles/frontend/ 242 B
534 B 13ms
7ms Stylesheet
text/css 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edivaldobrito.com.br/wp-content/plugins/iworks-pwa/assets/styles/frontend/add-to-home-screen.css?ver=1.5.3

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

1e75ea176b3ccf27b01958ef0600f649e620a2eeba7183aada283c5b533b62a1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/wp.serviceworker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:14 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 162
x-xss-protection: 1; mode=block
last-modified: Fri, 13 Jan 2023 20:27:45 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=315360000
x-sucuri-id: 15040
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-night-mode-public.css
www.edivaldobrito.com.br/wp-content/plugins/wp-night-mode/public/css/ 13 KB
3 KB 13ms
7ms Stylesheet
text/css 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edivaldobrito.com.br/wp-content/plugins/wp-night-mode/public/css/wp-night-mode-public.css?ver=1.0.0

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

1eda29232dc78f0ce51c8e4687b04d78508d5d9e0e9d8971b7fd54e8fc0d4c73

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/wp.serviceworker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:14 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 2422
x-xss-protection: 1; mode=block
last-modified: Thu, 29 Dec 2022 19:59:21 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=315360000
x-sucuri-id: 15040
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-show-posts-min.css
www.edivaldobrito.com.br/wp-content/plugins/wp-show-posts/css/ 3 KB
1 KB 13ms
8ms Stylesheet
text/css 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edivaldobrito.com.br/wp-content/plugins/wp-show-posts/css/wp-show-posts-min.css?ver=1.1.4

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

b6c98830eda91aabaa34aa286c07b90ac239a8ab887430430d070f1e87f22b96

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/wp.serviceworker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:14 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 1059
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Jan 2023 19:12:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=315360000
x-sucuri-id: 15040
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 widget-areas.min.css
www.edivaldobrito.com.br/wp-content/themes/generatepress/assets/css/components/ 3 KB
1 KB 13ms
8ms Stylesheet
text/css 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edivaldobrito.com.br/wp-content/themes/generatepress/assets/css/components/widget-areas.min.css?ver=3.2.4

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

e6b4122b94b82886e32952c07c78d342647b3a38a2834f4489e0922308a95eab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/wp.serviceworker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:14 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 695
x-xss-protection: 1; mode=block
last-modified: Tue, 22 Nov 2022 21:33:25 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=315360000
x-sucuri-id: 15040
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main.min.css
www.edivaldobrito.com.br/wp-content/themes/generatepress/assets/css/ 19 KB
5 KB 13ms
9ms Stylesheet
text/css 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edivaldobrito.com.br/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.2.4

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

0468af8d74ba377eec707308168b6bfcd146fe0a2669a11a9af0128ad85b3bc2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/wp.serviceworker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:14 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 4684
x-xss-protection: 1; mode=block
last-modified: Tue, 22 Nov 2022 21:33:25 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=315360000
x-sucuri-id: 15040
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 generate-google-fonts.css
www.edivaldobrito.com.br/wp-content/uploads/omgf/generate-google-fonts/ 4 KB
851 B 13ms
9ms Stylesheet
text/css 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edivaldobrito.com.br/wp-content/uploads/omgf/generate-google-fonts/generate-google-fonts.css?ver=1674311923

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

851224f0612892135aff5f35e95e5a0b8187f75d45b141f533c8a8594f6a3955

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.edivaldobrito.com.br/wp.serviceworker
Origin: https://www.edivaldobrito.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:14 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 479
x-xss-protection: 1; mode=block
last-modified: Sat, 21 Jan 2023 14:38:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=315360000
x-sucuri-id: 15040
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
www.edivaldobrito.com.br/wp-content/uploads/generatepress/ 9 KB
2 KB 13ms
10ms Stylesheet
text/css 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edivaldobrito.com.br/wp-content/uploads/generatepress/style.min.css?ver=1671222707

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

0f2d525ed50efba4a20893c948c0a6d2ac60faa87a5e67f66425387a7c5bb146

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/wp.serviceworker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:14 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 2128
x-xss-protection: 1; mode=block
last-modified: Fri, 16 Dec 2022 20:31:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=315360000
x-sucuri-id: 15040
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 featured-images.min.css
www.edivaldobrito.com.br/wp-content/plugins/gp-premium/blog/functions/css/ 3 KB
865 B 15ms
12ms Stylesheet
text/css 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edivaldobrito.com.br/wp-content/plugins/gp-premium/blog/functions/css/featured-images.min.css?ver=2.2.2

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

3cdc8768b77b752d62d488cda4d7917a5df5d334da0f7fa7c9f86aeae573923b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/wp.serviceworker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:14 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 493
x-xss-protection: 1; mode=block
last-modified: Thu, 08 Dec 2022 13:31:31 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=315360000
x-sucuri-id: 15040
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 navigation-branding-flex.min.css
www.edivaldobrito.com.br/wp-content/plugins/gp-premium/menu-plus/functions/css/ 3 KB
990 B 16ms
12ms Stylesheet
text/css 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edivaldobrito.com.br/wp-content/plugins/gp-premium/menu-plus/functions/css/navigation-branding-flex.min.css?ver=2.2.2

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

7c8eb7fd8354e29e58e77290872b6e05a65404a4d16fe26996b72b6f2f606281

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/wp.serviceworker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:14 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 618
x-xss-protection: 1; mode=block
last-modified: Thu, 08 Dec 2022 13:31:31 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=315360000
x-sucuri-id: 15040
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
www.edivaldobrito.com.br/wp-includes/js/jquery/ 88 KB
31 KB 16ms
13ms Script
application/javascript 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edivaldobrito.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/wp.serviceworker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:14 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 30995
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Nov 2022 18:19:08 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, X-Forwarded-Proto,Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-sucuri-id: 15040
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend-gtag.min.js Show response
www.edivaldobrito.com.br/wp-content/plugins/google-analytics-premium/assets/js/ 12 KB
4 KB 17ms
14ms Script
application/javascript 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edivaldobrito.com.br/wp-content/plugins/google-analytics-premium/assets/js/frontend-gtag.min.js?ver=8.12.1

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/wp.serviceworker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:14 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 3246
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Jan 2023 21:47:46 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-sucuri-id: 15040
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.edivaldobrito.com.br/wp-includes/js/jquery/ 11 KB
4 KB 17ms
14ms Script
application/javascript 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edivaldobrito.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/wp.serviceworker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:14 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 4169
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Dec 2020 00:19:13 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, X-Forwarded-Proto,Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-sucuri-id: 15040
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-night-mode-public.js Show response
www.edivaldobrito.com.br/wp-content/plugins/wp-night-mode/public/js/ 3 KB
1 KB 17ms
15ms Script
application/javascript 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edivaldobrito.com.br/wp-content/plugins/wp-night-mode/public/js/wp-night-mode-public.js?ver=1.0.0

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

f461a513fe71d47db988113bced0400a26fe406f772129e1d2040008eb2a4885

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/wp.serviceworker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:14 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 964
x-xss-protection: 1; mode=block
last-modified: Thu, 29 Dec 2022 19:59:21 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-sucuri-id: 15040
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 advanced.min.js Show response
www.edivaldobrito.com.br/wp-content/plugins/advanced-ads/public/assets/js/ 7 KB
3 KB 17ms
15ms Script
application/javascript 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edivaldobrito.com.br/wp-content/plugins/advanced-ads/public/assets/js/advanced.min.js?ver=1.39.4

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

1a4dd11c3764a3be7caee75eeb660be2d9f01fc3ba61f95990d8f64e5e441875

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/wp.serviceworker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:14 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 2561
x-xss-protection: 1; mode=block
last-modified: Tue, 31 Jan 2023 14:33:14 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-sucuri-id: 15040
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.edivaldobrito.com.br/wp-includes/js/ 18 KB
5 KB 7ms
7ms Script
application/javascript 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edivaldobrito.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/wp.serviceworker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:14 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 5009
x-xss-protection: 1; mode=block
last-modified: Wed, 25 May 2022 21:16:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, X-Forwarded-Proto,Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-sucuri-id: 15040
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 injector.js Show response
tag.goadopt.io/ 207 KB
67 KB 2631ms
2601ms Script
text/javascript 2606:4700:20::ac43:4606
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.goadopt.io/injector.js?website_code=4bb6596e-c195-4921-91f5-483866b865e3
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4606 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e5e5df99c4c6e4b146450a2936a9aaa70ce8cc08e845c8c7a65758de320611cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 03 Feb 2023 07:26:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FmeAzHUsruKGsWqrCBQu7DfZzCK7KGJolT15nfUAKSSUs2Z%2BTxNqUtO7vcp%2BPnJkkQ%2F3IVq2Pe8xZOhFrTq0K56%2B65z4lPbHtZG%2FkD9iSY%2FXZ1ELZ%2F8NPBLc6aWW%2F%2BOKJm4TQE7HLsg%2BhNBW"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=120
access-control-allow-credentials: true
cf-ray: 79396feb8a059043-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-26452598-1

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fbd850f2c1e13a78e6c77711cacfbb2880c1d33608df4d0ce1f05d62d2133d94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 44835
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 03 Feb 2023 07:26:14 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
49 KB 169ms
105ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a15184bdc835ef326acedadf83b60f20bba34c766f8530a3ca3d860e940e8bf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50101
x-xss-protection: 0
server: cafe
etag: 5898151056339857466
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 03 Feb 2023 07:26:14 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/v0/ 82 KB
24 KB 154ms
73ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ad-0.1.js

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ab7c9af43dd94efa0cf5362d9ab7902728051251a3875b39d7abab35258a16e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Feb 2023 07:26:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23089
x-xss-protection: 0
server: sffe
etag: "8d2b4bf31173f520"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 03 Feb 2023 07:26:14 GMT

GET
H2 200 360.js Show response
s.clickiocdn.com/t/215867/ 465 KB
169 KB 59ms
15ms Script
application/javascript 95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clickiocdn.com/t/215867/360.js
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 3e940bf5134c109a709735825a88ab8d9bd77a972fe11ac892d3a19804390217

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:14 GMT
content-encoding: gzip
server: nginx/1.16.0
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
iseu: eu
cache-control: max-age=1800
expires: Fri, 03 Feb 2023 07:56:14 GMT

GET
H2 200 common_258.js Show response
s.clickiocdn.com/t/ 155 KB
64 KB 19ms
18ms Script
application/javascript 95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clickiocdn.com/t/common_258.js
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 6fed64e4df327d243cb7371cfc79d4a30fbfd13a1374dcfd74b0d6af1b3f3e6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:14 GMT
content-encoding: gzip
last-modified: Tue, 31 Jan 2023 16:05:13 GMT
server: nginx/1.16.0
etag: W/"63d93c39-26c22"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
iseu: eu
cache-control: max-age=1800
expires: Fri, 03 Feb 2023 07:56:14 GMT

GET
H2 200 logotipo-blog-1.svg
www.edivaldobrito.com.br/wp-content/uploads/2020/09/ 24 KB
18 KB 8ms
7ms Image
image/svg+xml 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edivaldobrito.com.br/wp-content/uploads/2020/09/logotipo-blog-1.svg

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

128e8fab11ea51e11233e1d6af2ab3a212498c13ae1ee70a2f845b6d7c5f1cab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/wp.serviceworker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:14 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 18378
x-xss-protection: 1; mode=block
last-modified: Sat, 26 Sep 2020 17:50:25 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
x-sucuri-id: 15040
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 siga-blog-edivaldo-no-google-news-300x151.png
www.edivaldobrito.com.br/wp-content/uploads/2020/05/ 4 KB
4 KB 380ms
379ms Image
image/webp 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edivaldobrito.com.br/wp-content/uploads/2020/05/siga-blog-edivaldo-no-google-news-300x151.png

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

545340a629b5290ecfc86657a81b908bf11693d6eee91ef163032de36622420c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/wp.serviceworker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:15 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: MISS
content-length: 3887
x-xss-protection: 1; mode=block
last-modified: Sun, 09 Aug 2020 23:01:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept,Referer,Accept-Encoding
content-type: image/webp
cache-control: max-age=315360000
x-sucuri-id: 15040
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

/ Show response
www.edivaldobrito.com.br/divulgada-as-especificacoes-do-teclado-e-bluetooth-do-pinebook-pro/
Redirect Chain

https://www.edivaldobrito.com.br/%3C/div
https://www.edivaldobrito.com.br/divulgada-as-especificacoes-do-teclado-e-bluetooth-do-pinebook-pro/

135 KB
33 KB

4437ms
4437ms

Script
text/html

192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edivaldobrito.com.br/divulgada-as-especificacoes-do-teclado-e-bluetooth-do-pinebook-pro/

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

585c313a1e52b75b1207e3b26c8c939590ec3ab38a60e7d353ababcf8334d8d8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/wp.serviceworker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:19 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-pingback: https://www.edivaldobrito.com.br/xmlrpc.php
x-sucuri-cache: MISS
content-length: 32654
x-xss-protection: 1; mode=block, 1
x-ua-compatible: IE=edge
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding, X-Forwarded-Proto,Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=0
x-sucuri-id: 15040
link: <https://www.edivaldobrito.com.br/wp-json/>; rel="https://api.w.org/", <https://www.edivaldobrito.com.br/wp-json/wp/v2/posts/102075>; rel="alternate"; type="application/json", <https://www.edivaldobrito.com.br/?p=102075>; rel=shortlink
expires: Fri, 03 Feb 2023 07:26:15 GMT

Redirect headers

date: Fri, 03 Feb 2023 07:26:15 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-redirect-by: WordPress
x-sucuri-cache: MISS
content-length: 0
x-xss-protection: 1; mode=block, 1
x-ua-compatible: IE=edge
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding, X-Forwarded-Proto,Accept-Encoding
content-type: text/html; charset=UTF-8
location: https://www.edivaldobrito.com.br/divulgada-as-especificacoes-do-teclado-e-bluetooth-do-pinebook-pro/
cache-control: no-cache, must-revalidate, max-age=0
x-sucuri-id: 15040
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 52ms
14ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 13:47:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 13:47:35 GMT

GET
H2 200 button_sm_2.gif
www.edivaldobrito.com.br/wp-content/uploads/2020/07/ 205 B
590 B 7ms
7ms Image
image/gif 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edivaldobrito.com.br/wp-content/uploads/2020/07/button_sm_2.gif

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

f86d7e98ceec9dc8abdc936bbdbbd4b8a50fc6122a1084599b1f82d67dbfc8a0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/wp.serviceworker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:16 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 228
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Jul 2020 15:47:00 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding
content-type: image/gif
cache-control: max-age=315360000
x-sucuri-id: 15040
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tag_d575c309-a219-4edc-9a6d-329742096898.js Show response
sm1.selectmedia.asia/cdn/tags/ 37 KB
38 KB 226ms
15ms Script
text/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sm1.selectmedia.asia/cdn/tags/tag_d575c309-a219-4edc-9a6d-329742096898.js
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0ab3e95c6b78568c2f965cecc72b138e5e53b77fe3adf45e60c7f0fde503c28a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:41:05 GMT
age: 2712
x-guploader-uploadid: ADPycdvifYqp0ZpSomW-qJ5wUftmhyY6OlTzkx6T742rysIZYdvOth6MdGlyl5vKagQpyHmjhNnWyjlokxiCfkJGannVVg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38331
last-modified: Thu, 02 Feb 2023 09:50:54 GMT
server: UploadServer
etag: "dd4c6c5781b35c8a0151ef4752b3287e"
vary: X-Goog-Allowed-Resources
x-goog-hash: crc32c=2K39Wg==, md5=3UxsV4GzXIoBUe9HUrMofg==
x-goog-generation: 1675331454740018
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 38331
accept-ranges: bytes
content-type: text/javascript;charset=UTF-8

GET
H2 200 sticky.min.js Show response
www.edivaldobrito.com.br/wp-content/plugins/gp-premium/menu-plus/functions/js/ 8 KB
3 KB 7ms
7ms Script
application/javascript 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edivaldobrito.com.br/wp-content/plugins/gp-premium/menu-plus/functions/js/sticky.min.js?ver=2.2.2

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

033c75b293fe53bd9330531b8ff1ed4bcc4722563ea908d73e0b6e4b115202fd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/wp.serviceworker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:14 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 2839
x-xss-protection: 1; mode=block
last-modified: Thu, 08 Dec 2022 13:31:31 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-sucuri-id: 15040
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 advanced-ads-pro.min.js Show response
www.edivaldobrito.com.br/wp-content/plugins/advanced-ads-pro/assets/js/ 6 KB
2 KB 7ms
7ms Script
application/javascript 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edivaldobrito.com.br/wp-content/plugins/advanced-ads-pro/assets/js/advanced-ads-pro.min.js?ver=2.21.1

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

0ba2a0da5c4bbb91065d70e8d6e9e22b1eb1c2e066ac876e261efcc96036b031

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/wp.serviceworker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:14 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 2068
x-xss-protection: 1; mode=block
last-modified: Thu, 19 Jan 2023 19:52:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-sucuri-id: 15040
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 menu.min.js Show response
www.edivaldobrito.com.br/wp-content/themes/generatepress/assets/js/ 7 KB
2 KB 7ms
7ms Script
application/javascript 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edivaldobrito.com.br/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.2.4

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

775a02c37772954d38fe41b802b94a0ee37dccb98a03827cdef3eddd2abc13d1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/wp.serviceworker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:14 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 1651
x-xss-protection: 1; mode=block
last-modified: Tue, 22 Nov 2022 21:33:25 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-sucuri-id: 15040
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 navigation-search.min.js Show response
www.edivaldobrito.com.br/wp-content/themes/generatepress/assets/js/ 2 KB
1 KB 7ms
7ms Script
application/javascript 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edivaldobrito.com.br/wp-content/themes/generatepress/assets/js/navigation-search.min.js?ver=3.2.4

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

f4d0c6a094ec876c2dbea780dac5655e44bc1ec2b0c9c492f8513581879c89c5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/wp.serviceworker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:14 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 767
x-xss-protection: 1; mode=block
last-modified: Tue, 22 Nov 2022 21:33:25 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-sucuri-id: 15040
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.min.js Show response
www.edivaldobrito.com.br/wp-content/plugins/iworks-pwa/assets/scripts/ 700 B
795 B 7ms
7ms Script
application/javascript 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edivaldobrito.com.br/wp-content/plugins/iworks-pwa/assets/scripts/frontend.min.js?ver=1.5.3

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

4dec4e1dbf216cfee54296d92b95ee24ff0eb5151c20ea6f3e33f0f6470e8f12

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/wp.serviceworker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:14 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 414
x-xss-protection: 1; mode=block
last-modified: Fri, 13 Jan 2023 20:27:45 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-sucuri-id: 15040
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 85ms
22ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.1.1

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 231
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 79396ffc9ea62ba3-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 06 Feb 2023 07:26:17 GMT

GET
H/1.1 200
OK spt Show response
tg1.playstream.media/api/adserver/ 29 KB
8 KB 275ms
107ms Script
text/javascript 2a02:26f0:3500:c::5c7b:6843
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tg1.playstream.media/api/adserver/spt?AV_TAGID=618cd4566186e8554d6d3977&AV_PUBLISHERID=618cca00a870522e4313ee77
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:c::5c7b:6843 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b2fdca37a98daf8097a91aaa2d4d9ead6081d1f2cb80ac021789d97eafddd8e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 07:26:17 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type: text/javascript
Cache-Control: max-age=300
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length: 7507
Expires: Fri, 03 Feb 2023 07:31:17 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 49ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-87XS8XZJ6G&gtm=45je3210&_p=1488797072&gdid=dZGIzZG&cid=1349497048.1675409174&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675409174&sct=1&seg=0&dl=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker&dt=Page%20Not%20Found%20-%20Blog%20do%20Edivaldo%20-%20Informa%C3%A7%C3%B5es%20e%20Not%C3%ADcias%20sobre%20Linux&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.page_path=%2F404.html%3Fpage%3D%2Fwp.serviceworker%26from%3D
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-87XS8XZJ6G
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 54ms
47ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-26452598-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-87XS8XZJ6G

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aacbf3e12b569dc50a4f50125707b4810352ad36ea5745bf5be73f08c2ed6083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 43864
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 03 Feb 2023 07:26:17 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 99 KB
39 KB 56ms
49ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TKQK4SV

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ee32553361b0dbb89c5fd2c704fd043f3ee033741bccf9d4961fc9d4ba5c159d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39822
x-xss-protection: 0
last-modified: Fri, 03 Feb 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Feb 2023 07:26:17 GMT

GET
H2 200 dvd44vz8bt Show response
www.clarity.ms/tag/ 1 KB
1 KB 250ms
99ms Script
application/x-javascript 2620:1ec:4e:1::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/dvd44vz8bt
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e7dd12b562dc86a8beb3f58bbc21b75230d7b6fd81ef348a81ed7104d9e02cad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: application/x-javascript
date: Fri, 03 Feb 2023 07:26:16 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0GbfcYwAAAACMSV1oL9ZaSJFA+2cGqsQFRlJBMzFFREdFMDMxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 manifest.json
www.edivaldobrito.com.br/ 0
971 B 601ms
592ms Other
application/json 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edivaldobrito.com.br/manifest.json

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/wp.serviceworker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, X-Forwarded-Proto,Accept-Encoding
content-type: application/json
x-sucuri-cache: EXPIRED
cache-control: max-age=0
x-sucuri-id: 15040
content-length: 634
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 07:26:17 GMT

GET
H2 200 open-sans-normal-latin.woff2
www.edivaldobrito.com.br/wp-content/uploads/omgf/generate-google-fonts/ 44 KB
44 KB 14ms
7ms Font
font/woff2 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edivaldobrito.com.br/wp-content/uploads/omgf/generate-google-fonts/open-sans-normal-latin.woff2

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp-content/uploads/omgf/generate-google-fonts/generate-google-fonts.css?ver=1674311923

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.edivaldobrito.com.br/wp-content/uploads/omgf/generate-google-fonts/generate-google-fonts.css?ver=1674311923
Origin: https://www.edivaldobrito.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:16 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 44884
x-xss-protection: 1; mode=block
last-modified: Sat, 21 Jan 2023 14:38:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding
content-type: font/woff2
cache-control: max-age=315360000
x-sucuri-id: 15040
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/ 361 KB
119 KB 82ms
79ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2181767967208847&plah=www.edivaldobrito.com.br&bust=31071855

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1ded8aa1c22a2745d8936c1a099c7f9d96f8c6b980c0dd7c16114973ede6e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121179
x-xss-protection: 0
server: cafe
etag: 540378868431158989
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 03 Feb 2023 07:26:17 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/ Frame BFF8 10 KB
5 KB 138ms
29ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edivaldobrito.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34973
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 21:43:24 GMT
etag: 10353107486223812946
expires: Thu, 16 Feb 2023 21:43:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 112ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/common_258.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a6b8fb44adfe5386e706033fc622ba61d4af75716a8ccf702bec7f857739d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27228
x-xss-protection: 0
server: sffe
etag: "1471 / 307 of 1000 / last-modified: 1675379379"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 03 Feb 2023 07:26:17 GMT

GET
H2 200 / Show response
clickiocdn.com/hbadx/ 46 B
176 B 94ms
15ms Script
application/x-javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/hbadx/?ex=1&f=__lxG__.tmp.pol_32zr8jfyc0bsqief&rt=917706347&site_id=215867&title=Page%20Not%20Found%20-%20Blog%20do%20Edivaldo%20-%20Informa%C3%A7%C3%B5es%20e%20Not%C3%ADcias%20sobre%20Linux&l=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/common_258.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 046c5608efc32ded4f502be80b42b6539cfc2b05b64acef6537c6b2b431a9afa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
iseu: eu
content-encoding: gzip
server: nginx/1.16.0
content-type: application/x-javascript; charset=utf-8

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
75 KB 61ms
36ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-46TXG2Y06D&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-26452598-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

93c44d3f6faecaaa29fdee71c96f4c2aa7148810caa055d016a2e7546a8fcd74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77066
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 03 Feb 2023 07:26:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 82ms
13ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-26452598-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 03 Feb 2023 06:54:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1887
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 03 Feb 2023 08:54:50 GMT

GET
H2 200 check.php Show response
jsqueries.com/script/ 11 B
265 B 79ms
16ms XHR
application/json 157.90.176.32
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jsqueries.com/script/check.php
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.176.32 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nvme05.netcloudns.com
Software: / PHP/7.4.33
Resource Hash: 30704e905132d239e2a84d8be5d462363d574ed75599cdf5b76a6932a14ed3b1

Request headers

Accept: */*
Referer: https://www.edivaldobrito.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-encoding: br
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 15

GET
H2 200 0ad-no-linux.jpg
www.edivaldobrito.com.br/wp-content/uploads/2018/02/ 50 KB
50 KB 465ms
462ms Image
image/webp 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edivaldobrito.com.br/wp-content/uploads/2018/02/0ad-no-linux.jpg

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

6b7016fa78bfca614591ef6a0165182af72b6e3b1ef4648fd0372919f8618416

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/wp.serviceworker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: MISS
content-length: 50966
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Oct 2021 14:33:30 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept,Accept-Encoding
content-type: image/webp
cache-control: max-age=315360000
x-sucuri-id: 15040
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jogo-ascii-patrol-no-linux-via-snap.gif
www.edivaldobrito.com.br/wp-content/uploads/2019/01/ 3 MB
2 MB 591ms
589ms Image
image/gif 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edivaldobrito.com.br/wp-content/uploads/2019/01/jogo-ascii-patrol-no-linux-via-snap.gif

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

bc884e719cc7f58114e8f773c34a955b451ef4980734891112129d50d86f7fe4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/wp.serviceworker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
last-modified: Mon, 28 Jan 2019 00:34:10 GMT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding
content-type: image/gif
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15040
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mypaint-no-linux.jpg
www.edivaldobrito.com.br/wp-content/uploads/2018/03/ 22 KB
22 KB 464ms
462ms Image
image/webp 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edivaldobrito.com.br/wp-content/uploads/2018/03/mypaint-no-linux.jpg

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

6102e490b7b80df4fb198aaae6c5e0da9ae1b8c99faf954d060d21cdbaf67d48

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/wp.serviceworker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: MISS
content-length: 22525
x-xss-protection: 1; mode=block
last-modified: Sun, 09 Aug 2020 21:29:59 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept,Referer,Accept-Encoding
content-type: image/webp
cache-control: max-age=315360000
x-sucuri-id: 15040
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jogo-the-climate-trail-no-linux-via-snap.jpg
www.edivaldobrito.com.br/wp-content/uploads/2019/09/ 23 KB
23 KB 383ms
381ms Image
image/webp 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edivaldobrito.com.br/wp-content/uploads/2019/09/jogo-the-climate-trail-no-linux-via-snap.jpg

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

da9b1ca3f40a59466cc958b098d13e9e78e6f2396d32e1670054ec8e63f513bd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/wp.serviceworker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: MISS
content-length: 23113
x-xss-protection: 1; mode=block
last-modified: Sun, 09 Aug 2020 22:28:02 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept,Referer,Accept-Encoding
content-type: image/webp
cache-control: max-age=315360000
x-sucuri-id: 15040
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 como-instalar-o-asunder-cd-ripper-no-linux-via-flatpak.jpg
www.edivaldobrito.com.br/wp-content/uploads/2019/12/ 26 KB
27 KB 465ms
463ms Image
image/webp 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edivaldobrito.com.br/wp-content/uploads/2019/12/como-instalar-o-asunder-cd-ripper-no-linux-via-flatpak.jpg

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

32156add5012607d9a904b437f93d73462cac0d2d897c2d4d6275f6b4ed52d74

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/wp.serviceworker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: MISS
content-length: 26939
x-xss-protection: 1; mode=block
last-modified: Sun, 09 Aug 2020 22:38:28 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept,Referer,Accept-Encoding
content-type: image/webp
cache-control: max-age=315360000
x-sucuri-id: 15040
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jogo-eternal-lands-no-linux-via-snap.jpg
www.edivaldobrito.com.br/wp-content/uploads/2019/01/ 55 KB
55 KB 382ms
381ms Image
image/webp 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edivaldobrito.com.br/wp-content/uploads/2019/01/jogo-eternal-lands-no-linux-via-snap.jpg

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

b51fe59baed1dcffd0605bddd3f18268739bb7daabb517fa9c56f2592d2bf422

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/wp.serviceworker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: MISS
content-length: 56384
x-xss-protection: 1; mode=block
last-modified: Sun, 09 Aug 2020 22:01:21 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept,Referer,Accept-Encoding
content-type: image/webp
cache-control: max-age=315360000
x-sucuri-id: 15040
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 emulador-gb-enhanced-no-linux-via-flatpak.jpg
www.edivaldobrito.com.br/wp-content/uploads/2019/04/ 57 KB
58 KB 464ms
463ms Image
image/webp 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edivaldobrito.com.br/wp-content/uploads/2019/04/emulador-gb-enhanced-no-linux-via-flatpak.jpg

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

fe6371a1cf3b1e31879d28be9d88735f548089ee7482b849a2a8b017984b80b0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/wp.serviceworker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: MISS
content-length: 58676
x-xss-protection: 1; mode=block
last-modified: Sun, 09 Aug 2020 22:09:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept,Referer,Accept-Encoding
content-type: image/webp
cache-control: max-age=315360000
x-sucuri-id: 15040
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jogo-de-corrida-supertuxkart-no-linux-via-snap.jpg
www.edivaldobrito.com.br/wp-content/uploads/2018/08/ 27 KB
28 KB 464ms
463ms Image
image/webp 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edivaldobrito.com.br/wp-content/uploads/2018/08/jogo-de-corrida-supertuxkart-no-linux-via-snap.jpg

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

nginx /

Resource Hash

4cc8e475c27a01b7d1c30b20778be1697d61a3e6a725c475d151d889e47be6db

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/wp.serviceworker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: MISS
content-length: 27929
x-xss-protection: 1; mode=block
last-modified: Sun, 09 Aug 2020 21:44:48 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept,Referer,Accept-Encoding
content-type: image/webp
cache-control: max-age=315360000
x-sucuri-id: 15040
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 0b97e22ca7c95fdf86d97f10abd7a6c3.js Show response
scripts.cleverwebserver.com/ 128 KB
47 KB 130ms
92ms Script
application/javascript 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.cleverwebserver.com/0b97e22ca7c95fdf86d97f10abd7a6c3.js
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26636239d13ecbe87424d7284b81d1a33403831fb7f749956588d7c990fba99e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
x-amz-version-id: CwVpNpjUD0hdN0zUrIL7HOpJffHJV4u3
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 16 Jan 2023 17:02:21 GMT
server: cloudflare
x-amz-request-id: HX26QTMVDGEDCZ6Y
etag: W/"ccda98ebc286cfe5c71c9608ced2da18"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 79396ffdfcae92a2-FRA
x-amz-id-2: Zp/5ednNfgCOnTfBRFBK1bkRYSUu4Ppi9gadto5Sn8TBn3WKwrxppc3AkrcMwcP0TT/U/blv+6Y=
expires: Fri, 03 Feb 2023 07:56:17 GMT

POST
H2 200 /
clickiocdn.com/utr/wv/ 42 B
158 B 17ms
16ms Ping
image/gif 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/wv/?prism=0&url=%2Fwp.serviceworker&eid=215867&wh=1600x1200&rnd=91770300045&lid=0&tid=0&cnt=1
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/215867/360.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 07:26:17 GMT
cache-control: no-cache
iseu: eu
server: nginx/1.16.0
content-length: 42
content-type: image/gif

POST
H2 200 /
clickiocdn.com/utr/wv/ 42 B
158 B 22ms
22ms Ping
image/gif 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/wv/?prism=0&url=%2Fwp.serviceworker&eid=215867&wh=1600x1200&rnd=91770300045&lid=0&tid=0&fcp_red=3120.800&fcp_red_cnt=1
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/215867/360.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 07:26:17 GMT
cache-control: no-cache
iseu: eu
server: nginx/1.16.0
content-length: 42
content-type: image/gif

GET
H2 200 dvd44vz8bt Show response
www.clarity.ms/tag/ 1 KB
1 KB 107ms
106ms Script
application/x-javascript 2620:1ec:4e:1::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/dvd44vz8bt?ref=gtm2
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e7dd12b562dc86a8beb3f58bbc21b75230d7b6fd81ef348a81ed7104d9e02cad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: application/x-javascript
date: Fri, 03 Feb 2023 07:26:16 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0GbfcYwAAAABs8xqjFshOQZlYvQoMPirZRlJBMzFFREdFMDMxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 21ms
21ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 230
etag: W/"2f96824aee4bf927e734cc519e3e726d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 79396ffe083b2ba3-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 06 Feb 2023 07:26:17 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
154 B 22ms
21ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1488797072&t=pageview&_s=1&dl=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker&dp=%2F404.html%3Fpage%3D%2Fwp.serviceworker%26from%3D&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20-%20Blog%20do%20Edivaldo%20-%20Informa%C3%A7%C3%B5es%20e%20Not%C3%ADcias%20sobre%20Linux&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1423294890&gjid=1727416535&cid=1349497048.1675409174&tid=UA-26452598-1&_gid=1411395848.1675409177&_r=1&_slc=1&gtm=457e3210&did=dZGIzZG&gdid=dZGIzZG&z=1520693942

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.edivaldobrito.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 16ms
15ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1488797072&t=pageview&_s=2&dl=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20-%20Blog%20do%20Edivaldo%20-%20Informa%C3%A7%C3%B5es%20e%20Not%C3%ADcias%20sobre%20Linux&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=1349497048.1675409174&tid=UA-26452598-1&_gid=1411395848.1675409177&gtm=457e3210&did=dZGIzZG&gdid=dZGIzZG&z=1059631401

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 14:47:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 59933
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2023013001.js Show response
securepubads.g.doubleclick.net/gpt/ 386 KB
131 KB 116ms
29ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31f3e28cb913fc9229304149e55fc4cabf206f707d068f05554692f38ea2f358

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 16:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 314216
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133639
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 09:35:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 30 Jan 2024 16:09:21 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 545 B
779 B 152ms
66ms XHR
application/json 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.edivaldobrito.com.br

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1f5239ef29049d15ac6ca240964b8e2d79c1e505bbbe890b0100e895e1ab1a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 236
x-xss-protection: 0
expires: Fri, 03 Feb 2023 07:26:17 GMT

POST
H2 200 /
clickiocdn.com/utr/wv/ 42 B
158 B 27ms
19ms Ping
image/gif 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/wv/?prism=0&url=%2Fwp.serviceworker&eid=215867&wh=1600x1200&rnd=91770300045&lid=0&tid=0&lcp_yellow=3246.299&lcp_yellow_cnt=1
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/215867/360.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 07:26:17 GMT
cache-control: no-cache
iseu: eu
server: nginx/1.16.0
content-length: 42
content-type: image/gif

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 18ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-46TXG2Y06D&gtm=45je3210&_p=1488797072&cid=1349497048.1675409174&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675409177&sct=1&seg=0&dl=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker&dt=Page%20Not%20Found%20-%20Blog%20do%20Edivaldo%20-%20Informa%C3%A7%C3%B5es%20e%20Not%C3%ADcias%20sobre%20Linux&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-46TXG2Y06D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 407 B
610 B 59ms
23ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.edivaldobrito.com.br&callback=_gfp_s_&client=ca-pub-2181767967208847

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2181767967208847&plah=www.edivaldobrito.com.br&bust=31071855

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c02e48d9f683fe8ec733209725138bb47817480e77095e00f4a7e42800c929c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 258
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 144ms
49ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.edivaldobrito.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 88ms
32ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.edivaldobrito.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EC3E 0
188 B 156ms
154ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2181767967208847&output=html&adk=1812271804&adf=3025194257&lmt=1675409177&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675409177011&bpp=3&bdt=2762&idt=342&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1115118503523&frm=20&pv=2&ga_vid=1349497048.1675409174&ga_sid=1675409177&ga_hid=1488797072&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071855%2C31071662&oid=2&pvsid=3122831324647189&tmod=489969838&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=365

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edivaldobrito.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 07:26:17 GMT
expires: Fri, 03 Feb 2023 07:26:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 /
track-selectmedia.com/trackv4/ 0
418 B 242ms
149ms Image
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track-selectmedia.com/trackv4/?&d5=edivaldobrito.com.br&d3=e79ac444-bf2e-42ea-a4d1-70a33b600b8e&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d23=tag_d575c309-a219-4edc-9a6d-329742096898&d24=a32de10b-2590-422c-b5f1-696dfc2c42d2&d2=1675409177&e=0&cb=1675409177413
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 style.css
serv-selectmedia.com/cdn/player/ 1 KB
878 B 71ms
13ms Stylesheet
text/css 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/style.css
Requested by: Host: sm1.selectmedia.asia
URL: https://sm1.selectmedia.asia/cdn/tags/tag_d575c309-a219-4edc-9a6d-329742096898.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4672b37f99a355152ea5257ba3187597fb9a12fb33a06492131461f469f5dd09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:15:38 GMT
content-encoding: gzip
age: 639
x-guploader-uploadid: ADPycdsgKEecaGqK-LVi70E3FiSUtmRsOqp8dK2eugq5S2a8-cBfYuOeSvUw3FmzsABmLPFrnxojeFgMAU8wTr1BRt0cyA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 571
last-modified: Mon, 15 Aug 2022 09:39:19 GMT
server: UploadServer
etag: "3a8d6c993f0a7e34ae07f8e86c31e632"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=GiK3YQ==, md5=Oo1smT8KfjSuB/jobDHmMg==
x-goog-generation: 1660556359399621
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 571
accept-ranges: bytes
content-type: text/css

GET
H2 200 selectmedia-player.umd.js Show response
serv-selectmedia.com/cdn/player/ 129 KB
40 KB 107ms
15ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/selectmedia-player.umd.js
Requested by: Host: sm1.selectmedia.asia
URL: https://sm1.selectmedia.asia/cdn/tags/tag_d575c309-a219-4edc-9a6d-329742096898.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 99ef4feaafebde65c928ef76ef8ad2f9e987772b13e9c00fd8bc5cce37c4003d

Request headers

Referer: https://www.edivaldobrito.com.br/
Origin: https://www.edivaldobrito.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:15:41 GMT
content-encoding: gzip
age: 636
x-guploader-uploadid: ADPycdsytOwjjJYfgU8pgtcdF_vkL6PO41FYj6MnJYy_XT2DKp27fjQuKU3OS545DX-lom3mQAu4qwlkpkn27i6iMMN5iQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39919
last-modified: Tue, 31 Jan 2023 07:10:07 GMT
server: UploadServer
etag: "56ef32139d88ca6d13beb2e629d8f4ac"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=aMTv9Q==, md5=Vu8yE52Iym0TvrLmKdj0rA==
x-goog-generation: 1675149007014479
access-control-allow-origin: *
access-control-expose-headers: Accept, Authorization, Content-Length, Content-Range, Content-Type, Date, Origin, Range, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=3600
x-goog-stored-content-length: 39919
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 clarity.js Show response
www.clarity.ms/eus-d/s/0.7.1/ 55 KB
19 KB 16ms
15ms Script
application/javascript 2620:1ec:4e:1::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus-d/s/0.7.1/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/dvd44vz8bt
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:16 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
server: Microsoft-IIS/10.0
x-azure-ref-originshield: 0fZrcYwAAAADS12ThO79oRalnO7Em6jsMRlJBMjMxMDUwNDE4MDI5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "1d936557825629e"
x-azure-ref: 0GbfcYwAAAAAiQLH4gkNGQ7mSjMqGVOYXRlJBMzFFREdFMDMxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2 200 avcplayer.js Show response
player.avplayer.com/script/2/v/ 251 KB
60 KB 97ms
10ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/2/v/avcplayer.js
Requested by: Host: tg1.playstream.media
URL: https://tg1.playstream.media/api/adserver/spt?AV_TAGID=618cd4566186e8554d6d3977&AV_PUBLISHERID=618cca00a870522e4313ee77
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: 4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-encoding: gzip
x-sp-metadata: HS256.CKmK854GEocBCiQwM2IxOGFmYi04MDc0LTRmODItYThhYS1hNzZlY2Y5MjFhMGYQkNjW+Kvg/AIaBgiZ7vKeBiIMMzcuNTguNTguMjQ2KNbZAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkYjk5MzMxNWEtNmIzZS00OWZkLWFlNTctMWY1NDMwZDdlZGRhGI7fAyIYCAISFGNkczI0OS5mcjguaHdjZG4ubmV0.G+XD3PuXJ4yknlHlxppSj8iTYljlETjOUx7ZmKXtmw8=
last-modified: Thu, 03 Mar 2022 17:18:44 GMT
etag: "1646327924"
vary: X-Goog-Allowed-Resources
x-hw: 1675409177.dop154.fr8.t,1675409177.cds148.fr8.hn,1675409177.cds249.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 61326

GET
H2 200 track
track1.aniview.com/ 0
71 B 349ms
101ms Image
text/plain 3.224.190.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=618cca00a870522e4313ee77&cid=618ccba598fefe3bfe62d4c5&cb=1675409177430&r=www.edivaldobrito.com.br&stagid=618cd4566186e8554d6d3977&stplid=618ccc9203e747342150da89&d35=&d65=&d66=7&e=playerLoaded&str=viewable
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.190.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-190-254.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 /
clickiocdn.com/utr/wv/ 42 B
158 B 26ms
25ms Ping
image/gif 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/wv/?prism=0&url=%2Fwp.serviceworker&eid=215867&wh=1600x1200&rnd=91770300045&lid=0&tid=0&cls_green=0.059&cls_green_cnt=1
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/215867/360.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 07:26:17 GMT
cache-control: no-cache
iseu: eu
server: nginx/1.16.0
content-length: 42
content-type: image/gif

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
356 B 52ms
18ms XHR
text/plain 2a00:1450:4025:401::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-26452598-1&cid=1349497048.1675409174&jid=1423294890&gjid=1727416535&_gid=1411395848.1675409177&_u=YADAAUAAAAAAACAAI~&z=1450500040

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.edivaldobrito.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 03 Feb 2023 07:26:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ui.cleverwebserver.com/ 159 B
196 B 55ms
32ms Script
application/javascript 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ui.cleverwebserver.com/
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c4052b183146bbf7c1adede883cc539bddc38f4fc03476e9a6120f473b5fd4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79396fff2dc892a2-FRA
content-type: application/javascript

GET
H2 200 web Show response
onesignal.com/api/v1/sync/d5bc4ac8-d267-482a-ae5c-d913ce0b60da/ 3 KB
2 KB 65ms
48ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/d5bc4ac8-d267-482a-ae5c-d913ce0b60da/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f9f9a4df634749fe6f44725f5e6a562961c9ae5c49bb6e499f16a5fd9676c94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: ddf12c1f-91a0-4e57-87e8-c70379897a81
x-runtime: 0.019045
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"3f9f9a4df634749fe6f44725f5e6a562"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 79396fff39f92ba3-FRA
access-control-allow-headers: SDK-Version
expires: Fri, 03 Feb 2023 08:26:17 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 138ms
53ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-26452598-1&cid=1349497048.1675409174&jid=1423294890&_u=YADAAUAAAAAAACAAI~&z=1019407640

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 72ms
26ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-26452598-1&cid=1349497048.1675409174&jid=1423294890&_u=YADAAUAAAAAAACAAI~&z=1019407640

