www.kanui.com.br Open in urlscan Pro
185.76.11.52 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kanui.com.br/
Effective URL:
https://www.kanui.com.br/
Submission: On March 02 via api (March 2nd 2023, 8:08:37 am UTC) from US — Scanned from DE

Summary HTTP 618 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 89 IPs in 16 countries across 81 domains to perform 618 HTTP transactions. The main IP is 185.76.11.52, located in Madrid, Spain and belongs to CDN77 ^_^, GB. The main domain is www.kanui.com.br.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on May 30th 2022. Valid for: a year.

This is the only time www.kanui.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.0.154.209 52.0.154.209	14618 (AMAZON-AES) (AMAZON-AES)
98	185.76.11.52 185.76.11.52	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2606:4700::68... 2606:4700::6810:cc16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:80d::200a	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:4f:1... 2620:1ec:4f:1::44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2606:4700:20:... 2606:4700:20::681a:b5b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:21f... 2600:9000:21f3:1a00:15:ad21:c740:93a1	16509 (AMAZON-02) (AMAZON-02)
4	212.102.54.14 212.102.54.14	60068 (CDN77 ^_^) (CDN77 ^_^)
5	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
1	20.206.128.53 20.206.128.53	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2600:9000:205... 2600:9000:2050:a600:a:b89d:a6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
21	13.32.110.64 13.32.110.64	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:80e::2008	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:400d:803::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:5800:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
17	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
1	13.225.78.14 13.225.78.14	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	151.101.129.194 151.101.129.194	54113 (FASTLY) (FASTLY)
9	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	44.199.3.212 44.199.3.212	14618 (AMAZON-AES) (AMAZON-AES)
3	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.65.40.10 18.65.40.10	16509 (AMAZON-02) (AMAZON-02)
4	2.23.97.97 2.23.97.97	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 4	185.184.10.30 185.184.10.30	203690 (RTB-HOUSE...) (RTB-HOUSE-ASH)
1	67.202.105.21 67.202.105.21	32748 (STEADFAST) (STEADFAST)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	13.224.189.42 13.224.189.42	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:402... 2a00:1450:4025:402::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80a::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:400d:808::2004	15169 (GOOGLE) (GOOGLE)
97	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
4	34.120.4.21 34.120.4.21	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.209.30.249 52.209.30.249	16509 (AMAZON-02) (AMAZON-02)
1	13.225.78.105 13.225.78.105	16509 (AMAZON-02) (AMAZON-02)
8	3.122.81.162 3.122.81.162	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:400d:80e::2001	15169 (GOOGLE) (GOOGLE)
5 7	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::24 2a02:2638::24	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
39	2a00:1450:400... 2a00:1450:400d:80a::2001	15169 (GOOGLE) (GOOGLE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	52.209.246.127 52.209.246.127	16509 (AMAZON-02) (AMAZON-02)
16 69	142.250.180.194 142.250.180.194	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 4	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2 7	23.203.125.36 23.203.125.36	16625 (AKAMAI-AS) (AKAMAI-AS)
6 8	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
4 5	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
69	2a00:1450:400... 2a00:1450:400d:807::2006	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
2 2	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	98.98.134.241 98.98.134.241	21859 (ZEN-ECN) (ZEN-ECN)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
7 7	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
5 5	216.52.2.86 216.52.2.86	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2	151.101.194.217 151.101.194.217	54113 (FASTLY) (FASTLY)
2	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
3 3	35.157.53.153 35.157.53.153	16509 (AMAZON-02) (AMAZON-02)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 3	18.193.152.7 18.193.152.7	16509 (AMAZON-02) (AMAZON-02)
5 7	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
2 2	2a05:d018:d29... 2a05:d018:d29:3605:cbf7:2d7b:a2a1:22ee	16509 (AMAZON-02) (AMAZON-02)
4 4	213.155.156.184 213.155.156.184	1299 (TWELVE99 ...) (TWELVE99 Arelion)
5 7	35.157.135.232 35.157.135.232	16509 (AMAZON-02) (AMAZON-02)
12	142.251.39.2 142.251.39.2	15169 (GOOGLE) (GOOGLE)
2 2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 4	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
7	185.86.139.93 185.86.139.93	201081 (SMARTADSE...) (SMARTADSERVER)
1	151.101.65.194 151.101.65.194	54113 (FASTLY) (FASTLY)
3	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	92.123.38.97 92.123.38.97	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.122.75.125 3.122.75.125	16509 (AMAZON-02) (AMAZON-02)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	37.157.5.142 37.157.5.142	198622 (ADFORM) (ADFORM)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1	104.18.25.185 104.18.25.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	34.246.68.114 34.246.68.114	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.58.222.68 52.58.222.68	16509 (AMAZON-02) (AMAZON-02)
1	20.13.96.71 20.13.96.71	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f18:612... 2600:1f18:612b:4280:cba:636a:40f6:2f6	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	104.96.129.75 104.96.129.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.242.33.143 34.242.33.143	16509 (AMAZON-02) (AMAZON-02)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:211... 2600:9000:211a:8400:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	54.77.141.150 54.77.141.150	16509 (AMAZON-02) (AMAZON-02)
3 3	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	34.255.170.214 34.255.170.214	16509 (AMAZON-02) (AMAZON-02)
1	3.14.121.110 3.14.121.110	16509 (AMAZON-02) (AMAZON-02)
618	89