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
lp.cleverwebserver.com/bet365/de/sports/grp1/ Frame 5929
Redirect Chain

https://sender.clevernt.com/transporter/43670.php?id=454518&ref=aHR0cHM6Ly93d3cuZWRpdmFsZG9icml0by5jb20uYnIvd3Auc2VydmljZXdvcmtlcg%3D%3D&ruri=&r=563448790&tok=33419711310201791433&t=1675409177&cmpI...
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01133058

4 KB
957 B

108ms
87ms

Document
text/html

2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01133058
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1f12c99fac66b96e3aa01346654a1f9981ae01e0d4addba0b36ccf8bfdc27e2

Request headers

Referer: https://www.edivaldobrito.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=1800
cf-cache-status: MISS
cf-ray: 79397000cf8c92a2-FRA
content-encoding: br
content-type: text/html
date: Fri, 03 Feb 2023 07:26:17 GMT
expires: Fri, 03 Feb 2023 07:56:17 GMT
last-modified: Thu, 02 Feb 2023 15:10:10 GMT
server: cloudflare
vary: Accept-Encoding
x-amz-id-2: 2As2XZRdCrcTSSToD7MmFUpPKvE5ktADv1oOnxUhu1oKSK8q8SYihDJSJYsx9sDwjynLdZ+4+hs=
x-amz-request-id: 4EZB27EJBS9Y7VQC

Redirect headers

cache-control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Fri, 03 Feb 2023 07:26:17 GMT
expires: Fri, 27 Jun 1986 23:00:00 GMT
last-modified: Fri, 03 Feb 2023 07:26:17 GMT
location: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01133058
pragma: no-cache
server: nginx

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 655 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f312aead73c7059dc22bbff1a38210eaacd5e2d7beaaec586a32575c54bc35a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 /
call.cleverwebserver.com/ 43 B
133 B 56ms
42ms Image
image/gif 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://call.cleverwebserver.com/?id=43670&c=DE&r=null&l=58&b=Chrome&os=Win10&mob=0&v=1.34.6&ref=aHR0cHM6Ly93d3cuZWRpdmFsZG9icml0by5jb20uYnIvd3Auc2VydmljZXdvcmtlcg%3D%3D&ruri=&iv=-1&ctr=DE&sz=1200

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79396fffbe8292a2-FRA
content-length: 43
content-type: image/gif

POST
H2 200 /
clickiocdn.com/utr/wv/ 42 B
158 B 22ms
21ms Ping
image/gif 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/wv/?prism=0&url=%2Fwp.serviceworker&eid=215867&wh=1600x1200&rnd=91770300045&lid=0&tid=0&cls_green=-0.059&cls_green_cnt=-1
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/215867/360.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 07:26:17 GMT
cache-control: no-cache
iseu: eu
server: nginx/1.16.0
content-length: 42
content-type: image/gif

POST
H2 200 /
clickiocdn.com/utr/wv/ 42 B
158 B 22ms
22ms Ping
image/gif 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/wv/?prism=0&url=%2Fwp.serviceworker&eid=215867&wh=1600x1200&rnd=91770300045&lid=0&tid=0&cls_yellow=0.234&cls_yellow_cnt=1
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/215867/360.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 07:26:17 GMT
cache-control: no-cache
iseu: eu
server: nginx/1.16.0
content-length: 42
content-type: image/gif

POST
H2 204 collect Show response
a.clarity.ms/ 0
171 B 439ms
190ms XHR
text/plain 104.45.184.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-d/s/0.7.1/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.45.184.134 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.edivaldobrito.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: https://www.edivaldobrito.com.br
date: Fri, 03 Feb 2023 07:26:17 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
DATA 200
OK truncated
/ 256 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7bb3c50cc5b07cea81e62a53039ec4aa49cd718058cbf799eef27bbdb5b958c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 251 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a288f6d8bed5da66244881b97b6355d945f6ca755c1fc09b750724745cceae03

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 273 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f1c0e9e76f5baa28c2453d0d02b97d42e5f66283f0d3058a4ccc366e7f2411a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 385 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 237 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 238 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 411 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 240 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 logo.png
cdn.playstream.media/ 1 KB
2 KB 120ms
22ms Image
image/png 138.199.36.9
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.playstream.media/logo.png
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.9 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-9.bunnyinfra.net
Software: BunnyCDN-DE1-1049 /
Resource Hash: 875a318ebf906866ab16eb2e848924b12c38f7d33ae1c6e72244aba92faa9b7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Fri, 03 Feb 2023 07:26:17 GMT
cdn-edgestorageid: 874
cdn-cachedat: 01/31/2023 10:47:05
cdn-pullzone: 1027527
content-length: 1265
last-modified: Tue, 19 Jan 2021 07:48:16 GMT
server: BunnyCDN-DE1-1049
cdn-proxyver: 1.03
cdn-requestpullcode: 206
content-type: image/png
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 6740a699-531f-4e34-81bd-7039b1357022
cache-control: max-age=315360000
cdn-requestid: 30d0010f835abf3e5ae6ceddfc91ee35
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 480 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame AB9E 440 KB
119 KB 63ms
12ms Script
application/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=618cca00a870522e4313ee77
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/v/avcplayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash: 99e8be242d57a54072d21b9a2f84379a7f1a9e6fc4e1661e83e2cc80725e7cd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-encoding: gzip
x-sp-metadata: HS256.CKmK854GEocBCiQxZjFlNTBiMS1kNGUwLTQ2NmItOTkwNS1jYmExMTkxOGNhYTUQyIKixK/g/AIaBgiZ7vKeBiIMMzcuNTguNTguMjQ2KLb2AjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkZWJmYThhZjItNTIxOC00NmU2LTkwYzctYjc4ZTM5NjkxNzU3GKOyByIYCAISFGNkczI3NS5mcjguaHdjZG4ubmV0.d6ABcBhWNjaYUBWPO1R/kUdzu8nhyx3dvukuvMehSbk=
last-modified: Wed, 01 Feb 2023 11:19:40 GMT
etag: "1675250380"
x-hw: 1675409177.dop238.fr8.t,1675409177.cds258.fr8.hn,1675409177.cds275.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 121123

GET
H2 200 ctrack
track1.avplayer.com/ 0
71 B 350ms
103ms Image
text/plain 44.193.104.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.avplayer.com/ctrack?pt=2&cmid=&cwid=&cvid=&pid=618cca00a870522e4313ee77&r=www.edivaldobrito.com.br&sn=&cd1=&cd2=&cd3=&app=&wi=640&he=361&test=&vi=0&e=cpll&cb=1675409177618
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.104.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-104-96.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 5979fb31073ef40bac6a4be2.json Show response
serv-selectmedia.com/cdn/mcm/ 9 KB
9 KB 15ms
14ms Fetch
text/plain 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/mcm/5979fb31073ef40bac6a4be2.json
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/selectmedia-player.umd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 13bd88867da0b986ebf8fd3fc5e6e991dfd81c3856699deabc7c5bf34715d975

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:50:50 GMT
age: 2127
x-guploader-uploadid: ADPycdszttw-Z2dES6xaj8aXOvz4Smpx8P3cTSs_BKQXq_8NxsQmU3tktDoP1yDg2xJfxBBnChYI3PNCwSdFKqc-K86VoTqbfK9i
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8850
last-modified: Fri, 03 Feb 2023 06:40:35 GMT
server: UploadServer
etag: "2e1f70717af323ae51e2a8c22ceb3e0a"
vary: X-Goog-Allowed-Resources
x-goog-hash: crc32c=G9naPQ==, md5=Lh9wcXrzI65R4qjCLOs+Cg==
x-goog-generation: 1675241768788328
access-control-allow-origin: *
access-control-expose-headers: Accept, Authorization, Content-Length, Content-Range, Content-Type, Date, Origin, Range, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=3600
x-goog-stored-content-length: 8850
accept-ranges: bytes
content-type: text/plain; charset=utf-8

GET
H2 200 2539698496735950919
tpc.googlesyndication.com/simgad/ 23 KB
24 KB 333ms
15ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2539698496735950919

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eba8f958f96c2043d58e7ac7b785d69c2388905b6178f0382dcb5dc9c80dd98b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 14:16:30 GMT
x-content-type-options: nosniff
age: 407387
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23825
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 11:07:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 29 Jan 2024 14:16:30 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 367 KB
123 KB 171ms
73ms Script
text/javascript 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/selectmedia-player.umd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2864bf3ca82a5e7f9cc6e96e40dc32665faea6bb959d04686ba2155ccba3c29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125826
x-xss-protection: 0
expires: Fri, 03 Feb 2023 07:26:17 GMT

GET
H2 204 /
track-selectmedia.com/trackv4/ 0
45 B 147ms
146ms Image
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track-selectmedia.com/trackv4/?&d3=e79ac444-bf2e-42ea-a4d1-70a33b600b8e&d4=a32de10b-2590-422c-b5f1-696dfc2c42d2&d2=1675409177&d5=edivaldobrito.com.br&d28=1164&d33=8&d34=1800&d35=1&d36=1&d37=1&d38=1&d26=464x261&d27=-1&cb=1675409177707-82f59559-95a3-4842-9e4d-5bc009fc4cfc&e=47
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 /
clickiocdn.com/utr/wv/ 42 B
158 B 18ms
17ms Ping
image/gif 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/wv/?prism=0&url=%2Fwp.serviceworker&eid=215867&wh=1600x1200&rnd=91770300045&lid=0&tid=0&cls_yellow=-0.234&cls_yellow_cnt=-1
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/215867/360.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 07:26:17 GMT
cache-control: no-cache
iseu: eu
server: nginx/1.16.0
content-length: 42
content-type: image/gif

POST
H2 200 /
clickiocdn.com/utr/wv/ 42 B
158 B 18ms
18ms Ping
image/gif 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/wv/?prism=0&url=%2Fwp.serviceworker&eid=215867&wh=1600x1200&rnd=91770300045&lid=0&tid=0&cls_yellow=0.234&cls_yellow_cnt=1
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/215867/360.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 07:26:17 GMT
cache-control: no-cache
iseu: eu
server: nginx/1.16.0
content-length: 42
content-type: image/gif

GET
H2 200 hb_310028_13812.js Show response
player.hb.selectmedia.asia/prebidlink/465391/ Frame 20DB 424 KB
128 KB 91ms
12ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.hb.selectmedia.asia/prebidlink/465391/hb_310028_13812.js
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: ca59049fd2fb873a3f52fcfcbd94e92f86dcf53422ea602ecf8fefb43b019afc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-encoding: gzip
last-modified: Sun, 18 Dec 2022 14:36:18 GMT
server: nginx
etag: W/"639f2562-6a052"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
expires: Sun, 05 Feb 2023 07:26:17 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 20DB 79 KB
27 KB 99ms
97ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

777f2438eb4f489e776deb9b4ec7192d9341f146c4343a1415c11246b7dd2dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27308
x-xss-protection: 0
server: sffe
etag: "1471 / 537 of 1000 / last-modified: 1675379458"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 03 Feb 2023 07:26:17 GMT

GET
H2 200 uam2_wrapper_hb_310028_13812.js Show response
player.hb.selectmedia.asia/prebidlink/465391/ Frame 20DB 2 KB
1007 B 102ms
24ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.hb.selectmedia.asia/prebidlink/465391/uam2_wrapper_hb_310028_13812.js
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 237e03740be944baec826683aab4bfa03e546100a9e8da861fb124e74fa7e5df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-encoding: gzip
last-modified: Wed, 01 Feb 2023 14:12:53 GMT
server: nginx
etag: W/"63da7365-687"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
expires: Sun, 05 Feb 2023 07:26:17 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 20DB 193 KB
47 KB 42ms
10ms Script
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cc063466fc42fe1b789888a932cc7f3a8bdde1c2d70a8a04b4d9896975620da7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:32:44 GMT
content-encoding: gzip
via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront), 1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
last-modified: Wed, 01 Feb 2023 21:25:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-C2
age: 3214
x-amz-server-side-encryption: AES256
etag: W/"a32dad266af898d87dd85cf65ca93536"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: eSFYdUhTqnZ-JeylLh3l77iPXDHco3hwfSX5LvqpV-yE_-lET5sgZw==

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 16 KB
3 KB 417ms
150ms XHR
application/json 52.206.131.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_TAGID=618cd4566186e8554d6d3977&AV_PUBLISHERID=618cca00a870522e4313ee77&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker&AV_CHANNELID=618ccba598fefe3bfe62d4c5&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.edivaldobrito.com.br&AV_DADPOS=3&AV_TAG=618cd4566186e8554d6d3977&AV_TEMPLATE=618ccc9203e747342150da89&d36=6.2.79&responsive=1&sver=4&avtoken=177782&omv=1.0.1&clsid=6986a60d-9f99-4b0b-aa45-697cccd379a1&rando=37&AV_WIDTH=640&AV_HEIGHT=361&AV_DNT=0&cb=1675409177785&wfc=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=618cca00a870522e4313ee77
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.131.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-131-34.compute-1.amazonaws.com
Software: /
Resource Hash: fdc5393a2e3e37c42134797ef114a56d106ad85a759db028d4db4efd695b6774

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:18 GMT
x-bamboo-c-skst: 1
content-encoding: gzip
x-bamboo-c-skfe: 1
x-bamboo-c-s: BYPASS
access-control-max-age: 1728000
vary: Accept-Encoding
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin: https://www.edivaldobrito.com.br
content-type: application/json
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires: Sun, 22 Jan 2023 17:39:38 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 103ms
98ms Image
text/plain 3.224.190.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=www.edivaldobrito.com.br&sn=&ic=0&tgt=0&app=&wi=640&he=361&test=&d36=6.2.79&apppkg=&fv=3&proto=https&clsid=6986a60d-9f99-4b0b-aa45-697cccd379a1&rando=37&pid=618cca00a870522e4313ee77&cid=618ccba598fefe3bfe62d4c5&stagid=618cd4566186e8554d6d3977&stplid=618ccc9203e747342150da89&e=inventory&vi=0&cb=1675409177784
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.190.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-190-254.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
208 B 28ms
21ms Script
application/x-javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=0&ses_id=2eu64lt9dsf1z45917704590&area_id=658369&type=base&f=__lxG__.tmp.rot_44johech744p07i9&rt=917749483
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/common_258.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: a4aefbd430dd743eda0e6b136fc60b217f42765cb2c9c80774fa4cc2e202a7eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
iseu: eu
content-encoding: gzip
server: nginx/1.16.0
content-type: application/x-javascript; charset=utf-8

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
207 B 28ms
22ms Script
application/x-javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=1&ses_id=2eu64lt9dsf1z45917704590&area_id=668779&type=dfp&f=__lxG__.tmp.rot_44johech744p07i9&rt=917749494
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/common_258.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 5a1953db77561ab6a8247f64a5dfd77a52f6a11a09b921a819b7dcead9440005

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
iseu: eu
content-encoding: gzip
server: nginx/1.16.0
content-type: application/x-javascript; charset=utf-8

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
208 B 28ms
22ms Script
application/x-javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=0&ses_id=2eu64lt9dsf1z45917704590&area_id=657462&type=base&f=__lxG__.tmp.rot_44johech744p07i9&rt=917749504
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/common_258.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 4dbf679ac580767177d714ed1a7320996fa8cabf816dbaf1882c59b30b18154c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
iseu: eu
content-encoding: gzip
server: nginx/1.16.0
content-type: application/x-javascript; charset=utf-8

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
208 B 28ms
24ms Script
application/x-javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=0&ses_id=2eu64lt9dsf1z45917704590&area_id=669871&type=base&f=__lxG__.tmp.rot_44johech744p07i9&rt=917749540
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/common_258.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 355dd50b814d1dd5f7ee9a035042037fc0de4a05b94bc3e9d14e49251a06919b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
iseu: eu
content-encoding: gzip
server: nginx/1.16.0
content-type: application/x-javascript; charset=utf-8

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
206 B 27ms
23ms Script
application/x-javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=1&ses_id=2eu64lt9dsf1z45917704590&area_id=668841&type=dfp&f=__lxG__.tmp.rot_44johech744p07i9&rt=917749523
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/common_258.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 3edc133529d9e01d85b7040eca895a8568b281ca6d135233c0d9af2d94bd3863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
iseu: eu
content-encoding: gzip
server: nginx/1.16.0
content-type: application/x-javascript; charset=utf-8

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
207 B 28ms
24ms Script
application/x-javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=1&ses_id=2eu64lt9dsf1z45917704590&area_id=697876&type=dfp&f=__lxG__.tmp.rot_44johech744p07i9&rt=917749515
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/common_258.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: cedd8c6c1cc05e3a774ab692b811e70f48e1d3352864a10692cebac6f437e211

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
iseu: eu
content-encoding: gzip
server: nginx/1.16.0
content-type: application/x-javascript; charset=utf-8

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 21ms
19ms Stylesheet
text/css 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 231
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 793970014c2d380e-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 05 Mar 2023 07:26:17 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 20DB 2 KB
2 KB 114ms
110ms XHR
application/json 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.edivaldobrito.com.br&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 83545a7a07405b0ad926d5536e67b215353eb1d3306d8c2e8b8486fe3249f15c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
via: 1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 2041
x-amz-cf-id: 3PUOjp-Gip-0f8_f7Mz6Lyi9K4X-H9m7yS_G2ZT4eY5k9GqXNthOuA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 20DB 6 KB
3 KB 29ms
8ms XHR
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding: gzip
via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
date: Thu, 02 Feb 2023 09:12:00 GMT
x-amz-cf-pop: FRA56-C2
age: 80058
x-cache: Hit from cloudfront
last-modified: Fri, 23 Dec 2022 01:05:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 6DE5bcKjWk-N_kP3oq-Y33C_841YvRk2NhlAJDtid8MiTurKTFhorw==

GET
H2 200 style.css
lp.cleverwebserver.com/bet365/de/sports/grp1/ Frame 5929 11 KB
2 KB 22ms
17ms Stylesheet
text/css 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=4
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01133058
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57e4f09712f9ca05fdc60d34ef9308ffc80a592d3fb4035decd71080fa23d1b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01133058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 2PFETG323PY01ZYG
age: 445
cf-polished: origSize=11956
x-amz-id-2: zd3F7Fz78NheJCh3agaOLzypR1ig67YDv7UvsXGi7jelrcvx33x6vABtA488xMePwZrPlhOBOcw=
cf-bgj: minify
last-modified: Sat, 10 Dec 2022 20:09:00 GMT
server: cloudflare
etag: W/"bf5b43010766718411fff126585ba859"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=1800
cf-ray: 793970017fff92a2-FRA
expires: Fri, 03 Feb 2023 07:56:17 GMT

GET
H2 200 anzeige.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 5929 1 KB
870 B 24ms
19ms Image
image/svg+xml 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/anzeige.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01133058
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98af5e2d044165db4fe04e7a288c125ad78d50bd9e212ca6e520e5a55140e869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01133058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 10 Dec 2022 20:09:00 GMT
server: cloudflare
x-amz-request-id: X34Y784D6ET7DFYA
age: 710
etag: W/"3e9d1a10a1056de77db1bab72b55ef1c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 79397001780192a2-FRA
x-amz-id-2: KFmjH6PsmvvQYV1dyctPJzbK/SHPktZzhN6dD7sFZchdfFVt2Vko3oaPFRKJR5aREkpW/LDCKLc=
expires: Fri, 03 Feb 2023 07:56:17 GMT

GET
H2 200 logo.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 5929 2 KB
1 KB 26ms
24ms Image
image/svg+xml 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/logo.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01133058
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df3876c55c0fe527bea47b37cfe3479040325194f3df7d2b077794ef6d584470

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01133058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Jan 2023 09:03:13 GMT
server: cloudflare
x-amz-request-id: GCYP9DPZX7CFV4MD
age: 726
etag: W/"89cc1efb4630095200908a2c0e01275c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 79397001881192a2-FRA
x-amz-id-2: lv54LlbUPHFEgG4hP6zD1PoQC9nFSqmjgzXdV1jxYjnRm6UPUVvcyhVP3O7y/SmmpwIXmgJhzm4=
expires: Fri, 03 Feb 2023 07:56:17 GMT

GET
H2 200 copy_pushmobile.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 5929 12 KB
4 KB 21ms
18ms Image
image/svg+xml 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy_pushmobile.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01133058
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85cc4c652afbaa94b1444817fe16c3c4f84c9f1ad8615044fc20337d8f3c3b36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01133058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Jan 2023 21:59:11 GMT
server: cloudflare
x-amz-request-id: RJF1FYFXHTQNR3RG
age: 562
etag: W/"48521ed69677855391819664023f03a2"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 79397001881292a2-FRA
x-amz-id-2: f+eVJhVExgKp5tTf3RpLiVxD8nIpipN8jPl602a9DnY+ov4iTPF0QA0yPWqdUXJCd05jCKaHGfo=
expires: Fri, 03 Feb 2023 07:56:17 GMT

GET
H2 200 copy_pushdown.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 5929 12 KB
4 KB 21ms
19ms Image
image/svg+xml 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy_pushdown.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01133058
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc593e8aef8bec3076d8f4d76e66461b61d8b0c5cf5a52ef51d6c904d7d5a385

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01133058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 23:58:06 GMT
server: cloudflare
x-amz-request-id: PPSREJ1FJE08ETXX
age: 965
etag: W/"b021ae3bd30deb5a02a9d0476e269ae5"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 79397001881492a2-FRA
x-amz-id-2: RudP7Fa3ZFXT5KYAtXufd8dp96AdRVCFjFG+gjuXGieiEMhPG2R+ctBtESjH6TKJFKhFiPR/dmY=
expires: Fri, 03 Feb 2023 07:56:17 GMT

GET
H2 200 copy.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 5929 12 KB
4 KB 28ms
25ms Image
image/svg+xml 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01133058
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63bc5373259840156ae93ba26b9df0dd2f97ce98ebb3fdb970699cd718a23230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01133058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 23:58:06 GMT
server: cloudflare
x-amz-request-id: QS42FZYKH71V8HJS
age: 562
etag: W/"6a14ab0d467b44cc536dff1c855843d1"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 79397001881592a2-FRA
x-amz-id-2: OiOIMuvaxHIhzuob5kjzEYvnefpSkSKwdTPAvpPH9fNx5+f2+Z028kBDuD2q2qfnhircv6MaoYw=
expires: Fri, 03 Feb 2023 07:56:17 GMT

GET
H2 200 copy2_pushmobile.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 5929 5 KB
2 KB 22ms
21ms Image
image/svg+xml 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy2_pushmobile.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01133058
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3361e91435c8d8a10b7ba8e447fdb9e8cf94681182d2ce70a59dd3fb56dfca5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01133058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 10 Dec 2022 20:06:57 GMT
server: cloudflare
x-amz-request-id: MN13M64W4EGRRNPE
age: 726
etag: W/"beb4ce05eda61995a0eba82cbef0fb8e"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 79397001981792a2-FRA
x-amz-id-2: s4EgarJdK8fS+bf90GhnjXZJ/2Gl1OAuNaXNpp6xqMcLREcg4Fqa2HVbMXhzmXMyR+vKvEjesso=
expires: Fri, 03 Feb 2023 07:56:17 GMT

GET
H2 200 copy2_pushdown.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 5929 5 KB
2 KB 22ms
21ms Image
image/svg+xml 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy2_pushdown.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01133058
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cda9e405d476907b07df5ba2daf29f6d9f802bc7df20e3c9a1295c601e210406

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01133058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 10 Dec 2022 20:06:57 GMT
server: cloudflare
x-amz-request-id: CPEK3CH3NAYY79CC
age: 726
etag: W/"5dafc545e73be5464256dd78dc118a9c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 79397001982592a2-FRA
x-amz-id-2: AoD/iymKkhRhW+ZQjSj83ROjt8N5jgLaowsSZDkBox7C0MM6RFOVY39p3P9gGzguQSvuMAOxJbg=
expires: Fri, 03 Feb 2023 07:56:17 GMT

GET
H2 200 copy2.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 5929 5 KB
2 KB 36ms
28ms Image
image/svg+xml 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy2.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01133058
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7fa07dc1641fa98687abb1cac64ca10ef98f69568be378d612397460b7ca24b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01133058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 23:56:25 GMT
server: cloudflare
x-amz-request-id: 5H8CFT62QWDZ8WHW
age: 562
etag: W/"dc43a4e11b82fa41efb8bdc2acd73425"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 79397001c88792a2-FRA
x-amz-id-2: x/5TYHjkB/o5Z3fXrCbcLIzZ8CL2cSTPgGHqBAzWneDeoOyvVcMzmFUmhQ1SCcXRNtlUdBuVgR8=
expires: Fri, 03 Feb 2023 07:56:17 GMT

GET
H2 200 copy3.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 5929 6 KB
2 KB 27ms
19ms Image
image/svg+xml 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy3.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01133058
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 150431c4e70ae805fba43a94f1b154417be47c26d7f3ca60a7e1a0ab7b50ba80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01133058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 09 Dec 2022 16:57:12 GMT
server: cloudflare
x-amz-request-id: 82BXVEE4JQ4RYSSF
age: 634
etag: W/"9048820dc635dbe10d09725e919ba54f"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 79397001c88892a2-FRA
x-amz-id-2: aNZ8pT54eppvTe3fobSBKvF2JZa6aMXP1qXZ1n6p7KLBT6XBBtqmZxTqW/lN5+CZ69cxS3Jb2hI=
expires: Fri, 03 Feb 2023 07:56:17 GMT

GET
H2 200 cta.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 5929 3 KB
1 KB 29ms
24ms Image
image/svg+xml 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/cta.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01133058
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56828800a4a575d3b1940a854640ad25c3c93a7d3933ab96150ef48788d637d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01133058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 10 Dec 2022 20:06:57 GMT
server: cloudflare
x-amz-request-id: J5ATKN9YMMEJCD5E
age: 726
etag: W/"b26d0f732978180e7c2480406f97e7f3"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 79397001c88992a2-FRA
x-amz-id-2: V4itLYUUu7oAXb3MDMi4/QpzPEfehrqXC+xXg76wNqt4ksbPQpwewkDfVxYA15DgRUVFfT3ZyTw=
expires: Fri, 03 Feb 2023 07:56:17 GMT

GET
H2 200 legal2_pushmobile.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 5929 12 KB
4 KB 30ms
24ms Image
image/svg+xml 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/legal2_pushmobile.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01133058
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 757a9daa63650138fd902f15b33dfa3ae7ea0a4c2c8aadd405c7c09f5c6af7df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01133058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Jan 2023 09:03:13 GMT
server: cloudflare
x-amz-request-id: GCYY7WSDDA5CX49P
age: 726
etag: W/"22316355cfe04cd150c2b810a54167a4"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 79397001c88a92a2-FRA
x-amz-id-2: VjB5GNFwCh1ZBamN9zvtWyUnXj2sQLSEx1dSDuRCR1EOOuvzE/dC+0rD1e6dBQY212alQP7h14k=
expires: Fri, 03 Feb 2023 07:56:17 GMT

GET
H2 200 legal2_pushdown.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 5929 33 KB
6 KB 28ms
23ms Image
image/svg+xml 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/legal2_pushdown.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01133058
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 869c671beb0b128c008179a0e3fcddbfa62cfe83351672d1142b1d734858bc33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01133058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 23:56:25 GMT
server: cloudflare
x-amz-request-id: 8ZBV0BRGA065MNPG
age: 726
etag: W/"19cfc2171558b226e44590caa30ac756"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 79397001c88b92a2-FRA
x-amz-id-2: xdsejmHymU6fFDb2w2EwFMg2eTCpoqKqpzYuZ2ye2tEqJOVbZKaDOBeBmc6ilr2mfVtAIczCF0g=
expires: Fri, 03 Feb 2023 07:56:17 GMT

GET
H2 200 legal2.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 5929 33 KB
6 KB 30ms
25ms Image
image/svg+xml 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/legal2.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01133058
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dac0f22f981a1e8828e9516833b3ac6fe985cf1852033b0f153c9cb8694d3a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01133058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 10 Dec 2022 20:09:00 GMT
server: cloudflare
x-amz-request-id: GF782E7RRVMS4Q4W
age: 726
etag: W/"a33282a0f66d9e18e14ed6c9fa761dd6"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 79397001c88d92a2-FRA
x-amz-id-2: 0Uf7oA4TQujU3QRfkvTw5/05J7Dvg78P3G1rjib11PCKg52gYe0XPjWkNvH3B4Hlff7RGqwO5kU=
expires: Fri, 03 Feb 2023 07:56:17 GMT

GET
H2 200 rocket-loader.min.js Show response
lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 5929 12 KB
4 KB 9ms
9ms Script
application/javascript 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01133058

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01133058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 30 Jan 2023 14:59:41 GMT
server: cloudflare
etag: W/"63d7db5d-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 79397001e89c92a2-FRA
expires: Sun, 05 Feb 2023 07:26:17 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5929 8 KB
1 KB 97ms
27ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap

Requested by

Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

19d4fa5e5f7164cfa51ca5e06216f551c4905d14ee02301a5ad2bb70272b7a3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Feb 2023 07:26:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 Feb 2023 06:17:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Feb 2023 07:26:17 GMT

GET
H2 200 hbw_master_310028_13812.js Show response
player.hb.selectmedia.asia/prebidlink/19391/ Frame 20DB 357 KB
62 KB 13ms
9ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.hb.selectmedia.asia/prebidlink/19391/hbw_master_310028_13812.js
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465391/uam2_wrapper_hb_310028_13812.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: ff7a00f61f810f87608d4ff29d968d91b94563fa83560d82ea4cb62f5484cf36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-encoding: gzip
last-modified: Wed, 01 Feb 2023 14:12:53 GMT
server: nginx
etag: W/"63da7365-5925b"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
expires: Sun, 05 Feb 2023 07:26:17 GMT

GET
H3 200 pubads_impl_2023020101.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 20DB 383 KB
129 KB 39ms
39ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072118

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bcf382c861841335ec9ae5b803af26521b953cee0c2cc4fa291b5cd25f2311e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 11:56:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156611
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132509
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 09:37:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 01 Feb 2024 11:56:06 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 20DB 545 B
397 B 63ms
62ms XHR
application/json 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.edivaldobrito.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1f5239ef29049d15ac6ca240964b8e2d79c1e505bbbe890b0100e895e1ab1a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 236
x-xss-protection: 0
expires: Fri, 03 Feb 2023 07:26:17 GMT

OPTIONS recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 0
0

GET
H2

200

tag Show response
btloader.com/ Frame 20DB
Redirect Chain

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true
https://btloader.com/tag?o=5409916045492224&upapi=true

14 KB
6 KB

14ms
14ms

Script
application/javascript

2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5409916045492224&upapi=true
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ab4005786b726f262e010042dc33b56012653a3c7b124171ecc683bbfa9d3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:18 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Feb 2023 07:19:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 333
etag: W/"803158259cfe510a4ed5b53b03a343c2"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upTb77lAk90yTAAw3%2BaFCXeEw%2BryMaSntKax9YUUAzZ%2Ba5QqFzk7Ho5%2FUp8iY3hSo1MSyuxiapLTgueYSinCUkmVYIxtwuQmTMO1XFmELsan%2Ffkp95xz8pVrHttCmfz0A1Ht4acJItqGmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 79397002eac25c80-FRA

Redirect headers

date: Fri, 03 Feb 2023 07:26:18 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 334
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uXGAWRW6eyhY3y8R6LEIVCLZyyDB9q0g13s10rMdopl39W0LiR0E9g5iJ1ltHCiWr2M585KPZsNc2NPurVA8VpX%2BH4FIvvKiUkU9C2peEaEO8b%2FPle%2Bwus4KdYaLX%2FVVCjeahlcVhYyWWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /tag?o=5409916045492224&upapi=true
cache-control: public, max-age=3600, must-revalidate
cf-ray: 793970028a6d5c80-FRA

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 20DB 54 KB
17 KB 88ms
19ms Script
application/javascript 104.87.141.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.87.141.138 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-87-141-138.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:18 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Fri, 03 Feb 2023 07:41:18 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ Frame 20DB 32 KB
10 KB 54ms
8ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:55:13 GMT
content-encoding: gzip
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 59466
etag: W/"322a4a4dadec5839e9040f77edf9282d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: O4kLzXdaTyFdEQ0E4GNWLfhBFjDxHEp_ZxIibpVtdVpyfFH00OYiEg==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 20DB 57 KB
17 KB 47ms
16ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
server: cloudflare
x-amz-request-id: W87A90SX4JFQ92AB
age: 811
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 793970027e3990d4-FRA
x-amz-id-2: 9YGbKnU0q0vY61FpJWEOmLdSMOfIKbsfvmjWoYrHR33bI8MGcyoDr8puyJVaScguJXHxWq9y6yQ=

POST recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 20DB 0
0

GET
H2 200 clever.de.js Show response
lp.cleverwebserver.com/bet365/js/ Frame 5929 821 B
805 B 25ms
19ms Script
text/javascript 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cleverwebserver.com/bet365/js/clever.de.js
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c6c9d8548d627e7686b7181eefb0e8939df4aa139f5d9cebecbf0ba8f0ccb36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01133058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:18 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 8CJAK7Q5SF2D6TGP
age: 602
cf-polished: origSize=992
x-amz-id-2: 67HSAq/Pc5MCEeM3jQTC19/SASfTYf0jx+gAFDVJ8nY0b38TwzxTI4QnDhvPJldcP9fAZi1NWwY=
cf-bgj: minify
last-modified: Thu, 02 Feb 2023 15:10:13 GMT
server: cloudflare
etag: W/"75326716c6b75ca126b399a79ba549c4"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1800
cf-ray: 7939700278f092a2-FRA
expires: Fri, 03 Feb 2023 07:56:18 GMT

GET
H2 200 bg-pushdown_2.jpg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame 5929 26 KB
26 KB 25ms
20ms Image
image/jpeg 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/bg-pushdown_2.jpg?v=3
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a01536a4e78676d34742f3d6a8718fd8604dc9c0f4569cbc5a38c1e66d774cf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:18 GMT
cf-cache-status: HIT
x-amz-request-id: BBHFXHWSE704ZR9A
age: 353
cf-polished: origSize=27972, status=webp_bigger
content-length: 26182
x-amz-id-2: RGFYkGjHkiHbgxLlvKyd0T16K4BOZ5KSawhO6YZHs93G1ix43l+6aAIO1GfsWIbaVgFko93qEf8=
cf-bgj: imgq:100,h2pri
last-modified: Sat, 10 Dec 2022 20:09:00 GMT
server: cloudflare
etag: "badb98ee3ef98cf931012151d07083fe"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 7939700278f592a2-FRA
expires: Fri, 03 Feb 2023 07:56:18 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 5929 44 KB
44 KB 90ms
26ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lp.cleverwebserver.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 22:49:22 GMT
x-content-type-options: nosniff
age: 203816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 22:49:22 GMT

GET
H/1.1 200
OK / Show response
ghb.hb.selectmedia.asia/geo/ Frame 20DB 144 B
424 B 749ms
24ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.hb.selectmedia.asia/geo/
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/19391/hbw_master_310028_13812.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: b0fa57fd12f5313974845d814c4048ec1b4f445f0ba406e514daf7b04ff6c10b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 07:26:18 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://www.edivaldobrito.com.br
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 144

GET
H/1.1 200
OK tracking Show response
ghb.hb.selectmedia.asia/adunit/ Frame 20DB 43 B
445 B 738ms
31ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.hb.selectmedia.asia/adunit/tracking?event=11&type=0&client_id=310028&site_id=13812&pbjsv=v6.25.4&full_page_url=https%3A%2F%2Fwww.edivaldobrito.com.br&adid=o7d7cf.fh&features=81952&vpbv=N119&tte=243&lifecycle_tte=248
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/19391/hbw_master_310028_13812.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 07:26:18 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.edivaldobrito.com.br
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/305666/ Frame 20DB 26 KB
11 KB 76ms
11ms XHR
application/json 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/305666/config.json?cb=https%3A%2F%2Fwww.edivaldobrito.com.br
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465391/hb_310028_13812.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 4172333cd43faee1ccf45c6c95c3f3cb8bf0ae0b96da4ab0e1183dd3acd66295

Request headers

Referer: https://www.edivaldobrito.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

expires: Sun, 05 Feb 2023 07:26:18 GMT
date: Fri, 03 Feb 2023 07:26:18 GMT
content-encoding: gzip
last-modified: Wed, 01 Feb 2023 12:01:19 GMT
server: nginx
etag: W/"63da548f-67e1"
content-type: application/json
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: max-age=172800
x-proxy-cache: HIT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 18ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-46TXG2Y06D&gtm=45je3210&_p=1488797072&cid=1349497048.1675409174&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1675409177&sct=1&seg=1&dl=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker&dt=Page%20Not%20Found%20-%20Blog%20do%20Edivaldo%20-%20Informa%C3%A7%C3%B5es%20e%20Not%C3%ADcias%20sobre%20Linux&en=page_view&_et=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-46TXG2Y06D&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
15ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1488797072&t=event&_s=3&dl=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20-%20Blog%20do%20Edivaldo%20-%20Informa%C3%A7%C3%B5es%20e%20Not%C3%ADcias%20sobre%20Linux&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=Clarity&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=1349497048.1675409174&tid=UA-26452598-1&_gid=1411395848.1675409177&gtm=457e3210&did=dZGIzZG&gdid=dZGIzZG&z=468533768

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 02:05:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19222
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
15ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1488797072&t=event&_s=4&dl=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20-%20Blog%20do%20Edivaldo%20-%20Informa%C3%A7%C3%B5es%20e%20Not%C3%ADcias%20sobre%20Linux&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=Clarity&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=1349497048.1675409174&tid=UA-26452598-1&_gid=1411395848.1675409177&gtm=457e3210&did=dZGIzZG&gdid=dZGIzZG&z=1636432949

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 02:05:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19222
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame 20DB 60 B
342 B 104ms
32ms XHR
application/json 52.50.45.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.45.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-45-218.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 47a1c03538eb7f0e34f826831c109b7bbf2496c574165d399b7b4140d63228a4

Request headers

Referer: https://www.edivaldobrito.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:18 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: no-cache
x-server: 10.45.25.124
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ Frame 20DB 33 B
411 B 61ms
15ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

9a763c8356fa51b5af6835bf9b6afc065bc88b6260a7a8e14d02d7398a669de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.edivaldobrito.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.edivaldobrito.com.br
date: Fri, 03 Feb 2023 07:26:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ Frame 20DB 54 B
238 B 53ms
18ms XHR
application/json 2001:41d0:701:1000::96f
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:701:1000::96f , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 8f297fdfbe7127b4c3451ef73437d67f7ddef869c2835855f4cb732d04b10778

Request headers

Referer: https://www.edivaldobrito.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.edivaldobrito.com.br
date: Fri, 3 Feb 2023 07:26:18 GMT
content-length: 54
vary: Origin
content-type: application/json

GET
H/1.1 403
Forbidden DefaultAff.aspx
members.bet365.de/Members/Helpers/ Frame FAB4 0
0 44ms
19ms Document
text/html 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://members.bet365.de/Members/Helpers/DefaultAff.aspx?affiliate=365_01133058

Requested by

Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/js/clever.de.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://lp.cleverwebserver.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-RAY: 7939700379c9904e-FRA
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 03 Feb 2023 07:26:18 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Referrer-Policy: same-origin
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
207 B 16ms
16ms Script
application/x-javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=0&ses_id=2eu64lt9dsf1z45917704590&area_id=659440&type=base&f=__lxG__.tmp.rot_44johech744p07i9&rt=917749571
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/common_258.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 82119f673fdd21db1dc158f2b4c7f7092972e4306421bb4f6ba4aa1031957c9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:18 GMT
iseu: eu
content-encoding: gzip
server: nginx/1.16.0
content-type: application/x-javascript; charset=utf-8

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
207 B 16ms
16ms Script
application/x-javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=1&ses_id=2eu64lt9dsf1z45917704590&area_id=668842&type=dfp&f=__lxG__.tmp.rot_44johech744p07i9&rt=917749545
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/common_258.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 2cd6996284a9383e237abd230d35fb8c98c301c4d10e8d767e9a739faa72e6ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:18 GMT
iseu: eu
content-encoding: gzip
server: nginx/1.16.0
content-type: application/x-javascript; charset=utf-8

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/d5bc4ac8-d267-482a-ae5c-d913ce0b60da/ 200 B
579 B 53ms
43ms Fetch
application/json 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/d5bc4ac8-d267-482a-ae5c-d913ce0b60da/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8474d8b4fe271f739a878ff2092a8956d1dba95a5ab5b76302c4c61354a6588

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:18 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 235fba48-6933-4ee9-b589-e9912e035e2b
x-runtime: 0.006358
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"c8474d8b4fe271f739a878ff2092a895"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept, Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 793970038cf73660-FRA
access-control-allow-headers: SDK-Version

POST
H/1.1 200 755.json Show response
id5-sync.com/g/v2/ Frame 20DB 215 B
633 B 63ms
15ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/755.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

a45c343e4402da83a76209e8a7bc557d9ebb209c79539994bb5d20adde8aee6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.edivaldobrito.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.edivaldobrito.com.br
date: Fri, 03 Feb 2023 07:26:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 404 7600
ads.pubmatic.com/AdServer/js/pwt/162175/ Frame AB9E 0
0 37ms
11ms Script
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/162175/7600
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=618cca00a870522e4313ee77
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 avpb7.12.0.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame AB9E 174 KB
55 KB 10ms
10ms Script
application/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=618cca00a870522e4313ee77
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash: d1d0bcc4ebfb3f326f655d27586ea79f39448ca371dfd90815f187e4d716f2e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:18 GMT
content-encoding: gzip
x-sp-metadata: HS256.CKqK854GEocBCiQxOTQ0YTRjZi0zMTQ3LTQ0NjgtOTVjYS05MDBmN2MxMjlhNWMQyIKixK/g/AIaBgia7vKeBiIMMzcuNTguNTguMjQ2KLb2AjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkYzMxYTdmMTMtYzBiNi00MzIyLTkxNmUtYmVjMmY0ZDA1MzBhGPS0AyIYCAISFGNkczI4OS5mcjguaHdjZG4ubmV0.UHHkKafKIApMxPtTxKNeozMwniyzHVFN7RXLfW4aTDo=
last-modified: Wed, 01 Feb 2023 11:19:40 GMT
etag: "1675250380"
x-hw: 1675409178.dop238.fr8.t,1675409178.cds258.fr8.hn,1675409178.cds289.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 55924

GET
H2 200 avpb7.12.0a4.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame AB9E 64 KB
21 KB 13ms
12ms Script
application/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a4.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=618cca00a870522e4313ee77
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash: b2e12a86226fc0e27317e478f99340cab7a74240dd75db4535bc2cee8029f036

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:18 GMT
content-encoding: gzip
x-sp-metadata: HS256.CKqK854GEocBCiQ3NGQxNTY1MS0wNDhkLTRkODgtYTllNS03ODM2ZmYzOWUwYTMQyIKixK/g/AIaBgia7vKeBiIMMzcuNTguNTguMjQ2KLb2AjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkMzk4MDU0OWQtMDBmNS00YmJiLTg5ZDYtZTJhZmVjOTRlMjRiGOGkASIYCAISFGNkczEzOS5mcjguaHdjZG4ubmV0.IlJ0Au2m5MnRvx3o3wOOAtDy5m/SZNJVea1jB3AieUs=
last-modified: Wed, 01 Feb 2023 11:19:40 GMT
etag: "1675250380"
x-hw: 1675409178.dop238.fr8.t,1675409178.cds258.fr8.hn,1675409178.cds139.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 21089

GET
H2 200 track
track1.aniview.com/ 0
70 B 104ms
103ms Image
text/plain 3.224.190.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.edivaldobrito.com.br&rs=www.edivaldobrito.com.br&sid=52702&t=1675409178&cip=37.58.58.246&sn=&tgt=0&osv=10&bv=109.0&brn=Chrome&wi=640&he=361&app=&AV_PUBLISHERID=618cca00a870522e4313ee77&test=&d64=bbc0090e88964fc16afdfa599393adf9&d63=bbc0090e88964fc16afdfa599393adf9&aafaid=&proto=https&uid=1675409178108-974032363357-001167-000-005450&cha=0.1&stagid=618cd4566186e8554d6d3977&stplid=618ccc9203e747342150da89&d35=&d36=6.2.79&cb=79628088613&d39=&d65=&d66=&apppkg=&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=&AV_WIDTH=640&AV_HEIGHT=361&&ppid=618cca00a870522e4313ee77&nid=5e7b9048180bd02ded4b0937&pcid=618ccba598fefe3bfe62d4c5&ncid=618bd51229634b17c27bb5e6&pasid=618ccb5b2fdf5f521c54a256&e=request&cb=1675409178214&asid=61deb440ab3e8e5ab6678575%2C61deb511836c5568591883a7%2C62384a133cc9380a975fef89%2C618bd2f3fd555d0893633504%2C62384a4c15dfc916fe288384%2C62bd8370074c1e17d571cd95&ofpr=%2C%2C%2C%2C%2C0.49999&fpo=%2C%2C%2C%2C%2C&ri=1%2C1%2C1%2C1%2C1%2C1
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.190.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-190-254.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:18 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 prebid.js Show response
serv-selectmedia.com/cdn/player/prebid/7_30/ Frame 5F83 406 KB
129 KB 15ms
14ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/selectmedia-player.umd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 94b2922e757aee112f069b020caf0df9f7be3be49379d9272d9e52492a112abd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:15:50 GMT
content-encoding: gzip
age: 628
x-guploader-uploadid: ADPycduS2cAsDCX9ugOfIlk6Ab8HwJW-sQpapBvQK1BbjHdRaJZ7xzjcV-DPZ-198eQp8gsLaJ4mBLLtT0mRsv8SWv9J6K_vNTge
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131843
last-modified: Wed, 28 Dec 2022 17:00:04 GMT
server: UploadServer
etag: "ed34da4c805578dac7245dffc6a8057a"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=zERQ+g==, md5=7TTaTIBVeNrHJF3/xqgFeg==
x-goog-generation: 1672246804627829
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 131843
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 bridge3.554.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 9F1F 694 KB
222 KB 32ms
30ms Document
text/html 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8f921c5de6c01d39a9d9a517b7d5eeddf22c68a73294ed2af5ef04747aa6cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 40920
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227392
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 20:04:18 GMT
expires: Fri, 02 Feb 2024 20:04:18 GMT
last-modified: Wed, 01 Feb 2023 19:39:29 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 179ms
79ms Script
text/javascript 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Feb 2023 07:26:18 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 5F83 193 KB
47 KB 11ms
11ms Script
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/selectmedia-player.umd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cc063466fc42fe1b789888a932cc7f3a8bdde1c2d70a8a04b4d9896975620da7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:32:44 GMT
content-encoding: gzip
via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront), 1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
last-modified: Wed, 01 Feb 2023 21:25:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-C2
age: 3215
x-amz-server-side-encryption: AES256
etag: W/"a32dad266af898d87dd85cf65ca93536"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: ZLvv6BfUKiwjcsAafSuuHob6MFFeQ5OdqR4K2ncP-SovbrxwxKcSgw==

GET
H2 200 cropped-logo-blog.png
www.edivaldobrito.com.br/wp-content/uploads/2016/05/ 2 KB
2 KB 129ms
128ms Image
image/webp 192.124.249.40
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edivaldobrito.com.br/wp-content/uploads/2016/05/cropped-logo-blog.png

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.40 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

53b1b7c6db49210c80fdac0fee7123d4aff1f591ef7bf9a6786e755acf3510ab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/wp.serviceworker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:18 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: MISS
content-length: 2133
x-xss-protection: 1; mode=block
last-modified: Sun, 09 Aug 2020 21:12:52 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept,Referer,Accept-Encoding
content-type: image/webp
cache-control: max-age=315360000
x-sucuri-id: 15040
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 prebid.js Show response
serv-selectmedia.com/cdn/player/prebid/7_30/ Frame 18E9 406 KB
129 KB 15ms
14ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/selectmedia-player.umd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 94b2922e757aee112f069b020caf0df9f7be3be49379d9272d9e52492a112abd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:15:50 GMT
content-encoding: gzip
age: 628
x-guploader-uploadid: ADPycduS2cAsDCX9ugOfIlk6Ab8HwJW-sQpapBvQK1BbjHdRaJZ7xzjcV-DPZ-198eQp8gsLaJ4mBLLtT0mRsv8SWv9J6K_vNTge
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131843
last-modified: Wed, 28 Dec 2022 17:00:04 GMT
server: UploadServer
etag: "ed34da4c805578dac7245dffc6a8057a"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=zERQ+g==, md5=7TTaTIBVeNrHJF3/xqgFeg==
x-goog-generation: 1672246804627829
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 131843
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 bridge3.554.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 12C5 694 KB
222 KB 49ms
49ms Document
text/html 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8f921c5de6c01d39a9d9a517b7d5eeddf22c68a73294ed2af5ef04747aa6cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 40920
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227392
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 20:04:18 GMT
expires: Fri, 02 Feb 2024 20:04:18 GMT
last-modified: Wed, 01 Feb 2023 19:39:29 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 selectAmazon.js Show response
serv-selectmedia.com/cdn/player/amz/ Frame 18E9 177 KB
44 KB 23ms
22ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/selectmedia-player.umd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6952d75a2aaa80c38068102af0b81541c127ce80a62b183f9a6d4197a4c2e31f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 18:31:46 GMT
content-encoding: gzip
age: 46472
x-guploader-uploadid: ADPycdudMf5H5qnuo5wIwT_0zFjRkllf_Fs3C7WcRjZv6x3jzJGI-sWjUl0D2XiIZknNK6LQ_XLkbiF3imM8_Q1aMtu8dlw5kSST
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44378
last-modified: Wed, 02 Nov 2022 06:57:53 GMT
server: UploadServer
etag: "5903e8ba730613f669c63fe70c11da79"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=QTZXcA==, md5=WQPounMGE/Zpxj/nDBHaeQ==
x-goog-generation: 1667372273714744
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 44378
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 prebid.js Show response
serv-selectmedia.com/cdn/player/prebid/7_30/ Frame DA1F 406 KB
129 KB 17ms
16ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 94b2922e757aee112f069b020caf0df9f7be3be49379d9272d9e52492a112abd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:15:50 GMT
content-encoding: gzip
age: 628
x-guploader-uploadid: ADPycduS2cAsDCX9ugOfIlk6Ab8HwJW-sQpapBvQK1BbjHdRaJZ7xzjcV-DPZ-198eQp8gsLaJ4mBLLtT0mRsv8SWv9J6K_vNTge
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131843
last-modified: Wed, 28 Dec 2022 17:00:04 GMT
server: UploadServer
etag: "ed34da4c805578dac7245dffc6a8057a"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=zERQ+g==, md5=7TTaTIBVeNrHJF3/xqgFeg==
x-goog-generation: 1672246804627829
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 131843
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 bridge3.554.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 2C21 694 KB
222 KB 54ms
54ms Document
text/html 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8f921c5de6c01d39a9d9a517b7d5eeddf22c68a73294ed2af5ef04747aa6cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 40920
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227392
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 20:04:18 GMT
expires: Fri, 02 Feb 2024 20:04:18 GMT
last-modified: Wed, 01 Feb 2023 19:39:29 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 selectAmazon.js Show response
serv-selectmedia.com/cdn/player/amz/ Frame DA1F 177 KB
43 KB 19ms
18ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6952d75a2aaa80c38068102af0b81541c127ce80a62b183f9a6d4197a4c2e31f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 18:31:46 GMT
content-encoding: gzip
age: 46472
x-guploader-uploadid: ADPycdudMf5H5qnuo5wIwT_0zFjRkllf_Fs3C7WcRjZv6x3jzJGI-sWjUl0D2XiIZknNK6LQ_XLkbiF3imM8_Q1aMtu8dlw5kSST
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44378
last-modified: Wed, 02 Nov 2022 06:57:53 GMT
server: UploadServer
etag: "5903e8ba730613f669c63fe70c11da79"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=QTZXcA==, md5=WQPounMGE/Zpxj/nDBHaeQ==
x-goog-generation: 1667372273714744
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 44378
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 prebid.js Show response
serv-selectmedia.com/cdn/player/prebid/7_30/ Frame 85FD 406 KB
129 KB 21ms
21ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 94b2922e757aee112f069b020caf0df9f7be3be49379d9272d9e52492a112abd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:15:50 GMT
content-encoding: gzip
age: 628
x-guploader-uploadid: ADPycduS2cAsDCX9ugOfIlk6Ab8HwJW-sQpapBvQK1BbjHdRaJZ7xzjcV-DPZ-198eQp8gsLaJ4mBLLtT0mRsv8SWv9J6K_vNTge
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131843
last-modified: Wed, 28 Dec 2022 17:00:04 GMT
server: UploadServer
etag: "ed34da4c805578dac7245dffc6a8057a"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=zERQ+g==, md5=7TTaTIBVeNrHJF3/xqgFeg==
x-goog-generation: 1672246804627829
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 131843
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 bridge3.554.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 48EF 694 KB
222 KB 31ms
30ms Document
text/html 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8f921c5de6c01d39a9d9a517b7d5eeddf22c68a73294ed2af5ef04747aa6cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 40920
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227392
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 20:04:18 GMT
expires: Fri, 02 Feb 2024 20:04:18 GMT
last-modified: Wed, 01 Feb 2023 19:39:29 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 selectAmazon.js Show response
serv-selectmedia.com/cdn/player/amz/ Frame 85FD 177 KB
43 KB 21ms
21ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6952d75a2aaa80c38068102af0b81541c127ce80a62b183f9a6d4197a4c2e31f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 18:31:46 GMT
content-encoding: gzip
age: 46472
x-guploader-uploadid: ADPycdudMf5H5qnuo5wIwT_0zFjRkllf_Fs3C7WcRjZv6x3jzJGI-sWjUl0D2XiIZknNK6LQ_XLkbiF3imM8_Q1aMtu8dlw5kSST
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44378
last-modified: Wed, 02 Nov 2022 06:57:53 GMT
server: UploadServer
etag: "5903e8ba730613f669c63fe70c11da79"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=QTZXcA==, md5=WQPounMGE/Zpxj/nDBHaeQ==
x-goog-generation: 1667372273714744
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 44378
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 prebid.js Show response
serv-selectmedia.com/cdn/player/prebid/7_30/ Frame 9BAB 406 KB
129 KB 23ms
23ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 94b2922e757aee112f069b020caf0df9f7be3be49379d9272d9e52492a112abd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:15:50 GMT
content-encoding: gzip
age: 628
x-guploader-uploadid: ADPycduS2cAsDCX9ugOfIlk6Ab8HwJW-sQpapBvQK1BbjHdRaJZ7xzjcV-DPZ-198eQp8gsLaJ4mBLLtT0mRsv8SWv9J6K_vNTge
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131843
last-modified: Wed, 28 Dec 2022 17:00:04 GMT
server: UploadServer
etag: "ed34da4c805578dac7245dffc6a8057a"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=zERQ+g==, md5=7TTaTIBVeNrHJF3/xqgFeg==
x-goog-generation: 1672246804627829
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 131843
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 bridge3.554.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 51BA 694 KB
222 KB 40ms
39ms Document
text/html 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8f921c5de6c01d39a9d9a517b7d5eeddf22c68a73294ed2af5ef04747aa6cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 40920
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227392
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 20:04:18 GMT
expires: Fri, 02 Feb 2024 20:04:18 GMT
last-modified: Wed, 01 Feb 2023 19:39:29 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 prebid.js Show response
serv-selectmedia.com/cdn/player/prebid/7_30/ Frame F5C5 406 KB
129 KB 27ms
24ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 94b2922e757aee112f069b020caf0df9f7be3be49379d9272d9e52492a112abd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:15:50 GMT
content-encoding: gzip
age: 628
x-guploader-uploadid: ADPycduS2cAsDCX9ugOfIlk6Ab8HwJW-sQpapBvQK1BbjHdRaJZ7xzjcV-DPZ-198eQp8gsLaJ4mBLLtT0mRsv8SWv9J6K_vNTge
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131843
last-modified: Wed, 28 Dec 2022 17:00:04 GMT
server: UploadServer
etag: "ed34da4c805578dac7245dffc6a8057a"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=zERQ+g==, md5=7TTaTIBVeNrHJF3/xqgFeg==
x-goog-generation: 1672246804627829
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 131843
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 bridge3.554.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 8236 694 KB
222 KB 47ms
44ms Document
text/html 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8f921c5de6c01d39a9d9a517b7d5eeddf22c68a73294ed2af5ef04747aa6cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 40920
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227392
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 20:04:18 GMT
expires: Fri, 02 Feb 2024 20:04:18 GMT
last-modified: Wed, 01 Feb 2023 19:39:29 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 prebid.js Show response
serv-selectmedia.com/cdn/player/prebid/7_30/ Frame 071A 406 KB
129 KB 21ms
20ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 94b2922e757aee112f069b020caf0df9f7be3be49379d9272d9e52492a112abd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:15:50 GMT
content-encoding: gzip
age: 628
x-guploader-uploadid: ADPycduS2cAsDCX9ugOfIlk6Ab8HwJW-sQpapBvQK1BbjHdRaJZ7xzjcV-DPZ-198eQp8gsLaJ4mBLLtT0mRsv8SWv9J6K_vNTge
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131843
last-modified: Wed, 28 Dec 2022 17:00:04 GMT
server: UploadServer
etag: "ed34da4c805578dac7245dffc6a8057a"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=zERQ+g==, md5=7TTaTIBVeNrHJF3/xqgFeg==
x-goog-generation: 1672246804627829
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 131843
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 bridge3.554.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 1BAD 694 KB
222 KB 48ms
42ms Document
text/html 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8f921c5de6c01d39a9d9a517b7d5eeddf22c68a73294ed2af5ef04747aa6cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 40920
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227392
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 20:04:18 GMT
expires: Fri, 02 Feb 2024 20:04:18 GMT
last-modified: Wed, 01 Feb 2023 19:39:29 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 prebid.js Show response
serv-selectmedia.com/cdn/player/prebid/7_30/ Frame EA82 406 KB
129 KB 19ms
14ms Script
application/javascript 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 94b2922e757aee112f069b020caf0df9f7be3be49379d9272d9e52492a112abd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:15:50 GMT
content-encoding: gzip
age: 628
x-guploader-uploadid: ADPycduS2cAsDCX9ugOfIlk6Ab8HwJW-sQpapBvQK1BbjHdRaJZ7xzjcV-DPZ-198eQp8gsLaJ4mBLLtT0mRsv8SWv9J6K_vNTge
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131843
last-modified: Wed, 28 Dec 2022 17:00:04 GMT
server: UploadServer
etag: "ed34da4c805578dac7245dffc6a8057a"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=zERQ+g==, md5=7TTaTIBVeNrHJF3/xqgFeg==
x-goog-generation: 1672246804627829
access-control-allow-origin: *
access-control-expose-headers: Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control: public,max-age=3600
x-goog-stored-content-length: 131843
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 bridge3.554.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame F456 694 KB
222 KB 57ms
53ms Document
text/html 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8f921c5de6c01d39a9d9a517b7d5eeddf22c68a73294ed2af5ef04747aa6cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 40920
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227392
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 20:04:18 GMT
expires: Fri, 02 Feb 2024 20:04:18 GMT
last-modified: Wed, 01 Feb 2023 19:39:29 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
serv-selectmedia.com/serving_v3/ 14 KB
4 KB 151ms
150ms Fetch
application/json 34.107.214.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-selectmedia.com/serving_v3/?channelid=a32de10b-2590-422c-b5f1-696dfc2c42d2&height=261&publisherid=e79ac444-bf2e-42ea-a4d1-70a33b600b8e&tagid=tag_d575c309-a219-4edc-9a6d-329742096898&templateid=f6b3eb87-2011-41e7-beab-d9c8a37181a2&width=464&domain=edivaldobrito.com.br&hostname=edivaldobrito.com.br&url=edivaldobrito.com.br&cb=1675409178391-0b8a12d6-085f-4fc5-88ef-8b2906124deb&is_desktop=1
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.214.107.34.bc.googleusercontent.com
Software: /
Resource Hash: e4466836276076eb72fe70f6b8bbe527135f3e3bd163c98db14294891aecf36a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:18 GMT
content-encoding: gzip
via: 1.1 google
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
x-accel-expires: 0
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
226 B 187ms
18ms XHR
text/plain 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0&cb=47490659934&lsavail=0

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.edivaldobrito.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 07:26:18 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://www.edivaldobrito.com.br
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 collect Show response
a.clarity.ms/ 0
48 B 189ms
188ms XHR
text/plain 104.45.184.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-d/s/0.7.1/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.45.184.134 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.edivaldobrito.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: https://www.edivaldobrito.com.br
date: Fri, 03 Feb 2023 07:26:18 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame 20DB 23 B
469 B 119ms
68ms XHR
text/javascript 18.66.23.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker&pid=1BvbvCcoeDtUq&cb=0&ws=300x250&v=23.127.1625&t=1900&slots=%5B%7B%22sd%22%3A%22gpt-passback%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F21939239661%2C22456102421%2Ftsm%2Fhb_display%2Fvidsplay_gen%22%7D%5D&schain=1.0%2C1!selectmedia.asia%2C5979fb31073ef40bac6a4be2%2C1%2C%2C%2C&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:19 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 3e0d912790c2cd730e222487cbb10f98.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: NHHQ31YDQ03RF0GCB9W8
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.edivaldobrito.com.br
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 4SBonfNRlsbw2ZuqMO73M5N63PxJL1Eje8xUgcBA97Diuxz8WmlSsA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 5F83 6 KB
3 KB 10ms
10ms XHR
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding: gzip
via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
date: Thu, 02 Feb 2023 09:12:00 GMT
x-amz-cf-pop: FRA56-C2
age: 80060
x-cache: Hit from cloudfront
last-modified: Fri, 23 Dec 2022 01:05:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: nQXIJ9K8EhyKuaHbekZZIqSPBjT-wPhUPdJ7aV8p-NCIuWF1aXRf3A==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 18E9 6 KB
3 KB 7ms
7ms XHR
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding: gzip
via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
date: Thu, 02 Feb 2023 09:12:00 GMT
x-amz-cf-pop: FRA56-C2
age: 80060
x-cache: Hit from cloudfront
last-modified: Fri, 23 Dec 2022 01:05:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: R7CWe9gziJgUBxrpJLnTWdHahll15Et_mIOvSlFRywzoAdVbDu_2hQ==

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 20DB 0
225 B 19ms
18ms XHR
text/plain 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.4&cb=67495541480

Requested by

Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465391/hb_310028_13812.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.edivaldobrito.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 07:26:18 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://www.edivaldobrito.com.br
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 arj Show response
select-d.openx.net/w/1.0/ Frame 20DB 173 B
598 B 208ms
168ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://select-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=237b9a78-a2dc-4c65-ab0b-d8fea31340fd%2C237b9a78-a2dc-4c65-ab0b-d8fea31340fd&nocache=1675409179197&gdpr=0&pubcid=b08332c2-ce07-47d5-820d-f4a2b22ae810&schain=1.0%2C1!selectmedia.asia%2C5979fb31073ef40bac6a4be2%2C1%2C%2C%2C&aus=300x250%7C300x250&divids=gpt-passback%2Cgpt-passback&aucs=%252F21939239661%252C22456102421%252Ftsm%252Fhb_display%252Fvidsplay_gen%2523gpt-passback%2C%252F21939239661%252C22456102421%252Ftsm%252Fhb_display%252Fvidsplay_gen%2523gpt-passback&auid=541148923%2C541148923&aumfs=0%2C400
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465391/hb_310028_13812.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 5bd5d08266aa871ec79069d11b6905a6a33d050eb587907fe159c2b90e48b692

Request headers

Referer: https://www.edivaldobrito.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:19 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 20DB 327 B
902 B 142ms
116ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20598&site_id=371986&zone_id=2032224&size_id=15&gdpr=0&rp_schain=1.0,1!selectmedia.asia,5979fb31073ef40bac6a4be2,1,,,&eid_pubcid.org=b08332c2-ce07-47d5-820d-f4a2b22ae810%5E1&rf=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker&tg_i.pbadslot=%2F21939239661%2C22456102421%2Ftsm%2Fhb_display%2Fvidsplay_gen%23gpt-passback&tk_flint=pbjs_lite_v6.25.4&x_source.tid=237b9a78-a2dc-4c65-ab0b-d8fea31340fd&l_pb_bid_id=71c7883e4addb9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21939239661%2C22456102421%2Ftsm%2Fhb_display%2Fvidsplay_gen%23gpt-passback&slots=1&rand=0.6821938851670935
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465391/hb_310028_13812.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: aa6d7b3cd36271eaf2c88ebf68b3eff80fd2882834557dbf2a61f3d8b51a834e

Request headers

Referer: https://www.edivaldobrito.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:19 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.edivaldobrito.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 327
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 20DB 9 KB
5 KB 146ms
120ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20598&site_id=350144&zone_id=1862598&size_id=15&gdpr=0&rp_schain=1.0,1!selectmedia.asia,5979fb31073ef40bac6a4be2,1,,,&eid_pubcid.org=b08332c2-ce07-47d5-820d-f4a2b22ae810%5E1&rf=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker&tg_i.pbadslot=%2F21939239661%2C22456102421%2Ftsm%2Fhb_display%2Fvidsplay_gen%23gpt-passback&tk_flint=pbjs_lite_v6.25.4&x_source.tid=237b9a78-a2dc-4c65-ab0b-d8fea31340fd&l_pb_bid_id=88cc272db050b4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21939239661%2C22456102421%2Ftsm%2Fhb_display%2Fvidsplay_gen%23gpt-passback&slots=1&rand=0.02611136658128954
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465391/hb_310028_13812.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 0e35138435a6d62caf9420006a6da94f525299b8fb93ae6ae15f7f9e4d7db9a7

Request headers

Referer: https://www.edivaldobrito.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:19 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.edivaldobrito.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 20DB 0
284 B 161ms
116ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465391/hb_310028_13812.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.edivaldobrito.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.edivaldobrito.com.br
date: Fri, 03 Feb 2023 07:26:19 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 101
server: envoy
vary: origin, Accept-Encoding

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ Frame 20DB 0
187 B 315ms
98ms XHR
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465391/hb_310028_13812.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.edivaldobrito.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.edivaldobrito.com.br
date: Fri, 03 Feb 2023 07:26:19 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 20DB 496 B
2 KB 558ms
487ms XHR
application/json 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465391/hb_310028_13812.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4fcde870aa048f699bd6126c4389b80add8e89946038d39023aa822e3450cc33

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.edivaldobrito.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:26:19 GMT
AN-X-Request-Uuid: df80c18f-0dde-4ea7-b67b-e6e9ce17a68d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.edivaldobrito.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 496
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame 20DB 7 KB
5 KB 157ms
129ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=544688&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2218dffc13df5c6d4%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker%22%2C%22page%22%3A%22https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.25.4%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221917448cc3885bd%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22544688%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F21939239661%2C22456102421%2Ftsm%2Fhb_display%2Fvidsplay_gen%23gpt-passback%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22selectmedia.asia%22%2C%22sid%22%3A%225979fb31073ef40bac6a4be2%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22b08332c2-ce07-47d5-820d-f4a2b22ae810%22%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%7D
Requested by: Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/465391/hb_310028_13812.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4eed8fc4f01d147a3d13ef66226c54fb46d18c6f8a0ab3bb16ea154820073868

Request headers

Referer: https://www.edivaldobrito.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJ11Shi0vTcAIpC7e%2Bq%2BgkCsz3OB5va8r8W2eI38utxz%2BF5z7xrBjNOJbz79g3beSMKLr7FC2gGByDseRY7eLxa3jXbNKhfT70O59MeCCyfTdinYubRw4T1I2unBx%2BT%2FSab5RCzU"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7939700a3b3b37d7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H3 204 /
track-selectmedia.com/trackv4/ 0
17 B 146ms
145ms Image
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=261X464&d19=10&d2=1675409100&d20=109.0.5414&d23=tag_d575c309-a219-4edc-9a6d-329742096898&d24=a32de10b-2590-422c-b5f1-696dfc2c42d2&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=e79ac444-bf2e-42ea-a4d1-70a33b600b8e&d4=6907fb17-c9bc-4a36-876d-61bb4a640342&d5=edivaldobrito.com.br&d8=1&d9=Windows&channelkey=dHMxPTY5MDdmYjE3LWM5YmMtNGEzNi04NzZkLTYxYmI0YTY0MDM0MiZ0czI9MSZ0czM9MiZ0czQ9MQ==&d28=1164&d33=8&d34=1800&d35=1&d36=1&d37=1&d38=1&d26=464x261&d27=1&cb=1675409179213-0abe48a1-5381-4043-a607-0638474ec079&e=1
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:19 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 204 /
track-selectmedia.com/trackv4/ 0
17 B 147ms
146ms Image
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=261X464&d19=10&d2=1675409100&d20=109.0.5414&d23=tag_d575c309-a219-4edc-9a6d-329742096898&d24=a32de10b-2590-422c-b5f1-696dfc2c42d2&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=e79ac444-bf2e-42ea-a4d1-70a33b600b8e&d4=6907fb17-c9bc-4a36-876d-61bb4a640342&d5=edivaldobrito.com.br&d8=1&d9=Windows&channelkey=dHMxPTY5MDdmYjE3LWM5YmMtNGEzNi04NzZkLTYxYmI0YTY0MDM0MiZ0czI9MSZ0czM9MiZ0czQ9MQ==&d28=1164&d33=8&d34=1800&d35=1&d36=1&d37=1&d38=1&cb=1675409179213-23142e48-860d-408b-a627-37d94d13d4aa&e=36
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:19 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 98 KB
39 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NH3RQL3&l=spotxDataLayer

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/selectmedia-player.umd.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

714350461124ac2c8e426da2156dfb8a72b9e59a78d2abfee9ceb28f7a4192e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39438
x-xss-protection: 0
last-modified: Fri, 03 Feb 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Feb 2023 07:26:19 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 5F83 2 KB
2 KB 105ms
104ms XHR
application/json 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.edivaldobrito.com.br&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 83545a7a07405b0ad926d5536e67b215353eb1d3306d8c2e8b8486fe3249f15c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:18 GMT
via: 1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 2041
x-amz-cf-id: -0lYw5lpqMrNbRjWZZ4aJsHLrXc_9aj4ojskOj7OcF_y_fH8nQ_SmQ==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame 5F83 23 B
469 B 67ms
67ms XHR
text/javascript 18.66.23.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker&pid=6mBYjuV9DhV1n&cb=0&ws=0x0&v=23.127.1625&t=8000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A152%2C%22id%22%3A%22SM_NEW_640_480%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22464x261%22%5D%7D%5D&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:19 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 3e0d912790c2cd730e222487cbb10f98.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: 6T97ZXSEWDTM9R2D0NAE
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.edivaldobrito.com.br
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 3bbCDPEZ1h4-4iPSyK9wOIO9ulegprfuA_C8uYeMryvSDSGNfBjmXw==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 18E9 2 KB
2 KB 97ms
96ms XHR
application/json 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.edivaldobrito.com.br&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 83545a7a07405b0ad926d5536e67b215353eb1d3306d8c2e8b8486fe3249f15c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:18 GMT
via: 1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 2041
x-amz-cf-id: AFWjAVjMMu4dAe4wkKC97s4pZV8Z8JZr7_w4ML6bVxI5r8d2HhYL1w==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame 18E9 23 B
468 B 73ms
73ms XHR
text/javascript 18.66.23.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker&pid=Z6WWs0SbdvIdS&cb=0&ws=0x0&v=22.1021.827&t=8000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A152%2C%22id%22%3A%22SM_NEW_640_480%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%5D&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:19 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 3e0d912790c2cd730e222487cbb10f98.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: F4MRZQD8N7CGBX29A7F0
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.edivaldobrito.com.br
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: imORtUJowAu_OMPdq--1mrAkFQUeZ3uMYtRys7HwwaMyuS2VlWvJ5Q==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame DA1F 2 KB
2 KB 88ms
87ms XHR
application/json 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.edivaldobrito.com.br&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 83545a7a07405b0ad926d5536e67b215353eb1d3306d8c2e8b8486fe3249f15c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:18 GMT
via: 1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 2041
x-amz-cf-id: Ys17JTkD8EG1-2R6j_ri2BZKQ9TK5fPFyevF8UfYWv8BEDAgqSWYfQ==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame DA1F 23 B
467 B 67ms
66ms XHR
text/javascript 18.66.23.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker&pid=RK5YkUvCxAKMH&cb=0&ws=0x0&v=22.1021.827&t=8000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A152%2C%22id%22%3A%22SM_NEW_640_480%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%5D&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:19 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 3e0d912790c2cd730e222487cbb10f98.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: A6SGEQB0PA8HZG4DA5T6
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.edivaldobrito.com.br
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 2116iCPtrN1liaURhvy8jD_hV-t81RINHDiPqHJjINdVvSji5qFk1g==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame DA1F 6 KB
3 KB 8ms
7ms XHR
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding: gzip
via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
date: Thu, 02 Feb 2023 09:12:00 GMT
x-amz-cf-pop: FRA56-C2
age: 80060
x-cache: Hit from cloudfront
last-modified: Fri, 23 Dec 2022 01:05:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: TEM-wuNoqTDtE4nm51lmTHkLjDw1l_fJhNTWXRapmhRZk0Q3v7bsVg==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 85FD 2 KB
2 KB 84ms
83ms XHR
application/json 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.edivaldobrito.com.br&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 83545a7a07405b0ad926d5536e67b215353eb1d3306d8c2e8b8486fe3249f15c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:18 GMT
via: 1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 2041
x-amz-cf-id: yXyGEv1AYOSTECiWhU3z1UfuP1dqSbZJ7Nw-rhL-2pkz060cqc6Y5Q==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame 85FD 23 B
469 B 68ms
68ms XHR
text/javascript 18.66.23.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker&pid=de7OZzNWrhKhZ&cb=0&ws=0x0&v=22.1021.827&t=8000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A152%2C%22id%22%3A%22SM_NEW_640_480%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22464x261%22%5D%7D%5D&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:19 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 3e0d912790c2cd730e222487cbb10f98.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: 7MFMX8GA936P7X4WP3NF
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.edivaldobrito.com.br
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: -0hY8CnxpxDaEEQwoQIgm3vLv1pE6LRL8BIPYMA4DwxcmZIavvwBQA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 85FD 6 KB
3 KB 8ms
7ms XHR
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding: gzip
via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
date: Thu, 02 Feb 2023 09:12:00 GMT
x-amz-cf-pop: FRA56-C2
age: 80060
x-cache: Hit from cloudfront
last-modified: Fri, 23 Dec 2022 01:05:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 3DdL8pbvXTnX5l-TO9NL6ZbCzp9VyyncS_oeXGWw3Xy2252NnbAn9A==

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 18E9 144 B
1 KB 304ms
275ms XHR
application/json 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

ec2-3-125-201-50.eu-central-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

7f176861fae48b236815db792ec112e11e5b8aa93f1c9975fb97c49f8471bd6c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:26:19 GMT
AN-X-Request-Uuid: 3da1e525-f196-4b45-b3b6-d9519c5de096
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.edivaldobrito.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame DA1F 19 B
530 B 100ms
14ms XHR
application/json 3.125.201.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.30.0&referrer=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker&tmax=6000

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.125.201.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:19 GMT
accept-ch: sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height
x-auction-status: 16
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 85FD 173 B
412 B 94ms
12ms XHR
application/json 52.57.242.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.242.51 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-242-51.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 528ebe023e3ab0cf4606f92b47916b81a05f4f8cba169c312fb4538495a7e826

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:19 GMT
content-encoding: gzip
x-prebid: pbs-java/1.110.0
content-type: application/json
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 169
expires: 0

POST
H/1.1 204
No Content 322311 Show response
search.spotxchange.com/openrtb/2.3/dados/ Frame 9BAB 0
993 B 150ms
24ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/322311?src_sys=prebid
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 03 Feb 2023 07:26:19 GMT
X-SpotX-Timing-SpotMarket-Primary: 0.004051
X-SpotX-Timing-Transform: 0.000265
X-SpotX-Timing-SpotMarket: 0.004051
X-SpotX-Timing-Page-Require: 0.000309
X-fe: 122
Connection: keep-alive
X-SpotX-Timing-Page-Misc: 0.001543
X-SpotX-Timing-Page-Cookie: 0.000001
X-SpotX-Timing-Page: 0.007273
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000253
Last-Modified: Fri, 03 Feb 2023 07:26:19 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.edivaldobrito.com.br
X-SpotX-Timing-Page-Exception: 0.000001
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-SpotX-Timing-Page-URI: 0.000011
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-Mux: 0.000839
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame F5C5 0
123 B 71ms
37ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.edivaldobrito.com.br
date: Fri, 03 Feb 2023 07:26:17 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame 071A 36 B
308 B 88ms
87ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=532329
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d04cfb0f9da273bf404750fedb0761480a2d1732b30d3f3a50438b47143fe45

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ef8v5OqnqL0tlaluFpH6348VRQGgz%2BNi5v8k8vM5lKR%2Ff2LqiLperSABmHeslaARD%2FcFL1O6FEvAY7F004ftZZegZtk6P9U8zEL9Ee8ak02shc0Uy42AVf6I5dB42FcY0CsYa134"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7939700adbe637d7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

OPTIONS
H2 200 PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 0
0 257ms
10ms Preflight 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.edivaldobrito.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.edivaldobrito.com.br
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 03 Feb 2023 07:26:19 GMT
server: ATS/9.1.10.25

POST
H2 204 PBJS Show response
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame EA82 0
202 B 130ms
111ms XHR
text/plain 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.edivaldobrito.com.br
date: Fri, 03 Feb 2023 07:26:19 GMT
access-control-allow-credentials: true
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame EA82 144 B
1 KB 353ms
320ms XHR
application/json 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

static.2.86.88.23.clients.your-server.de

Software

nginx/1.21.3 /

Resource Hash

511f75d448ebc2d2ad6639d8383f65b3de2d18e4bbf4b1fac6a6df3ff51d5570

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:26:19 GMT
AN-X-Request-Uuid: aec085ea-96c0-4362-878e-ba1483a299f2
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.edivaldobrito.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

tag Show response
btloader.com/ Frame 5F83
Redirect Chain

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true
https://btloader.com/tag?o=5409916045492224&upapi=true

14 KB
6 KB

18ms
18ms

Script
application/javascript

2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5409916045492224&upapi=true
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ab4005786b726f262e010042dc33b56012653a3c7b124171ecc683bbfa9d3f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:19 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Feb 2023 07:19:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 334
etag: W/"803158259cfe510a4ed5b53b03a343c2"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BUaN9Dfsc8XDnByRE8b4RY50MjBJ36h1yeQWK3RiEEmvRWbcEkWZHMrRcLZEbUXoK8MUWQyPTjQcLR8H0LtB0U9VsVP31WJpapIade25oOsp0jBuT6aIOHevovlIKB%2BCEN75kuYs3jHvvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7939700b4a385c80-FRA

Redirect headers

date: Fri, 03 Feb 2023 07:26:19 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 335
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AHp05klQy1skCPVFFNXzd%2FLBPu903lhIiuOok1BheaPBMY6qUsGXyKt84551v%2BnhgDE5OGiAnOKgbpgIbqV51kRZoGjRSM5Pq2wdb17TMWIwBDBDsvjbHB5gr5wsJ8rpFJ12pB0Hhlmkiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /tag?o=5409916045492224&upapi=true
cache-control: public, max-age=3600, must-revalidate
cf-ray: 7939700b1a165c80-FRA

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 5F83 54 KB
17 KB 25ms
23ms Script
application/javascript 104.87.141.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.87.141.138 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-87-141-138.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:19 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Fri, 03 Feb 2023 07:41:19 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ Frame 5F83 32 KB
10 KB 10ms
8ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:55:13 GMT
content-encoding: gzip
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 59467
etag: W/"322a4a4dadec5839e9040f77edf9282d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: n-64ZZrDgiLzB6n-Kd7plpmvS4Dz1wxy0UiSCtx1YiDKJKqJqk0xcw==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 5F83 57 KB
17 KB 19ms
17ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
server: cloudflare
x-amz-request-id: W87A90SX4JFQ92AB
age: 813
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7939700b1c9c90d4-FRA
x-amz-id-2: 9YGbKnU0q0vY61FpJWEOmLdSMOfIKbsfvmjWoYrHR33bI8MGcyoDr8puyJVaScguJXHxWq9y6yQ=

POST recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 5F83 0
0

OPTIONS
H2 200 recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 0
0 1243ms
1241ms Preflight 44.207.220.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.207.220.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-207-220-40.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.edivaldobrito.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Fri, 03 Feb 2023 07:26:20 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2

200

tag Show response
btloader.com/ Frame 85FD
Redirect Chain

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true
https://btloader.com/tag?o=5409916045492224&upapi=true

14 KB
6 KB

19ms
18ms

Script
application/javascript

2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5409916045492224&upapi=true
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ab4005786b726f262e010042dc33b56012653a3c7b124171ecc683bbfa9d3f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:19 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Feb 2023 07:19:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 334
etag: W/"803158259cfe510a4ed5b53b03a343c2"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GLIbhqmCHFrjOyhuwpO0sTWSSOBpqd%2BxSp0LSnI5eX9OaZFwrSW8p3y7BcD8fbY1jztSrbAwado9pH%2FOESlI9Ty5v8cHgob0sOwlIxPmFDXeEA0ZsDhbs3RKSEoBc%2BkDTztt5DyBsrNVrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7939700b4a3b5c80-FRA

Redirect headers

date: Fri, 03 Feb 2023 07:26:19 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 335
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=By%2F6%2FdKBQ79Qqi2M95EdhvA2uMXLe6y6muv%2BF3zDvHbNfr7gv7S%2FYHJwAd0Ublgg2k6By64jxpGqu8C7Eg1SskxvAsNAVEhzrWzmCV7o468s9ylR%2BwR3DpUhSOFIQ9DmPJHpbBC8pWdkfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /tag?o=5409916045492224&upapi=true
cache-control: public, max-age=3600, must-revalidate
cf-ray: 7939700b1a1a5c80-FRA

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 85FD 54 KB
17 KB 42ms
41ms Script
application/javascript 104.87.141.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.87.141.138 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-87-141-138.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:19 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Fri, 03 Feb 2023 07:41:19 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ Frame 85FD 32 KB
10 KB 10ms
9ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:55:13 GMT
content-encoding: gzip
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 59467
etag: W/"322a4a4dadec5839e9040f77edf9282d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: YrvxkOgOxTBu4Vi2jSrLWRSPseX94ShvotOSLmMJDIHqAxC7l5edIg==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 85FD 57 KB
16 KB 20ms
19ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
server: cloudflare
x-amz-request-id: W87A90SX4JFQ92AB
age: 813
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7939700b1c9d90d4-FRA
x-amz-id-2: 9YGbKnU0q0vY61FpJWEOmLdSMOfIKbsfvmjWoYrHR33bI8MGcyoDr8puyJVaScguJXHxWq9y6yQ=

GET
H2

200

tag Show response
btloader.com/ Frame DA1F
Redirect Chain

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true
https://btloader.com/tag?o=5409916045492224&upapi=true

14 KB
6 KB

17ms
16ms

Script
application/javascript

2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5409916045492224&upapi=true
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ab4005786b726f262e010042dc33b56012653a3c7b124171ecc683bbfa9d3f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:19 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Feb 2023 07:19:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 334
etag: W/"803158259cfe510a4ed5b53b03a343c2"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=44ERMuDLqoqP%2FrGHmXaS%2Fyon%2FeFAATz6HIbQFo2tbPHzsfK8IyDd1TBcR8n36fCAQYTT0v1hovJD9akd%2BOlbucW9o3Fu6S793Pe6AdKQdODi2ATSrbYEVd0tlcoEfFACdDWRzOrxTw6YIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7939700b4a3a5c80-FRA

Redirect headers

date: Fri, 03 Feb 2023 07:26:19 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 335
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KtyYS2TVZVH5H%2BFfKyMhYn68%2BlG%2B%2Fd2v1U%2B4F911D0HDRYUPt%2FVSkWtyLmZVdSi2b4Nw2%2FMoT%2Bvb1GPbZXPRU2cWyCrSAjwY6Hv%2FZPgnF9tGYkAbB7doSx8gbszpZ%2FVQEgJuY61onTDwqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /tag?o=5409916045492224&upapi=true
cache-control: public, max-age=3600, must-revalidate
cf-ray: 7939700b1a1b5c80-FRA

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame DA1F 54 KB
17 KB 32ms
31ms Script
application/javascript 104.87.141.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.87.141.138 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-87-141-138.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:19 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Fri, 03 Feb 2023 07:41:19 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ Frame DA1F 32 KB
10 KB 10ms
10ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:55:13 GMT
content-encoding: gzip
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 59467
etag: W/"322a4a4dadec5839e9040f77edf9282d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: lQ7ras0T0IIDwzw2mVZtIjWSwHmxRviUVZyPmUtHPg7FB0PlsDIHRQ==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame DA1F 57 KB
16 KB 17ms
17ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
server: cloudflare
x-amz-request-id: W87A90SX4JFQ92AB
age: 813
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7939700b1c9f90d4-FRA
x-amz-id-2: 9YGbKnU0q0vY61FpJWEOmLdSMOfIKbsfvmjWoYrHR33bI8MGcyoDr8puyJVaScguJXHxWq9y6yQ=

GET
H2

200

tag Show response
btloader.com/ Frame 18E9
Redirect Chain

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true
https://btloader.com/tag?o=5409916045492224&upapi=true

14 KB
6 KB

17ms
17ms

Script
application/javascript

2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5409916045492224&upapi=true
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ab4005786b726f262e010042dc33b56012653a3c7b124171ecc683bbfa9d3f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:19 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Feb 2023 07:19:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 334
etag: W/"803158259cfe510a4ed5b53b03a343c2"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ehit0kPiYEV36Z2sudtbPmEubUbu8JlWsXoj4LRyIk0zZEXBdwiudjLJlCgWDoll1BOdqbha3c8Uu4OtdkdpslX%2BdYCF0qxFzEUgM9Un5sOK4AS3MQ%2F4NdLj9V6k7i9Qt%2BodNUHbyQjk2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7939700b4a3c5c80-FRA

Redirect headers

date: Fri, 03 Feb 2023 07:26:19 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 335
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Us8z2r%2FmVaICiAhnzxkDGxj7gFdj2E13wjfMLqbP4eRdj%2FmDNArHNorVKtabI4H1PDYwB8fGsSBSPUIRluigsqv%2FrDFq3U%2FXbIVXxhRMrxx2Ev31EYxOmwK9cwpl259vK%2F569waE9q9x9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /tag?o=5409916045492224&upapi=true
cache-control: public, max-age=3600, must-revalidate
cf-ray: 7939700b1a1e5c80-FRA