1 52.0.154.209 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-154-209.compute-1.amazonaws.com

kanui.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

98 185.76.11.52 (Madrid, Spain)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-185-76-11-52.azioncdn.net

www.kanui.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dafitistatic.dafiti.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.dafiti.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.kanui.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:cc16 (United States)

ASN13335 (CLOUDFLARENET, US)

eum.instana.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:4f:1::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

selo.compreconfie.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.confi.com.vc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:b5b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.privacytools.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:1a00:15:ad21:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)

st.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.102.54.14 (Milan, Italy)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-212-102-54-14.azioncdn.net

dafitistatic.dafiti.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.206.128.53 (Campinas, Brazil)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

analytics-stamp.confi.com.vc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2050:a600:a:b89d:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 13.32.110.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-64.vie50.r.cloudfront.net

async-px.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80e::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:400d:803::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:5800:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-14.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.129.194 (United States)

ASN54113 (FASTLY, US)

wkxppshj-qx.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.199.3.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-199-3-212.compute-1.amazonaws.com

kibana-mkt.dafiti.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.40.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-40-10.ams1.r.cloudfront.net

d34e3zwe3zzpan.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.23.97.97 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-97-97.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.184.10.30 (Poland) 3 redirects

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net

us.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.21 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-42.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4025:402::9b (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::2008 (Ireland)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:400d:808::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

97 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.120.4.21 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 21.4.120.34.bc.googleusercontent.com

eum-orange-saas.instana.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.30.249 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-30-249.eu-west-1.compute.amazonaws.com

pond.datajet.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-105.fra2.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.122.81.162 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-81-162.eu-central-1.compute.amazonaws.com

colrep.sitelabweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:80e::2001 (Ireland)

ASN15169 (GOOGLE, US)

01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::c (France) 5 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:400d:80a::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.246.127 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-246-127.eu-west-1.compute.amazonaws.com

session.sitelabweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

69 142.250.180.194 (United States) 16 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.171.149 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.203.125.36 (Vienna, Austria) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-36.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.94.180.126 (Amsterdam, Netherlands) 6 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.75.62.37 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

69 2a00:1450:400d:807::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:7eb1:3826:be7e:d981 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.134.244 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.241 (United States) 2 redirects

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.157.2.234 (Denmark) 7 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.52.2.86 (United States) 5 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.217 (United States)

ASN54113 (FASTLY, US)

cdn.480app.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.157.53.153 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-53-153.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.193.152.7 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-152-7.eu-central-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 51.89.9.253 (London, United Kingdom) 5 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3605:cbf7:2d7b:a2a1:22ee (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.155.156.184 (Sweden) 4 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-184.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.157.135.232 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-135-232.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.251.39.2 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s37-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.215 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.86.139.93 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.194 (United States)