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 18E9 54 KB
17 KB 24ms
24ms Script
application/javascript 104.87.141.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.87.141.138 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-87-141-138.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:19 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Fri, 03 Feb 2023 07:41:19 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ Frame 18E9 32 KB
10 KB 9ms
8ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:55:13 GMT
content-encoding: gzip
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 59467
etag: W/"322a4a4dadec5839e9040f77edf9282d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: Z0r1CXNOFf5uq_s3s3H4tcGMThYrf9PdnIi0GZiy4IHkQ5-Syw6qWg==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 18E9 57 KB
16 KB 19ms
19ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
server: cloudflare
x-amz-request-id: W87A90SX4JFQ92AB
age: 813
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7939700b1ca790d4-FRA
x-amz-id-2: 9YGbKnU0q0vY61FpJWEOmLdSMOfIKbsfvmjWoYrHR33bI8MGcyoDr8puyJVaScguJXHxWq9y6yQ=

GET
H/1.1

204

partner
sync.search.spotxchange.com/
Redirect Chain

https://sync.search.spotxchange.com/partner?source=82810&sync_limit=7
https://sync.search.spotxchange.com/partner?source=82810&sync_limit=7&__user_check__=1&sync_id=0d7f81e7-a394-11ed-855d-197e22df0106

0
589 B

15ms
15ms

Image
text/plain

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?source=82810&sync_limit=7&__user_check__=1&sync_id=0d7f81e7-a394-11ed-855d-197e22df0106
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-spotx-halt-type: Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date: Fri, 03 Feb 2023 07:26:19 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 117
Connection: keep-alive
Content-Length: 0

Redirect headers

Date: Fri, 03 Feb 2023 07:26:19 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?source=82810&sync_limit=7&__user_check__=1&sync_id=0d7f81e7-a394-11ed-855d-197e22df0106
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 30
Connection: keep-alive
Content-Length: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame 85FD 60 B
340 B 32ms
32ms XHR
application/json 52.50.45.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.45.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-45-218.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 35a6100a6aa374b237f8477744af111a1a14324421889b26b265e8dab5a44085

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:19 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: no-cache
x-server: 10.45.2.212
access-control-allow-credentials: true
content-length: 60
expires: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame 18E9 60 B
341 B 61ms
61ms XHR
application/json 52.50.45.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.45.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-45-218.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: ad32702e153bdd8005ae3aaf1738fce8e102c2bb241513b6fb4b5496934bba82

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:19 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: no-cache
x-server: 10.45.25.123
access-control-allow-credentials: true
content-length: 60
expires: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame 5F83 60 B
339 B 32ms
32ms XHR
application/json 52.50.45.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.45.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-45-218.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 0cac9e80fe6208f1da8ac2cb9a5b2c9daec4f096868b51159985c51a00263115

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:19 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: no-cache
x-server: 10.45.8.22
access-control-allow-credentials: true
content-length: 60
expires: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame DA1F 60 B
340 B 37ms
36ms XHR
application/json 52.50.45.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.45.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-45-218.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 40697627e33f3028d45bfaf2c3d32b23bfa23f46c2d189fa912b085dfc32d1aa

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:19 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: no-cache
x-server: 10.45.1.74
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 / Show response
clickiocdn.com/utr/logst_st/c2lkPX4yMTU4NjcmYWN0PX5jbW4mdXJsPX53d3cuZWRpdmFsZG9icml0by5jb20uYnImdmNudD0xJl9mPV9fbHhHX18udG1wLmxvZ3N0XzJja2t2ZjBpemt5OWJ6YXg/ 38 B
206 B 28ms
27ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_st/c2lkPX4yMTU4NjcmYWN0PX5jbW4mdXJsPX53d3cuZWRpdmFsZG9icml0by5jb20uYnImdmNudD0xJl9mPV9fbHhHX18udG1wLmxvZ3N0XzJja2t2ZjBpemt5OWJ6YXg/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/common_258.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 12961a52abb263164c8961528ec866cf88a7210cb25b7df0a3dfe7871b523e61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 07:26:19 GMT
cache-control: no-cache
content-encoding: gzip
iseu: eu
server: nginx/1.16.0
content-type: application/javascript; charset=utf-8

GET
H2 200 / Show response
clickiocdn.com/utr/logst_sa/c2FpZD02MzM4NDR+NjMzODUxfjY1NzY5M342NTc1MjF+NjU3NTIwfjY1NzcwNn42Njk4OTR+NjY5ODkzfjY1ODM2OX42Njk4NzF+NjU3NDYyfi1+NjY4ODQyfjY2ODg0MX42NTc3NjB+NjY4Nzc5fjY5Nzg3Nn42OTE4MDR+N... 38 B
206 B 26ms
26ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_sa/c2FpZD02MzM4NDR+NjMzODUxfjY1NzY5M342NTc1MjF+NjU3NTIwfjY1NzcwNn42Njk4OTR+NjY5ODkzfjY1ODM2OX42Njk4NzF+NjU3NDYyfi1+NjY4ODQyfjY2ODg0MX42NTc3NjB+NjY4Nzc5fjY5Nzg3Nn42OTE4MDR+Njk2NjI3fjY5Njg3Mn42Njg3Nzl+NjU4MzY5fjY1NzQ2Mn42Njk4NzF+NjY4Nzc5JnNzaWQ9fjEmYWN0PWRldl90YXJnX3JlbX4tfi1+LX4tfi1+LX4tfmZuZF9vbl9wZ34tfi1+LX5ydHJfdmFyX2Noc25+LX4tfi1+LX4tfi1+LX5ydHJfdmFyX2luc3RhbGx+dGdsX3NfMH4tfi1+dGdsX3NfMV9kZnAmcGx0Zj1+MCZ1cmw9fnd3dy5lZGl2YWxkb2JyaXRvLmNvbS5iciZ2Y250PTI1Jl9mPV9fbHhHX18udG1wLmxvZ3N0Xzl4eG5xZTRiMGd2bnBpdDc/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/common_258.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 3b0cf2d62fd4520a6e147cc8351a6bb69e22d9eb04524ddf98f875f0c77db67d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 07:26:19 GMT
cache-control: no-cache
content-encoding: gzip
iseu: eu
server: nginx/1.16.0
content-type: application/javascript; charset=utf-8

GET
H2 200 / Show response
clickiocdn.com/utr/logst_sa/c2FpZD02NTk0NDB+NjY4ODQxfjY5Nzg3Nn42Njg4NDJ+NjU5NDQwfjY2ODg0MX42OTc4NzZ+NjY4ODQyJnNzaWQ9fjEmYWN0PWZuZF9vbl9wZ35ydHJfdmFyX2luc3RhbGx+LX4tfnRnbF9zXzB+dGdsX3NfMV9kZnB+LX4tJ... 38 B
206 B 26ms
26ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_sa/c2FpZD02NTk0NDB+NjY4ODQxfjY5Nzg3Nn42Njg4NDJ+NjU5NDQwfjY2ODg0MX42OTc4NzZ+NjY4ODQyJnNzaWQ9fjEmYWN0PWZuZF9vbl9wZ35ydHJfdmFyX2luc3RhbGx+LX4tfnRnbF9zXzB+dGdsX3NfMV9kZnB+LX4tJnBsdGY9fjAmdXJsPX53d3cuZWRpdmFsZG9icml0by5jb20uYnImdmNudD04Jl9mPV9fbHhHX18udG1wLmxvZ3N0X3dodjFvNjh0Nm9rZmhkenQ/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/common_258.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 6eab07f6a9db73fe84e0275436115ed0e543a7ef05b7d92c491b065de31261cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 07:26:19 GMT
cache-control: no-cache
content-encoding: gzip
iseu: eu
server: nginx/1.16.0
content-type: application/javascript; charset=utf-8

GET
H2 200 / Show response
clickiocdn.com/utr/logst_st/c2lkPX4yMTU4NjcmYWN0PTM2MGN+c19jZG5fMSZ1cmw9fnd3dy5lZGl2YWxkb2JyaXRvLmNvbS5iciZ2Y250PTImX2Y9X19seEdfXy50bXAubG9nc3Rfa2FvcWcxcDF5OGV0a3o4Zw/ 38 B
206 B 24ms
23ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_st/c2lkPX4yMTU4NjcmYWN0PTM2MGN+c19jZG5fMSZ1cmw9fnd3dy5lZGl2YWxkb2JyaXRvLmNvbS5iciZ2Y250PTImX2Y9X19seEdfXy50bXAubG9nc3Rfa2FvcWcxcDF5OGV0a3o4Zw/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/215867/360.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: bd180f155095f17ce09bbaa8a6041705d6e6a64bde560bf8fe1600cf56444511

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 07:26:19 GMT
cache-control: no-cache
content-encoding: gzip
iseu: eu
server: nginx/1.16.0
content-type: application/javascript; charset=utf-8

GET
H2 200 / Show response
clickiocdn.com/utr/logst_sa/c2FpZD02Njg4NDJ+NjY4ODQxfjY2ODg0MiZzc2lkPX4xJmFjdD1oc19jYl9zaHd+c2xvdF9pbl9wZ34tJnBsdGY9fjAmdXJsPX53d3cuZWRpdmFsZG9icml0by5jb20uYnImdmNudD0zJl9mPV9fbHhHX18udG1wLmxvZ3N0X... 38 B
206 B 24ms
24ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_sa/c2FpZD02Njg4NDJ+NjY4ODQxfjY2ODg0MiZzc2lkPX4xJmFjdD1oc19jYl9zaHd+c2xvdF9pbl9wZ34tJnBsdGY9fjAmdXJsPX53d3cuZWRpdmFsZG9icml0by5jb20uYnImdmNudD0zJl9mPV9fbHhHX18udG1wLmxvZ3N0XzlweXRheGx6b2d3bmt2cWQ/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/215867/360.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 74a84f7bc7227b118791163b63439443ecf16d7a319d78a8a328a5756d8f3745

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 07:26:19 GMT
cache-control: no-cache
content-encoding: gzip
iseu: eu
server: nginx/1.16.0
content-type: application/javascript; charset=utf-8

POST
H3 204 trackv4 Show response
track-selectmedia.com/ 0
17 B 150ms
150ms XHR
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://track-selectmedia.com/trackv4?bulkV3=true&version=1164&uuid=f9365701-2a47-4a53-9a2f-2ebc59a19f0d
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.edivaldobrito.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 03 Feb 2023 07:26:19 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: https://www.edivaldobrito.com.br
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H3 204 trackv4
track-selectmedia.com/ Frame 0
0 176ms
145ms Preflight
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://track-selectmedia.com/trackv4?bulkV3=true&version=1164&uuid=f9365701-2a47-4a53-9a2f-2ebc59a19f0d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.edivaldobrito.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.edivaldobrito.com.br
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json
date: Fri, 03 Feb 2023 07:26:19 GMT
referrer-policy: no-referrer-when-downgrade
via: 1.1 google

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 53ms
52ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.edivaldobrito.com.br

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 26ms
25ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.edivaldobrito.com.br

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 9F1F 80 KB
17 KB 652ms
543ms XHR
text/xml 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22652786701%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_New_Player_2&description_url=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker&url=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker&tfcd=0&npa=0&sz=464x261&gdfp_req=1&max_ad_duration=%5BAV_DURATION%5D&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4465666621943420&sdkv=h.3.554.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=835912773&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.554.1&sid=92C05E0B-F104-49DD-AA2F-4D81A72C1B6F&nel=0&eid=44748969%2C44750824%2C44752657%2C44765701%2C44777649&top=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker&loc=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker&dlt=1675409174249&idt=4514&dt=1675409179751&cookie=ID%3D35e566bee3f76e45-2201ce4a8cdb0008%3AT%3D1675409177%3ART%3D1675409177%3AS%3DALNI_MZ1L1YQvakRfHGoWGMn07Lj78X7EQ&gpic=UID%3D0000099e7e37b81a%3AT%3D1675409177%3ART%3D1675409177%3AS%3DALNI_MaIbVJSJeFEOPfFFKjKyHI2cnMTdg&scor=4171139390829570&ged=ve4_td6_tt1_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca42c5c7aa60261cb2af9c2ec4bfd072ce3f8aab666b17e87ff552b733b478b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16879
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 20DB 107 B
165 B 54ms
52ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.edivaldobrito.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 20DB 107 B
122 B 24ms
24ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.edivaldobrito.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072118

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 20DB 51 KB
20 KB 260ms
260ms XHR
text/plain 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4430871811176027&correlator=577506318099927&eid=31072045%2C31072118&output=ldjh&gdfp_req=1&vrg=2023020101&ptt=17&impl=fifs&iu_parts=21939239661%3A22456102421%2Ctsm%2Chb_display%2Cvidsplay_gen&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=1&adks=1036232399&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26amznbid%3D2%26amznp%3D2%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D35e566bee3f76e45-2201ce4a8cdb0008%3AT%3D1675409177%3ART%3D1675409177%3AS%3DALNI_MZ1L1YQvakRfHGoWGMn07Lj78X7EQ&gpic=UID%3D0000099e7e37b81a%3AT%3D1675409177%3ART%3D1675409177%3AS%3DALNI_MaIbVJSJeFEOPfFFKjKyHI2cnMTdg&arp=1&abxe=1&dt=1675409179786&lmt=1675409179&dlt=1675409177747&idt=274&adxs=454&adys=697&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=544uezc4jm9v&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker&ref=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker&top=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker&frm=23&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1349497048.1675409174&ga_sid=1675409180&ga_hid=1637814176&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072118

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb44a36465aca72bed71f38044d2549be20e818296d2ffda960055818c2ae7d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20445
x-xss-protection: 0
google-lineitem-id: 5923229485
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138381174690
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 20DB 15 KB
11 KB 116ms
65ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023020101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072118

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f90998f890acf188b283d6548cb7b29d75b50a0cc180048ec951c2ee3bf28fe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11331
x-xss-protection: 0

GET
H2 200 container.html Show response
c7127c40efe894d7e60641c5fac42b6e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 295E 6 KB
3 KB 148ms
53ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c7127c40efe894d7e60641c5fac42b6e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edivaldobrito.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 07:26:19 GMT
expires: Sat, 03 Feb 2024 07:26:19 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame F5C5 63 B
396 B 135ms
31ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=v5zyp9g&fmt=json
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 100aaa3b961d122694074f04a06f9a2c6832e8b49299c9cacfcae3494d618e99

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sun, 05 Mar 2023 07:26:20 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 98FA 16 KB
6 KB 11ms
10ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=20218
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Fri, 03 Feb 2023 07:26:19 GMT
expires: Fri, 03 Feb 2023 13:03:17 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 20DB 17 KB
7 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 07:26:19 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 85FD 63 B
397 B 117ms
30ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=v5zyp9g&fmt=json
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 100aaa3b961d122694074f04a06f9a2c6832e8b49299c9cacfcae3494d618e99

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sun, 05 Mar 2023 07:26:20 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 658E 281 B
554 B 85ms
19ms Document
text/html 23.64.52.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-64-52-128.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 03 Feb 2023 07:26:20 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame DA1F 63 B
396 B 107ms
31ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=v5zyp9g&fmt=json
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 100aaa3b961d122694074f04a06f9a2c6832e8b49299c9cacfcae3494d618e99

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sun, 05 Mar 2023 07:26:20 GMT

GET
H2 200 sync Show response
eb2.3lift.com/ Frame A26F 37 B
140 B 63ms
11ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Fri, 03 Feb 2023 07:26:20 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 98FA 5 KB
6 KB 86ms
19ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=80975903&p=157512&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: a0c35a27ecc85d861b3e054b0e03ef6200e43d189beae970f9df0bff66b450a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Fri, 03 Feb 2023 07:26:20 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 071A 63 B
396 B 93ms
31ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=v5zyp9g&fmt=json
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 100aaa3b961d122694074f04a06f9a2c6832e8b49299c9cacfcae3494d618e99

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sun, 05 Mar 2023 07:26:20 GMT

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 0AFC 3 KB
2 KB 45ms
14ms Document
text/html 172.64.151.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1150
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7939700eea9c364e-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 03 Feb 2023 07:26:19 GMT
expires: Fri, 03 Feb 2023 11:26:19 GMT
last-modified: Mon, 25 Jul 2022 19:18:26 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 9BAB 63 B
396 B 72ms
32ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=v5zyp9g&fmt=json
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 100aaa3b961d122694074f04a06f9a2c6832e8b49299c9cacfcae3494d618e99

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sun, 05 Mar 2023 07:26:20 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7DA3 13 KB
5 KB 24ms
22ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edivaldobrito.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1247
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 07:05:32 GMT
expires: Sat, 03 Feb 2024 07:05:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5BD0 783 B
967 B 54ms
53ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fe39dccc09f05c05c2b48d02ea224d2e767e27fffd728e8b148aaf1277a2c6f5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wwtejGV_NZauyQ_Fy_r2rA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.edivaldobrito.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-wwtejGV_NZauyQ_Fy_r2rA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 07:26:20 GMT
expires: Fri, 03 Feb 2023 07:26:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame F45E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
819 B

37ms
33ms

Document
text/html

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84997f84dba116c597cf4bb64cd3ede75eaa893509f8985d319d910676dbc280

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7939700fcf2e2bb9-FRA
content-encoding: br
content-type: text/html
date: Fri, 03 Feb 2023 07:26:20 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w17dFiASgXXpCzVmH6zajohzH6b1LwKYawxTDdiwqBUGGg9SQ%2FcFehLZdKzAnZdsIRcZyMCq1DYVKgBj4A5hvFQBwVQyrqn%2BvtD%2Bna96YbtWQncDWFtT2u3mbv4pv2fgDB65PaT9xmtCtg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7939700f9efa2bb9-FRA
content-length: 0
date: Fri, 03 Feb 2023 07:26:20 GMT
expires: 0
location: /usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iVnXjZ%2F0uR4i3vr2bLEQK%2BExlJvyWmuv5q%2Bz8lKjlOfNfoh0uWVC6gZu%2F4G%2Fz21d6m9ccsig%2FuwMC9%2FJ1Kmdb3tKPgDFHbZM%2BqZWBk8rG5%2B8JsTltGAIt2qbzGwo%2BcAsIBHs3wkyopTNPA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 658E 34 KB
10 KB 27ms
27ms Script
text/html 23.64.52.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-64-52-128.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1572b78c8111a32753574f1537f3c825ff385da1aa8f049eb6df1505ac9e0f5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 07:26:20 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Feb 2023 18:27:30 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=39701
Connection: keep-alive
Content-Length: 10036
Expires: Fri, 03 Feb 2023 18:28:01 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E32E 0
0 69ms
68ms Fetch
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJGciHrErz617iN4V9Xr6WKwLQ3Brh96PGhANPweEkRpoU50i9mwHanJ5z0HC4vb9j5RbBBWnGtztlFDOWym9EkJllk5ZhRmxvGQna0DNEaIU78MasT6OPA9dXsq8amK08_bmtyTPYuhzVWl-bGu-aO9601UneYPxr-QALYUTQl4ip5HcrdjGwSOdNEUgUA23WrNOBElE0Tc3xT3AsU4mfg5K7NmT3bevnT9e98pdcTNWmszs82sd3zj0RDLRIw5W-SaFsjlBKmvUXI3kCqotHG2pDxrrQTI7VZCxdfxp_mZo80kX22Sn6_n5aKGQcpa7qln5oRvETicQXeQnoeXVQtOyAXi3mAAzKycs&sai=AMfl-YT3NFprI2-PG7aeM2WXQ9v5WhkeRrjW3vIujC1jClpIQOXr-t0uhynCSf6DgyCjHmf8E7fvurGJDnPx98SNI-BaX9iJx4aeLf4Pf_jSo0bK8Nez5CL37Mym-fZWdw&sig=Cg0ArKJSzEYuOQP9RzjmEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 2539698496735950919
tpc.googlesyndication.com/simgad/ Frame E32E 23 KB
23 KB 18ms
17ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2539698496735950919

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072118

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eba8f958f96c2043d58e7ac7b785d69c2388905b6178f0382dcb5dc9c80dd98b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 14:16:30 GMT
x-content-type-options: nosniff
age: 407390
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23825
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 11:07:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 29 Jan 2024 14:16:30 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame E32E 22 KB
9 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072118

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:14:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8993
x-xss-protection: 0
server: cafe
etag: 12355142264901698679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:14:56 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame E32E 3 KB
1 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072118

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:54:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1907
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 06:54:33 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E32E 0
0 52ms
51ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSUYpvMz3dHi_dv9QOQrxa5_4yZQi0BbasLp4iesE20J_U040q-AUx3ttKjU_X9Le2BC9py3x6jaNTd3dNd8OAgm1sMVQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072118
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E32E 157 KB
48 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 07:26:20 GMT

GET
H2 200 /
clickiocdn.com/utr/scmps/ 42 B
158 B 15ms
15ms Image
image/gif 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clickiocdn.com/utr/scmps/?rt=918010612&cmp=-1&api=-1&sid=215867&req=1
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 07:26:20 GMT
cache-control: no-cache
iseu: eu
server: nginx/1.16.0
content-length: 42
content-type: image/gif

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame DFF2
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=C5ECABB8-25C4-4CA3-8361-D348B757F886&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C5ECABB8-25C4-4CA3-8361-D348B757F886&gdpr=0&gdpr_consent=

35 B
468 B

26ms
25ms

Document
image/gif

37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C5ECABB8-25C4-4CA3-8361-D348B757F886&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Fri, 03 Feb 2023 07:26:20 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Fri, 03 Feb 2023 07:26:20 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C5ECABB8-25C4-4CA3-8361-D348B757F886&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 9B7E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:268263dc-b71c-4500-a02e-c5d813beb25d&gdpr=0&gdpr_consent=

42 B
403 B

27ms
22ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:268263dc-b71c-4500-a02e-c5d813beb25d&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 03 Feb 2023 07:26:20 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Fri, 03 Feb 2023 07:26:20 GMT
Expires: Fri, 03 Feb 2023 07:26:19 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 421 8749e8d master cdg-pixel-x34 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:268263dc-b71c-4500-a02e-c5d813beb25d&gdpr=0&gdpr_consent=

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 339B 43 B
363 B 69ms
18ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 07:26:19 GMT
expires: Fri, 03 Feb 2023 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 678183
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 10A9
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6293527841731149772

42 B
195 B

23ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6293527841731149772
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 03 Feb 2023 07:26:19 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6293527841731149772
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame DA90
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ltM_-cLXavmN0mypkNl2-5LSOqyNgmv7wdSJX1SH

42 B
569 B

71ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ltM_-cLXavmN0mypkNl2-5LSOqyNgmv7wdSJX1SH
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 03 Feb 2023 07:26:18 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Fri, 03 Feb 2023 07:26:20 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ltM_-cLXavmN0mypkNl2-5LSOqyNgmv7wdSJX1SH
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame A9E7
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=358998520360634364&gdpr=0&gdpr_consent=

42 B
447 B

73ms
21ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=358998520360634364&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 03 Feb 2023 07:26:19 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

AN-X-Request-Uuid: 3c7c5b0c-e24a-4d7b-bee3-0222a3d0b32b
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Fri, 03 Feb 2023 07:26:20 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=358998520360634364&gdpr=0&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame CDBA
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C5ECABB8-25C4-4CA3-8361-D348B757F886&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C5ECABB8-25C4-4CA3-8361-D348B757F886&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

195ms
195ms

Document
image/gif

54.239.33.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C5ECABB8-25C4-4CA3-8361-D348B757F886&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.239.33.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Fri, 03 Feb 2023 07:26:20 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 9DSREWFS0X846NH4BR1J

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Fri, 03 Feb 2023 07:26:20 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C5ECABB8-25C4-4CA3-8361-D348B757F886&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: PRK1J1V4WGCQ9YV8ZTTY

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame BD64
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7195827635527481488&gdpr=0&gdpr_consent=

42 B
244 B

21ms
19ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7195827635527481488&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 03 Feb 2023 07:26:20 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Date: Fri, 03 Feb 2023 07:26:20 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7195827635527481488&gdpr=0&gdpr_consent=
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame E530
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Y5eMGOjtTXV_9V1YMmyE7yU6OvY&gdpr=0&gdpr_consent=

42 B
301 B

20ms
20ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Y5eMGOjtTXV_9V1YMmyE7yU6OvY&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 03 Feb 2023 07:26:20 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 188
Content-Type: text/html; charset=utf-8
Date: Fri, 03 Feb 2023 07:26:20 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Y5eMGOjtTXV_9V1YMmyE7yU6OvY&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 3818
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y9y3HAAEPXjgrQAh&gdpr=1&gdpr_consent=&_test=Y9y3HAAEPXjgrQAh

0
74 B

20ms
20ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y9y3HAAEPXjgrQAh&gdpr=1&gdpr_consent=&_test=Y9y3HAAEPXjgrQAh
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 03 Feb 2023 07:26:20 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Fri, 03 Feb 2023 07:26:20 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y9y3HAAEPXjgrQAh&gdpr=1&gdpr_consent=&_test=Y9y3HAAEPXjgrQAh
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra-eddf8230036-FRA
x-timer: S1675409180.346173,VS0,VE0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame DA61
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFIRmpVN0h1VzRBQUNDQzFZYUhSZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAHFjU7HuW4AACCC1YaHRg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=5085710362323476089&gdpr=0&gdpr_consent=
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAHFjU7HuW4AACCC1YaHRg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5085710362323476089%26gdpr%3D0%26gdpr_consen...
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=5085710362323476089&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAHFjU7...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAHFjU7HuW4AACCC1YaHRg&gdpr=0&gdpr_consent=

42 B
200 B

13ms
13ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAHFjU7HuW4AACCC1YaHRg&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 03 Feb 2023 07:26:19 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Fri, 03 Feb 2023 07:26:21 GMT
Server: gunicorn
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAHFjU7HuW4AACCC1YaHRg&gdpr=0&gdpr_consent=
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame 0EA9 43 B
277 B 123ms
27ms Document
image/gif 195.5.165.20
IPROM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Fri, 03 Feb 2023 07:26:20 GMT
Vary: Accept-Encoding
X-adserver-worker: komodo-1b0838ce9407@version_1.535
X-core-time: 0ms
X-server-arch: v2

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame 6A4E
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1675409180179
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7057616349

70 B
264 B

32ms
30ms

Document
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7057616349
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Fri, 03 Feb 2023 07:26:20 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html
date: Fri, 03 Feb 2023 07:26:20 GMT
etag: RX71eff1a073404911a9e5ae8c68f4b80b003
expires: 0
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7057616349
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma: no-cache

GET
H/1.1 204
No Content pub
matching.truffle.bid/sync/ Frame 4917 0
0 48ms
10ms Document
text/plain 23.88.86.2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx/1.23.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Date: Fri, 03 Feb 2023 07:26:20 GMT
Server: nginx/1.23.1
Strict-Transport-Security: max-age=15768000

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame 4F22
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
418 B

179ms
167ms

Document
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 79397011296b9152-FRA
content-length: 43
content-type: image/gif; charset=utf-8
date: Fri, 03 Feb 2023 07:26:20 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 7939700fff629152-FRA
content-type: text/html
date: Fri, 03 Feb 2023 07:26:20 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 206
x-reuse-index: 91

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 129E
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

0
93 B

38ms
38ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 03 Feb 2023 07:26:20 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Fri, 03 Feb 2023 07:26:20 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server: _

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame B6AE 43 B
369 B 65ms
19ms Document
image/gif 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Fri, 03 Feb 2023 07:26:19 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET
H2

404

gdpr_consent= Show response
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=3f31f3e6cbb6641f/gdpr=0/ Frame C885
Redirect Chain

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=3f31f3e6cbb6641f/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...

49 B
265 B

119ms
36ms

Document
image/gif

34.254.104.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=3f31f3e6cbb6641f/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNrGB8F9IYMYbMYnUjhhUUWbM%2526gdpr%253D0%2526gdpr_consent%253D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.104.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-104-103.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache
content-length: 49
content-type: image/gif
date: Fri, 03 Feb 2023 07:26:20 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.45.1.74

Redirect headers

content-length: 0
location: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=3f31f3e6cbb6641f/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNrGB8F9IYMYbMYnUjhhUUWbM%2526gdpr%253D0%2526gdpr_consent%253D

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 98FA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xeyruCXETKODYdNIt1f4hg%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

14ms
7ms

Image
text/html

23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol: H2
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=20217
accept-ranges: bytes
content-length: 5554
expires: Fri, 03 Feb 2023 13:03:17 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 98FA
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=C5ECABB8-25C4-4CA3-8361-D348B757F886&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

70 B
264 B

34ms
33ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol: H2
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length: 0

GET
H2

200

Artemis
aud.pubmatic.com/AdServer/ Frame 98FA
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C5ECABB8-25C4-4CA3-8361-D348B757F886&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C5ECABB8-25C4-4CA3-8361-D348B757F886&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C5ECABB8-25C4-4CA3-8361-D348B757F886&addseg=19,36,42

0
0

72ms
13ms

Image
application/json

185.64.189.229
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C5ECABB8-25C4-4CA3-8361-D348B757F886&addseg=19,36,42
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol: H2
Server: 185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Redirect headers

date: Fri, 03 Feb 2023 07:26:20 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C5ECABB8-25C4-4CA3-8361-D348B757F886&addseg=19,36,42
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 98FA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzVFQ0FCQjgtMjVDNC00Q0EzLTgzNjEtRDM0OEI3NTdGODg2&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

21ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 03 Feb 2023 07:26:19 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 98FA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJoVngwp0Wkw_Q0v8rh6k6c&google_cver=1

42 B
376 B

20ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJoVngwp0Wkw_Q0v8rh6k6c&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 03 Feb 2023 07:26:19 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJoVngwp0Wkw_Q0v8rh6k6c&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 98FA 43 B
612 B 67ms
17ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 02 Feb 2023 07:26:20 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 98FA
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8114478069488513173

42 B
298 B

22ms
21ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8114478069488513173
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 03 Feb 2023 07:26:18 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8114478069488513173
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 98FA 70 B
264 B 34ms
30ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 98FA
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=e6525337-6e5b-477c-ae85-027a02169df3&gdpr=0&gdpr_consent=&gdpr_pd=
https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_5248ef91-3f84-4181-a17e-671108933c5b&bsw_param=e6525337-6e5b-477c-ae85-027a02169df3&expires=10
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e6525337-6e5b-477c-ae85-027a02169df3&gdpr=&gdpr_consent=&gdpr_pd=

1 B
166 B

21ms
20ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e6525337-6e5b-477c-ae85-027a02169df3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Fri, 03 Feb 2023 07:26:20 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e6525337-6e5b-477c-ae85-027a02169df3&gdpr=&gdpr_consent=&gdpr_pd=
date: Fri, 03 Feb 2023 07:26:20 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 C5ECABB8-25C4-4CA3-8361-D348B757F886
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 98FA 43 B
426 B 103ms
35ms Image
image/gif 2a05:d018:d29:3605:6b2a:5cae:833b:4670
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/C5ECABB8-25C4-4CA3-8361-D348B757F886?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:6b2a:5cae:833b:4670 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 98FA
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C5ECABB8-25C4-4CA3-8361-D348B757F886&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C5ECABB8-25C4-4CA3-8361-D348B757F886&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4N_1sJlE2uV4Whybs3Jis.9RkJiPyR8-~A&gdpr=0

0
260 B

94ms
15ms

Image
text/plain

198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4N_1sJlE2uV4Whybs3Jis.9RkJiPyR8-~A&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol: H2
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:19 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4N_1sJlE2uV4Whybs3Jis.9RkJiPyR8-~A&gdpr=0
date: Fri, 03 Feb 2023 07:26:20 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 98FA 0
104 B 148ms
27ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C5ECABB8-25C4-4CA3-8361-D348B757F886&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 98FA 0
191 B 74ms
16ms Image
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Fri, 03 Feb 2023 07:26:19 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 98FA
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:447aa6e0-2ac1-4d12-a45a-f97518901d13&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
95 B

22ms
22ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:447aa6e0-2ac1-4d12-a45a-f97518901d13&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 03 Feb 2023 07:26:20 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:447aa6e0-2ac1-4d12-a45a-f97518901d13&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Fri, 03 Feb 2023 07:26:20 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 98FA
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3711314036603321161&gdpr=0&gdpr_consent=&us_privacy=

1 B
175 B

21ms
20ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3711314036603321161&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Fri, 03 Feb 2023 07:26:20 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3711314036603321161&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 98FA
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=358998520360634364

42 B
95 B

21ms
20ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=358998520360634364
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 03 Feb 2023 07:26:20 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Fri, 03 Feb 2023 07:26:20 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: b2fc97ed-a78e-405a-bc06-79c18d15b10f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=358998520360634364
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 18E9 63 B
396 B 37ms
31ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=v5zyp9g&fmt=json
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 100aaa3b961d122694074f04a06f9a2c6832e8b49299c9cacfcae3494d618e99

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sun, 05 Mar 2023 07:26:20 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5E06 52 KB
17 KB 109ms
24ms Document
text/html 2.18.36.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.181 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-181.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 03 Feb 2023 07:26:20 GMT
ETag: "623de86a-cf34"
Expires: Sat, 04 Feb 2023 07:26:22 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5BD0 0
0 50ms
50ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023020101&jk=4430871811176027&rc=
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame F45E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y9y3HGQZSZe3VrOGdnYKPAAAFDIAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEM9FwpZ8wHsyJPrfnDj29Cw&google_cver=1

43 B
786 B

29ms
23ms

Image
image/gif

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEM9FwpZ8wHsyJPrfnDj29Cw&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTupVRRWTYkocAcew8OAmv5ZKYA5drtfniQLTIkF73Wu7YJUk4sdPlnshmE7xxrhM23npp4FYB6RZOIC3x9GpS4n45NW2b1dkNY3d%2FHwvm5q1B%2BgpFz2AFfB1busMvNO4PjTsnKy4O9hDA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 79397010dc298fec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEM9FwpZ8wHsyJPrfnDj29Cw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame F45E 70 B
264 B 33ms
32ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame F45E
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9y3HGQZSZe3VrOGdnYKPAAAFDIAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9y3HGQZSZe3VrOGdnYKPAAAFDIAAAAB&dcc=t

43 B
855 B

124ms
123ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9y3HGQZSZe3VrOGdnYKPAAAFDIAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:26:20 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MF259Q5K4QFMVKD4816E
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:26:20 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 93YDQG96Z76M2ZA4YFNE
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9y3HGQZSZe3VrOGdnYKPAAAFDIAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame F45E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y9y3HGQZSZe3VrOGdnYKPAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEMKX9s0WitgEfaKFR4eYls&google_cver=1

43 B
632 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEMKX9s0WitgEfaKFR4eYls&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:26:20 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEMKX9s0WitgEfaKFR4eYls&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F45E
Redirect Chain

https://ad.turn.com/r/cs?pid=21
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3639256442565393225

43 B
632 B

9ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3639256442565393225
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:26:20 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3639256442565393225
pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F45E
Redirect Chain

https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y9y3HGQZSZe3VrOGdnYKPAAA%265170
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=4466a81d-a962-4942-851f-7276d7e8f742-tuctad63c9c

43 B
632 B

12ms
12ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=4466a81d-a962-4942-851f-7276d7e8f742-tuctad63c9c
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:26:20 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=4466a81d-a962-4942-851f-7276d7e8f742-tuctad63c9c
date: Fri, 03 Feb 2023 07:26:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 15436

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame F45E
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5349700048823979731&expiration=1676618780

43 B
632 B

18ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5349700048823979731&expiration=1676618780
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:26:20 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5349700048823979731&expiration=1676618780
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Y9y3HGQZSZe3VrOGdnYKPAAAFDIAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame F45E
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y9y3HGQZSZe3VrOGdnYKPAAAFDIAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://pr-bh.ybp.yahoo.com/sync/casale/Y9y3HGQZSZe3VrOGdnYKPAAAFDIAAAAB

43 B
602 B

38ms
38ms

Image
image/gif

2a05:d018:d29:3605:6b2a:5cae:833b:4670
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Y9y3HGQZSZe3VrOGdnYKPAAAFDIAAAAB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Server

2a05:d018:d29:3605:6b2a:5cae:833b:4670 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/casale/Y9y3HGQZSZe3VrOGdnYKPAAAFDIAAAAB
date: Fri, 03 Feb 2023 07:26:20 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame F45E 43 B
352 B 51ms
18ms Image
image/gif 104.18.36.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Y9y3HGQZSZe3VrOGdnYKPAAA%265170
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 5887
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79397010ac33364e-FRA
content-length: 43
expires: Sat, 04 Feb 2023 07:26:20 GMT

GET
DATA 200
OK truncated
/ Frame E32E 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3c6dbbaefde463022728c942b1c8177a548589a9ef509aa39a977d69cf88f6c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E32E 0
0 71ms
71ms Fetch
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuFUBuk_c27lC5_h7wJopvgFrvU88wOY9EpFhzKCuOVH93ig5jop09HPn4IfZW2iiUy9m7ILq2Fzn_Svvc05kdzzv-IFSkEogLEn5praGM9L13Bncwg2e4r1fuXwXxjsOcq6my3twuDt2VOpoRMck8UKiBJVWhLTgGRO38yiMjzU6fmJ7ozvzzJc5GrgbmTeKiYjGOTrahsWA93dVs-59EGviGb1hiLxhF2Wnoy6WZyeI4EqVkWMTuIzFCYuCDxcCH0nzNa5r2Lwqk7TQZ_AHwcVaBliJCKMkwdiQWqm5nZAfOby4D5VyawKq4KVBXwYTBti8b4lrCRJNyQg5UfIzAnKyWTiVwDuIPRav426w&sai=AMfl-YScy46k8zObKO1UNX4_hZjO0mLxaoXvcA6PxH4TfyPeGCeWOx59vKppLmKemSVeTA8oJ8cpBvX0Wz4ROIHn32osLPVFaSye08iuesFY3RmuFRcqc6mDyel-msZRBg&sig=Cg0ArKJSzAN5fRJzty3oEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Feb 2023 07:26:20 GMT

GET
H3 200 1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js Show response
pagead2.googlesyndication.com/bg/ Frame 7DA3 36 KB
14 KB 20ms
17ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d65b424523b1e64fb52340f45082c73d7368cc40b9d19b877fc1c48c12f14c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:41:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14207
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Feb 2024 19:41:30 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame EA82 63 B
396 B 34ms
33ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=v5zyp9g&fmt=json
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 100aaa3b961d122694074f04a06f9a2c6832e8b49299c9cacfcae3494d618e99

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sun, 05 Mar 2023 07:26:20 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame DC04 52 KB
17 KB 53ms
23ms Document
text/html 2.18.36.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.181 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-181.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 03 Feb 2023 07:26:20 GMT
ETag: "623de86a-cf34"
Expires: Sat, 04 Feb 2023 07:26:22 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 658E 70 B
264 B 31ms
30ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 658E
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERPN0Q4QkktTC04S1JJ

170 B
188 B

25ms
24ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERPN0Q4QkktTC04S1JJ

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERPN0Q4QkktTC04S1JJ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 658E
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5ft2tIyHRNONEJaMI_FR7g&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5ft2tIyHRNONEJaMI_FR7g

43 B
479 B

121ms
121ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5ft2tIyHRNONEJaMI_FR7g

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:26:20 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MV9N5WVQJY7N1M3K59AY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5ft2tIyHRNONEJaMI_FR7g
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 658E
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDO7D8BI-L-8KRI

0
706 B

179ms
152ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDO7D8BI-L-8KRI
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:19 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 3ACDCAA6E8F9482780332C0250E7A9BD Ref B: FRAEDGE1216 Ref C: 2023-02-03T07:26:20Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXzxpkOofvHw2q+WeJ8CQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDO7D8BI-L-8KRI
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 658E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMviHJgFmyz0SRNOfDThdnY&google_cver=1

0
239 B

36ms
9ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMviHJgFmyz0SRNOfDThdnY&google_cver=1
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMviHJgFmyz0SRNOfDThdnY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 658E
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=l-KEACpFRcChDVQFzhe_YA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=l-KEACpFRcChDVQFzhe_YA

43 B
479 B

37ms
36ms

Image
image/gif

54.239.33.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=l-KEACpFRcChDVQFzhe_YA

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

HTTP/1.1

Server

54.239.33.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:26:20 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 5R748CHV8E2P1564K9S6
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=l-KEACpFRcChDVQFzhe_YA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 658E
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjZhZTc4Yjg2NzAxZjk0MTNmYTg3OTg3MjljMTNlNmU5M2UwZTk3NQ

170 B
188 B

27ms
26ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjZhZTc4Yjg2NzAxZjk0MTNmYTg3OTg3MjljMTNlNmU5M2UwZTk3NQ

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjZhZTc4Yjg2NzAxZjk0MTNmYTg3OTg3MjljMTNlNmU5M2UwZTk3NQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 658E
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/1Yhx6aDgc50GiP9SsaYu5A?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-MLAWd5VE2oJN.436K19HGOCzr6XqTDIG.kW6Hw--~A

0
239 B

9ms
9ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-MLAWd5VE2oJN.436K19HGOCzr6XqTDIG.kW6Hw--~A
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Fri, 03 Feb 2023 07:26:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-MLAWd5VE2oJN.436K19HGOCzr6XqTDIG.kW6Hw--~A
content-length: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5E06 0
856 B 14ms
14ms Script
text/html 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:26:20 GMT
AN-X-Request-Uuid: bd1aaa2c-3e96-4a6b-9d8a-163289da6f49
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame DC04 0
856 B 15ms
14ms Script
text/html 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:26:20 GMT
AN-X-Request-Uuid: 2f46441a-b3d7-402a-a20f-97dfcecb484b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 9F1F 0
234 B 139ms
42ms Ping
image/gif 2a00:1450:4010:c03::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ldo7d7sx&c=1115118503523&slotId=557559251761.5&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4010:c03::78 , Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 /
track-selectmedia.com/trackv4/ 0
17 B 146ms
146ms Image
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=261X464&d19=10&d2=1675409100&d20=109.0.5414&d23=tag_d575c309-a219-4edc-9a6d-329742096898&d24=a32de10b-2590-422c-b5f1-696dfc2c42d2&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=e79ac444-bf2e-42ea-a4d1-70a33b600b8e&d4=6907fb17-c9bc-4a36-876d-61bb4a640342&d5=edivaldobrito.com.br&d8=1&d9=Windows&channelkey=dHMxPTY5MDdmYjE3LWM5YmMtNGEzNi04NzZkLTYxYmI0YTY0MDM0MiZ0czI9MSZ0czM9MiZ0czQ9MQ==&d28=1164&d33=8&d34=1800&d35=1&d36=1&d37=1&d38=1&d26=464x261&d27=1&adSourceKey=YWRzMT03NmEzYTA4My03NWJiLTRhMDYtOGRiYy0wNmY4ZjNmNzZkODAmYWRzMj0xJmFkczM9MiZhZHM0PTAmYWRzNj0wJmFkczc9MSZhZHM4PWU0YjViMzExLTg2YzgtNGMxMC05ZjNiLWM3OTdhYjU1YTE2MiZhZHM5PTAuMTU=&adsourceId=76a3a083-75bb-4a06-8dbc-06f8f3f76d80&cb=1675409180464-dc059e35-d147-4ab0-93cf-19b2ee7ccf39&e=4
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 204 csi
csi.gstatic.com/ Frame 9F1F 0
45 B 107ms
43ms Ping
image/gif 2a00:1450:4010:c03::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ldo7d994&c=1115118503523&slotId=557559251761.5&qqid=CPzWmcjp-PwCFeDluwgd6UMHsQ&gqid=G7fcY6vINqCx9u8PjZOhiAM&fb=ima_html5-lima&sdkv=h.3.554.1&mrd=4&aab=1&itv=1&ghmsh_eids=44748969%2C44750824%2C44752657%2C44765701%2C44777649&met.4=ghmsh_s.ldo7d998~ghmsh_s.ldo7d999&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=32V3yQQ6PCY_98SI
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4010:c03::78 , Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 9F1F 453 B
478 B 31ms
29ms Image
image/png 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-video-pub-5717092533913515

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:11:31 GMT
x-content-type-options: nosniff
age: 889
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Feb 2023 08:01:31 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 9F1F 42 B
64 B 70ms
65ms Image
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CnVFZG7fcY7zdOuDL7_UP6YediAv-nffJbditrJrzEPbT5q2JAhABILCv4h9glYKAgLQHoAH_24rIA8gBBeACAKgDAZgEAKoEtQJP0C12FSD-VLd0UyjmsUaFBRjNelhL9_K9LUJmQmCTYQNUMiy7fLgWri3iVM6u8XL9P0G9jnbh3NLsfbzxsSqQOmMXSTTZjWDKtl5lRzqYfbFc3x5lm1ETwvX9GmEj8dC1lMme6nDN4ydiUe-ZW3oHTv0cc02vXRt4JCfHlRm7tqEdwur7RvF8lmWi717bjV20oXy1RJgonSWkstAetehEKI0bRvG9hFgfYAorh2B6JxR-wRpVz_bKrca5yw4NhaMxPXSfaVG5pbSmxtKvwSaS1lXSsLlfiD1MY7qpgIQhN067Hl-Efc3GBxAsDmSDHDO8goP377atdt66mcbjRmf1ZS6S9p4_R3zgxFYlKZ3Qhh-n-8UoPcdg490jNue1PAWtiRIfESpAjeHMMylAlOhL0pG2zI_ABKC-28atBOAEAaAGVIAH8t76owKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tODczNjMwOTY2NDU3MTAwNrEJBNkd_FFppb2ACgOYCwHICwHQCw64DAGaDQEO2BMM0BUB4hYCCAH4FgGAFwE&sigh=7Mo5qQ8lNPk&label=show_ad&sdkv=h.3.554.1&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4MDY4MTE0NDAyNDIMNjQ2NjM3OTcwNjk4QKkFUiMQDyUAAPhBKAE6C0prOHRWM1pJZlRjQglnb29nbGVhZHNQABgB

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adview
pubads.g.doubleclick.net/pagead/ Frame 9F1F 0
0 70ms
65ms Image
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CiYBMG7fcY7zdOuDL7_UP6YediAv-nffJbditrJrzEPbT5q2JAhABILCv4h9glYKAgLQHoAH_24rIA8gBBeACAKgDAZgEAKoEsgJP0C12FSD-VLd0UyjmsUaFBRjNelhL9_K9LUJmQmCTYQNUMiy7fLgWri3iVM6u8XL9P0G9jnbh3NLsfbzxsSqQOmMXSTTZjWDKtl5lRzqYfbFc3x5lm1ETwvX9GmEj8dC1lMme6nDN4ydiUe-ZW3oHTv0cc02vXRt4JCfHlRm7tqEdwur7RvF8lmWi717bjV20oXy1RJgonSWkstAetehEKI0bRvG9hFgfYAorh2B6JxR-wRpVz_bKrca5yw4NhaMxPXSfaVG5pbSmxtKvwSaS1lXSsLlfiD1MY7qpgIQhN067Hl-Efc3GBxAsDmSDHDO8goP377atdt66mcbjRmf1ZS6S9p4_R3y4xcxXIZ8opY0mXWNMoWFWRC9hqD0vNy2kpwrOqsACEzFfGgVYF2r1tg3ABKC-28atBOAEAaAGVIAH8t76owKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJfSaKgIAdIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi04NzM2MzA5NjY0NTcxMDA2gAoDyAsBwhMGGP_bisgD2BMM0BUB4hYCCAGAFwGyFx4KHAgAEhRwdWItNTcxNzA5MjUzMzkxMzUxNRjQihE&sigh=IXmcD2PeX6w&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&cid=CAQSOwDUE5ymxq2AiXn58LoQJyWeAmlEMS7T5SxKjq4zVuCsOxKvzdOupuLkXAhzCuCu7ZiZwvt7fdK_nOEJGAE&vt=10&sdkv=h.3.554.1&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4MDY4MTE0NDAyNDIMNjQ2NjM3OTcwNjk4QKkFUiMQDyUAAPhBKAE6C0prOHRWM1pJZlRjQglnb29nbGVhZHNQABgB
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 9F1F 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 18E9 144 B
1 KB 250ms
249ms XHR
application/json 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

ec2-3-125-201-50.eu-central-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

f9b5112418b978819dd5c5f5a6bac31718af28b7236ccc5146528a377a201379

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:26:20 GMT
AN-X-Request-Uuid: cb663406-4e53-4add-98c0-18f09c08d304
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.edivaldobrito.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame DA1F 19 B
529 B 10ms
10ms XHR
application/json 3.125.201.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.30.0&referrer=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker&tmax=6000

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.125.201.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
accept-ch: sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile
x-auction-status: 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 85FD 173 B
409 B 10ms
10ms XHR
application/json 52.57.242.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.242.51 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-242-51.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: d39ce08551322010792d829d78ae4979c1b698b143bca39aac7e9e0beba5b447

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
content-encoding: gzip
x-prebid: pbs-java/1.110.0
content-type: application/json
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 167
expires: 0

POST
H/1.1 204
No Content 322311 Show response
search.spotxchange.com/openrtb/2.3/dados/ Frame 9BAB 0
993 B 27ms
26ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/322311?src_sys=prebid
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 03 Feb 2023 07:26:20 GMT
X-SpotX-Timing-SpotMarket-Primary: 0.004609
X-SpotX-Timing-Transform: 0.001358
X-SpotX-Timing-SpotMarket: 0.004609
X-SpotX-Timing-Page-Require: 0.000440
X-fe: 131
Connection: keep-alive
X-SpotX-Timing-Page-Misc: 0.001829
X-SpotX-Timing-Page-Cookie: 0.000002
X-SpotX-Timing-Page: 0.009520
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000320
Last-Modified: Fri, 03 Feb 2023 07:26:20 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.edivaldobrito.com.br
X-SpotX-Timing-Page-Exception: 0.000000
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-SpotX-Timing-Page-URI: 0.000014
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-Mux: 0.000948
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame F5C5 0
67 B 89ms
89ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.edivaldobrito.com.br
date: Fri, 03 Feb 2023 07:26:20 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 5F83 2 KB
2 KB 9ms
8ms XHR
application/json 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.edivaldobrito.com.br&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 83545a7a07405b0ad926d5536e67b215353eb1d3306d8c2e8b8486fe3249f15c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:18 GMT
via: 1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
age: 1
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 2041
x-amz-cf-id: 0r3c2aRAoqKe6-t7VhER3f_2NnJsLKGFpuSHIO8xedHpHZCe1L0S-w==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame 5F83 23 B
468 B 69ms
69ms XHR
text/javascript 18.66.23.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker&pid=6mBYjuV9DhV1n&cb=1&ws=464x261&v=23.127.1625&t=8000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A152%2C%22id%22%3A%22SM_NEW_640_480%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%5D&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 3e0d912790c2cd730e222487cbb10f98.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: ZXTH3SHAZP5T2Q6841M2
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.edivaldobrito.com.br
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: KVFz20Ii73DT0ZiDsyZNhA-7KUPSQtEbZUKgp1sJRdpaMbMmr_bveA==

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame 071A 35 B
332 B 101ms
100ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=532329
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e7ae2e0758683e4e7d81a5a71dc6e8ffc30ed8595dc2413b51497a398a15c82

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zd66HBwQP2%2FlfJ2siVe84xvry8I3IazSYN8j1088puXmbmNcq%2F2eTg8ENmsohTOSyDVTnHZAfMOdtvqQcggrPpOc7e5xSXrdySDGL4L0DH7syvy%2Br3Uzj6AXilklrtNmRAkD7m8D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 793970126c4937d7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
expires: 0

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 18E9 2 KB
2 KB 8ms
7ms XHR
application/json 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.edivaldobrito.com.br&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 83545a7a07405b0ad926d5536e67b215353eb1d3306d8c2e8b8486fe3249f15c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:18 GMT
via: 1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
age: 1
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 2041
x-amz-cf-id: Glq_sIcB3huinI3s0fOxxyDbP2ZzIjlBZq04jaRB5oIa8ti-i8Hf-Q==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame 18E9 23 B
469 B 75ms
73ms XHR
text/javascript 18.66.23.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker&pid=Z6WWs0SbdvIdS&cb=1&ws=0x0&v=22.1021.827&t=8000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A152%2C%22id%22%3A%22SM_NEW_640_480%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22464x261%22%5D%7D%5D&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 3e0d912790c2cd730e222487cbb10f98.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: NZ383BMYK5STK1N602CG
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.edivaldobrito.com.br
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: aYZD-H7zYu1CGpVOlU9X04OX3FsAOxTra5WXC1CbYMEUIEkyyVKnsA==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame DA1F 2 KB
2 KB 9ms
7ms XHR
application/json 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.edivaldobrito.com.br&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 83545a7a07405b0ad926d5536e67b215353eb1d3306d8c2e8b8486fe3249f15c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:18 GMT
via: 1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
age: 1
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 2041
x-amz-cf-id: 0yUUf2RCMNK5d12faI9NiqDcckfPj11Xw6bbpiU9_lNKr0-GGLluLg==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame DA1F 23 B
467 B 149ms
148ms XHR
text/javascript 18.66.23.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker&pid=RK5YkUvCxAKMH&cb=1&ws=0x0&v=22.1021.827&t=8000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A152%2C%22id%22%3A%22SM_NEW_640_480%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%5D&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 3e0d912790c2cd730e222487cbb10f98.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: PRFQNHF7N1BY6BQ7V588
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.edivaldobrito.com.br
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: amDEZnzaOc4aPILogJBsZifTzdmxvrh82JfP06k1J1BJL-DJ20UrTA==

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame EA82 143 B
1 KB 473ms
471ms XHR
application/json 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

a6d7691807b14e1ca1e583e1377901d19e8b92c14fb76af3e459291c0eab1a4c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:26:21 GMT
AN-X-Request-Uuid: 233e09a0-259f-4ba2-a26c-e43c7052a01c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.edivaldobrito.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 85FD 2 KB
2 KB 7ms
7ms XHR
application/json 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.edivaldobrito.com.br&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 83545a7a07405b0ad926d5536e67b215353eb1d3306d8c2e8b8486fe3249f15c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:18 GMT
via: 1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
age: 1
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 2041
x-amz-cf-id: OZYKDFTuJ-whR01RMOQKRi2K4RmEbjRrsjUOtQfxXjo-tNhsb-CLlw==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame 85FD 23 B
468 B 147ms
146ms XHR
text/javascript 18.66.23.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker&pid=de7OZzNWrhKhZ&cb=1&ws=0x0&v=22.1021.827&t=8000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A152%2C%22id%22%3A%22SM_NEW_640_480%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%5D&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/amz/selectAmazon.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-125-201-50.eu-central-1.compute.amazonaws.com

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 3e0d912790c2cd730e222487cbb10f98.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: 5EB2T805523VDTN248H2
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.edivaldobrito.com.br
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Ux4ZKDrBkWN-n4QI6QFc5b7zUBuON11n0zrKqJjOSVTAw6fl5IEODA==

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame EA82 19 B
529 B 15ms
14ms XHR
application/json 3.125.201.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.30.0&referrer=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker&tmax=6000

Requested by

Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.125.201.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
accept-ch: sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data
x-auction-status: 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
54 B 41ms
41ms Ping
image/gif 2a00:1450:4010:c03::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~ldo7d7dg&c=1115118503523&slotId=557559251761.5&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4010:c03::78 , Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9F1F 0
20 B 47ms
47ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.554.1&e=44748969%2C44750824%2C44752657%2C44765701%2C44777649&id=ima_html5&c=4312060447926098&domain

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

tag Show response
btloader.com/ Frame 5F83
Redirect Chain

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true
https://btloader.com/tag?o=5409916045492224&upapi=true

14 KB
6 KB

15ms
13ms

Script
application/javascript

2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5409916045492224&upapi=true
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ab4005786b726f262e010042dc33b56012653a3c7b124171ecc683bbfa9d3f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Feb 2023 07:19:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 335
etag: W/"803158259cfe510a4ed5b53b03a343c2"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r78RekIRrDG8C3F%2Fphq6%2FJtMru8sXVBjwoKlAbejstBF%2BZ4kGg5ODknZ3ewLSemGE4ShDOocSN8dUY5ZlRXgIzJDZ9pQqx0h1HhQY0e2oQ0XXJUP0h65Ss0MdLUGjaC6UpB5peevemlGYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7939701349185c80-FRA

Redirect headers

date: Fri, 03 Feb 2023 07:26:20 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 336
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3xiFGU1DD3qoP7KP9%2B0e3Mu%2FMZh%2B9%2BVP2GrM9xQlXkdrDAOK2QXZBrcPqYX5%2Fckzi7WdHJZFW8vEfP7a3RYHkSL8yIqNIFX7Ev%2BWH6HkOMTSnzC5UmNo%2BO7Efcc4C1IXdVdtR%2BQ955BZ5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /tag?o=5409916045492224&upapi=true
cache-control: public, max-age=3600, must-revalidate
cf-ray: 79397012f8d15c80-FRA

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ Frame 5F83 32 KB
10 KB 9ms
8ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:55:13 GMT
content-encoding: gzip
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 59468
etag: W/"322a4a4dadec5839e9040f77edf9282d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: KVKHX6cC5AMvK_42rjY9hpmB8hjz_G8qD_Pr9t3ujYUYekW3WlrVJg==

OPTIONS
H2 200 recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 0
0 1436ms
1435ms Preflight 44.207.220.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.207.220.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-207-220-40.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.edivaldobrito.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Fri, 03 Feb 2023 07:26:22 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 5F83 57 KB
17 KB 14ms
13ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
server: cloudflare
x-amz-request-id: W87A90SX4JFQ92AB
age: 814
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 79397012fb0390d4-FRA
x-amz-id-2: 9YGbKnU0q0vY61FpJWEOmLdSMOfIKbsfvmjWoYrHR33bI8MGcyoDr8puyJVaScguJXHxWq9y6yQ=

POST recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 5F83 0
0

GET
H/1.1 206
Partial Content videoplayback
rr2---sn-4g5edns6.googlevideo.com/ Frame 5F83 872 KB
872 KB 74ms
15ms Media
video/mp4 2a00:1450:4001:6d::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5edns6.googlevideo.com/videoplayback?expire=1675437980&ei=HLfcY83CEqGA1gKn467oCw&ip=2a00:c98:2030:a004:1::12&id=264f2d5776487d37&itag=22&source=youtube&requiressl=yes&mh=zH&mm=31&mn=sn-4g5edns6&ms=au&mv=m&mvi=2&pl=49&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=31.416&lmt=1675127551700137&mt=1675408877&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhALBOlY2z865T7-9WgUFzEIkvfakpALZma9slaoo_ZppjAiEAsH0WOtCG_8kTDu3mvmqZRrG6r07OMyEOr6pAJ0yUb2I=&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgH94-Ypva0sWCjUMUljDFRxtb2fX8ixtyTYC354h5xo0CIBnrXKX_L1sC2jI-MR_nBQIuD91vZvAh2likLmcCC-u0&cpn=32V3yQQ6PCY_98SI

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:6d::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

f839e43d4cdf26aac9fa7edcc431b27abe287dbb8dcc18bbff0c61fdb46e33a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Range: bytes=0-

Response headers

Date: Fri, 03 Feb 2023 07:26:20 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 31 Jan 2023 01:12:31 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-892738/892739
Cache-Control: private, max-age=28500
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 892739
Expires: Fri, 03 Feb 2023 07:26:20 GMT

POST
H3 204 trackv4 Show response
track-selectmedia.com/ 0
17 B 147ms
146ms XHR
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://track-selectmedia.com/trackv4?bulkV3=true&version=1164&uuid=bca075e5-51dc-4202-8530-452c65663f33
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.edivaldobrito.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: https://www.edivaldobrito.com.br
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H3 204 trackv4
track-selectmedia.com/ Frame 0
0 148ms
147ms Preflight
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://track-selectmedia.com/trackv4?bulkV3=true&version=1164&uuid=bca075e5-51dc-4202-8530-452c65663f33
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.edivaldobrito.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.edivaldobrito.com.br
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json
date: Fri, 03 Feb 2023 07:26:20 GMT
referrer-policy: no-referrer-when-downgrade
via: 1.1 google

GET
H2

200

tag Show response
btloader.com/ Frame 18E9
Redirect Chain

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true
https://btloader.com/tag?o=5409916045492224&upapi=true

14 KB
6 KB

14ms
13ms

Script
application/javascript

2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5409916045492224&upapi=true
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ab4005786b726f262e010042dc33b56012653a3c7b124171ecc683bbfa9d3f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Feb 2023 07:19:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 335
etag: W/"803158259cfe510a4ed5b53b03a343c2"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OzMW3U3kQj%2FW2IGWTm%2FD57rDFb6THqHHK8LxY8CQcbwdDd6A7IhoyZ3V9aawa4SpNLceNrvoAR1Q1UR8wtqVfOl34TjOPjs0Ev1uuuj1Rwhv%2B0T%2FmvMoUxsoWKH420%2BVN5N1omf80mQceQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 79397013591c5c80-FRA

Redirect headers

date: Fri, 03 Feb 2023 07:26:20 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 336
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u51rp8uue%2F5FMpvEzAwQsWgZhsKQZrTqZhpBpcjxLE8u2yEbssYWQGPH8JFUyOIDCYXNB%2B65WTjlFBqtsgj1mb0ULTYh01mXfttzMqF5TVeGjaqfVnWM%2Fzgzo4C%2BU%2FwIqoxkA%2F4F%2F3J%2Fug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /tag?o=5409916045492224&upapi=true
cache-control: public, max-age=3600, must-revalidate
cf-ray: 7939701339005c80-FRA

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ Frame 18E9 32 KB
10 KB 10ms
9ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:55:13 GMT
content-encoding: gzip
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 59468
etag: W/"322a4a4dadec5839e9040f77edf9282d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: s-bXsO5B_OTd6LIHnVB3aREqlIjwVFocPbWcX1OGI7cNvPWA3fCM8g==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 18E9 57 KB
16 KB 14ms
14ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
server: cloudflare
x-amz-request-id: W87A90SX4JFQ92AB
age: 814
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 793970133b3490d4-FRA
x-amz-id-2: 9YGbKnU0q0vY61FpJWEOmLdSMOfIKbsfvmjWoYrHR33bI8MGcyoDr8puyJVaScguJXHxWq9y6yQ=

GET
H2

200

tag Show response
btloader.com/ Frame DA1F
Redirect Chain

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true
https://btloader.com/tag?o=5409916045492224&upapi=true

14 KB
6 KB

16ms
16ms

Script
application/javascript

2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5409916045492224&upapi=true
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ab4005786b726f262e010042dc33b56012653a3c7b124171ecc683bbfa9d3f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Feb 2023 07:19:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 335
etag: W/"803158259cfe510a4ed5b53b03a343c2"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ey7gFgw5mbGDtfaFrup1f9UnX0d6WqQKKQVHSHPZAtaykRfVLfnqRudQGqhC9cEZEd0N2CQMkDSiYgHz9UrpVGOoSEIg7hZtnv273hvUDlIp42Kxiq6bDnTLKO4%2BTirJvyUWgnNzLlj3Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7939701359275c80-FRA

Redirect headers

date: Fri, 03 Feb 2023 07:26:20 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 336
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oBHlSHn2f4wFYKCFETsmWR47KkuzBgGd7jZUD1VRD27CSB%2FmbYn%2BonERroTJDDjBEdkxu1%2F9IbECUPxkxRSMIP71M88Dddf97L6T%2F%2B8y3ZuKvdX3J7KekHdWWfi52%2FZ8vOIUJHgqtAO0VA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /tag?o=5409916045492224&upapi=true
cache-control: public, max-age=3600, must-revalidate
cf-ray: 7939701339025c80-FRA

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ Frame DA1F 32 KB
10 KB 9ms
9ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:55:13 GMT
content-encoding: gzip
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 59468
etag: W/"322a4a4dadec5839e9040f77edf9282d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: ZwIesrobioxdq-au17Qw95j9_oUoh-6GCRgEQLQn4DPoy74DlM84pQ==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame DA1F 57 KB
16 KB 15ms
15ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
server: cloudflare
x-amz-request-id: W87A90SX4JFQ92AB
age: 814
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 793970133b3690d4-FRA
x-amz-id-2: 9YGbKnU0q0vY61FpJWEOmLdSMOfIKbsfvmjWoYrHR33bI8MGcyoDr8puyJVaScguJXHxWq9y6yQ=

GET
H2

200

tag Show response
btloader.com/ Frame 85FD
Redirect Chain

https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true
https://btloader.com/tag?o=5409916045492224&upapi=true

14 KB
6 KB

13ms
13ms

Script
application/javascript

2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5409916045492224&upapi=true
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ab4005786b726f262e010042dc33b56012653a3c7b124171ecc683bbfa9d3f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Feb 2023 07:19:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 335
etag: W/"803158259cfe510a4ed5b53b03a343c2"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FyU54eKhJ2n7lnPG1n3%2Bo4DTRtcJ0mfp3mGbHdKxw5muxXHVjGlUzDrQM6rWRqp5SoQK2Vpo1HlMIiDc7inloLlqWThQ1K59sETyYvmI4K584H0Ebt9fOkkQw0IKg8eZm3osifo9zhJ0ew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 79397013592c5c80-FRA

Redirect headers

date: Fri, 03 Feb 2023 07:26:20 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 336
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V8gzii9pmPp4GqrUXPowQYC0zVMX4rlHJpUT4CSMKwpUbC5L%2BJPl%2FI4u52OfWbVmPaGEhPycBm1n5yoZOvZw0tnL9TSf%2F%2BYrJ2cQLROXGCkejnIAxjn12iccgrPfYj%2B4oTxNyjhYKaMS0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /tag?o=5409916045492224&upapi=true
cache-control: public, max-age=3600, must-revalidate
cf-ray: 7939701339045c80-FRA

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ Frame 85FD 32 KB
10 KB 10ms
9ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:55:13 GMT
content-encoding: gzip
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 59468
etag: W/"322a4a4dadec5839e9040f77edf9282d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: dPHl4pK24OohFxMsywIV5W_pNtJ26G2Alz8Mr9OsL-GVkvF00etpVA==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 85FD 57 KB
16 KB 14ms
14ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
server: cloudflare
x-amz-request-id: W87A90SX4JFQ92AB
age: 814
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 793970133b3990d4-FRA
x-amz-id-2: 9YGbKnU0q0vY61FpJWEOmLdSMOfIKbsfvmjWoYrHR33bI8MGcyoDr8puyJVaScguJXHxWq9y6yQ=

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7DA3 0
10 B 14ms
13ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?iwT7Kw
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame 5F83 60 B
339 B 32ms
31ms XHR
application/json 52.50.45.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.45.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-45-218.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: cfd42deaf9af3fcd35a5513340b148e7d3f45293436619698f57872b099057fd

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: no-cache
x-server: 10.45.8.22
access-control-allow-credentials: true
content-length: 60
expires: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame DA1F 60 B
341 B 30ms
30ms XHR
application/json 52.50.45.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.45.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-45-218.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 8a03453183f07da9e1e74a60b81ce2dca150cdee622bb34275c2187ab1e208ee

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: no-cache
x-server: 10.45.19.172
access-control-allow-credentials: true
content-length: 60
expires: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame 18E9 60 B
340 B 31ms
31ms XHR
application/json 52.50.45.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.45.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-45-218.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2367825d387826ddbc64eda1257a39cf4272b225cdebd0a951b3aa88c0ccca44

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: no-cache
x-server: 10.45.1.74
access-control-allow-credentials: true
content-length: 60
expires: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame 85FD 60 B
341 B 67ms
67ms XHR
application/json 52.50.45.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.45.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-45-218.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: b41d64aab8e36cd7c2b66dbc86a940d9f9b36ea1164bd5d7a2a3a24d259815af

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: no-cache
x-server: 10.45.24.165
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 9F1F 42 B
64 B 67ms
66ms Image
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CnVFZG7fcY7zdOuDL7_UP6YediAv-nffJbditrJrzEPbT5q2JAhABILCv4h9glYKAgLQHoAH_24rIA8gBBeACAKgDAZgEAKoEtQJP0C12FSD-VLd0UyjmsUaFBRjNelhL9_K9LUJmQmCTYQNUMiy7fLgWri3iVM6u8XL9P0G9jnbh3NLsfbzxsSqQOmMXSTTZjWDKtl5lRzqYfbFc3x5lm1ETwvX9GmEj8dC1lMme6nDN4ydiUe-ZW3oHTv0cc02vXRt4JCfHlRm7tqEdwur7RvF8lmWi717bjV20oXy1RJgonSWkstAetehEKI0bRvG9hFgfYAorh2B6JxR-wRpVz_bKrca5yw4NhaMxPXSfaVG5pbSmxtKvwSaS1lXSsLlfiD1MY7qpgIQhN067Hl-Efc3GBxAsDmSDHDO8goP377atdt66mcbjRmf1ZS6S9p4_R3zgxFYlKZ3Qhh-n-8UoPcdg490jNue1PAWtiRIfESpAjeHMMylAlOhL0pG2zI_ABKC-28atBOAEAaAGVIAH8t76owKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tODczNjMwOTY2NDU3MTAwNrEJBNkd_FFppb2ACgOYCwHICwHQCw64DAGaDQEO2BMM0BUB4hYCCAH4FgGAFwE&sigh=7Mo5qQ8lNPk&label=video_ad_loaded&sdkv=h.3.554.1&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4MDY4MTE0NDAyNDIMNjQ2NjM3OTcwNjk4QKkFUiMQDyUAABBCKAE6C0prOHRWM1pJZlRjQglnb29nbGVhZHNQABgB

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Oy6hyfNY.js Show response
tpc.googlesyndication.com/sodar/ Frame 9F1F 41 KB
15 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 14:03:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408150
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15406
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 14:03:50 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame 9F1F 0
0 72ms
70ms Image
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CiYBMG7fcY7zdOuDL7_UP6YediAv-nffJbditrJrzEPbT5q2JAhABILCv4h9glYKAgLQHoAH_24rIA8gBBeACAKgDAZgEAKoEsgJP0C12FSD-VLd0UyjmsUaFBRjNelhL9_K9LUJmQmCTYQNUMiy7fLgWri3iVM6u8XL9P0G9jnbh3NLsfbzxsSqQOmMXSTTZjWDKtl5lRzqYfbFc3x5lm1ETwvX9GmEj8dC1lMme6nDN4ydiUe-ZW3oHTv0cc02vXRt4JCfHlRm7tqEdwur7RvF8lmWi717bjV20oXy1RJgonSWkstAetehEKI0bRvG9hFgfYAorh2B6JxR-wRpVz_bKrca5yw4NhaMxPXSfaVG5pbSmxtKvwSaS1lXSsLlfiD1MY7qpgIQhN067Hl-Efc3GBxAsDmSDHDO8goP377atdt66mcbjRmf1ZS6S9p4_R3y4xcxXIZ8opY0mXWNMoWFWRC9hqD0vNy2kpwrOqsACEzFfGgVYF2r1tg3ABKC-28atBOAEAaAGVIAH8t76owKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJfSaKgIAdIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi04NzM2MzA5NjY0NTcxMDA2gAoDyAsBwhMGGP_bisgD2BMM0BUB4hYCCAGAFwGyFx4KHAgAEhRwdWItNTcxNzA5MjUzMzkxMzUxNRjQihE&sigh=IXmcD2PeX6w&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&cid=CAQSOwDUE5ymxq2AiXn58LoQJyWeAmlEMS7T5SxKjq4zVuCsOxKvzdOupuLkXAhzCuCu7ZiZwvt7fdK_nOEJGAE&sdkv=h.3.554.1
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 9F1F 42 B
64 B 69ms
67ms Image
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C_dvBG7fcY7zdOuDL7_UP6YediAv-nffJbditrJrzEPbT5q2JAhABILCv4h9glYKAgLQHoAH_24rIA8gBBeACAKgDAZgEAKoEsgJP0C12FSD-VLd0UyjmsUaFBRjNelhL9_K9LUJmQmCTYQNUMiy7fLgWri3iVM6u8XL9P0G9jnbh3NLsfbzxsSqQOmMXSTTZjWDKtl5lRzqYfbFc3x5lm1ETwvX9GmEj8dC1lMme6nDN4ydiUe-ZW3oHTv0cc02vXRt4JCfHlRm7tqEdwur7RvF8lmWi717bjV20oXy1RJgonSWkstAetehEKI0bRvG9hFgfYAorh2B6JxR-wRpVz_bKrca5yw4NhaMxPXSfaVG5pbSmxtKvwSaS1lXSsLlfiD1MY7qpgIQhN067Hl-Efc3GBxAsDmSDHDO8goP377atdt66mcbjRmf1ZS6S9p4_R3y4xcxXIZ8opY0mXWNMoWFWRC9hqD0vNy2kpwrOqsACEzFfGgVYF2r1tg3ABKC-28atBOAEAaAGVIAH8t76owKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tODczNjMwOTY2NDU3MTAwNoAKA8gLAdgTDNAVAeIWAggB-BYBgBcB&sigh=ux0KtUIL2OI&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D947%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D696,378,957,842%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D31370%26vmtime%3D-1%26is%3D33554707%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2058%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D362636435%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D2761%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.06%26t%3D1675409180484&sdkv=h.3.554.1&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4MDY4MTE0NDAyNDIMNjQ2NjM3OTcwNjk4QKkFUiYQDyUAABBCKAE6C0prOHRWM1pJZlRjQglnb29nbGVhZHNImAJQABgB

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9F1F 42 B
64 B 52ms
50ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssCgGau3F27UG5eH4pXpSTTmtHN82HSMneIep9SO7HNBdQddmtWy_h6rTNNC5Y4NKOKOHMGq6NbjKrR4kitl2aUN58qvt6EDjsM5ao9FWa6PoIxi7KGxJncgubAX1qEWMjxFgBOAs8IVrd5j9-D4WDJR9IN87JYFCatlJ_q1PUioFxzmsLncOz0_w2FduJFbjAm&sai=AMfl-YRu776WSLmwcJ0_R_0hSbfSucRO22QjQNMb11icH8Sr7tXOTJEWeBFuwy65RB2dQvXr10A-7arNQkhe-5npz2fSDos_uKRTXtq2-x7U7jFYLkP7yR9Obse0-lw&sig=Cg0ArKJSzK6igW2_7JoEEAE&cid=CAQSOwDUE5ymxq2AiXn58LoQJyWeAmlEMS7T5SxKjq4zVuCsOxKvzdOupuLkXAhzCuCu7ZiZwvt7fdK_nOEJGAE&id=lidarv&acvw=sv%3D947%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D696,378,957,842%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D31370%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554707%26ic%3D33554706%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2058%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D362636435%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D2762%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.06%26t%3D1675409180484&avm=1

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 9F1F 42 B
64 B 67ms
65ms Image
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C_dvBG7fcY7zdOuDL7_UP6YediAv-nffJbditrJrzEPbT5q2JAhABILCv4h9glYKAgLQHoAH_24rIA8gBBeACAKgDAZgEAKoEsgJP0C12FSD-VLd0UyjmsUaFBRjNelhL9_K9LUJmQmCTYQNUMiy7fLgWri3iVM6u8XL9P0G9jnbh3NLsfbzxsSqQOmMXSTTZjWDKtl5lRzqYfbFc3x5lm1ETwvX9GmEj8dC1lMme6nDN4ydiUe-ZW3oHTv0cc02vXRt4JCfHlRm7tqEdwur7RvF8lmWi717bjV20oXy1RJgonSWkstAetehEKI0bRvG9hFgfYAorh2B6JxR-wRpVz_bKrca5yw4NhaMxPXSfaVG5pbSmxtKvwSaS1lXSsLlfiD1MY7qpgIQhN067Hl-Efc3GBxAsDmSDHDO8goP377atdt66mcbjRmf1ZS6S9p4_R3y4xcxXIZ8opY0mXWNMoWFWRC9hqD0vNy2kpwrOqsACEzFfGgVYF2r1tg3ABKC-28atBOAEAaAGVIAH8t76owKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tODczNjMwOTY2NDU3MTAwNoAKA8gLAdgTDNAVAeIWAggB-BYBgBcB&sigh=ux0KtUIL2OI&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D947%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D696,378,957,842%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D31370%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554707%26i0%3D33554707%26ic%3D0%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2058%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D362636435%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D2763%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.06%26t%3D1675409180484&sdkv=h.3.554.1&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4MDY4MTE0NDAyNDIMNjQ2NjM3OTcwNjk4QKkFUiYQDyUAABBCKAE6C0prOHRWM1pJZlRjQglnb29nbGVhZHNImAJQABgB

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9F1F 0
20 B 49ms
47ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.554.1&e=44748969%2C44750824%2C44752657%2C44765701%2C44777649&id=ima_html5&c=4312060447926098&domain

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 9F1F 42 B
64 B 70ms
68ms Image
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C_dvBG7fcY7zdOuDL7_UP6YediAv-nffJbditrJrzEPbT5q2JAhABILCv4h9glYKAgLQHoAH_24rIA8gBBeACAKgDAZgEAKoEsgJP0C12FSD-VLd0UyjmsUaFBRjNelhL9_K9LUJmQmCTYQNUMiy7fLgWri3iVM6u8XL9P0G9jnbh3NLsfbzxsSqQOmMXSTTZjWDKtl5lRzqYfbFc3x5lm1ETwvX9GmEj8dC1lMme6nDN4ydiUe-ZW3oHTv0cc02vXRt4JCfHlRm7tqEdwur7RvF8lmWi717bjV20oXy1RJgonSWkstAetehEKI0bRvG9hFgfYAorh2B6JxR-wRpVz_bKrca5yw4NhaMxPXSfaVG5pbSmxtKvwSaS1lXSsLlfiD1MY7qpgIQhN067Hl-Efc3GBxAsDmSDHDO8goP377atdt66mcbjRmf1ZS6S9p4_R3y4xcxXIZ8opY0mXWNMoWFWRC9hqD0vNy2kpwrOqsACEzFfGgVYF2r1tg3ABKC-28atBOAEAaAGVIAH8t76owKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tODczNjMwOTY2NDU3MTAwNoAKA8gLAdgTDNAVAeIWAggB-BYBgBcB&sigh=ux0KtUIL2OI&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&label=admute&ad_mt=0&acvw=sv%3D947%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D696,378,957,842%26tos%3D11,0,0,0,0%26mtos%3D11,11,11,11,11%26amtos%3D0,0,0,0,0%26mcvt%3D11%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D11%26pst%3D-1%26dur%3D31370%26vmtime%3D-1%26dvs%3D11%26dfvs%3D11%26dvpt%3D11%26is%3D33554707%26i0%3D33554707%26ic%3D4096%26cs%3D33558802%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2058%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D362636435%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D2768%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,11&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.06%26t%3D1675409180484&sdkv=h.3.554.1&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4MDY4MTE0NDAyNDIMNjQ2NjM3OTcwNjk4QKkFUiYQDyUAABBCKAE6C0prOHRWM1pJZlRjQglnb29nbGVhZHNImAJQABgB

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 /
track-selectmedia.com/trackv4/ 0
17 B 146ms
145ms Image
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=261X464&d19=10&d2=1675409100&d20=109.0.5414&d23=tag_d575c309-a219-4edc-9a6d-329742096898&d24=a32de10b-2590-422c-b5f1-696dfc2c42d2&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=e79ac444-bf2e-42ea-a4d1-70a33b600b8e&d4=6907fb17-c9bc-4a36-876d-61bb4a640342&d5=edivaldobrito.com.br&d8=1&d9=Windows&channelkey=dHMxPTY5MDdmYjE3LWM5YmMtNGEzNi04NzZkLTYxYmI0YTY0MDM0MiZ0czI9MSZ0czM9MiZ0czQ9MQ==&d28=1164&d33=8&d34=1800&d35=1&d36=1&d37=1&d38=1&d26=464x261&d27=1&adSourceKey=YWRzMT03NmEzYTA4My03NWJiLTRhMDYtOGRiYy0wNmY4ZjNmNzZkODAmYWRzMj0xJmFkczM9MiZhZHM0PTAmYWRzNj0wJmFkczc9MSZhZHM4PWU0YjViMzExLTg2YzgtNGMxMC05ZjNiLWM3OTdhYjU1YTE2MiZhZHM5PTAuMTU=&d30=36&adsourceId=76a3a083-75bb-4a06-8dbc-06f8f3f76d80&cb=1675409180779-8e7cdf01-af3e-49ce-b4fe-4da1f72a8c48&e=5
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 204 /
track-selectmedia.com/trackv4/ 0
17 B 147ms
146ms Image
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=261X464&d19=10&d2=1675409100&d20=109.0.5414&d23=tag_d575c309-a219-4edc-9a6d-329742096898&d24=a32de10b-2590-422c-b5f1-696dfc2c42d2&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=e79ac444-bf2e-42ea-a4d1-70a33b600b8e&d4=6907fb17-c9bc-4a36-876d-61bb4a640342&d5=edivaldobrito.com.br&d8=1&d9=Windows&channelkey=dHMxPTY5MDdmYjE3LWM5YmMtNGEzNi04NzZkLTYxYmI0YTY0MDM0MiZ0czI9MSZ0czM9MiZ0czQ9MQ==&d28=1164&d33=8&d34=1800&d35=1&d36=1&d37=1&d38=1&d26=464x261&d27=1&adSourceKey=YWRzMT03NmEzYTA4My03NWJiLTRhMDYtOGRiYy0wNmY4ZjNmNzZkODAmYWRzMj0xJmFkczM9MiZhZHM0PTAmYWRzNj0wJmFkczc9MSZhZHM4PWU0YjViMzExLTg2YzgtNGMxMC05ZjNiLWM3OTdhYjU1YTE2MiZhZHM5PTAuMTU=&adsourceId=76a3a083-75bb-4a06-8dbc-06f8f3f76d80&cb=1675409180779-82365a18-ba64-4187-9d9a-3ff621f4db60&e=6
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 204 /
track-selectmedia.com/trackv4/ 0
17 B 145ms
145ms Image
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=261X464&d19=10&d2=1675409100&d20=109.0.5414&d23=tag_d575c309-a219-4edc-9a6d-329742096898&d24=a32de10b-2590-422c-b5f1-696dfc2c42d2&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=e79ac444-bf2e-42ea-a4d1-70a33b600b8e&d4=6907fb17-c9bc-4a36-876d-61bb4a640342&d5=edivaldobrito.com.br&d8=1&d9=Windows&channelkey=dHMxPTY5MDdmYjE3LWM5YmMtNGEzNi04NzZkLTYxYmI0YTY0MDM0MiZ0czI9MSZ0czM9MiZ0czQ9MQ==&d28=1164&d33=8&d34=1800&d35=1&d36=1&d37=1&d38=1&adSourceKey=YWRzMT03NmEzYTA4My03NWJiLTRhMDYtOGRiYy0wNmY4ZjNmNzZkODAmYWRzMj0xJmFkczM9MiZhZHM0PTAmYWRzNj0wJmFkczc9MSZhZHM4PWU0YjViMzExLTg2YzgtNGMxMC05ZjNiLWM3OTdhYjU1YTE2MiZhZHM5PTAuMTU=&adsourceId=76a3a083-75bb-4a06-8dbc-06f8f3f76d80&cb=1675409180783-d0fc1714-3f86-45eb-9bb8-f25febbe1731&e=11
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET activeview
pagead2.googlesyndication.com/pcs/ Frame E32E 0
0

POST multitracking
ghb.hb.selectmedia.asia/adunit/ Frame 20DB 0
0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 52ms
52ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.edivaldobrito.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 26ms
23ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.edivaldobrito.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
9 KB 445ms
445ms XHR
text/plain 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3122831324647189&correlator=1476270899425760&eid=31072030%2C31072038%2C31072042%2C31068367%2C31070233%2C44752586%2C31071662&output=ldjh&gdfp_req=1&vrg=2023013001&ptt=17&impl=fif&iu_parts=45470634%3A22456102421%2Cclickio_area_668841_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600%7C300x250%7C300x600&ifi=2&adks=1023641708&didk=1466660144&sfv=1-0-40&prev_scp=autorefresh%3D30_sec%26smart_position%3D1%26unit_type%3Dsticky%26ar_imp%3D0%26clsid%3D215867%26claid%3D668841&cust_params=adm_lazy_load_dev%3D400x400d&sc=1&cookie=ID%3D35e566bee3f76e45-2201ce4a8cdb0008%3AT%3D1675409177%3AS%3DALNI_MZ1L1YQvakRfHGoWGMn07Lj78X7EQ&gpic=UID%3D0000099e7e37b81a%3AT%3D1675409177%3ART%3D1675409177%3AS%3DALNI_MaIbVJSJeFEOPfFFKjKyHI2cnMTdg&arp=1&abxe=1&dt=1675409180847&lmt=1675409180&dlt=1675409174249&idt=3298&adxs=1090&adys=487&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker&frm=20&vis=1&psz=324x0&msz=324x0&fws=0&ohw=0&ga_vid=1349497048.1675409174&ga_sid=1675409177&ga_hid=1488797072&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2cd52d2e306fc8294bfd0d95c112b2218956795e7007f46c432aaa671a2f925

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9443
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 666B 6 KB
3 KB 103ms
49ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edivaldobrito.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 07:26:20 GMT
expires: Sat, 03 Feb 2024 07:26:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
12 KB 783ms
782ms XHR
text/plain 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3122831324647189&correlator=1476270899425760&eid=31072030%2C31072038%2C31072042%2C31068367%2C31070233%2C44752586%2C31071662&output=ldjh&gdfp_req=1&vrg=2023013001&ptt=17&impl=fif&iu_parts=45470634%3A22456102421%2Cclickio_area_668842_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=3&adks=676424135&didk=1464454246&sfv=1-0-40&prev_scp=autorefresh%3D30_sec%26unit_type%3Dsticky%26ar_imp%3D0%26clsid%3D215867%26claid%3D668842&cust_params=adm_lazy_load_dev%3D400x400d&sc=1&cookie=ID%3D35e566bee3f76e45-2201ce4a8cdb0008%3AT%3D1675409177%3AS%3DALNI_MZ1L1YQvakRfHGoWGMn07Lj78X7EQ&gpic=UID%3D0000099e7e37b81a%3AT%3D1675409177%3ART%3D1675409177%3AS%3DALNI_MaIbVJSJeFEOPfFFKjKyHI2cnMTdg&arp=1&abxe=1&dt=1675409180860&lmt=1675409180&dlt=1675409174249&idt=3298&adxs=453&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker&frm=20&vis=1&psz=761x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1349497048.1675409174&ga_sid=1675409177&ga_hid=1488797072&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64812001a4b1014e81fb2bb41d5acc50c54c9e1767d00713ddac6c4d38e47f9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11998
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 hhrtBw21.html Show response
tpc.googlesyndication.com/sodar/ Frame 4EE7 23 KB
9 KB 15ms
14ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 430117
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 07:57:43 GMT
expires: Mon, 29 Jan 2024 07:57:43 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js Show response
pagead2.googlesyndication.com/bg/ Frame 4EE7 36 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d65b424523b1e64fb52340f45082c73d7368cc40b9d19b877fc1c48c12f14c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:41:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14207
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Feb 2024 19:41:30 GMT