ASN54113 (FASTLY, US)

ascpqnj-oam.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.38.97 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-38-97.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.75.125 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-75-125.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.246.68.114 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-68-114.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.222.68 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-222-68.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.13.96.71 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4280:cba:636a:40f6:2f6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.129.75 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-129-75.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.242.33.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-33-143.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211a:8400:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.77.141.150 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-141-150.eu-west-1.compute.amazonaws.com

r.scoota.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (Castricum, Netherlands) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.170.214 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-170-214.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.14.121.110 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-14-121-110.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
139	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 140 ade.googlesyndication.com Failed	859 KB
105	doubleclick.net 16 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 cm.g.doubleclick.net — Cisco Umbrella Rank: 202 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 319	474 KB
101	dafiti.com.br dafitistatic.dafiti.com.br — Cisco Umbrella Rank: 440265 static.dafiti.com.br — Cisco Umbrella Rank: 430711 kibana-mkt.dafiti.com.br — Cisco Umbrella Rank: 373968	2 MB
69	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 271	2 MB
28	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 ssl.google-analytics.com — Cisco Umbrella Rank: 352	85 KB
24	dynamicyield.com st.dynamicyield.com — Cisco Umbrella Rank: 7447 cdn.dynamicyield.com — Cisco Umbrella Rank: 7656 async-px.dynamicyield.com — Cisco Umbrella Rank: 7519	64 KB
15	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4370 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 73	2 KB
14	criteo.com 6 redirects gum.criteo.com — Cisco Umbrella Rank: 378 bidder.criteo.com — Cisco Umbrella Rank: 714 mug.criteo.com — Cisco Umbrella Rank: 2719 sslwidget.criteo.com — Cisco Umbrella Rank: 1776 widget.us.criteo.com — Cisco Umbrella Rank: 17226 dis.criteo.com — Cisco Umbrella Rank: 686	21 KB
10	sitelabweb.com colrep.sitelabweb.com — Cisco Umbrella Rank: 8510 session.sitelabweb.com — Cisco Umbrella Rank: 37582	3 KB
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	415 KB
8	adform.net 7 redirects c1.adform.net — Cisco Umbrella Rank: 590 cm.adform.net — Cisco Umbrella Rank: 1244	4 KB
8	spotxchange.com 6 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 709	5 KB
8	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 203 secure.adnxs.com — Cisco Umbrella Rank: 377	9 KB
7	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 571	792 B
7	bidswitch.net 5 redirects x.bidswitch.net — Cisco Umbrella Rank: 277	2 KB
7	onetag-sys.com 5 redirects onetag-sys.com — Cisco Umbrella Rank: 712	2 KB
7	yahoo.com 6 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 265 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439	2 KB
7	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 1218 criteo-sync.teads.tv — Cisco Umbrella Rank: 1888	1 KB
6	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431 r.casalemedia.com — Cisco Umbrella Rank: 1347	5 KB
6	google.de www.google.de — Cisco Umbrella Rank: 6149 adservice.google.de — Cisco Umbrella Rank: 8947	1 KB
6	fastly.net wkxppshj-qx.global.ssl.fastly.net — Cisco Umbrella Rank: 38446 ascpqnj-oam.global.ssl.fastly.net — Cisco Umbrella Rank: 28802	305 KB
5	lijit.com 5 redirects ap.lijit.com — Cisco Umbrella Rank: 589	3 KB
5	instana.io eum.instana.io — Cisco Umbrella Rank: 5586 eum-orange-saas.instana.io — Cisco Umbrella Rank: 4114	10 KB
4	de17a.com 4 redirects d5p.de17a.com — Cisco Umbrella Rank: 4426	1 KB
4	creativecdn.com 3 redirects us.creativecdn.com — Cisco Umbrella Rank: 2646	2 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 765	98 KB
3	tribalfusion.com s.tribalfusion.com Failed a.tribalfusion.com — Cisco Umbrella Rank: 741	2 KB
3	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2292 ad.360yield.com — Cisco Umbrella Rank: 663	1 KB
3	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 725 simage2.pubmatic.com — Cisco Umbrella Rank: 668	2 KB
3	w55c.net 3 redirects pm.w55c.net — Cisco Umbrella Rank: 726	3 KB
3	openx.net us-u.openx.net — Cisco Umbrella Rank: 422 rtb.openx.net — Cisco Umbrella Rank: 1367	769 B
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 625	73 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 357	12 KB
3	confi.com.vc cdn.confi.com.vc — Cisco Umbrella Rank: 401886 analytics-stamp.confi.com.vc — Cisco Umbrella Rank: 413398 Failed	4 KB
3	privacytools.com.br cdn.privacytools.com.br — Cisco Umbrella Rank: 268134	26 KB
3	kanui.com.br 1 redirects kanui.com.br — Cisco Umbrella Rank: 699067 www.kanui.com.br static.kanui.com.br	66 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 510	2 KB
2	scoota.co 2 redirects r.scoota.co — Cisco Umbrella Rank: 31550	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 755 r.turn.com — Cisco Umbrella Rank: 3104	869 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 198	2 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 591	841 B
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2856	207 B
2	480app.com cdn.480app.com — Cisco Umbrella Rank: 9256	465 B
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 596	978 B
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 459	2 KB
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 654	793 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 619 script.hotjar.com — Cisco Umbrella Rank: 769	72 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	182 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 1746	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 585	338 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1398	584 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 957	576 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 6276	550 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 701	435 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 296	265 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 730	714 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2212	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4455	525 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 28098	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2372	183 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 733	145 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1370	883 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2540	274 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 745	235 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 338	140 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1236	99 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 518	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 313	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 563	978 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1865	173 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 34240	608 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2188	255 B
1	datajet.io pond.datajet.io — Cisco Umbrella Rank: 353117	249 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 105	185 B
1	33across.com ssc-cms.33across.com — Cisco Umbrella Rank: 877	73 B
1	cloudfront.net d34e3zwe3zzpan.cloudfront.net	11 KB
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	3 KB
1	dwin1.com www.dwin1.com — Cisco Umbrella Rank: 3662	10 KB
1	gstatic.com fonts.gstatic.com	25 KB
1	compreconfie.com.br selo.compreconfie.com.br — Cisco Umbrella Rank: 147757	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	1 KB
618	81