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
208 B 16ms
16ms Script
application/x-javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=2&ses_id=2eu64lt9dsf1z45917704590&area_id=668841&policy=ok&sub_id=1&f=__lxG__.tmp.rot_44johech744p07i9&rt=918089992
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/common_258.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: d9dbe1ef7c4388831878a564a03c93cc08ef4ba02fa1f73bcebf8adaa613b38c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
iseu: eu
content-encoding: gzip
server: nginx/1.16.0
content-type: application/x-javascript; charset=utf-8

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
207 B 16ms
16ms Script
application/x-javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=2&ses_id=2eu64lt9dsf1z45917704590&area_id=668842&policy=ok&sub_id=1&f=__lxG__.tmp.rot_44johech744p07i9&rt=918089980
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/common_258.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 26138cc89aa41766116f75a9338643295a6afd9cc9f746384c971fcd19157cab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
iseu: eu
content-encoding: gzip
server: nginx/1.16.0
content-type: application/x-javascript; charset=utf-8

POST
H2 204 collect Show response
a.clarity.ms/ 0
48 B 95ms
94ms XHR
text/plain 104.45.184.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-d/s/0.7.1/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.45.184.134 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.edivaldobrito.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: https://www.edivaldobrito.com.br
date: Fri, 03 Feb 2023 07:26:20 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2 204 playback
www.youtube.com/api/stats/ Frame 9F1F 0
0 61ms
22ms Image
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/api/stats/playback?ns=yt&fexp=44748969%2C44750824%2C44752657%2C44765701%2C44777649&el=adunit&cpn=32V3yQQ6PCY_98SI&docid=Jk8tV3ZIfTc&visitordata=CgtEZXQwTElvWXpCUQ%253D%253D&of=-_xhI4eL4MjOL53E0nwGhA&ver=2&cmt=0.205&fmt=18&rt=0.000&adformat=2_2_1&euri&len=31.370&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=109.0.5414.119&cos=Win32&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=28&rtn=10
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4EE7 0
20 B 52ms
52ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.554.1&bgai=BYOWtG7fcY7zdOuDL7_UP6YediAsAAAAAOAG6BRMI68GVyOn4_AIVoJj9Bx2NSQgx&bg=!wcKlwobNAAaq5O5FiuQ7ACkAdvg8Wp1Ntj7baM0SohX611Z1rIw-sv-_Q59jR8_isnGNWKkAeUK1vwIAAABoUgAAAAFoAQcKAGlq7OO4Y9THKrezOTcFrdtANQzHBSRnOk2R6kUsrKPtQIZ0lOTgnlRPf7G3Ujmc1RzhFKNPgsZyro7cPZOT1AvK1Ze9UfqcC1M-GyQd0c97ByM9eSwIWTyMC98S6Jc9g-o4fx3G4EWaAwyZAmssey-1NGyh8Hwi-YU6S7QVlqy9fH_rTJm1DuRItYZN-DXsS7IGBjFn2cj1AXPQCejkGSeNMjE17BJu4-pa5aw2Nx-whQSo9LpI0vkYmNeLfK-V2pmtMWLd6FsY-FSIIK3GQqj7DLYNBVbi-GGxnopAfV_aWs3Qi6svevoJSpDWKRTClRTKqgCxD40eDTE1vKzuipjkzkRzPYhDQsho032x6yTWEp354CLV3JDDbwlCkKKJY4knsJ6dO8iK_ttcBduwWpItEa2A9sfAviegFMxxJpyrZWsZ4qqjXUafbBFXHjUOYUtyL347_WuFq5w63SgEwOuwhe7CffgL2WP6m3U01k8FBpQbTiPG-sJWJRx2MW-c9OY8TDX4MhMZlA8rnocEzu1YAmmCYb6K9kBTPS3nBkbT5T_zD2A24YEttCjVrqp4hlS5gGmk1SLtybWYo6qiARTpT_kcTKE5MnmrC3JPyeSCOoa52OJ3BB9XZPSGuc2tVFXSc9-eS9pZV3QyUf__6B_E6k429Ev_CAN1iAINlD8X0zVChtGmoJIiyljKz29-f0rZTLjkeomDbcpXUbf15GecMA-ebtyJE8r5QHB6Es-GNg_dWvKWZQrynJHCuJdk85EIJzS8llPER2FDfrrvza9I2Ldwg34uLDh4vTIfniTciWY2uM7o2EcGjnAODd9tTFvCmPi3Tw3_lCqM-V6T6arpeYku4RN3of-gUmlDNWav-iY-ygkXjB4b9ZwdCE6Y8gxFv1GfW1nIWCxG6NONODebIu4D-LF5QiSLsa-_P84eh9YbdOkSb6zRerI1vkCoTPGywxXn6eFI

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 get-consent Show response
disclaimer-api.goadopt.io/api/tag/ 140 B
792 B 2483ms
2473ms XHR
application/json 2606:4700:20::ac43:4606
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://disclaimer-api.goadopt.io/api/tag/get-consent
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4606 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d26937719ffe8d381d1429fbb3aaf754f8ecdec01f5691df9407e3546a616bcc

Request headers

Referer: https://www.edivaldobrito.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 07:26:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"8c-LkaxHkFnTmyfc42c3lHWhXczhOc"
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.edivaldobrito.com.br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DgHOTGi9u9ibDyvkItAtj89lWI5KcH2ytImzbiM1kjb%2FSOqRjGN6hDsWTunC99nwGYJk4uxz6oYavEe1ZudKNLBytTSE6p1DUXjh3hIb8gCwaY5RTcz5FtnmVo4i9HtOeLtRbyAdGBtFIHI9hEnGCygdAK4qw3Y%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 5
access-control-allow-credentials: true
cf-ray: 79397015baf99043-FRA
access-control-allow-headers: Accept,Accept-Charset,Accept-Encoding,Authorization,Content-Type,Cookie,Set-Cookie,User-Agent,X-XSRF-TOKEN

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 62ms
61ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230201&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad6061865d4e0bc589376328ebf6f4fc4c6a09b2cc03b9575b2b625ac78e9124

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11194
x-xss-protection: 0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=EBFD74D54BF342E0B075C9DB0CD7D554&RedC=c.clarity.ms&MXFR=204D234EF88D616C0C7431E3FC8D6F0A
https://c.clarity.ms/c.gif?CtsSyncId=EBFD74D54BF342E0B075C9DB0CD7D554&MUID=238A79960835675522316B3B095E66C8

42 B
368 B

29ms
28ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=EBFD74D54BF342E0B075C9DB0CD7D554&MUID=238A79960835675522316B3B095E66C8
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:21 GMT
last-modified: Tue, 17 Jan 2023 20:36:49 GMT
server: Microsoft-IIS/10.0
etag: "b1c8df6cb32ad91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0C6CDCE9EE734BB397C1A2BD11F3B7D0 Ref B: FRAEDGE1511 Ref C: 2023-02-03T07:26:21Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=EBFD74D54BF342E0B075C9DB0CD7D554&MUID=238A79960835675522316B3B095E66C8
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 200 /
clickiocdn.com/utr/wv/ 42 B
158 B 15ms
15ms Ping
image/gif 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/wv/?prism=0&url=%2Fwp.serviceworker&eid=215867&wh=1600x1200&rnd=91770300045&lid=0&tid=0&ttfb_green=267.900&ttfb_green_cnt=1
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/215867/360.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 07:26:21 GMT
cache-control: no-cache
iseu: eu
server: nginx/1.16.0
content-length: 42
content-type: image/gif

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 101ms
101ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 07:26:21 GMT

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 15AC 37 B
139 B 11ms
10ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/prebid/7_30/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Fri, 03 Feb 2023 07:26:21 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 573A 13 KB
5 KB 17ms
16ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edivaldobrito.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1249
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 07:05:32 GMT
expires: Sat, 03 Feb 2024 07:05:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 69AE 783 B
532 B 55ms
54ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c924f1db6758555dd6ef7812ab8a54b89ffc05262a7087d7756e3b71f949b441

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hsnhboODSeRyKb4adIMMtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.edivaldobrito.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 510
content-security-policy: script-src 'report-sample' 'nonce-hsnhboODSeRyKb4adIMMtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 07:26:21 GMT
expires: Fri, 03 Feb 2023 07:26:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js Show response
pagead2.googlesyndication.com/bg/ Frame 573A 36 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d65b424523b1e64fb52340f45082c73d7368cc40b9d19b877fc1c48c12f14c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:41:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42291
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14207
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Feb 2024 19:41:30 GMT

GET
H2 200 container.html Show response
7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5F9D 6 KB
3 KB 15ms
14ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edivaldobrito.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 07:26:20 GMT
expires: Sat, 03 Feb 2024 07:26:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5E06 0
856 B 15ms
14ms Script
text/html 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:26:21 GMT
AN-X-Request-Uuid: 90c672cc-2d19-4707-b732-e5d80aec5a57
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 69AE 0
0 48ms
48ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230201&jk=3122831324647189&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame DC04 0
856 B 22ms
21ms Script
text/html 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:26:21 GMT
AN-X-Request-Uuid: 43b728fc-4f67-4df3-bf4b-4d3bb6110be9
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 573A 0
10 B 20ms
19ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?rgbJFA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:21 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 / Show response
clickiocdn.com/utr/logst_sa/c2FpZD02Njg4NDF+NjY4ODQyfjY2ODg0MX4tfjY2ODg0Mn42Njg4NDF+NjY4ODQyfjY2ODg0MX4tfi1+NjY4ODQyfjY2ODg0MX42Njg4NDJ+NjY4ODQxfjY2ODg0Mn42Njg4NDF+NjY4ODQyfjY2ODg0MX42Njg4NDJ+NjY4O... 38 B
206 B 20ms
20ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_sa/c2FpZD02Njg4NDF+NjY4ODQyfjY2ODg0MX4tfjY2ODg0Mn42Njg4NDF+NjY4ODQyfjY2ODg0MX4tfi1+NjY4ODQyfjY2ODg0MX42Njg4NDJ+NjY4ODQxfjY2ODg0Mn42Njg4NDF+NjY4ODQyfjY2ODg0MX42Njg4NDJ+NjY4ODQxfjY2ODg0Mn42Njg4NDF+NjY4ODQyfjY2ODg0MX42Njg4NDImc3NpZD1+MSZhY3Q9ZHluX3BnX3Bvc19mc34tfmdfZXZfc3JlbmR+Z19ldl9zcmVxfi1+Z19ldl9zcmVxX2xsdl80MDB4NDAwZH4tfmdfZXZfc3Jlc3B+Z19ldl9zcmVzcF9sbHZfNDAweDQwMGR+c2xvdF9jYWxsX2FkbX4tfnNsb3RfY2FsbF9hZG1fbGx2XzQwMHg0MDBkfi1+c2xvdF9oYl9lbmR+LX5zbG90X2xsX3Zhcl80MDB4NDAwZH4tfnNsb3Rfcm5kcl9jbGx+LX50Z2xfc18yX29rfi1+dGdsX3NfMl9va19va34tfnVuaXRfaGJfZW5kfi0mcGx0Zj1+MCZ1cmw9fnd3dy5lZGl2YWxkb2JyaXRvLmNvbS5iciZ2Y250PTI1Jl9mPV9fbHhHX18udG1wLmxvZ3N0X2t3MmdjNmNrYmt1MHd1NTg/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/215867/360.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 4cdbb894fbe355574584c0a2b53820dc2af999af96346aadcc75824270260da9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 07:26:21 GMT
cache-control: no-cache
content-encoding: gzip
iseu: eu
server: nginx/1.16.0
content-type: application/javascript; charset=utf-8

GET
H2 200 / Show response
clickiocdn.com/utr/logst_sa/c2FpZD1+NjY4ODQxJnNzaWQ9fjEmYWN0PWdfZXZfc3JlbmRfbGx2XzQwMHg0MDBkfmdfZXZfc3JlbmRfbmV+Z19ldl9zcmVuZF9uZV9sbHZfNDAweDQwMGR+c2xvdF9hZG1fcmVwbHl+c2xvdF9hZG1fcmVwbHlfbGx2XzQwM... 38 B
206 B 16ms
16ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_sa/c2FpZD1+NjY4ODQxJnNzaWQ9fjEmYWN0PWdfZXZfc3JlbmRfbGx2XzQwMHg0MDBkfmdfZXZfc3JlbmRfbmV+Z19ldl9zcmVuZF9uZV9sbHZfNDAweDQwMGR+c2xvdF9hZG1fcmVwbHl+c2xvdF9hZG1fcmVwbHlfbGx2XzQwMHg0MDBkfnNsb3Rfcm5kcmRfY29udGVudCZwbHRmPX4wJnVybD1+d3d3LmVkaXZhbGRvYnJpdG8uY29tLmJyJnZjbnQ9NiZfZj1fX2x4R19fLnRtcC5sb2dzdF9iNmZmZ2FqZjdrdXFxaTc1/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/215867/360.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 90e74bb9afd4f512028ec3fbcaff71c5b136de035dfd0566c3692eca3383c20d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 07:26:21 GMT
cache-control: no-cache
content-encoding: gzip
iseu: eu
server: nginx/1.16.0
content-type: application/javascript; charset=utf-8

POST
H3 204 trackv4 Show response
track-selectmedia.com/ 0
17 B 149ms
148ms XHR
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://track-selectmedia.com/trackv4?bulkV3=true&version=1164&uuid=ef95e17a-992f-4b92-a09d-a54347e58b7d
Requested by: Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/selectmedia-player.umd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.edivaldobrito.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 03 Feb 2023 07:26:21 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: https://www.edivaldobrito.com.br
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials: true
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 container.html Show response
7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DE3D 6 KB
3 KB 14ms
13ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edivaldobrito.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 07:26:20 GMT
expires: Sat, 03 Feb 2024 07:26:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 204 trackv4
track-selectmedia.com/ Frame 0
0 146ms
145ms Preflight
application/json 34.117.33.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://track-selectmedia.com/trackv4?bulkV3=true&version=1164&uuid=ef95e17a-992f-4b92-a09d-a54347e58b7d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.33.117.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.edivaldobrito.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.edivaldobrito.com.br
allowedheaders: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
allowedmethods: GET , POST , PUT , DELETE , OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json
date: Fri, 03 Feb 2023 07:26:21 GMT
referrer-policy: no-referrer-when-downgrade
via: 1.1 google

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame EE33 624 B
242 B 65ms
63ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDW4pWXBBjBz9DdATAB&v=APEucNVAJ1VuJgveqLxMJ0fCOSD0_KeHK1ePx8nuYqiRBQ_jwOxCwutE6MoCjk3vKAx9q-kPXmQS6nar_Df56XCdIo0iK95p8vCkcbwbHb8jrci5iW4YGREmjL5-hxviafw8bem4XRwH28rueujB0unWeJTFsyfttgIAOIDNOLRhiirwH_HF1MI

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 07:26:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5F9D 78 KB
27 KB 92ms
89ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 03 Feb 2023 07:26:21 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F9D 42 B
63 B 51ms
47ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ANdnyrFuCprzfUR7XttggrV34wF5ZPRm11k9EnbuV5-z4BaaO2Zne2KpD2KzEKl6R5GbFwLUJlr2-q-BMFy9xibabwe-K9gkzPRhnw7qLLHhjFJyM

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F9D 0
20 B 52ms
48ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7621885423377363915&x=1&ct=77

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame 5F9D 32 KB
8 KB 80ms
19ms Script
application/javascript 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:21 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad4.adfarm1.adition.com/ Frame 5F9D 3 KB
2 KB 75ms
22ms Script
application/x-javascript 217.79.188.46
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.adfarm1.adition.com/js?wp_id=4789019&clickurl=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CbNCkHLfcY9-AOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI-qAMBqgScAk_QABdDLWJgDdql-Y8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK_yDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy-ROQus4ONk606w_tw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc-Fz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr-pxkP_Q3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB-0zWOdZlsiD6Bw2O0b7TM_PzWTY7bLpdxTRSXHBwAS-6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP_4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ&ae=1&num=1&cid=CAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9-4t1agop8KMjbhZB_DE4Pphj7CIWewi8Vt_VPsNGAE&sig=AOD64_24fgIIhksGdUEcUov-IzxWcX2nSg&client=ca-pub-3104790387792468&dbm_c=AKAmf-BB-RN16U0kK5csgsVYdTo_RZS0BsMUoOhm0Q9xIEFKnzMF_Gr8N4tUFCD-k86j9F_XdYuAkZB8JmGubO_fsflbu3gcZ6eS2x_UdZEp-SuLTS7x_umJJois8QhO_FLFxlhfcJ7Ez1sl6G1yIO_H1i1XKZrbmMfWtV60ue_E0gRVmH39zUA&cry=1&dbm_d=AKAmf-BcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL-TpJLV-7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A_iK_jiBNiyE_zYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9_9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG-9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC_WEA_h0LCOha-fO81Q9tjU85bwyqOwft-bj_DF-Kt4CN70E-uz1RavtbcpTY-G4AQvg6wF2hAcQlhDLv-vYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM-lsw9ZbG5-wUUIoTfhIv8cuob8_n1jppAAGWkls4Xm4CNZmKAnes1i_tHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf-Fe1fgr5HXH9_T_b7HcL-P32DPL4KxVMTJ_yLk67GO2SGZtpTtrhu-Nn7LmsMv253XVMt26dQswqRf&adurl=
Requested by: Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad4.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 894009d5fbfce93d5bc2558ae22f5e080399d3b5fb8a633d7f5493749af75258

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Fri, 03 Feb 2023 08:26:21 +0100
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 5F9D 3 KB
1 KB 20ms
17ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:54:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 06:54:33 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 5F9D 18 KB
7 KB 25ms
22ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:19:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43616
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:19:25 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5F9D 0
0 53ms
50ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRll3Cfa0vMqfO9OVpsXAw4P5hBmaGtv-AO9nKk52ojguFihsvyfwNWuNA4Sxnmk4jyksYPDpKreh5RcpC5Sgob3HhwDw
Requested by: Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5F9D 157 KB
48 KB 31ms
28ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 07:26:21 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DE3D 0
0 68ms
68ms Fetch
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CNs92HbfcY8auENiq3gPRlIbACcme0rFc1Z2R93DAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItMzEwNDc5MDM4Nzc5MjQ2OMgBCakCnYpr6GVIsj7gAgCoAwGqBK8CT9CM9VwO12ABx27RN6womKTQyNV3RqedX07HJJxSH6JbYAOBfMC6PO-B35VlovPzmiMAax7iFZ9ogpuBE9hy6INDRNNNCGBTay-HN9eSd5r7Wx1W9NjSLe1E2vaMzOl1FNy2O3d5a3PfrjyvrKG97zVJA23r16UyCCuqKfXSqN7exSYrf2O08li4u7F5W7C9zir8auUjI_tjIeljthnFlALTz-XlpNf3H0-CrX6OEbxpLmBFV-pedYTrE3squ6bMnlo4gFa6ePwfdFKKaHIXAncarufhqqimqBJX0Cci2NLK8Yj4VsiYcgXnF3XaZoTav1b_jzK_8kkw3kpgg723kuSthmNYx_KmfTAIujCibMgxsnNQvT9zY-TSest7U5Yma4cjLtv1tZL5wIZF80aF4AQBgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTIzNDQwMzIyODIwNzYxNYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zMTA0NzkwMzg3NzkyNDY4GLqqGQ&sigh=mfa6anYzWLM&uach_m=[UACH]&cid=CAQSOwDUE5ymfvWwLsUGOq9ozVCCsWC-4Gb55NsrBy8t5UpOr-nq5zTi_IsPHR9SQ0lio05avtKSuUKTslqnGAE
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame DE3D 0
0 76ms
17ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kqW_EOjMCcoHWp2DYgICAAAA9vh_BCIHPwCyoA6HEBy33GMnM4OApOk9jjuzIQASAAAKDkFRVUJCUVlCQlFFQkJR&wp=Y9y3HQAEF0YKd5VYAAGKUVTqe9cL0ZfW-MHdJg

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:20 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 250702
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 5D31 143 KB
48 KB 325ms
96ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9y3HQAEF0YKd5VYAAGKUVTqe9cL0ZfW-MHdJg&u=%7CFF9vLh6mjRj384ase5XvM6y5nzQaxsIhI4E2qUYXXg8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZejSh2I_Z98Df1RVnCcnF7H_Bw7Cmz_Qxu_sm19cndC1FcI2IRJFvAM-LBoy9taY1_4wpa3SMwMPv822su6k5A2HBk3lM4nZdIJOoactcHECXVrILvf8apYuo9ruqHUZgSNnQvPdeRrf7bziFvKKcqNGJ_T4VnxN2HN5j08HDu_I-kjbRJ9m9qk0yBJoYuF-g8tN6N3LSD7eWXh1uHSQ0bgdGoffIH-3AGdZ_lkkSKIY55-eOA2FzRCZvyr6YpSwhF7W92lzoi4U7XQFEd1mN3lEfgP-6CiZBbM2yFzjlTMU64QK4wuJc-qNK0HcLghXcMy0h7nUKprP7ak5-kwabSc4fpa4OIeiRjv1hs94y1fTxoAuSQBKeMlpD3HiiLlwbjlwtW8UXXQKpyqIDIt4-d_rPjaMKNI4Qe7M-O33X-H_IQzTVACLNdjl1P8sCca57zumIsHR9rmqunUxpIbiNJiWZ72WpGbgBPJn6YbzDeci9gB6_jrXUrHOxnUWCDd4UiXdlZkFPgLqa2V7gkIyfv3vLtESnueVmL2YmOU7m1S3rdZRB0zv926k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPSLoHbfcY8auENiq3gPRlIbACcme0rFc1Z2R93DAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItMzEwNDc5MDM4Nzc5MjQ2OMgBCakCnYpr6GVIsj7gAgCoAwGqBLICT9CM9VwO12ABx27RN6womKTQyNV3RqedX07HJJxSH6JbYAOBfMC6PO-B35VlovPzmiMAax7iFZ9ogpuBE9hy6INDRNNNCGBTay-HN9eSd5r7Wx1W9NjSLe1E2vaMzOl1FNy2O3d5a3PfrjyvrKG97zVJA23r16UyCCuqKfXSqN7exSYrf2O08li4u7F5W7C9zir8auUjI_tjIeljthnFlALTz-XlpNf3H0-CrX6OEbxpLmBFV-pedYTrE3squ6bMnlo4gFa6ePwfdFKKaHIXAncarufhqqimqBJX0Cci2NLK8Yj4VsiYcgXnF3XaZoTav1b_jzK_8kkw3kpgg723kuSthmNYx_KmfXIKm6Il41QiDe9EHu9OxRzbbsHNWbg-6TPrE30HCozV2APvd1U6He-54AQBgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTIzNDQwMzIyODIwNzYxNfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0xoTTUBn4dsXgK9xc5uY1s7R6OKQ%26client%3Dca-pub-3104790387792468%26adurl%3D

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

23e93bea2bcbca4a18d0aedbf1ffc6675d31d45071b0c4e9a8539c159ec2c91d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 07:26:21 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=0S6UMr-DKed_u908-E7XIjaS0UiUWtZBQFKdKOqInP0mCTvhxZMGWIgC5pD4I22DKgVW_GqJjg7WFcgzEEM86de8VG-LMtOfuEdx4Eb0EKblIqIjtZR1FD2Smdcx2hi27xVVXyxr5tIoCBEWGvv5R_4dH6BhxdnP1L89oEzZDeFabC_qgPUxJlMJjxMdzyvlA2VRtK1Vf8rCAX6m0VUG0hQVz3EUKzQUSgw-aJD8pgT8KGWk4GOJwAgB5hQ_zLBjfS_fJw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 76424883
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame DE3D 3 KB
1 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:54:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 06:54:33 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CE87 1 KB
643 B 16ms
15ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 60184
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 14:43:17 GMT
etag: 48472445140208031
expires: Fri, 03 Feb 2023 14:43:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame DE3D 18 KB
7 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:19:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43616
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:19:25 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DE3D 0
0 54ms
52ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS9yrwpIzAp926B06KIG7p8pZ8MOkwCnrTEjlhooF0YbyiBVa9lue0z9XvSS6nAMQS7Eh_CVBaFmZORxAD7PgXlp2UDSQ
Requested by: Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame DE3D 24 KB
6 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 11:22:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 158642
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 01 Feb 2024 11:22:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DE3D 157 KB
48 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 07:26:21 GMT

GET
DATA 200
OK truncated
/ Frame DE3D 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c645724c390e3fe6c3460ec9dbd30976e0a0749519a12b71c7d615aa7303bd0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CE87
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEH1ZZ1zKRvH6jDwMPCqk6aE&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEH1ZZ1zKRvH6jDwMPCqk6aE&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dDdEeWQyWk8xUG5Rc0o1&google_gid=CAESEH1ZZ1zKRvH6jDwMPCqk6aE&google_cver=1&google_push=Aa02lx-WcsHKijQiDnP-UJ_nFzfebWl5lXleQkm4Z96VQrX...

170 B
188 B

27ms
27ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dDdEeWQyWk8xUG5Rc0o1&google_gid=CAESEH1ZZ1zKRvH6jDwMPCqk6aE&google_cver=1&google_push=Aa02lx-WcsHKijQiDnP-UJ_nFzfebWl5lXleQkm4Z96VQrXWcYUpkJ_wlYuF9Yk46oYJeAwfiMncJfd6j0MJB2ogZjcFlhVp6Mjw

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:26:21 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/d601d38#rel-ec2-master i-05a89a035fd5ddeba@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dDdEeWQyWk8xUG5Rc0o1&google_gid=CAESEH1ZZ1zKRvH6jDwMPCqk6aE&google_cver=1&google_push=Aa02lx-WcsHKijQiDnP-UJ_nFzfebWl5lXleQkm4Z96VQrXWcYUpkJ_wlYuF9Yk46oYJeAwfiMncJfd6j0MJB2ogZjcFlhVp6Mjw
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame CE87 70 B
264 B 35ms
31ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESECCEhNqCrGyYn1RObZNLCuI&google_cver=1&google_push=Aa02lx-2D6aNlpPhMwNF6U8L-rwX5f8wcsM06Ov-8QHcvJDzdBHylwpCq8fenl6soFRRObSOfV_ynAO7_3yK4-etWyvW3NtOR7s
Requested by: Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 03 Feb 2023 07:26:21 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CE87
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELC2vdJQ7hqPJLZhdNEx0ag&google_cver=1&google_push=Aa02lx-VaYMfhBS9Z-19D1UFlsmv3h1_jAmOSQlc7mbb0R5Kh_sFgkQNtsLukkCZ26K-CDZKVVmF3ua-NdbOGoJhOGugqO0...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx-VaYMfhBS9Z-19D1UFlsmv3h1_jAmOSQlc7mbb0R5Kh_sFgkQNtsLukkCZ26K-CDZKVVmF3ua-NdbOGoJhOGugqO0mOUA7&google_hm=eS1nM3RaNDBWRTJwRmNqVz...

170 B
188 B

26ms
26ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx-VaYMfhBS9Z-19D1UFlsmv3h1_jAmOSQlc7mbb0R5Kh_sFgkQNtsLukkCZ26K-CDZKVVmF3ua-NdbOGoJhOGugqO0mOUA7&google_hm=eS1nM3RaNDBWRTJwRmNqVzNzM0ZEaDR1TW9Ka0hkVVphQn5B

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 03 Feb 2023 07:26:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx-VaYMfhBS9Z-19D1UFlsmv3h1_jAmOSQlc7mbb0R5Kh_sFgkQNtsLukkCZ26K-CDZKVVmF3ua-NdbOGoJhOGugqO0mOUA7&google_hm=eS1nM3RaNDBWRTJwRmNqVzNzM0ZEaDR1TW9Ka0hkVVphQn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CE87
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKYBmDJH6kLala6cArQ1IZQ&google_cver=1&google_push=Aa02lx_oC0pgcGZ6CNLFg_zEqegL9LChIt09Xb-FDtsDBtCJ8uc-Ub3_if98ZrOBKMoU6ax-MLeG-aZR932hR2z7s...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKYBmDJH6kLala6cArQ1IZQ&google_cver=1&google_push=Aa02lx_oC0pgcGZ6CNLFg_zEqegL9LChIt09Xb-FDtsDBtCJ8uc-Ub3_if98ZrOBKMoU6ax-MLeG-aZR932hR2z7s...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_oC0pgcGZ6CNLFg_zEqegL9LChIt09Xb-FDtsDBtCJ8uc-Ub3_if98ZrOBKMoU6ax-MLeG-aZR932hR2z7s5JzxhwRGLHa&google_hm=GF_euGZHQ3cUqqYJR_2ta9_q

170 B
188 B

27ms
27ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_oC0pgcGZ6CNLFg_zEqegL9LChIt09Xb-FDtsDBtCJ8uc-Ub3_if98ZrOBKMoU6ax-MLeG-aZR932hR2z7s5JzxhwRGLHa&google_hm=GF_euGZHQ3cUqqYJR_2ta9_q

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 03 Feb 2023 07:26:21 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_oC0pgcGZ6CNLFg_zEqegL9LChIt09Xb-FDtsDBtCJ8uc-Ub3_if98ZrOBKMoU6ax-MLeG-aZR932hR2z7s5JzxhwRGLHa&google_hm=GF_euGZHQ3cUqqYJR_2ta9_q
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CE87
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEMIxdNAVHFl45BwWzra_Svg&google_cver=1&google_push=Aa02lx-jYdqBC2GZLjKmEraEcDkEzjsSShnZwaywua3l6qw5iDCUb1mPMYMVp0yeSbpjEWaoKiSxllEtDr_1Eni34Wipbg...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEMIxdNAVHFl45BwWzra_Svg&google_cver=1&google_push=Aa02lx-jYdqBC2GZLjKmEraEcDkEzjsSShnZwaywua3l6qw5iDCUb1mPMYMVp0yeSbpjEWaoKiSxllEtDr_1Eni3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=kYsrOsN-QjWjRhVvSojlag&google_push=Aa02lx-jYdqBC2GZLjKmEraEcDkEzjsSShnZwaywua3l6qw5iDCUb1mPMYMVp0yeSbpjEWaoKiSxllEtDr_1Eni...

170 B
188 B

29ms
27ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=kYsrOsN-QjWjRhVvSojlag&google_push=Aa02lx-jYdqBC2GZLjKmEraEcDkEzjsSShnZwaywua3l6qw5iDCUb1mPMYMVp0yeSbpjEWaoKiSxllEtDr_1Eni34Wipbgxvdp5v

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=kYsrOsN-QjWjRhVvSojlag&google_push=Aa02lx-jYdqBC2GZLjKmEraEcDkEzjsSShnZwaywua3l6qw5iDCUb1mPMYMVp0yeSbpjEWaoKiSxllEtDr_1Eni34Wipbgxvdp5v
access-control-allow-origin: *
date: Fri, 03 Feb 2023 07:26:22 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame CE87 0
45 B 199ms
22ms Image
text/plain 185.86.139.101
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEOO0UMeQaXLbTClg34ks4jg&google_cver=1&google_push=Aa02lx-mOX4LQB5-rRuum8LOmMObbTIbNvF9p2b_eF6YrHQgQ7w_TanOFM1A8PyNQVhoTi28Ale-hMoKBcITohdAUK9z4SyE7ko
Requested by: Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:21 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CE87
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEEJ9IoorZuytjDs7vPQuW4M&google_cver=1&google_push=Aa02lx-m8WnIDJYmAVGMhuF1O_xOXiZMz2OSRNzCszbtYOgf6JI_FQPD9dn2fLhcSmT9Ocv-C9...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1BN2pqRkdWRTJ1RzViVnRNU2lRTWhiT1BGUUx0dGNocn5B&google_push=Aa02lx-m8WnIDJYmAVGMhuF1O_xOXiZMz2OSRNzCszbtYOgf6JI_FQPD9...

170 B
188 B

28ms
28ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1BN2pqRkdWRTJ1RzViVnRNU2lRTWhiT1BGUUx0dGNocn5B&google_push=Aa02lx-m8WnIDJYmAVGMhuF1O_xOXiZMz2OSRNzCszbtYOgf6JI_FQPD9dn2fLhcSmT9Ocv-C9wBmgmVhSWBrXGeThHaGDdTLsHY

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1BN2pqRkdWRTJ1RzViVnRNU2lRTWhiT1BGUUx0dGNocn5B&google_push=Aa02lx-m8WnIDJYmAVGMhuF1O_xOXiZMz2OSRNzCszbtYOgf6JI_FQPD9dn2fLhcSmT9Ocv-C9wBmgmVhSWBrXGeThHaGDdTLsHY
date: Fri, 03 Feb 2023 07:26:21 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame CE87 0
12 B 23ms
22ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KH9smcjtCUFeZhM1z5QLxqzrselN5xV0DUtab_YyfKXqqb7dBGJJ2N86fEjcDJYRq-eEcV7w

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:21 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame EE33
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGRWwDpGD6uFJWCeZXfguhw&google_cver=1

43 B
632 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGRWwDpGD6uFJWCeZXfguhw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDW4pWXBBjBz9DdATAB&v=APEucNVAJ1VuJgveqLxMJ0fCOSD0_KeHK1ePx8nuYqiRBQ_jwOxCwutE6MoCjk3vKAx9q-kPXmQS6nar_Df56XCdIo0iK95p8vCkcbwbHb8jrci5iW4YGREmjL5-hxviafw8bem4XRwH28rueujB0unWeJTFsyfttgIAOIDNOLRhiirwH_HF1MI
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:26:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGRWwDpGD6uFJWCeZXfguhw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame EE33
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9y3HGQZSZe3VrOGdnYKPAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGRWwDpGD6uFJWCeZXfguhw&google_cver=1

43 B
632 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGRWwDpGD6uFJWCeZXfguhw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDW4pWXBBjBz9DdATAB&v=APEucNVAJ1VuJgveqLxMJ0fCOSD0_KeHK1ePx8nuYqiRBQ_jwOxCwutE6MoCjk3vKAx9q-kPXmQS6nar_Df56XCdIo0iK95p8vCkcbwbHb8jrci5iW4YGREmjL5-hxviafw8bem4XRwH28rueujB0unWeJTFsyfttgIAOIDNOLRhiirwH_HF1MI
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:26:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGRWwDpGD6uFJWCeZXfguhw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame EE33
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBmhzAh921lYgRT2CBs3BWs&google_cver=1

43 B
1 KB

14ms
14ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBmhzAh921lYgRT2CBs3BWs&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDW4pWXBBjBz9DdATAB&v=APEucNVAJ1VuJgveqLxMJ0fCOSD0_KeHK1ePx8nuYqiRBQ_jwOxCwutE6MoCjk3vKAx9q-kPXmQS6nar_Df56XCdIo0iK95p8vCkcbwbHb8jrci5iW4YGREmjL5-hxviafw8bem4XRwH28rueujB0unWeJTFsyfttgIAOIDNOLRhiirwH_HF1MI

Protocol

HTTP/1.1

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:26:21 GMT
AN-X-Request-Uuid: 3f3fc016-9b84-4a92-b6e6-95de69936a47
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBmhzAh921lYgRT2CBs3BWs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE33
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU4OTk4NTIwMzYwNjM0MzY0

170 B
188 B

28ms
27ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU4OTk4NTIwMzYwNjM0MzY0

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 03 Feb 2023 07:26:21 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ad4664e8-9dff-435e-bc3b-2a210f034a60
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU4OTk4NTIwMzYwNjM0MzY0
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F9D 0
20 B 47ms
47ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1853413591754&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F9D 0
20 B 47ms
46ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1853413591754&version=m202301230201&ct=77&x=1&cor=7621885423377364000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5F9D 28 KB
17 KB 81ms
80ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CGhKvPX54DPFlrhKv1ddu4DwArdIg9m6jt1LHm7Vd4bsQgMO5OcV9DTnKNlWvYF0b2wfRHBE-P4E5KgMLO00A0inGd4PPnJR-7mzjaueAWtFjYwHzgQRaMLE6u44Lj5PNXXb_3OSjZGgsEsHGmk3CdGAKsH6WqDGmbOc6hIsu9TF85stI&cry=1&dbm_d=AKAmf-DKDrjLVnde0fRSOUuf5lrYErsf4KPscQYHuXsoJSAAvS_rvn0rIR2JREwtvaONtgnDqfY8yK1grcU4rrGReOiala1ov5ijsjqxXkGHp-1nL6xcllVxEqDc846IeZGzn79o5WgUOvC9sGyHi96V9wr6sMIid3UWxrTdcBGums0-F8Z6iVU8Ss-N1blTIcbCcOE2o9xv5TpONp8mfpag9lZoLDgJL7jeGtfqUzcBU_b1EiMRSlUsW0HdWUSFk_55tMLClebVhSwDxKxGPo0G60PB8YaepjfowysI0Gfaq_sUD1q89HeCeBWageZJ-rTy5mfKoWQkBushsj0WsS1GMpN2hatE53_PgqgBsmrdZdlyVwqNO0qAgvoCdV6Kc1-ajrnKK4JwexvyDr2viKfMA5ZHuuZjTQQkScLqQzvI9kkyv7bWgEsRnzOdVdUShtAhC19U2bSSCz3SXGIT1gSfBPiUFWYkA9sJ3vEySNNpnJwEgqJieGneq5P8UM6hxfl-08h8w5oOrtTpQC2EvuY_eAKP_td7gmo5hmlL1_f-iUM9SqLB6qAilg0N_-RRykNYZbNb_2BEEu3LDwiJ3x6wEfDKriz58rfo0FRTtdfbxRTV1pfWtgyaCah-7Vow9eGZDtkYyJXC4SD1FsEMuAaUqlCUVStK0OwzoihqAPLyKB-1xpcmK78AKtooBu_S3neOIg1RKphxiv-JKOY44HDnoohJR0zLShht586xWNLzN_mALaZLjz_czBIFXOnF9rptmFx6_ZV5PgRUTZmO7K7nRscF0flMbm_1uU4kGC71NR-uz1-KTtjBKVSNYy_WAeO-Agd8UWjvWHwgex_F5TggHYT17tcSCMmF4N2yyQ8D83gkpLXTmLcNkpEI8s_YFE8wB-YWNWSGoUb_0NUfNG0Dwlk8A0Du1VR-x8XbKR0ksgVDhlvZpT2yqrKLqcT38zkPyhq7JDuimvJBnEZdcFe5KbRNj4XmtJe1JzEIsZqP7gWWgH3XYAISo5Pr0Y6dCEUxQYLu_vVZthK8cpzSxSqz-zBsedBbmROSaRq_jPKc_peDGPU92MnPtPm7zmiJ65wqg-0nMbUpFyJzALRW5lE1onFmWi0ubhQFQrAJ_Sko1qu6S8dQoUPQDgnY3pTuY9colXCfGG2VcgN2qyqpg2boIRCQ6DgQmf3LfAmSmLaAr6XaoMf5FkICnw-aCsx_xMmxdrKwk-gLvZw8DCoYppjnWKynp3rgtt1Ilu6G7e7D0r0FGzYWe9HmZwLXFLLp0HgcrgqtpE_cGDgki8xNaFOpuj_-TGttSkW7__jr8plYq4LSOhfF9GZpb141vVsfkdle0jb0gpoYz9Sy09QcRPaoOh7S9V4mCvpDnb9bVe9KPbuY-tAcK8qD5Xi7csN1p5Xa9f9qeQ8yorXlfsNGtNqmk_IB7Xa0MieMgAnNttk0KldhmqtzC1OC0KZAU2B5xAyPADBaWnKDF4XCP21qjeGLCXiHaD7eo4q_iy_1_USM6FXSeEfp2JLRqwde_lwZY8unLWSlxYrh95fqq2aoTHK2nlRE2AO5PozCR7WGrv5n-833ZL1DNIOQESGsw5hSEa2c6Nhlx8fyGVcgmSPpsV3MK2og0a4pEC2ALSPGN3-lCgMIhwazZ5XO3-4AbSu6ArpFtZn5tx2PT4Vg0IxeM2J98f9GvQppjRwlYddYOMHiOB-OH3xMOiottMn1Hzkg_1w4uuW1TC8NeTAcvRYrdSV4poDZfBxEea6xM4F-dnkv2H9sq7VxThXFPaSOhMQd_tmjYd2OQZGLq1GSG6ni-LjgKDP0pInVduz552-uoTrLDhC-BO61fXF7rdIMJAY-1A7S6yiKnv1bF-8Vk9AR_J-EE8J0mwj0fImdVy5ROmMjMg-Rc3g_lM7uYl6UmRTxeu86RlJZSSAvasa5rbUyd0UXBYT5o7NtDD56xEr8Y4W5Tk8nYrJUbQSQr1JXLUpaWreR9r6Ozv0J-1bkioY2Bv3SXp6x6xdUy6npKXnLFpn2SArt-iwMe0WM3lCY5vQpLPJHuQY-ZMwNaXiM96CeASXtwQww1-vlsOb35FE87GgAYdLKgUafzkvI8-DmKPWLCOxXKSGrf19cDq6sYs2MArzoNJN0-oUKZwSkqHq7n7nvAiO5h3zo08El36CpkbDyfR4QqnAAG7cIBQdakTh2_QY1wL10V1AaFSAS-L01XgK2OfYuulZHEFulgcnpi_PhWGOVaehuWJXMNweeVTF_cWS3m4xCvB6ZwWf09Gb3llAg10KX6Sa1Wj_mgzYAfi9VRnpnqtAZRR486v1QqCgisc8qfp3MoER7o__vsKa-n60zaWLeF0Pyr4gSuquprS-otUasCDe3K-R1vxRrvbygpu3G9TdNlK-cU5AOmcqCVxajU0_vMvDT3RAdwttvI0MOXsf_kNx3AFokyUfb4Do4jIk87nyy-3iRUeN4LlKKLLGcRRb6wjqbMQ4ChuJPfVyAQQ4FyxHz1uCffVA256TOAuvLTZH_sbC2Ivaz9DDLKsAeZvmUTBiAQZ9VwyYkBxx_Z3EDfGtOb6Jgj8lhjwxh16Sp2kzaOpQ4KfbUkUr6MYT6kJm1w5WSQmgamvW24ZpN6XckXi4t9fTZu5VDGr6pMkpFJ2S2poVOrYxkWOh98KK-sGo4mxuzUatWM2O_0b-2QPfl6r5_NhqhHSXxV3pXDst0_UUi95y8p5lihIEQebsSTkbkh--LXW0ICyToYqFAvWtJf-bzSiB1UQq_W35iO9a0OCkg-Bi_xXWnhUXp7y1AGKKLcqr2BToS2ttX5gppsDlNsU0GuIkj1qSYY9OwltzLgjfiGlP36GfV6ZO651jtMUAYC66TFXWsoEOy007rW3jmvHpnZNHWQvW1qXYM_fQ2HwgPqLmJ_scQe02ZHR3MQiSPR2p3rwTDgQGFJU1gHCN-oB6Bh6QCCCuU2KaFfEHD6v_sgGCVH7M23AgWv6bdE-fgzSQcvlNXCpo7ieLRVdzEVUON2qvx1--zc89G44DkO2ETp7k1rNwF7yFf2hJtmGvIO8ZapYB5milo5xOCCCMOxB-qaFpFx4KlCBaTQh6VeduKCI7Vw4qFOuThhmCl8d_Z4CkdxuxQ4fU3rsasGG9i5L6WTNLDvljm5q9xPKx9T1lqHb7gwFSjx-wHfwok1TtkdYYxFCgXmTC52YdxbuqAh0LaIndqU0lgR0dIOMOA8X40s1_B0MyJwKAxnKrCFvd0Vb_0iqJ5abln2Ib0EhOdewwqpgdT6wMBZNGrX7dLjQ4tYA6cx_zZTUBtmrYjoa5ah1T9Qr_y6JcoNaccMrhXKmNPpLw1MXAf2y-hKN4uwuZlD_Ksw2n-PGjsFPv9VPMjd48tCHJAAaGAUXSeJlwAfDtXxG2KPwIb_NdiXoJIDHUjZb7aAYcVJ-jcEDR5Jd6frpKOSTuCUKUTJPYDSsuwyef_lvHRn0ntuWyI3oupuQyPw53FCCEdwqxlfr9w_rZQsxcMH5fkhj9Ko77U5vCc_qS0Rmng7PboEZK1vaEwTgTrvY1JK_LExSLVrOQFRtTqjSzsdFOB18xPeD8WJlM-YbcGZ2lKDbNVsOPaVUFQphmdYjXU0gIpMdLh4R0fy0LC1Vrf98OcM7-LipeQ690Ans3tEN9I&cid=CAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9-4t1agop8KMjbhZB_DE4Pphj7CIWewi8Vt_VPsNGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.edivaldobrito.com.br%2F&ds=l&xdt=1&iif=1&cor=7621885423377364000&adk=4020099329&idt=100&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d753fde00f550ef0f752baaf9acf6c60bfee38a432974e28be7017166cc20fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17178
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame 5F9D 28 KB
11 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CGhKvPX54DPFlrhKv1ddu4DwArdIg9m6jt1LHm7Vd4bsQgMO5OcV9DTnKNlWvYF0b2wfRHBE-P4E5KgMLO00A0inGd4PPnJR-7mzjaueAWtFjYwHzgQRaMLE6u44Lj5PNXXb_3OSjZGgsEsHGmk3CdGAKsH6WqDGmbOc6hIsu9TF85stI&cry=1&dbm_d=AKAmf-DKDrjLVnde0fRSOUuf5lrYErsf4KPscQYHuXsoJSAAvS_rvn0rIR2JREwtvaONtgnDqfY8yK1grcU4rrGReOiala1ov5ijsjqxXkGHp-1nL6xcllVxEqDc846IeZGzn79o5WgUOvC9sGyHi96V9wr6sMIid3UWxrTdcBGums0-F8Z6iVU8Ss-N1blTIcbCcOE2o9xv5TpONp8mfpag9lZoLDgJL7jeGtfqUzcBU_b1EiMRSlUsW0HdWUSFk_55tMLClebVhSwDxKxGPo0G60PB8YaepjfowysI0Gfaq_sUD1q89HeCeBWageZJ-rTy5mfKoWQkBushsj0WsS1GMpN2hatE53_PgqgBsmrdZdlyVwqNO0qAgvoCdV6Kc1-ajrnKK4JwexvyDr2viKfMA5ZHuuZjTQQkScLqQzvI9kkyv7bWgEsRnzOdVdUShtAhC19U2bSSCz3SXGIT1gSfBPiUFWYkA9sJ3vEySNNpnJwEgqJieGneq5P8UM6hxfl-08h8w5oOrtTpQC2EvuY_eAKP_td7gmo5hmlL1_f-iUM9SqLB6qAilg0N_-RRykNYZbNb_2BEEu3LDwiJ3x6wEfDKriz58rfo0FRTtdfbxRTV1pfWtgyaCah-7Vow9eGZDtkYyJXC4SD1FsEMuAaUqlCUVStK0OwzoihqAPLyKB-1xpcmK78AKtooBu_S3neOIg1RKphxiv-JKOY44HDnoohJR0zLShht586xWNLzN_mALaZLjz_czBIFXOnF9rptmFx6_ZV5PgRUTZmO7K7nRscF0flMbm_1uU4kGC71NR-uz1-KTtjBKVSNYy_WAeO-Agd8UWjvWHwgex_F5TggHYT17tcSCMmF4N2yyQ8D83gkpLXTmLcNkpEI8s_YFE8wB-YWNWSGoUb_0NUfNG0Dwlk8A0Du1VR-x8XbKR0ksgVDhlvZpT2yqrKLqcT38zkPyhq7JDuimvJBnEZdcFe5KbRNj4XmtJe1JzEIsZqP7gWWgH3XYAISo5Pr0Y6dCEUxQYLu_vVZthK8cpzSxSqz-zBsedBbmROSaRq_jPKc_peDGPU92MnPtPm7zmiJ65wqg-0nMbUpFyJzALRW5lE1onFmWi0ubhQFQrAJ_Sko1qu6S8dQoUPQDgnY3pTuY9colXCfGG2VcgN2qyqpg2boIRCQ6DgQmf3LfAmSmLaAr6XaoMf5FkICnw-aCsx_xMmxdrKwk-gLvZw8DCoYppjnWKynp3rgtt1Ilu6G7e7D0r0FGzYWe9HmZwLXFLLp0HgcrgqtpE_cGDgki8xNaFOpuj_-TGttSkW7__jr8plYq4LSOhfF9GZpb141vVsfkdle0jb0gpoYz9Sy09QcRPaoOh7S9V4mCvpDnb9bVe9KPbuY-tAcK8qD5Xi7csN1p5Xa9f9qeQ8yorXlfsNGtNqmk_IB7Xa0MieMgAnNttk0KldhmqtzC1OC0KZAU2B5xAyPADBaWnKDF4XCP21qjeGLCXiHaD7eo4q_iy_1_USM6FXSeEfp2JLRqwde_lwZY8unLWSlxYrh95fqq2aoTHK2nlRE2AO5PozCR7WGrv5n-833ZL1DNIOQESGsw5hSEa2c6Nhlx8fyGVcgmSPpsV3MK2og0a4pEC2ALSPGN3-lCgMIhwazZ5XO3-4AbSu6ArpFtZn5tx2PT4Vg0IxeM2J98f9GvQppjRwlYddYOMHiOB-OH3xMOiottMn1Hzkg_1w4uuW1TC8NeTAcvRYrdSV4poDZfBxEea6xM4F-dnkv2H9sq7VxThXFPaSOhMQd_tmjYd2OQZGLq1GSG6ni-LjgKDP0pInVduz552-uoTrLDhC-BO61fXF7rdIMJAY-1A7S6yiKnv1bF-8Vk9AR_J-EE8J0mwj0fImdVy5ROmMjMg-Rc3g_lM7uYl6UmRTxeu86RlJZSSAvasa5rbUyd0UXBYT5o7NtDD56xEr8Y4W5Tk8nYrJUbQSQr1JXLUpaWreR9r6Ozv0J-1bkioY2Bv3SXp6x6xdUy6npKXnLFpn2SArt-iwMe0WM3lCY5vQpLPJHuQY-ZMwNaXiM96CeASXtwQww1-vlsOb35FE87GgAYdLKgUafzkvI8-DmKPWLCOxXKSGrf19cDq6sYs2MArzoNJN0-oUKZwSkqHq7n7nvAiO5h3zo08El36CpkbDyfR4QqnAAG7cIBQdakTh2_QY1wL10V1AaFSAS-L01XgK2OfYuulZHEFulgcnpi_PhWGOVaehuWJXMNweeVTF_cWS3m4xCvB6ZwWf09Gb3llAg10KX6Sa1Wj_mgzYAfi9VRnpnqtAZRR486v1QqCgisc8qfp3MoER7o__vsKa-n60zaWLeF0Pyr4gSuquprS-otUasCDe3K-R1vxRrvbygpu3G9TdNlK-cU5AOmcqCVxajU0_vMvDT3RAdwttvI0MOXsf_kNx3AFokyUfb4Do4jIk87nyy-3iRUeN4LlKKLLGcRRb6wjqbMQ4ChuJPfVyAQQ4FyxHz1uCffVA256TOAuvLTZH_sbC2Ivaz9DDLKsAeZvmUTBiAQZ9VwyYkBxx_Z3EDfGtOb6Jgj8lhjwxh16Sp2kzaOpQ4KfbUkUr6MYT6kJm1w5WSQmgamvW24ZpN6XckXi4t9fTZu5VDGr6pMkpFJ2S2poVOrYxkWOh98KK-sGo4mxuzUatWM2O_0b-2QPfl6r5_NhqhHSXxV3pXDst0_UUi95y8p5lihIEQebsSTkbkh--LXW0ICyToYqFAvWtJf-bzSiB1UQq_W35iO9a0OCkg-Bi_xXWnhUXp7y1AGKKLcqr2BToS2ttX5gppsDlNsU0GuIkj1qSYY9OwltzLgjfiGlP36GfV6ZO651jtMUAYC66TFXWsoEOy007rW3jmvHpnZNHWQvW1qXYM_fQ2HwgPqLmJ_scQe02ZHR3MQiSPR2p3rwTDgQGFJU1gHCN-oB6Bh6QCCCuU2KaFfEHD6v_sgGCVH7M23AgWv6bdE-fgzSQcvlNXCpo7ieLRVdzEVUON2qvx1--zc89G44DkO2ETp7k1rNwF7yFf2hJtmGvIO8ZapYB5milo5xOCCCMOxB-qaFpFx4KlCBaTQh6VeduKCI7Vw4qFOuThhmCl8d_Z4CkdxuxQ4fU3rsasGG9i5L6WTNLDvljm5q9xPKx9T1lqHb7gwFSjx-wHfwok1TtkdYYxFCgXmTC52YdxbuqAh0LaIndqU0lgR0dIOMOA8X40s1_B0MyJwKAxnKrCFvd0Vb_0iqJ5abln2Ib0EhOdewwqpgdT6wMBZNGrX7dLjQ4tYA6cx_zZTUBtmrYjoa5ah1T9Qr_y6JcoNaccMrhXKmNPpLw1MXAf2y-hKN4uwuZlD_Ksw2n-PGjsFPv9VPMjd48tCHJAAaGAUXSeJlwAfDtXxG2KPwIb_NdiXoJIDHUjZb7aAYcVJ-jcEDR5Jd6frpKOSTuCUKUTJPYDSsuwyef_lvHRn0ntuWyI3oupuQyPw53FCCEdwqxlfr9w_rZQsxcMH5fkhj9Ko77U5vCc_qS0Rmng7PboEZK1vaEwTgTrvY1JK_LExSLVrOQFRtTqjSzsdFOB18xPeD8WJlM-YbcGZ2lKDbNVsOPaVUFQphmdYjXU0gIpMdLh4R0fy0LC1Vrf98OcM7-LipeQ690Ans3tEN9I&cid=CAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9-4t1agop8KMjbhZB_DE4Pphj7CIWewi8Vt_VPsNGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.edivaldobrito.com.br%2F&ds=l&xdt=1&iif=1&cor=7621885423377364000&adk=4020099329&idt=100&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb54d717149189d1547a246d2c709a8973f9b54140bb01a15d2947e78ed6cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 20:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40672
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10940
x-xss-protection: 0
server: cafe
etag: 260008737171085554
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 20:08:29 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5F9D 41 KB
15 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 11:22:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158641
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Feb 2024 11:22:20 GMT

GET
H2 200 banner Show response
ad4.adfarm1.adition.com/ Frame 5F9D 6 KB
3 KB 25ms
25ms Script
text/javascript 217.79.188.46
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.adfarm1.adition.com/banner?sid=4789019&adjsver=3&fvers=&iframe=1&ref=https%3A//www.edivaldobrito.com.br/&ro=https%3A//7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/109.0.5414.119%20Safari/537.36&os=17&browser=11&userid=7195827635527481488&wi=1123996441&ac=1&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3D
Requested by: Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=4789019&clickurl=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CbNCkHLfcY9-AOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI-qAMBqgScAk_QABdDLWJgDdql-Y8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK_yDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy-ROQus4ONk606w_tw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc-Fz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr-pxkP_Q3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB-0zWOdZlsiD6Bw2O0b7TM_PzWTY7bLpdxTRSXHBwAS-6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP_4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ&ae=1&num=1&cid=CAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9-4t1agop8KMjbhZB_DE4Pphj7CIWewi8Vt_VPsNGAE&sig=AOD64_24fgIIhksGdUEcUov-IzxWcX2nSg&client=ca-pub-3104790387792468&dbm_c=AKAmf-BB-RN16U0kK5csgsVYdTo_RZS0BsMUoOhm0Q9xIEFKnzMF_Gr8N4tUFCD-k86j9F_XdYuAkZB8JmGubO_fsflbu3gcZ6eS2x_UdZEp-SuLTS7x_umJJois8QhO_FLFxlhfcJ7Ez1sl6G1yIO_H1i1XKZrbmMfWtV60ue_E0gRVmH39zUA&cry=1&dbm_d=AKAmf-BcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL-TpJLV-7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A_iK_jiBNiyE_zYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9_9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG-9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC_WEA_h0LCOha-fO81Q9tjU85bwyqOwft-bj_DF-Kt4CN70E-uz1RavtbcpTY-G4AQvg6wF2hAcQlhDLv-vYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM-lsw9ZbG5-wUUIoTfhIv8cuob8_n1jppAAGWkls4Xm4CNZmKAnes1i_tHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf-Fe1fgr5HXH9_T_b7HcL-P32DPL4KxVMTJ_yLk67GO2SGZtpTtrhu-Nn7LmsMv253XVMt26dQswqRf&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad4.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: bc152625b780693908eb7b7491f62dd81c4b4ef40214fb896d0e0c9322ac1e81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 08:26:21 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 903C 22 KB
8 KB 16ms
15ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 158641
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 11:22:20 GMT
expires: Thu, 01 Feb 2024 11:22:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 52ms
52ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230201&jk=3122831324647189&bg=!NDelN3PNAAaq5O5FiuQ7ACkAdvg8WpH12LMpzsafkt9FkQy9fkvKDfoduQdy6hQC0iimKCOIGw6nCAIAAAChUgAAAAJoAQeZAq02HQmQoKquFIfbeuCFzT7WP7yurk3Nm3KoH08iuQC_YDyFqJ9hk_ZSc1OAR7SGNXy9u1UhV67aM8XjO2mOK93Ic4fQ1DWiMS9Y0jGog2-yiu1ZohHSrabAjiVClLryQfbFaQ8A39jNnePd2f7zoA4xBXtUI4-Ajl35OuPrySGPDurprsaYVGyuIqqbj4CQLWv5dHnB9bpgTa2b0oFvnWiUc-qV-aQ9Pbf8D90fvDQqKb8HyU1rCfgyzT2snQ7ZZiiZKX-S9BHsU2XoXNX5cOwxN2u6muZkQ0ik7636NXc3GF7KAqkBOAGHYA8EORkbDnuRkZuu-_rg_7hvBeTPpV-qRQ5oyOmHkzUDFdPBWucouwmHwZ7GXtxGY8K1gL-iLk_8KqcvvLx_WlftXRuSU6_N97-lV9MWZTnTQiBL0iPjlT3Qk1z5BlVD1tdHN5iRBS7Rc3okkxkuYbl4lh1CcUc8z4XDkkdiK4_DfBWdoqh_SEoGiBycUzISqY-XW3-gOiiXGLHO_hCL0qiXdGhgkgFEmBmgexjhFWrBnYRCmHwmivnHrMv-bj3J4JNL4OyHpsRXnE09hRIL6yuLLRiW4mxGa7D2av4U_yY_I3QBUUvKmJYITrpCqBjQeBcCLZKNooCHS-VqRZIPN4T5AHSXpXPFODbP8_Gip-PwB_xoGpZfRxNi64USHy5ekIr117d1VNiR8GjzuQjfYgNzYXr1xG-GBChhqxNoVwOT6EBG-ZNhENSTBcqtXrTk1ioAFY8Cln_is-A1c-Zsbh6iiRiwpMJTteKe_HhcpZTiyoVq2o_XXLZ_wQLBa0glXuY8JHJzU5PicjNGGhaO6GUBCGwVI4MF4lLFZ8YEp-usgAtHjcBgxt_3FQudwiNu-8cyR-FS3qs2OwQNW4FGMOn-DqGg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 js Show response
ad2.adfarm1.adition.com/ Frame 5F9D 3 KB
3 KB 112ms
24ms Script
application/x-javascript 217.79.188.21
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.adfarm1.adition.com/js?wp_id=4389192&gdpr=0&gdpr_consent=&ts=7195827639827565324&kid=5623783&keyword=PACS_4789019_17182599&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7195827639827565324%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4789019%2526kid%253D5642381%2526bid%253D17182599%2526c%253D22509%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Requested by: Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/banner?sid=4789019&adjsver=3&fvers=&iframe=1&ref=https%3A//www.edivaldobrito.com.br/&ro=https%3A//7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/109.0.5414.119%20Safari/537.36&os=17&browser=11&userid=7195827635527481488&wi=1123996441&ac=1&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad2.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 03e7bfe776a1f74f6ef8a8977070002fd53af2c3939402a7632e710bba38e43a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Fri, 03 Feb 2023 08:26:22 +0100
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js Show response
pagead2.googlesyndication.com/bg/ Frame 903C 36 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d65b424523b1e64fb52340f45082c73d7368cc40b9d19b877fc1c48c12f14c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:41:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42292
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14207
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Feb 2024 19:41:30 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 5D31 2 KB
1 KB 58ms
21ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9y3HQAEF0YKd5VYAAGKUVTqe9cL0ZfW-MHdJg&u=%7CFF9vLh6mjRj384ase5XvM6y5nzQaxsIhI4E2qUYXXg8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZejSh2I_Z98Df1RVnCcnF7H_Bw7Cmz_Qxu_sm19cndC1FcI2IRJFvAM-LBoy9taY1_4wpa3SMwMPv822su6k5A2HBk3lM4nZdIJOoactcHECXVrILvf8apYuo9ruqHUZgSNnQvPdeRrf7bziFvKKcqNGJ_T4VnxN2HN5j08HDu_I-kjbRJ9m9qk0yBJoYuF-g8tN6N3LSD7eWXh1uHSQ0bgdGoffIH-3AGdZ_lkkSKIY55-eOA2FzRCZvyr6YpSwhF7W92lzoi4U7XQFEd1mN3lEfgP-6CiZBbM2yFzjlTMU64QK4wuJc-qNK0HcLghXcMy0h7nUKprP7ak5-kwabSc4fpa4OIeiRjv1hs94y1fTxoAuSQBKeMlpD3HiiLlwbjlwtW8UXXQKpyqIDIt4-d_rPjaMKNI4Qe7M-O33X-H_IQzTVACLNdjl1P8sCca57zumIsHR9rmqunUxpIbiNJiWZ72WpGbgBPJn6YbzDeci9gB6_jrXUrHOxnUWCDd4UiXdlZkFPgLqa2V7gkIyfv3vLtESnueVmL2YmOU7m1S3rdZRB0zv926k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPSLoHbfcY8auENiq3gPRlIbACcme0rFc1Z2R93DAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItMzEwNDc5MDM4Nzc5MjQ2OMgBCakCnYpr6GVIsj7gAgCoAwGqBLICT9CM9VwO12ABx27RN6womKTQyNV3RqedX07HJJxSH6JbYAOBfMC6PO-B35VlovPzmiMAax7iFZ9ogpuBE9hy6INDRNNNCGBTay-HN9eSd5r7Wx1W9NjSLe1E2vaMzOl1FNy2O3d5a3PfrjyvrKG97zVJA23r16UyCCuqKfXSqN7exSYrf2O08li4u7F5W7C9zir8auUjI_tjIeljthnFlALTz-XlpNf3H0-CrX6OEbxpLmBFV-pedYTrE3squ6bMnlo4gFa6ePwfdFKKaHIXAncarufhqqimqBJX0Cci2NLK8Yj4VsiYcgXnF3XaZoTav1b_jzK_8kkw3kpgg723kuSthmNYx_KmfXIKm6Il41QiDe9EHu9OxRzbbsHNWbg-6TPrE30HCozV2APvd1U6He-54AQBgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTIzNDQwMzIyODIwNzYxNfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0xoTTUBn4dsXgK9xc5uY1s7R6OKQ%26client%3Dca-pub-3104790387792468%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 Jan 2024 07:26:22 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 5D31 2 KB
1 KB 54ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 Jan 2024 07:26:22 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 5D31 308 B
636 B 41ms
20ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:22 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 29 Jan 2024 07:26:22 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 5D31 293 B
621 B 39ms
19ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:22 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 29 Jan 2024 07:26:22 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 5D31 43 B
348 B 126ms
40ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=F7_SWaIv3ity7RmEuHwSifIK0EB0AUOcAr96HCu4q2SYCkXQsmCzKHPcfubrBzy9UPFdNwDd0F54fzxNx283nYFrCMfrFCS2l3Y8h0JrricGaqPGA3zyGYBBYuwyxTKX82uLK4x0hqwWj3kVRIPQB5hM3GKjfvWfE3forXxiqPHpTdCxJ4-oSUeMD3VFV88V_yq_tPaWPcpRxdyeUzvIJbfDnubSRBlak7_o6H-dBh5TF1DUkFu-38GSculKc0MtrsgC8dJRZ2bfn9F9O9SOAT74XdDG4WKQ8odJH_AXTIjANnIoZu2oV0BDBgguHJ_LZYazru0tqMIld89Xe710DXJsCPI1swhpMt12jq8y9vh-LkizZQh-CADNAIdW4Rz03AnwzeHS8xHJs7KVfNIWPr8aWs1vXeOGnvVdhywIobCZ6Lv9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:22 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3090978
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 5D31 12 KB
5 KB 36ms
14ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 782841
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lvFDJkZspgqu6ebrTqTLEFTZJGd5nAmha1awjJW%2FpAV3Frmi3pxIkKiV1V8zzyQK%2BP3chyBZRaT5fcRkQBVF8Xo5ToM4fjr1%2FKtbJ3msLJpFZnb5uu7p1T0oxrTbNJPsEjhFXKAk83GkLQ8MCMJAcE4W"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7939701c3d409bf8-FRA
expires: Wed, 24 Jan 2024 07:26:22 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 5D31 12 KB
6 KB 20ms
20ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 Jan 2024 07:26:22 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 5D31 38 KB
38 KB 87ms
47ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 Jan 2024 07:26:22 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 5D31 46 KB
46 KB 83ms
43ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 Jan 2024 07:26:22 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5D31 19 KB
19 KB 270ms
66ms Image
image/png 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=176&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F190121%2F8ee840d4a3ed46b29e29bc1b9545348c_stardardcon.png&v=3&w=492&s=qPAmo1N0IQAlo_NId0yXX589

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

8600738f1fee687398bb86ce6d64215dc0f17e86d9e98cda6edb956b7e8f1c2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:21 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30390354
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19136
expires: Sun, 21 Jan 2024 01:12:16 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5D31 46 KB
46 KB 270ms
67ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F1726%2F230103%2F1b7ea1a3af2044f78b842bcfae38030b_img_horizontal_3.jpg&v=3&w=1200&s=PFZyqw3uT5xqiYAFmA8JbD_o

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

abfffd5df154063dd0ca2a89c675a90ce1b093e979877e6a07e211105e6abf3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:21 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28450160
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 47090
expires: Fri, 29 Dec 2023 14:15:42 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5D31 20 KB
20 KB 234ms
30ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F20142732-9iyHj0J5.jpg&v=3&w=400&s=YXapJjSjzy98-pIae2RcCsq3&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

968afd6b1915bd547310481e4a64296ae3d72f3632485ebcd7f641695a7a62c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:22 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=528340
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20294
expires: Thu, 09 Feb 2023 10:12:02 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5D31 10 KB
10 KB 248ms
45ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1662983190%2F22208808-TYmAhFWE.jpg&v=3&w=400&s=22zM55xnkecukxCdZA9aqoDs&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

154805151e243a66039d534fd48449b7df4814548ff5d3bb0a3bd8908d91a660

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:21 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=58909
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10260
expires: Fri, 03 Feb 2023 23:48:12 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5D31 10 KB
10 KB 268ms
65ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F17213415-Qucwi5uP.jpg&v=3&w=400&s=ID_MfhjKEmyH5p_Mi8f8V2Hj&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

6e019cfcff3657a2914a3ad8d25519cbf82d11892acfa96209dbebac10b5eb8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:21 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=473492
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 9744
expires: Wed, 08 Feb 2023 18:57:54 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5D31 16 KB
16 KB 246ms
46ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F17068876-XZzuK9Zk.jpg&v=3&w=400&s=fU2jvmBadIulNMfHIPS8wS0x&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

800ba617f3a2a59601eee25e79b31ba793439fd80e9f9c1d89560d7eba41a96b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:21 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=172970
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16464
expires: Sun, 05 Feb 2023 07:29:12 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5D31 15 KB
15 KB 22ms
14ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1561477393%2F19187137-zvpjX67Y.jpg&v=3&w=400&s=Cpkq3yvsmj0iTg-0PFBYPn_g&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

4c330e8e85c64febcc9657c3e09cdbad0c602298e10172e8cf0dd1161bca3d3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:22 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=247653
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15146
expires: Mon, 06 Feb 2023 04:13:56 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5D31 19 KB
19 KB 28ms
19ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F22071042-9OO40InY.jpg&v=3&w=400&s=LGzDpERd7PJ5IoDLk9Y5_n9L&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

0d0b9ba2ec2cc5fc6bf50b1789854400042082c717bd93e8b0180cb53f9d2b4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:22 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=376969
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19258
expires: Tue, 07 Feb 2023 16:09:11 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 5D31 0
128 B 85ms
16ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=0S6UMr-DKed_u908-E7XIjaS0UiUWtZBQFKdKOqInP0mCTvhxZMGWIgC5pD4I22DKgVW_GqJjg7WFcgzEEM86de8VG-LMtOfuEdx4Eb0EKblIqIjtZR1FD2Smdcx2hi27xVVXyxr5tIoCBEWGvv5R_4dH6BhxdnP1L89oEzZDeFabC_qgPUxJlMJjxMdzyvlA2VRtK1Vf8rCAX6m0VUG0hQVz3EUKzQUSgw-aJD8pgT8KGWk4GOJwAgB5hQ_zLBjfS_fJw&sds=2&rev=84569&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 07:26:22 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5D31 2 KB
1 KB 30ms
28ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 Jan 2024 07:26:22 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 5D31 2 KB
1 KB 25ms
24ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 Jan 2024 07:26:22 GMT

GET
H2 200 banner Show response
ad2.adfarm1.adition.com/ Frame 5F9D 10 KB
4 KB 30ms
29ms Script
text/javascript 217.79.188.21
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.adfarm1.adition.com/banner?sid=4389192&adjsver=3&fvers=&iframe=1&ref=https%3A//www.edivaldobrito.com.br/&ro=https%3A//7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/109.0.5414.119%20Safari/537.36&os=17&browser=11&userid=7195827635527481488&kid=5623783&kw=PACS%5F4789019%5F17182599&gdpr=0&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7195827639827565324%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4789019%2526kid%253D5642381%2526bid%253D17182599%2526c%253D22509%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Requested by: Host: ad2.adfarm1.adition.com
URL: https://ad2.adfarm1.adition.com/js?wp_id=4389192&gdpr=0&gdpr_consent=&ts=7195827639827565324&kid=5623783&keyword=PACS_4789019_17182599&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7195827639827565324%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4789019%2526kid%253D5642381%2526bid%253D17182599%2526c%253D22509%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad2.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: de9a9b023d3368d4efb00512abab99249e09dd62fbd2324ee86811461be7f339

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 08:26:22 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 98FA 0
128 B 18ms
15ms Script
text/plain 198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=157512&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:21 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H2 204 csi
csi.gstatic.com/ 0
45 B 45ms
43ms Ping
image/gif 2a00:1450:4010:c03::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=2~ldo7d9cs&c=1115118503523&slotId=557559251761.5&met.4=hvd_lc.ldo7d9cr~hvd_ad.ldo7d9cs~hvd_mad.ldo7d9cs~hvd_admu.ldo7d9cs~hvd_src.ldo7d9cs&ps=464x261
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4010:c03::78 , Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:22 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.html Show response
imagesrv.adition.com/banners/268/01/06/25/33/ Frame 5E67 56 KB
5 KB 25ms
25ms Document
text/html 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/268/01/06/25/33/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7195827639827565324%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4789019%2526kid%253D5642381%2526bid%253D17182599%2526c%253D22509%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7195827644109425673%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4389192%2526kid%253D5623783%2526bid%253D17179955%2526c%253D31834%2526keyword%253DPACS%25255F4789019%25255F17182599%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Requested by: Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 7c8b40d0fc9b16b2803da7e367e817efa58eef2784580a6021956d7060a21a83

Request headers

Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
content-length: 4784
content-type: text/html
date: Fri, 03 Feb 2023 07:26:22 GMT
etag: "2326497779-br"
last-modified: Mon, 02 Jan 2023 17:33:45 GMT
vary: Accept-Encoding

GET
H2 200 oba_priv.sjs Show response
imagesrv.adition.com/banners/270/ Frame 5F9D 2 KB
680 B 38ms
38ms Script
text/javascript 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/270/oba_priv.sjs?oba=&domId=obaButton_7195827639827565324&btr=true&pos=top-right&cid=627838&aid=627838
Requested by: Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: bca7b216a84f2a28fa694dbe1607d8780019849d4c4ac277e050bf658d80b287

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 07:26:22 GMT
content-encoding: br
content-length: 621
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5067 1 KB
643 B 15ms
14ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 60185
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 14:43:17 GMT
etag: 48472445140208031
expires: Fri, 03 Feb 2023 14:43:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5F9D 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c44a94df999ce3c48c54be32f2ae868a5483fd447f8ef5917b614cdc8b3fd27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AditionH5_ClickTags.js Show response
imagesrv.adition.com/js/ Frame 5E67 753 B
407 B 39ms
25ms Script
application/javascript 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/AditionH5_ClickTags.js
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/06/25/33/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7195827639827565324%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4789019%2526kid%253D5642381%2526bid%253D17182599%2526c%253D22509%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7195827644109425673%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4389192%2526kid%253D5623783%2526bid%253D17179955%2526c%253D31834%2526keyword%253DPACS%25255F4789019%25255F17182599%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/06/25/33/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7195827639827565324%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4789019%2526kid%253D5642381%2526bid%253D17182599%2526c%253D22509%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7195827644109425673%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4389192%2526kid%253D5623783%2526bid%253D17179955%2526c%253D31834%2526keyword%253DPACS%25255F4789019%25255F17182599%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:22 GMT
content-encoding: br
last-modified: Thu, 20 Aug 2020 14:03:40 GMT
etag: "1134380014-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 330

GET
H2 200 gwdpage_style.css
imagesrv.adition.com/banners/268/01/06/25/33/ Frame 5E67 55 B
136 B 39ms
24ms Stylesheet
text/css 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/268/01/06/25/33/gwdpage_style.css
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/06/25/33/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7195827639827565324%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4789019%2526kid%253D5642381%2526bid%253D17182599%2526c%253D22509%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7195827644109425673%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4389192%2526kid%253D5623783%2526bid%253D17179955%2526c%253D31834%2526keyword%253DPACS%25255F4789019%25255F17182599%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/06/25/33/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7195827639827565324%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4789019%2526kid%253D5642381%2526bid%253D17182599%2526c%253D22509%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7195827644109425673%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4389192%2526kid%253D5623783%2526bid%253D17179955%2526c%253D31834%2526keyword%253DPACS%25255F4789019%25255F17182599%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 07:26:22 GMT
last-modified: Wed, 19 Aug 2020 16:11:36 GMT
accept-ranges: bytes
etag: "2479477782"
content-length: 55
content-type: text/css

GET
H2 200 gwdpagedeck_style.css
imagesrv.adition.com/banners/268/01/06/25/33/ Frame 5E67 731 B
256 B 39ms
25ms Stylesheet
text/css 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/268/01/06/25/33/gwdpagedeck_style.css
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/06/25/33/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7195827639827565324%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4789019%2526kid%253D5642381%2526bid%253D17182599%2526c%253D22509%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7195827644109425673%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4389192%2526kid%253D5623783%2526bid%253D17179955%2526c%253D31834%2526keyword%253DPACS%25255F4789019%25255F17182599%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/06/25/33/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7195827639827565324%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4789019%2526kid%253D5642381%2526bid%253D17182599%2526c%253D22509%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7195827644109425673%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4389192%2526kid%253D5623783%2526bid%253D17179955%2526c%253D31834%2526keyword%253DPACS%25255F4789019%25255F17182599%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:22 GMT
content-encoding: br
last-modified: Mon, 17 Dec 2018 10:11:15 GMT
etag: "1290437402-br"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 176

GET
H2 200 gwdgooglead_style.css
imagesrv.adition.com/banners/268/01/06/25/33/ Frame 5E67 24 B
99 B 40ms
25ms Stylesheet
text/css 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/268/01/06/25/33/gwdgooglead_style.css
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/06/25/33/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7195827639827565324%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4789019%2526kid%253D5642381%2526bid%253D17182599%2526c%253D22509%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7195827644109425673%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4389192%2526kid%253D5623783%2526bid%253D17179955%2526c%253D31834%2526keyword%253DPACS%25255F4789019%25255F17182599%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/06/25/33/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7195827639827565324%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4789019%2526kid%253D5642381%2526bid%253D17182599%2526c%253D22509%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7195827644109425673%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4389192%2526kid%253D5623783%2526bid%253D17179955%2526c%253D31834%2526keyword%253DPACS%25255F4789019%25255F17182599%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 07:26:22 GMT
last-modified: Wed, 19 Aug 2020 16:11:35 GMT
accept-ranges: bytes
etag: "1181855707"
content-length: 24
content-type: text/css

GET
H2 200 gwdimage_style.css
imagesrv.adition.com/banners/268/01/06/25/33/ Frame 5E67 303 B
185 B 40ms
26ms Stylesheet
text/css 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/268/01/06/25/33/gwdimage_style.css
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/06/25/33/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7195827639827565324%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4789019%2526kid%253D5642381%2526bid%253D17182599%2526c%253D22509%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7195827644109425673%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4389192%2526kid%253D5623783%2526bid%253D17179955%2526c%253D31834%2526keyword%253DPACS%25255F4789019%25255F17182599%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 4e17f25a33727defde4f0e88b24844c00e48ed88484c4440d978025a82567287

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/06/25/33/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7195827639827565324%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4789019%2526kid%253D5642381%2526bid%253D17182599%2526c%253D22509%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7195827644109425673%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4389192%2526kid%253D5623783%2526bid%253D17179955%2526c%253D31834%2526keyword%253DPACS%25255F4789019%25255F17182599%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:22 GMT
content-encoding: br
last-modified: Tue, 20 Dec 2022 15:36:43 GMT
etag: "659303641-br"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 106

GET
H2 200 gwdtaparea_style.css
imagesrv.adition.com/banners/268/01/06/25/33/ Frame 5E67 157 B
234 B 41ms
27ms Stylesheet
text/css 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/268/01/06/25/33/gwdtaparea_style.css
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/06/25/33/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7195827639827565324%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4789019%2526kid%253D5642381%2526bid%253D17182599%2526c%253D22509%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7195827644109425673%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4389192%2526kid%253D5623783%2526bid%253D17179955%2526c%253D31834%2526keyword%253DPACS%25255F4789019%25255F17182599%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/06/25/33/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7195827639827565324%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4789019%2526kid%253D5642381%2526bid%253D17182599%2526c%253D22509%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7195827644109425673%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4389192%2526kid%253D5623783%2526bid%253D17179955%2526c%253D31834%2526keyword%253DPACS%25255F4789019%25255F17182599%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 07:26:22 GMT
last-modified: Thu, 09 Jun 2016 07:59:31 GMT
accept-ranges: bytes
etag: "1827606775"
content-length: 157
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ Frame 5E67 5 KB
767 B 42ms
29ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:800italic,600italic

Requested by

Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/06/25/33/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7195827639827565324%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4789019%2526kid%253D5642381%2526bid%253D17182599%2526c%253D22509%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7195827644109425673%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4389192%2526kid%253D5623783%2526bid%253D17179955%2526c%253D31834%2526keyword%253DPACS%25255F4789019%25255F17182599%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e623fb84470c4897c59668165e7d2687c9760f9c054ac65ccea5305885bf8e6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Feb 2023 07:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 Feb 2023 05:37:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Feb 2023 07:26:22 GMT

GET
H2 200 googbase_min.js Show response
imagesrv.adition.com/banners/268/01/06/25/33/ Frame 5E67 400 B
302 B 41ms
28ms Script
application/javascript 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/268/01/06/25/33/googbase_min.js
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/06/25/33/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7195827639827565324%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4789019%2526kid%253D5642381%2526bid%253D17182599%2526c%253D22509%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7195827644109425673%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4389192%2526kid%253D5623783%2526bid%253D17179955%2526c%253D31834%2526keyword%253DPACS%25255F4789019%25255F17182599%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/06/25/33/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7195827639827565324%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4789019%2526kid%253D5642381%2526bid%253D17182599%2526c%253D22509%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7195827644109425673%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4389192%2526kid%253D5623783%2526bid%253D17179955%2526c%253D31834%2526keyword%253DPACS%25255F4789019%25255F17182599%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:22 GMT
content-encoding: br
last-modified: Mon, 17 May 2021 12:56:47 GMT
etag: "554705530-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 223

GET
H2 200 gwd_webcomponents_v1_min.js Show response
imagesrv.adition.com/banners/268/01/06/25/33/ Frame 5E67 20 KB
5 KB 64ms
52ms Script
application/javascript 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/268/01/06/25/33/gwd_webcomponents_v1_min.js
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/06/25/33/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7195827639827565324%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4789019%2526kid%253D5642381%2526bid%253D17182599%2526c%253D22509%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7195827644109425673%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4389192%2526kid%253D5623783%2526bid%253D17179955%2526c%253D31834%2526keyword%253DPACS%25255F4789019%25255F17182599%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: bddbf7e9ab14ce92ecc37640bf54fcb90d8a02da52d87ec12e252cfde4432e66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/06/25/33/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7195827639827565324%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4789019%2526kid%253D5642381%2526bid%253D17182599%2526c%253D22509%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7195827644109425673%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4389192%2526kid%253D5623783%2526bid%253D17179955%2526c%253D31834%2526keyword%253DPACS%25255F4789019%25255F17182599%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:22 GMT
content-encoding: br
last-modified: Tue, 20 Dec 2022 15:36:43 GMT
etag: "3994037045-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 5439

GET
H2 200 gwdpage_min.js Show response
imagesrv.adition.com/banners/268/01/06/25/33/ Frame 5E67 3 KB
1 KB 65ms
26ms Script
application/javascript 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/268/01/06/25/33/gwdpage_min.js
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/06/25/33/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7195827639827565324%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4789019%2526kid%253D5642381%2526bid%253D17182599%2526c%253D22509%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7195827644109425673%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4389192%2526kid%253D5623783%2526bid%253D17179955%2526c%253D31834%2526keyword%253DPACS%25255F4789019%25255F17182599%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: da1b1dba110f3d97894949bedfc60fe7fec3659813c957f88e51d550bc95ad88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/06/25/33/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7195827639827565324%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4789019%2526kid%253D5642381%2526bid%253D17182599%2526c%253D22509%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7195827644109425673%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4389192%2526kid%253D5623783%2526bid%253D17179955%2526c%253D31834%2526keyword%253DPACS%25255F4789019%25255F17182599%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:22 GMT
content-encoding: br
last-modified: Tue, 20 Dec 2022 15:36:43 GMT
etag: "581922522-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1130

GET
H2 200 gwdpagedeck_min.js Show response
imagesrv.adition.com/banners/268/01/06/25/33/ Frame 5E67 8 KB
3 KB 65ms
27ms Script
application/javascript 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/268/01/06/25/33/gwdpagedeck_min.js
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/06/25/33/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7195827639827565324%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4789019%2526kid%253D5642381%2526bid%253D17182599%2526c%253D22509%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7195827644109425673%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4389192%2526kid%253D5623783%2526bid%253D17179955%2526c%253D31834%2526keyword%253DPACS%25255F4789019%25255F17182599%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: cfc5afa3cbf80ed8a39987d2f4cc9215f915cfde9c83e86d5ee4a874bd69a401

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/06/25/33/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7195827639827565324%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4789019%2526kid%253D5642381%2526bid%253D17182599%2526c%253D22509%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7195827644109425673%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4389192%2526kid%253D5623783%2526bid%253D17179955%2526c%253D31834%2526keyword%253DPACS%25255F4789019%25255F17182599%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:22 GMT
content-encoding: br
last-modified: Tue, 20 Dec 2022 15:36:43 GMT
etag: "2693507592-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2773

GET
H2 200 Enabler.js Show response
s0.2mdn.net/ads/studio/ Frame 5E67 136 KB
46 KB 62ms
50ms Script
text/javascript 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/Enabler.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:17:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 538
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46978
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 19:45:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Feb 2023 07:32:24 GMT

GET
H2 200 gwdgooglead_min.js Show response
imagesrv.adition.com/banners/268/01/06/25/33/ Frame 5E67 13 KB
4 KB 66ms
27ms Script
application/javascript 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/268/01/06/25/33/gwdgooglead_min.js
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/06/25/33/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7195827639827565324%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4789019%2526kid%253D5642381%2526bid%253D17182599%2526c%253D22509%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7195827644109425673%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4389192%2526kid%253D5623783%2526bid%253D17179955%2526c%253D31834%2526keyword%253DPACS%25255F4789019%25255F17182599%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 6494566919e28711a1f36d6389923dfccb4750fb9522e9e6d1967ab778ab0073

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/06/25/33/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7195827639827565324%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4789019%2526kid%253D5642381%2526bid%253D17182599%2526c%253D22509%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7195827644109425673%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4389192%2526kid%253D5623783%2526bid%253D17179955%2526c%253D31834%2526keyword%253DPACS%25255F4789019%25255F17182599%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:22 GMT
content-encoding: br
last-modified: Tue, 20 Dec 2022 15:36:43 GMT
etag: "2671864840-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 3848

GET
H2 200 gwdimage_min.js Show response
imagesrv.adition.com/banners/268/01/06/25/33/ Frame 5E67 5 KB
2 KB 66ms
28ms Script
application/javascript 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/268/01/06/25/33/gwdimage_min.js
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/06/25/33/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7195827639827565324%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4789019%2526kid%253D5642381%2526bid%253D17182599%2526c%253D22509%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7195827644109425673%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4389192%2526kid%253D5623783%2526bid%253D17179955%2526c%253D31834%2526keyword%253DPACS%25255F4789019%25255F17182599%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/06/25/33/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7195827639827565324%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4789019%2526kid%253D5642381%2526bid%253D17182599%2526c%253D22509%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7195827644109425673%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4389192%2526kid%253D5623783%2526bid%253D17179955%2526c%253D31834%2526keyword%253DPACS%25255F4789019%25255F17182599%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:22 GMT
content-encoding: br
last-modified: Tue, 20 Dec 2022 15:36:43 GMT
etag: "4139855138-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1779