	Domain	Requested by
91	pagead2.googlesyndication.com	eum.instana.io tpc.googlesyndication.com 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com s0.2mdn.net
79	dafitistatic.dafiti.com.br	www.kanui.com.br static.dafiti.com.br www.googletagmanager.com
69	s0.2mdn.net	www.kanui.com.br s0.2mdn.net
69	cm.g.doubleclick.net	16 redirects googleads.g.doubleclick.net 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
39	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com s0.2mdn.net
26	www.google-analytics.com	www.kanui.com.br www.googletagmanager.com www.google-analytics.com eum.instana.io
21	async-px.dynamicyield.com	eum.instana.io cdn.dynamicyield.com
21	static.dafiti.com.br	www.kanui.com.br static.dafiti.com.br
17	googleads.g.doubleclick.net	www.googletagmanager.com 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com pagead2.googlesyndication.com
12	googleads4.g.doubleclick.net	www.kanui.com.br
12	www.google.com	tpc.googlesyndication.com 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
9	01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
9	www.googletagservices.com	www.kanui.com.br 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
8	sync.search.spotxchange.com	6 redirects googleads.g.doubleclick.net
8	colrep.sitelabweb.com	www.kanui.com.br
7	rtb-csync.smartadserver.com	googleads.g.doubleclick.net
7	x.bidswitch.net	5 redirects 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
7	onetag-sys.com	5 redirects 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
7	c1.adform.net	7 redirects
7	gum.criteo.com	5 redirects static.criteo.net
6	sync.teads.tv	2 redirects googleads.g.doubleclick.net 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
5	ap.lijit.com	5 redirects
5	ups.analytics.yahoo.com	4 redirects
5	wkxppshj-qx.global.ssl.fastly.net	www.kanui.com.br eum.instana.io wkxppshj-qx.global.ssl.fastly.net
4	secure.adnxs.com	3 redirects
4	d5p.de17a.com	4 redirects
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	eum-orange-saas.instana.io	eum.instana.io
4	securepubads.g.doubleclick.net	www.googletagservices.com eum.instana.io
4	www.google.de
4	us.creativecdn.com	3 redirects
4	analytics.tiktok.com	www.kanui.com.br analytics.tiktok.com
3	a.tribalfusion.com	01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
3	pm.w55c.net	3 redirects
3	stats.g.doubleclick.net	eum.instana.io www.googletagmanager.com
3	static.criteo.net	www.googletagmanager.com dafitistatic.dafiti.com.br eum.instana.io
3	bat.bing.com	www.kanui.com.br bat.bing.com
3	cdn.privacytools.com.br	www.kanui.com.br eum.instana.io
2	sync.1rx.io	2 redirects
2	r.scoota.co	2 redirects
2	dpm.demdex.net	1 redirects
2	dis.criteo.com
2	sync-tm.everesttech.net	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	match.360yield.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	dclk-match.dotomi.com	01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
2	cdn.480app.com	www.kanui.com.br
2	pixel-sync.sitescout.com	2 redirects
2	sync.mathtag.com	2 redirects
2	cms.quantserve.com	1 redirects 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
2	us-u.openx.net	googleads.g.doubleclick.net
2	session.sitelabweb.com	eum.instana.io
2	mug.criteo.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	ssl.google-analytics.com	www.kanui.com.br
2	www.googletagmanager.com	www.kanui.com.br www.googletagmanager.com
2	cdn.dynamicyield.com	st.dynamicyield.com eum.instana.io
2	cdn.confi.com.vc	selo.compreconfie.com.br www.kanui.com.br
1	s.thebrighttag.com
1	beacon.krxd.net
1	rtb.openx.net	01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
1	dsp.adfarm1.adition.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	r.turn.com
1	ad.turn.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	match.adsrvr.org	01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
1	um.simpli.fi	1 redirects
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	ad.360yield.com
1	r.casalemedia.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	ssum-sec.casalemedia.com	1 redirects
1	ascpqnj-oam.global.ssl.fastly.net	www.kanui.com.br
1	tr.blismedia.com	01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
1	widget.us.criteo.com
1	sslwidget.criteo.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	bidder.criteo.com	eum.instana.io
1	vc.hotjar.io	eum.instana.io
1	pond.datajet.io	eum.instana.io
1	region1.analytics.google.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	www.facebook.com
1	ssc-cms.33across.com
1	d34e3zwe3zzpan.cloudfront.net	www.kanui.com.br
1	kibana-mkt.dafiti.com.br	www.googletagmanager.com
1	connect.facebook.net	www.kanui.com.br
1	static.hotjar.com	www.googletagmanager.com
1	www.dwin1.com	www.googletagmanager.com
1	analytics-stamp.confi.com.vc	selo.compreconfie.com.br
1	fonts.gstatic.com	fonts.googleapis.com
1	st.dynamicyield.com	www.kanui.com.br
1	static.kanui.com.br	www.kanui.com.br
1	selo.compreconfie.com.br	www.kanui.com.br
1	fonts.googleapis.com	www.kanui.com.br
1	eum.instana.io	www.kanui.com.br
1	www.kanui.com.br
1	kanui.com.br	1 redirects
0	ade.googlesyndication.com Failed	securepubads.g.doubleclick.net
0	s.tribalfusion.com Failed	01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
618	119

This site contains links to these domains. Also see Links.

Domain
secure.kanui.com.br
dafitistatic.dafiti.com.br
www.dafitigroup.com
confi.com.vc
alias.eureciclo.com.br
www.facebook.com
www.instagram.com
twitter.com

Subject Issuer	Validity	Valid
*.kanui.com.br GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-05-30` - `2023-06-23`	a year	crt.sh
*.instana.io DigiCert TLS RSA SHA256 2020 CA1	`2022-10-17` - `2023-11-17`	a year	crt.sh
*.dafiti.com.br GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-05-30` - `2023-06-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
selo.compreconfie.com.br DigiCert TLS RSA SHA256 2020 CA1	`2022-09-07` - `2023-09-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-09-01` - `2023-09-01`	a year	crt.sh
*.dynamicyield.com Amazon RSA 2048 M02	`2023-02-28` - `2023-10-17`	8 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.confi.com.vc Go Daddy Secure Certificate Authority - G2	`2022-09-05` - `2023-10-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.dwin1.com Amazon RSA 2048 M02	`2023-02-28` - `2023-12-01`	9 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M02	`2023-02-28` - `2023-11-23`	9 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-09`	2 months	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-02-05` - `2024-03-08`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
dafiti.com.br Amazon RSA 2048 M01	`2023-03-01` - `2024-01-24`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-10` - `2023-04-10`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.datajet.io Amazon RSA 2048 M02	`2023-02-09` - `2023-11-01`	9 months	crt.sh
*.hotjar.io Amazon RSA 2048 M01	`2023-02-23` - `2023-08-16`	6 months	crt.sh
*.sitelabweb.com Go Daddy Secure Certificate Authority - G2	`2022-05-08` - `2023-04-13`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
cdn.480app.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-07-22` - `2023-08-23`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-02-12` - `2023-05-13`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M01	`2023-02-10` - `2023-06-11`	4 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-02-14` - `2023-07-28`	5 months	crt.sh
itm.ivitrack.com R3	`2023-02-03` - `2023-05-04`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M01	`2023-02-11` - `2023-08-04`	6 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M02	`2023-02-10` - `2023-07-01`	5 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh

This page contains 52 frames:

Primary Page: https://www.kanui.com.br/
Frame ID: BF4BE86BA1494EE51E3436715DB16E8B
Requests: 238 HTTP requests in this frame

Frame: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8D6D37C8FE5A5DDFE0D5FEF416A1B9F6
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.kanui.com.br&origin=onetag
Frame ID: 7F92696B79E73703C06D818E88EB1D24
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1B163471C76208106BD87929946C9E40
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 215A16EA14A81FA16363F9FF30443F8C
Requests: 2 HTTP requests in this frame

Frame: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3C870678A58E9F1439147AEF21B2B2A9
Requests: 20 HTTP requests in this frame

Frame: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 70C96AC2E8E6B14A7730E72468C4485B
Requests: 20 HTTP requests in this frame

Frame: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A7976F6738117D05EB678022568D9EB8
Requests: 20 HTTP requests in this frame

Frame: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 16ED82C33496C0613199766149456FCA
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjkifncATAB&v=APEucNWq14ms67SqgF8DbeL5eynrHBrMgUpKDZgagai5KjeOKJPKVhzZjLi2EwTGk4CZYeSiX68MDn6Qz4GynrCDycRJQEKZ_e3Qlc-mlG3Gy4qEjJn-zE1ZYZyXoYUgxFZ3IcmZiAp3ehd2Xfv1fU-LP9KYn7OaVx3ZTh7v6LJxPZTIF0NOrf8
Frame ID: 98DD7A89CBC8727526959C2177BE34C9
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj5oqp5MAE&v=APEucNUgeFB-aTvvHdbJObHJ5heuGjfDU4tcTZPAXVWY1c4uIMMcmensNj5cTf2POsfYuOihfxDIptLO_c-tKMHZaveGF39J9R4ASvrxxKkzdlIO9mZ5JnJpdDWa84hsodIPSvsPHqqmkZeo_qzlZBnw-Ue_AAlGoUfm6UpVJ_jV9CcAaHJx6pA
Frame ID: 72E0EEC0F768111CA141E686C0B9F599
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj5oqp5MAE&v=APEucNXG4o_uIJLkYem8tgIVQNQ6bAYgdmkYj-R2MrP03a7Lwp6SsAVqwluOX9l-K5RZ1lxICxTBo9E8jTmYa1DTyI03oLpyqn6PzO0uwMDamFfkYdzi22mRihbfTEBAAnZWI4COaYvUZmynH8RQEa0Bxt7ql0o1Zc9GLkIk46XL0gBHHwoinsM
Frame ID: B2C8D49EE238FA2D5B54D1F9A4D4C41A
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj5oqp5MAE&v=APEucNUKl6XgaPLJ8fJPhK2_uMQXL2Z718nm9ki0g7qDr5F3_Pcrz2zvR5N0OlGVzMjxyuFYA-E5Ly7tsh3PLfQj7bbCC82BK88WwhzUUXy-srPMpLI-A52hGtYGXfwv9THsHFeGtPo6EVRYxZkyPRR7ciIpABYOM3dUSW52bRq04G-cMC9g5IY
Frame ID: 8A451CE95FE0B039297B116ED4624193
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 97FD08725417E7379D3D21EF272965F7
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 776B93EC5B3A9594AC647E60489D3992
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C70270DD48BA1FCE2B5B64F8AD74EC21
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 513E0A5E3B5EB756AFEDA5DA842D6381
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1742C87D308D2D8D2940A4F204317F07
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 90FF2EB31C084153F75204EFC8081008
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B70E81A681CD0B5C23C895CB8EFD13CB
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=LBsomf4waO&t=1&renderingType=2&ev=01_247
Frame ID: DAD2B64A06212A304886E7BAC222E98D
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=9iIKUIe4Ta&t=1&renderingType=2&ev=01_247
Frame ID: 2B7EDC8270B5C7D957AFEE58D09FB3E1
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=4AnNLuKT7l&t=1&renderingType=2&ev=01_247
Frame ID: 229A9CB7F46F204F40E3BA49A411C827
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=GAOXdyiT15&t=1&renderingType=2&ev=01_247
Frame ID: 8F4A5BC30A34209CF62CD6D517B1DF95
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8C475E4EBCC502E9FEFEDA6E427D6067
Requests: 2 HTTP requests in this frame

Frame: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6E0A8416F31B4B1D3EDD392FE0FC5CA3
Requests: 19 HTTP requests in this frame

Frame: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CE543ECFB626E8C3C16B5C0E58DCCB83
Requests: 19 HTTP requests in this frame

Frame: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 12E377068137874C4FD3C0FFE87611AE
Requests: 19 HTTP requests in this frame

Frame: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 37911D40E498E5856A85BC9470EE74D6
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjkifncATAB&v=APEucNVgIo6a9bK4rTcDM0LJ6AVRqy5i1-f3HB_ogd3ELYeH-r1pLnO3WtxgwwYaRr1azo6hFC0BXZruR850ND2eL64WKzJm-pgBrlEiW7lhXNjcOgj7tXyPHOR6X3-uHE6quSer4g5sp-ZRPCwah1TABOwE59EMhnIla0o85PebR3JDHtLSiQw
Frame ID: FAEF1766EAED50AE381C4F12D477C5CA
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGPTP3d4BMAE&v=APEucNUqrUeNvFQw-F_R5piVuHcH58EjaYNyfuvFD6Z8CPJ_hjQbu_5E_QIwgfK3b52Ac7UqOs1NaJ5mWWTq2ZOrcOK2wGhRp_U7DeFAyDKrdKSaA5zp04l2iWobrseMT_F5Owpgqo_zwGiPD-aIDbzLCZ5vtGnzzW_NM5KQ4N-KqX5kGQBTUxI
Frame ID: 9C39C95E6A30CA476A165CD0D0876068
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj5oqp5MAE&v=APEucNV27MlQMYSYr_yeYJWB5Uz36paHXh3VOlVj5wePuRMotRXr3n6lILeZM2pDtzHE4kjNpYWYE1EqWv97N1a2nuiKSksFEPY3SbJaue7Lw3MeSXmB9klE_QJaYNZ3XQQngiM6iv9RcoWq16W3o8YC2BEyldMuw89j85UyTwi0foNQI-YmST8
Frame ID: 97478B18083D420838AFE684E20BD68B
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj5oqp5MAE&v=APEucNU-EV34fYJD8WWLEaoxwDRlVX-oQEWYSUC8jToBse3cLiW8TRohIGX61dLsXY8CEPnILT9AtWF18xSk-9g44nNi11MTMNUJAjp9kB_mePDr5g5j-hStG7umkF73YIFkhV-9gEsBFWZqyOnk5Jwy7sv0OkTCZWputB4nVLHqE2sXKqDEM0A
Frame ID: B4C44FC5D064E71FE8B67CA45D7327CD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FD658E157FCBE34F845707A31B232386
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=sxmYLT0KD1&t=1&renderingType=2&ev=01_247
Frame ID: 158125891AC6788FD5B44210D5019D06
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: ED668261177582DCE32E017420BE55