GET
H2 200 gwdtaparea_min.js Show response
imagesrv.adition.com/banners/268/01/06/25/33/ Frame 5E67 3 KB
1 KB 66ms
29ms Script
application/javascript 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/268/01/06/25/33/gwdtaparea_min.js
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/06/25/33/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7195827639827565324%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4789019%2526kid%253D5642381%2526bid%253D17182599%2526c%253D22509%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7195827644109425673%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4389192%2526kid%253D5623783%2526bid%253D17179955%2526c%253D31834%2526keyword%253DPACS%25255F4789019%25255F17182599%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: b0e4d6e13eb1fd414025e5c3c3f18b9212fd0cd69890e7f69804ae69dec5bbb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/06/25/33/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7195827639827565324%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4789019%2526kid%253D5642381%2526bid%253D17182599%2526c%253D22509%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7195827644109425673%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4389192%2526kid%253D5623783%2526bid%253D17179955%2526c%253D31834%2526keyword%253DPACS%25255F4789019%25255F17182599%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:22 GMT
content-encoding: br
last-modified: Tue, 20 Dec 2022 15:36:43 GMT
etag: "867610568-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1183

GET
H2 200 gwdid.min.1.0.js Show response
imagesrv.adition.com/banners/268/01/06/25/33/ Frame 5E67 3 KB
1 KB 105ms
23ms Script
application/javascript 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/268/01/06/25/33/gwdid.min.1.0.js
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/06/25/33/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7195827639827565324%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4789019%2526kid%253D5642381%2526bid%253D17182599%2526c%253D22509%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7195827644109425673%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4389192%2526kid%253D5623783%2526bid%253D17179955%2526c%253D31834%2526keyword%253DPACS%25255F4789019%25255F17182599%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: bab745658ba458848b2d2df5e0557b98b70867124fd5a059fd25f9801e01a87c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/06/25/33/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7195827639827565324%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4789019%2526kid%253D5642381%2526bid%253D17182599%2526c%253D22509%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7195827644109425673%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4389192%2526kid%253D5623783%2526bid%253D17179955%2526c%253D31834%2526keyword%253DPACS%25255F4789019%25255F17182599%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:22 GMT
content-encoding: br
last-modified: Tue, 20 Dec 2022 15:36:43 GMT
etag: "216984016-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 971

GET
H2 200 gwd-events-support.1.0.js Show response
imagesrv.adition.com/banners/268/01/06/25/33/ Frame 5E67 8 KB
3 KB 108ms
27ms Script
application/javascript 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/268/01/06/25/33/gwd-events-support.1.0.js
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/06/25/33/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7195827639827565324%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4789019%2526kid%253D5642381%2526bid%253D17182599%2526c%253D22509%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7195827644109425673%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4389192%2526kid%253D5623783%2526bid%253D17179955%2526c%253D31834%2526keyword%253DPACS%25255F4789019%25255F17182599%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 31eba576e56105b427cc5072fdf87a2334b63d15933402686268d75dd5d9c69c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/06/25/33/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbNCkHLfcY9%2DAOJT03gPdq4foCqfZoqRuzrvsouoQjv6i86I4EAEgouKjJmCVgoCAtAfIAQmpAgk1wegDTrI%2DqAMBqgScAk%5FQABdDLWJgDdql%2DY8A6uT7HLMC4poOEEJdjNUfIeHBwfqVKNdUGwlfnIPqqCmc4IWK%5FyDC6RBIq2PaWDF4lZ29LnOBLd1OnNldiRprTe90tCSF8PTtrZQX3ZaVKz7FPXlMBKiRdy%2DROQus4ONk606w%5Ftw5KSUN1IrW8OID6Xuu4izh7aYjLOTf1xWn7bmcZ3TiujSUy3v87lECmJ9gLfRc%2DFz1YW5iIjT4MYxKBaTuFRXqKMT8cwgaBLYCnVYU5GCrd2IMsubk1B8phhvzSbR50Qkr%2DpxkP%5FQ3jR2mD811pY85nvBOOW5qgvJE0iS4jzp8edEpq4M34nw7OmgvB%2D0zWOdZlsiD6Bw2O0b7TM%5FPzWTY7bLpdxTRSXHBwAS%2D6KXnkQTgBAOQBgGgBk2AB8T9sO8DqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01MjM0NDAzMjI4MjA3NjE1gAoDmAsByAsBgAwBsBPThugRyBP%5F4NfhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymG7aWVmpW14VLoMqm4Do6MsiXSlsMGctL9%2D4t1agop8KMjbhZB%5FDE4Pphj7CIWewi8Vt%5FVPsNGAE%26sig%3DAOD64%5F24fgIIhksGdUEcUov%2DIzxWcX2nSg%26client%3Dca%2Dpub%2D3104790387792468%26dbm%5Fc%3DAKAmf%2DBB%2DRN16U0kK5csgsVYdTo%5FRZS0BsMUoOhm0Q9xIEFKnzMF%5FGr8N4tUFCD%2Dk86j9F%5FXdYuAkZB8JmGubO%5Ffsflbu3gcZ6eS2x%5FUdZEp%2DSuLTS7x%5FumJJois8QhO%5FFLFxlhfcJ7Ez1sl6G1yIO%5FH1i1XKZrbmMfWtV60ue%5FE0gRVmH39zUA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBcuqQX1Hu81rIuhsVEtkrcGQqZq8NacGLEFx53qN3mNbkbo5YOwFKXXowDZwCDqxhPo2yPgWkzS8jFTV3nPZAL%2DTpJLV%2D7z4gnYeyCMceEGZuCCDwG2wePkzhnpP3bDtxTW0A%5FiK%5FjiBNiyE%5FzYSc4GSh0PWnz1xRezWS0JZk8f8IVbwwwV89P2jep5J6H4wP9P9%5F9phaSKtNELs2Qa94SHImTvvqI59IZHIxIFzlRnQEyQaG%2D9LNAmshuTuhVgxNNXQ6IPaL74p4m8wFiC%5FWEA%5Fh0LCOha%2DfO81Q9tjU85bwyqOwft%2Dbj%5FDF%2DKt4CN70E%2Duz1RavtbcpTY%2DG4AQvg6wF2hAcQlhDLv%2DvYtdJ5uPwgwnBHvdyHQOTyVC46f7gM1VmMOTrJKf8lJEOsEjLSGCx2nMBNM%2Dlsw9ZbG5%2DwUUIoTfhIv8cuob8%5Fn1jppAAGWkls4Xm4CNZmKAnes1i%5FtHl1B9EA3rpPtlg8hReRmKnrf0OK88TlBf%2DFe1fgr5HXH9%5FT%5Fb7HcL%2DP32DPL4KxVMTJ%5FyLk67GO2SGZtpTtrhu%2DNn7LmsMv253XVMt26dQswqRf%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7195827639827565324%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4789019%2526kid%253D5642381%2526bid%253D17182599%2526c%253D22509%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7195827644109425673%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7195827635527481488%2526sid%253D4389192%2526kid%253D5623783%2526bid%253D17179955%2526c%253D31834%2526keyword%253DPACS%25255F4789019%25255F17182599%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:22 GMT
content-encoding: br
last-modified: Tue, 20 Dec 2022 15:36:43 GMT
etag: "2869160403-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2553

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 5067 0
103 B 69ms
14ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGA4FOrG69yPtXiPXa7-xoo&google_cver=1&google_push=Aa02lx_GsMgqbCVgmWvabPS-y62jkrNeXkoUqi4gAkUbjTH6OD6essid6KHY88EcoQ60gWuT3xQI7DEt_c6SpDBUdV8D6drayLXl
Requested by: Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:22 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5067
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEH1ZZ1zKRvH6jDwMPCqk6aE&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dDdEeWQyWk8xUG5Rc0o1&google_gid=CAESEH1ZZ1zKRvH6jDwMPCqk6aE&google_cver=1&google_push=Aa02lx8x-Hg44qnU5A1cR2aXoobHtkZxIQKntaiKRmra3Qm...

170 B
188 B

28ms
27ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dDdEeWQyWk8xUG5Rc0o1&google_gid=CAESEH1ZZ1zKRvH6jDwMPCqk6aE&google_cver=1&google_push=Aa02lx8x-Hg44qnU5A1cR2aXoobHtkZxIQKntaiKRmra3Qmr-FPPiWDZFqUvocYiaErMnhA-XtPPE-KvyNOoh9sQxGztTXYjbPJA

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:26:22 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/d601d38#rel-ec2-master i-0faa10e3a614d791a@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dDdEeWQyWk8xUG5Rc0o1&google_gid=CAESEH1ZZ1zKRvH6jDwMPCqk6aE&google_cver=1&google_push=Aa02lx8x-Hg44qnU5A1cR2aXoobHtkZxIQKntaiKRmra3Qmr-FPPiWDZFqUvocYiaErMnhA-XtPPE-KvyNOoh9sQxGztTXYjbPJA
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i.match
a.tribalfusion.com/ Frame 5067 43 B
478 B 196ms
174ms Image
image/gif 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEO7csyuzLHqmockFdQWFKWk&google_cver=1&google_push=Aa02lx8gyj4wj2EPlWMe_frW7MpvcD14CsQKDHj4voK3nJlLKL_Y_1bmeLflGiSuF1AHYp7D_8zg2ThM2pKiFEaNcicC3p9jisw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx8gyj4wj2EPlWMe_frW7MpvcD14CsQKDHj4voK3nJlLKL_Y_1bmeLflGiSuF1AHYp7D_8zg2ThM2pKiFEaNcicC3p9jisw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:22 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7939701e1e9e9152-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 5067 43 B
351 B 116ms
24ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEC7SgE0vx2U3zmgnz46sizs&google_cver=1&google_push=Aa02lx-cby-lrVBpFG3SqZpu1uW5geOiJqlObR-p2VzAR8IUrvbE0lD0Mzavs7z7ilDnQ5EkkVf4VPleGYfP9naos8bmCdyZNEQ
Requested by: Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:21 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 5q3982npfbgiqmqesp4t7591ivlla0b6

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5067
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELTnCNIrf3AlExJLWk5je_c&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELTnCNIrf3AlExJLWk5je_c&google_hm=Y9y3HGQZSZe3VrOGdnYKPAAAFDIAAAAB&google_nid=index&google_push=Aa02lx_PrnwRjTOR_NbRKC4b6Q6Ks3giw8Niw...

170 B
188 B

27ms
25ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELTnCNIrf3AlExJLWk5je_c&google_hm=Y9y3HGQZSZe3VrOGdnYKPAAAFDIAAAAB&google_nid=index&google_push=Aa02lx_PrnwRjTOR_NbRKC4b6Q6Ks3giw8NiwKBp24UzYs78BFlNa3qZEWTsDlh8p7vET6O0ZEM4jMSy8o8bP9ppQ12FfX_k9rNb

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ae7LTPe61pe3ffomSxMF52CHZt9tJBU8MqH3TfaVpDRZbRAg6uV4uL3SczYIy1AUW7%2FCRy3SrgPfbFQTtMvnH5ogXPyb0KBrdaXNMASIqz2aB1i0hUCKcMW2aD0yS8LQwMBOVFVhCrvhPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELTnCNIrf3AlExJLWk5je_c&google_hm=Y9y3HGQZSZe3VrOGdnYKPAAAFDIAAAAB&google_nid=index&google_push=Aa02lx_PrnwRjTOR_NbRKC4b6Q6Ks3giw8NiwKBp24UzYs78BFlNa3qZEWTsDlh8p7vET6O0ZEM4jMSy8o8bP9ppQ12FfX_k9rNb
cache-control: no-cache
cf-ray: 7939701e1edb8fec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5067
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKYBmDJH6kLala6cArQ1IZQ&google_cver=1&google_push=Aa02lx8hJ_c_ktCpXwhDycX0SLWdBolwl8a90tosbjJtJ-u7ap9y1C-siQEYOfWq2wUjYD5XNLqcfBD8wy7AaLrNy...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx8hJ_c_ktCpXwhDycX0SLWdBolwl8a90tosbjJtJ-u7ap9y1C-siQEYOfWq2wUjYD5XNLqcfBD8wy7AaLrNy9f9ZuVvc0_S&google_hm=GF_euGZHQ3cUqqYJR_2ta9_q

170 B
188 B

28ms
27ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx8hJ_c_ktCpXwhDycX0SLWdBolwl8a90tosbjJtJ-u7ap9y1C-siQEYOfWq2wUjYD5XNLqcfBD8wy7AaLrNy9f9ZuVvc0_S&google_hm=GF_euGZHQ3cUqqYJR_2ta9_q

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 03 Feb 2023 07:26:22 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx8hJ_c_ktCpXwhDycX0SLWdBolwl8a90tosbjJtJ-u7ap9y1C-siQEYOfWq2wUjYD5XNLqcfBD8wy7AaLrNy9f9ZuVvc0_S&google_hm=GF_euGZHQ3cUqqYJR_2ta9_q
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5067
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELTqX3w-rMF3TBR7a0STbq0&google_cver=1&google_push=Aa02lx9yTnmmfNsfj-QL4VOT3pOq4-YxgbjWatzs8fgsLWn9JLaVi1X0fgX2tB6UbxLUNwfB8KSPtTmRLAG74QZj...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9yTnmmfNsfj-QL4VOT3pOq4-YxgbjWatzs8fgsLWn9JLaVi1X0fgX2tB6UbxLUNwfB8KSPtTmRLAG74QZjB4CluzyPk4M

170 B
188 B

37ms
36ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9yTnmmfNsfj-QL4VOT3pOq4-YxgbjWatzs8fgsLWn9JLaVi1X0fgX2tB6UbxLUNwfB8KSPtTmRLAG74QZjB4CluzyPk4M

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 03 Feb 2023 07:26:22 GMT
via: 1.1 2a46367687c8f1815bbea20c92c7d64c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS1-P2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9yTnmmfNsfj-QL4VOT3pOq4-YxgbjWatzs8fgsLWn9JLaVi1X0fgX2tB6UbxLUNwfB8KSPtTmRLAG74QZjB4CluzyPk4M
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: itnKJABiDCKaEEmSPGNUS5Ui8fQtaaqzw4OOgdbo3Tu0HnPNyki82A==

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5067 0
12 B 43ms
30ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I0tl0wxCuKZu5RHNm6zRjy4N0Elgsg11Yctt_GNdeHTLmvnuxt35FLpYY9ShyYMDO41ihK

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 adplayer_privacy.sjs Show response
imagesrv.adition.com/js/adplayer/ Frame 5F9D 20 KB
6 KB 74ms
64ms Script
text/javascript 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adplayer/adplayer_privacy.sjs?oba=0&domId=obaButton_7195827639827565324&title=PIA+Advertising+GmbH&text=nutzt+u.a.+die+ADITION+Adserving-Technologie.+Mehr+&url=https%3A%2F%2Fpia-advertising.com%2Fopt-out%2F&linkText=Informationen+zum+Datenschutz%2FOpt-Out+&pos=top-right
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/270/oba_priv.sjs?oba=&domId=obaButton_7195827639827565324&btr=true&pos=top-right&cid=627838&aid=627838
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 4f40c8222c8ac08f6ab2ab7cb8d51882ae1cde375eab25bd70f9e28ae5d6739e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 07:26:22 GMT
content-encoding: br
content-length: 6040
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 903C 0
20 B 51ms
51ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BgtxQHbfcY77iNJrA9u8P2Ny_0AYAAAAAOAHgBAI&bg=!XV6lXhrNAAaq5O5FiuQ7ACkAdvg8Wt8VlddIhl0Iu8F8htOCHdiNjH4iWUe13Y78HeajLqgCbaB5BAIAAAFlUgAAAARoAQeZAu_JT-qdmfe4hNDP9nBUK7IUw9DlT1CRZS92RGFxCAq1980iADcI54lpnItZrVBMCoLJD02Wz4dkpl73oRKOjPQ22n0dkGbD-rMWKNW9cN0vvRT9Zzas1NO8-zdpVEhrEvtCaBJOKVmcKU9N17LxfjYJ9IS9sJKMYG2nfvIFI2_XVVI3tQghzkOY_Jdy1ng_HohYYExbWlFEKmfCpTUMKq96UGHBGBUSABc2cB7i2Eb7BVkjxvJv1YGWk8X4ckqeIbKEvmmV5OPMudDNh5Ztp5F0mUSFMmXrL9ccfViWt6RFBsWmExyWuEwr7UPlLQZKlE1AUd4tj5pQqaUnHJd8Cb7O2cMS8w1OUd3Pd6CGEeNTaH0oC3w1c9UtqSEeQlZv7X9214rnFxOh1pQcLQ3QAB1KIyBu14Z5gGxDWYq5UqD8ajlLPvmI_q6_zx5UbvL82PjUbOWRfy2-k1sin4GLdJGjfOQi0MTyqk2dSJuNnKGHF7jIqguDIRsbrMoFF2s0G56wD7C89UUldDPwjhVzVbwTj-JEkrmKg-0Y_vo_airPHzihz3t4--gDgXXjkwjN1vg-4aPWjqFDKj0ICGfoxPc0EQFgpBaHeVBTtMAdkmsuktw5eXo40lFIsAOvYfYk_WmeYI8H5vozyfZLj-LNO54N3BM7PO1wesVG3yx8-9E-fad9zGTQfuV692WbPakau2LvMcyadVjRldV7FTkxsBNS3cp4hVpC2AT-ZZ2PDLg4L8lQ2Q97GVKnC26m6JUDMYXZSSpIL8ayx35cD95ldsk3bZpcf01yuw6_L7_DnKBSim6AoNdftlpiByNI23gcZXQ7Q6HgWqEaYyCi5h3g96GuxygkvcErP_txOWLb4pC7OWpUlfme-glP9yavdNFZUdIy7Wcd2cAi-u4xZgP6vnhvhNoKjOaGtFKq5PchyYEoLTkDAVhXLeFGMm2fWkFvKUzSR5DA85zJ8y3VdfxoWAXU0RdfKb0n82pduv8Jy7Ew

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 5E67 47 KB
47 KB 20ms
18ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:800italic,600italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://imagesrv.adition.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 19:22:25 GMT
x-content-type-options: nosniff
age: 561837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47952
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 19:22:25 GMT

GET
H2 200 adplayer.min.css
imagesrv.adition.com/js/adplayer/ Frame 5F9D 3 KB
998 B 26ms
21ms Stylesheet
text/css 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adplayer/adplayer.min.css
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/js/adplayer/adplayer_privacy.sjs?oba=0&domId=obaButton_7195827639827565324&title=PIA+Advertising+GmbH&text=nutzt+u.a.+die+ADITION+Adserving-Technologie.+Mehr+&url=https%3A%2F%2Fpia-advertising.com%2Fopt-out%2F&linkText=Informationen+zum+Datenschutz%2FOpt-Out+&pos=top-right
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: dc1ca4850a9ee967d6ebcb561007bdea073f8380ae5a0a4f634945e3f9b59b87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:22 GMT
content-encoding: br
last-modified: Tue, 30 Oct 2012 15:33:13 GMT
etag: "524465627-br"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 918

GET
H2 200 oba_icon.png
imagesrv.adition.com/js/adplayer/ Frame 5F9D 3 KB
3 KB 21ms
21ms Image
image/png 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/js/adplayer/oba_icon.png
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/js/adplayer/adplayer.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/js/adplayer/adplayer.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 07:26:22 GMT
last-modified: Tue, 30 Oct 2012 15:33:13 GMT
accept-ranges: bytes
etag: "502461915"
content-length: 3262
content-type: image/png

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 52ms
52ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.edivaldobrito.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 25ms
24ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.edivaldobrito.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 79 KB
38 KB 475ms
475ms XHR
text/plain 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3122831324647189&correlator=1476270899425760&eid=31072030%2C31072038%2C31072042%2C31068367%2C31070233%2C44752586%2C31071662&output=ldjh&gdfp_req=1&vrg=2023013001&ptt=17&impl=fif&iu_parts=45470634%3A22456102421%2Cclickio_area_668841_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600%7C300x250%7C300x600&ifi=4&adks=520963280&didk=1466660151&sfv=1-0-40&prev_scp=autorefresh%3D30_sec%26smart_position%3D2%26unit_type%3Dsticky%26ar_imp%3D0%26clsid%3D215867%26claid%3D668841&cust_params=adm_lazy_load_dev%3D400x400d&sc=1&cookie=ID%3D35e566bee3f76e45-2201ce4a8cdb0008%3AT%3D1675409177%3AS%3DALNI_MZ1L1YQvakRfHGoWGMn07Lj78X7EQ&gpic=UID%3D0000099e7e37b81a%3AT%3D1675409177%3ART%3D1675409177%3AS%3DALNI_MaIbVJSJeFEOPfFFKjKyHI2cnMTdg&arp=1&abxe=1&dt=1675409182581&lmt=1675409182&dlt=1675409174249&idt=3298&adxs=1090&adys=4497&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker&frm=20&vis=1&psz=324x0&msz=324x0&fws=0&ohw=0&ga_vid=1349497048.1675409174&ga_sid=1675409177&ga_hid=1488797072&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8168659df3e6a543d16ec669f320e70b329a3b032abf626405baa3671f217107

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38430
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
207 B 16ms
15ms Script
application/x-javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=2&ses_id=2eu64lt9dsf1z45917704590&area_id=668841&policy=ok&sub_id=2&f=__lxG__.tmp.rot_44johech744p07i9&rt=918258938
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/common_258.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 58d2e5c66d83287f33cb353e1619807d48cb669a1e52c662ec2976362b796491

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:22 GMT
iseu: eu
content-encoding: gzip
server: nginx/1.16.0
content-type: application/x-javascript; charset=utf-8

POST
H2 200 track
track1.aniview.com/ Frame AB9E 0
93 B 102ms
102ms Ping
text/plain 3.224.190.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.edivaldobrito.com.br&rs=www.edivaldobrito.com.br&sid=52702&t=1675409178&cip=37.58.58.246&sn=&tgt=0&osv=10&bv=109.0&brn=Chrome&wi=640&he=361&app=&AV_PUBLISHERID=618cca00a870522e4313ee77&test=&d64=bbc0090e88964fc16afdfa599393adf9&d63=bbc0090e88964fc16afdfa599393adf9&aafaid=&proto=https&uid=1675409178108-974032363357-001167-000-005450&cha=0.1&stagid=618cd4566186e8554d6d3977&stplid=618ccc9203e747342150da89&d35=&d36=6.2.79&cb=79628088613&d39=&d65=&d66=&apppkg=&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=&AV_WIDTH=640&AV_HEIGHT=361
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=618cca00a870522e4313ee77
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.190.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-190-254.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.edivaldobrito.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 07:26:22 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DE3D 42 B
64 B 48ms
48ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstj4PjiJKUvv455GRRhj0DguZYsXfl4NeQajyxYovvWGGhF3QljSgiBdKfCpPDO_L_XMx9ALkJynk3ueFskZHpxQxw&sig=Cg0ArKJSzCDjMm5Cn9WNEAE&cid=CAASF-Ro1lJIC6AS0Bkv9n009bM0K0cDsQki&id=lidar2&mcvt=1000&p=1110,332,1200,1302&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=676424135&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675409181657&rpt=117&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9F1F 42 B
64 B 55ms
54ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssCgGau3F27UG5eH4pXpSTTmtHN82HSMneIep9SO7HNBdQddmtWy_h6rTNNC5Y4NKOKOHMGq6NbjKrR4kitl2aUN58qvt6EDjsM5ao9FWa6PoIxi7KGxJncgubAX1qEWMjxFgBOAs8IVrd5j9-D4WDJR9IN87JYFCatlJ_q1PUioFxzmsLncOz0_w2FduJFbjAm&sai=AMfl-YRu776WSLmwcJ0_R_0hSbfSucRO22QjQNMb11icH8Sr7tXOTJEWeBFuwy65RB2dQvXr10A-7arNQkhe-5npz2fSDos_uKRTXtq2-x7U7jFYLkP7yR9Obse0-lw&sig=Cg0ArKJSzK6igW2_7JoEEAE&cid=CAQSOwDUE5ymxq2AiXn58LoQJyWeAmlEMS7T5SxKjq4zVuCsOxKvzdOupuLkXAhzCuCu7ZiZwvt7fdK_nOEJGAE&id=lidarv&acvw=sv%3D947%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D696,378,957,842%26tos%3D2110,0,0,0,0%26mtos%3D2110,2110,2110,2110,2110%26amtos%3D0,0,0,0,0%26mcvt%3D2110%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2110%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D633%26pst%3D415%26dur%3D31370%26vmtime%3D1852%26dtos%3D2110%26dtoss%3D1%26dvs%3D2099%26dfvs%3D2099%26dvpt%3D2099%26is%3D33554707%26i0%3D33554707%26ic%3D16777217%26cs%3D50336019%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2058%26femvt%3D0%26emc%3D13%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D362636435%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D4866%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2110&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1675409180484

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 17ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-87XS8XZJ6G&gtm=45je3210&_p=1488797072&gdid=dZGIzZG&cid=1349497048.1675409174&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1675409174&sct=1&seg=0&dl=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker&dt=Page%20Not%20Found%20-%20Blog%20do%20Edivaldo%20-%20Informa%C3%A7%C3%B5es%20e%20Not%C3%ADcias%20sobre%20Linux&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-87XS8XZJ6G
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.edivaldobrito.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 18ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-46TXG2Y06D&gtm=45je3210&_p=1488797072&gdid=dZGIzZG&cid=1349497048.1675409174&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1675409177&sct=1&seg=1&dl=https%3A%2F%2Fwww.edivaldobrito.com.br%2Fwp.serviceworker&dt=Page%20Not%20Found%20-%20Blog%20do%20Edivaldo%20-%20Informa%C3%A7%C3%B5es%20e%20Not%C3%ADcias%20sobre%20Linux&_s=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-46TXG2Y06D&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.edivaldobrito.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.edivaldobrito.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2543 6 KB
3 KB 15ms
15ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edivaldobrito.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 07:26:20 GMT
expires: Sat, 03 Feb 2024 07:26:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
clickiocdn.com/utr/logst_sa/c2FpZD02Njg4NDF+NjY4ODQyfjY2ODg0MX42Njg4NDJ+NjY4ODQxfjY2ODg0Mn4tfi1+LX42Njg4NDF+LX42Njg4NDJ+LX4tfi1+NjY4ODQxfi1+LX4tfi1+LX42Njg4NDJ+NjY4ODQxfi0mc3NpZD0yfjF+LX4tfi1+LX4tf... 38 B
206 B 16ms
16ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_sa/c2FpZD02Njg4NDF+NjY4ODQyfjY2ODg0MX42Njg4NDJ+NjY4ODQxfjY2ODg0Mn4tfi1+LX42Njg4NDF+LX42Njg4NDJ+LX4tfi1+NjY4ODQxfi1+LX4tfi1+LX42Njg4NDJ+NjY4ODQxfi0mc3NpZD0yfjF+LX4tfi1+LX4tfi1+LX4yfi1+MX4tfi1+LX4yfi1+LX4tfi1+LX4xfjJ+LSZhY3Q9ZHluX3BnX3Bvc19sc35nX2V2X3Nsb2Fkfi1+Z19ldl9zbG9hZF9sbHZfNDAweDQwMGR+LX5nX2V2X3NyZW5kfmdfZXZfc3JlbmRfbGx2XzQwMHg0MDBkfmdfZXZfc3JlbmRfbmV+Z19ldl9zcmVuZF9uZV9sbHZfNDAweDQwMGR+Z19ldl9zcmVxfmdfZXZfc3JlcV9sbHZfNDAweDQwMGR+Z19ldl9zcmVzcH5nX2V2X3NyZXNwX2xsdl80MDB4NDAwZH5zbG90X2FkbV9yZXBseX5zbG90X2FkbV9yZXBseV9sbHZfNDAweDQwMGR+c2xvdF9jYWxsX2FkbX5zbG90X2NhbGxfYWRtX2xsdl80MDB4NDAwZH5zbG90X2hiX2VuZH5zbG90X2luX3BnfnNsb3RfbGxfdmFyXzQwMHg0MDBkfnNsb3Rfcm5kcl9jbGx+c2xvdF9ybmRyZF9jb250ZW50fnRnbF9zXzJfb2t+dGdsX3NfMl9va19vayZwbHRmPX4wJnVybD1+d3d3LmVkaXZhbGRvYnJpdG8uY29tLmJyJnZjbnQ9MjQmX2Y9X19seEdfXy50bXAubG9nc3Rfd2t5d2VpdHRhb253cWhwbw/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/215867/360.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 464264b65354ea30cabe44c1fb03924c17330968b7be5486ca3956a2dcb245fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edivaldobrito.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 07:26:23 GMT
cache-control: no-cache
content-encoding: gzip
iseu: eu
server: nginx/1.16.0
content-type: application/javascript; charset=utf-8

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D6CA 640 B
262 B 64ms
64ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_KwM8CENXundACGOvM6t4BMAE&v=APEucNVL3x38useiAl_D5j_HkNwl249iyTc9KPm67bosfPsun3E_hOj2N8316826OxMnR6keNpm1TmYV0Pomerz0T7n3xzuk30SbFlSXigfmtJ3NHVGf_bgi5ysPHGk-kTHplgIRdpJ1lYkPgdAHG0s_Z672mjWFo7uM1UcGOaUigSEsQ9T0Jdk

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 07:26:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame 2543 22 KB
9 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:25:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43248
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8993
x-xss-protection: 0
server: cafe
etag: 12355142264901698679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:25:35 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/ Frame 2543 6 KB
2 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:21:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43478
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2477
x-xss-protection: 0
server: cafe
etag: 8436122973860808490
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:21:45 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2543 0
0 132ms
60ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvy4HTIn6jmMHOW5KT9_c3lEvK79F-2637u1g5p0oVpFjJcRIU1a0unMhXZsOS3q8_A0AmKYDV9Hm3pQ3yB8Y9nCSZ2LTuJCNq--no9QcD6AjLMAMHIn_egTB1a97Qup3UeGK6ZSdZpH5dpbmr-epPBlZDliZx4CKVQtgCGRpps7c-3eiMQRyyTNe8xn9QVcv-ashVUSXLyrL5aikahHRqtNPMfrouMDyNoyxiXxAknfq95LQgKf_v5rguY9K5Uv5HCCU053Mnnk6pFXJaiQYCJeU5UeOKTthKNA1O4U13iWA7k0Cj2pZuc-XFYbY12N5cseX1aEaC6XQkFqvZ3bm_lLuGrIG0FjnVbmrof_CPeqDAyF8rKvR1838ib8fH3Ww7qum7h8r_2Zz6Tvhf4JIGoL2YjWTA9lMJQ02ihb_B5sLBOjz9XmRgKyKhZuaRL5FrGqmPsv-jP1ONXqiLltz33LrRwL5dQ_Sa9d0jjY8Tdx23bCUQjLIOAgQwt5qX2r98j7jStaEYFuwg5GWxH3ktcf-_bavR8Gyp7bmXhPoTHUKhRgkBxrd5XN6lFGbQZ8b_WCaVN0emHjCUR-f0wAIBpX6DBm4_HCFTHkzAjngVM4Imv7-kmwhUK5D21qXumsV9yYeDDeaOpgLGClHESPgVLfoyxw6mtkB6KeSeeo_DlaYFZGhW_M82D_kwWmSzlOOz1yAcHN-6WBiAUYViKT7PmJ3gDO5_4sUxXmiAfnAZaCEKZBNWhSIFOovN7xvK3l6eOy0aFGILoEwky9zG3HSY_9JENWCLLekvCfI6WTfHP0v9vG8OTppynVY5wJnKWtK_U9a4NvcSgS1hdxpMn0eK9BS0xzwTPQ2C0URPHwW9YemmB8gjKTB-YRGZ5ThQPHajzSrt_8DqX7o9snF8MEItESMH3nOFbhOYULQAMLc5if6433ru-xnN1Zga8MhoGGs3mY8UAb5eTTK1cr2kRIDhKhZqSz5DpEx6mrd4TfWcMkJDrvC5do0I7fHy9b-u3fUx_XxOOrTh0LWR1zJzsoCEHbChsfuTszUBN9Tkbc2t21QTFM08f69tb1aFk-Ys6Ycntk2jbdOuyES4Ivffo0ojJul_bJY80brDdOG_F5Zq7cwP-p-TIFZvkOqZ7yYjQJyhYO7Ju6FYaXzYhcgAqHSCO-tnDUJjZZAMATfUi-N4_zTnKwLibIHtKlvCDkRQOPbxnMy-5ui48e-Cl0MmYUaOXecjGJfHI06LgnvXSWZCTJz7bpEB2mtCvSv9d_8qZfx_Nx-c7n-k-QsuIiyMhJpY9uWRaf6m2D877qEtR8aASUKfnggWPOzGZNhyjTSF-shA6Gwbvc4ZBOpw6xF24GF12N2Sk-JhqROp5mYerpMYpWA0zayBz0F0mNXAK54dZTs038cX5ZgyVbALHurnH3boYeGJEcnzAuDyhkfMoeGvFWG0KKY_uzLm665jr06GUXM1XsqpvkzVPqyAXljpvK3c&sai=AMfl-YQwUibeLpqH2NvUN1VpsgWq-zB02NLJjdLHiNId0RxjkrwipD4PEI1vpgXo9QKkLWutqFYxHN3ZfHTKiZN8OLTluIAypwcYeWL4wLqbyairg4sdmU9FmkGG5XA2fi07pRY6y_J1cpX73Hodzd0MvEVq_OLN4XNdEIuURGD-ztdAU8o1S1-sUXab2GnaOHqYUjABy1SnM7j9pkwdfL1GjVFYLDj0qrhMegGMaYkGgQhbMB86aeHBVzchpBA8hJbX8S7-QFHyMNEv7-8HkN1cTC63FF2eAXPxXUx3Og9yHUoBcOuPGPWo7npBNlV4B10ReU75dk_yMldsk8yRFDKeDcRB8z1TTCr0k-Zkn2O09-aGHa8HbHpYy4RWIrUB1_WqHsOUP2BjDGg&sig=Cg0ArKJSzJJ4DrEmPGKhEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230201.86962&arae=0&ftch=1&adurl=

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 03 Feb 2023 07:26:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Feb 2023 07:26:23 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2543 41 KB
15 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.edivaldobrito.com.br
URL: https://www.edivaldobrito.com.br/wp.serviceworker

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 11:22:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158643
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Feb 2024 11:22:20 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2543 42 B
63 B 54ms
52ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DS-FxhZ8dyxJ4NuAYaV5tQ9-1voDCltXggKwUoVh_KD9KIhsI1Q3Hvc_ZaVq92bZ5M7BGB7eRyXThFwZpgVHxvG8C4w51YyUwEM1wlGlL5crsBquM

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 2543 3 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:54:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 06:54:33 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 2543 18 KB
7 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:19:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43618
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:19:25 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2543 0
0 52ms
51ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR_YFy2CQTGh6bt7asxZEgM-Zbc5iyU5GRnlUkxosbmvONZxs71N_TiaG7_Jx2e5ZsBlX0uSU1mU97ht-a4EUIHnjxTMw
Requested by: Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2543 157 KB
48 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 07:26:23 GMT

GET
H3 200 9633815884623523259
s0.2mdn.net/simgad/ Frame 2543 54 KB
54 KB 31ms
31ms Image
image/jpeg 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/9633815884623523259

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3b67a782e0acc5f211b9f969169b53a5dc067293a3eda032c97f54eba646b7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 12:16:08 GMT
x-content-type-options: nosniff
age: 241815
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55175
x-xss-protection: 0
last-modified: Wed, 18 Jan 2023 19:29:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 31 Jan 2024 12:16:08 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EF3C 1 KB
643 B 14ms
13ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 60186
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 14:43:17 GMT
etag: 48472445140208031
expires: Fri, 03 Feb 2023 14:43:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D688 22 KB
8 KB 14ms
14ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 158643
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 11:22:20 GMT
expires: Thu, 01 Feb 2024 11:22:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2543 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7ab6fea6e22af43b6035dc51004daf4e22994ac2d66eab373913b679b5d56a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 all
csm.eu.criteo.net/ Frame 5D31 0
127 B 16ms
15ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 07:26:22 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame EF3C 0
103 B 15ms
13ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGA4FOrG69yPtXiPXa7-xoo&google_cver=1&google_push=Aa02lx8SQ1WFZ0rnSw2EKm_CWRCNEDlXympZOksCZcNm7N4afqyDaqrDrVhLq6LZ6wAYS8apW3x8MvOiyB0kuFtrA5pUFyqnIik
Requested by: Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:23 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EF3C
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECtusmoofy1tRg9XU2odunE&google_cver=1&google_push=Aa02lx_420r5qhz9Kqq73cgVL6OIpN0SXa-hTokMHNmX_ydqEWBpC1nnv-jn1IrkpfdqFJVh3lUzvtU9Mw6JxHZ-...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=JoJj3LccRQCgLsXYE76yXQ&google_push=Aa02lx_420r5qhz9Kqq73cgVL6OIpN0SXa-hTokMHNmX_ydqEWBpC1nnv-jn1IrkpfdqFJVh3lUzvtU9Mw6JxHZ-j79v0AbGbQ

170 B
188 B

26ms
26ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=JoJj3LccRQCgLsXYE76yXQ&google_push=Aa02lx_420r5qhz9Kqq73cgVL6OIpN0SXa-hTokMHNmX_ydqEWBpC1nnv-jn1IrkpfdqFJVh3lUzvtU9Mw6JxHZ-j79v0AbGbQ

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 03 Feb 2023 07:26:23 GMT
Server: MT3 421 8749e8d master cdg-pixel-x35 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=JoJj3LccRQCgLsXYE76yXQ&google_push=Aa02lx_420r5qhz9Kqq73cgVL6OIpN0SXa-hTokMHNmX_ydqEWBpC1nnv-jn1IrkpfdqFJVh3lUzvtU9Mw6JxHZ-j79v0AbGbQ
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 03 Feb 2023 07:26:22 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame EF3C 43 B
135 B 22ms
20ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEC7SgE0vx2U3zmgnz46sizs&google_cver=1&google_push=Aa02lx_4Lw7xs1yvONxDoB5kIrTyev1HKaORcINEFA-ryssj9oyIvlSnrYUJLe42w0xvWiCC6R2Au_3G4y9X0YODjDPjWmOH9tA
Requested by: Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:22 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 8a94od2akvt14v3vfojh3d6bv8k0tbnt

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EF3C
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xeyruCXETKODYdNIt1f4hg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

26ms
25ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xeyruCXETKODYdNIt1f4hg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-Y7oD4P8dWfLqz1vo3_puBk-FtSVwnXtcqNTc_hTBxCFoGIWf9B4elnnvZ2MTKSP3mnHpL2SHrlOdHX8cLjWbJ5hGYww

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xeyruCXETKODYdNIt1f4hg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-Y7oD4P8dWfLqz1vo3_puBk-FtSVwnXtcqNTc_hTBxCFoGIWf9B4elnnvZ2MTKSP3mnHpL2SHrlOdHX8cLjWbJ5hGYww
date: Fri, 03 Feb 2023 07:26:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EF3C
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKYBmDJH6kLala6cArQ1IZQ&google_cver=1&google_push=Aa02lx94DH2fSM2gajec5Sbmi6HwU05hEJmtUl8GNK_St1HOtZ8Ngf-EZVZcVFfJPDu284DPnd5x-x1CjKR_MAU4t...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx94DH2fSM2gajec5Sbmi6HwU05hEJmtUl8GNK_St1HOtZ8Ngf-EZVZcVFfJPDu284DPnd5x-x1CjKR_MAU4tl6ci-FPDiI&google_hm=GF_euGZHQ3cUqqYJR_2ta9_q

170 B
188 B

25ms
25ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx94DH2fSM2gajec5Sbmi6HwU05hEJmtUl8GNK_St1HOtZ8Ngf-EZVZcVFfJPDu284DPnd5x-x1CjKR_MAU4tl6ci-FPDiI&google_hm=GF_euGZHQ3cUqqYJR_2ta9_q

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 03 Feb 2023 07:26:23 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx94DH2fSM2gajec5Sbmi6HwU05hEJmtUl8GNK_St1HOtZ8Ngf-EZVZcVFfJPDu284DPnd5x-x1CjKR_MAU4tl6ci-FPDiI&google_hm=GF_euGZHQ3cUqqYJR_2ta9_q
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EF3C
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPKyJEM9KQXHWQJ7WtXwcTM&google_cver=1&google_push=Aa02lx_Ww6UA8BOORYAKY9SEFgKABSqqAv21gKNBl4eUdsDfAZ0dnwiVuu3rzaqRbWYdSR1sHHHrVesJsFMW7O8nNwO4Fst-_DQ
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx_Ww6UA8BOORYAKY9SEFgKABSqqAv21gKNBl4eUdsDfAZ0dnwiVuu3rzaqRbWYdSR1sHHHrVesJsFMW7O8nNwO4Fst-_DQ...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQ4MzUwNjMxNzM3MDE2NjE0NzY0MQ%3D%3D&google_push=Aa02lx_Ww6UA8BOORYAKY9SEFgKABSqqAv21gKNBl4eUdsDfAZ0dnwiV...

170 B
188 B

26ms
25ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQ4MzUwNjMxNzM3MDE2NjE0NzY0MQ%3D%3D&google_push=Aa02lx_Ww6UA8BOORYAKY9SEFgKABSqqAv21gKNBl4eUdsDfAZ0dnwiVuu3rzaqRbWYdSR1sHHHrVesJsFMW7O8nNwO4Fst-_DQ

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzQ4MzUwNjMxNzM3MDE2NjE0NzY0MQ%3D%3D&google_push=Aa02lx_Ww6UA8BOORYAKY9SEFgKABSqqAv21gKNBl4eUdsDfAZ0dnwiVuu3rzaqRbWYdSR1sHHHrVesJsFMW7O8nNwO4Fst-_DQ
date: Fri, 03 Feb 2023 07:26:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EF3C
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEEJ9IoorZuytjDs7vPQuW4M&google_cver=1&google_push=Aa02lx_LHUI7xd2_rxcTYdqWRfh5w6wjGxQ4Lcjw86xG4y-sX9LR20Dy6ZjBrcQmdX9SZXdbcY...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1BN2pqRkdWRTJ1RzViVnRNU2lRTWhiT1BGUUx0dGNocn5B&google_push=Aa02lx_LHUI7xd2_rxcTYdqWRfh5w6wjGxQ4Lcjw86xG4y-sX9LR20Dy6...

170 B
188 B

25ms
24ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1BN2pqRkdWRTJ1RzViVnRNU2lRTWhiT1BGUUx0dGNocn5B&google_push=Aa02lx_LHUI7xd2_rxcTYdqWRfh5w6wjGxQ4Lcjw86xG4y-sX9LR20Dy6ZjBrcQmdX9SZXdbcYkR8EYOweELADa5VTwBA8qoghSE

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:26:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1BN2pqRkdWRTJ1RzViVnRNU2lRTWhiT1BGUUx0dGNocn5B&google_push=Aa02lx_LHUI7xd2_rxcTYdqWRfh5w6wjGxQ4Lcjw86xG4y-sX9LR20Dy6ZjBrcQmdX9SZXdbcYkR8EYOweELADa5VTwBA8qoghSE
date: Fri, 03 Feb 2023 07:26:23 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame EF3C 0
12 B 24ms
23ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LvtrRHp6oiZzoUZ212UzT93wH1hwF1wy0DgOq-oedOkdAuGp7ZOUN26bcCkXQdZK0QYFlwxw

Requested by

Host: 7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com
URL: https://7893173f687d50a448ef7f61b9e8f814.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS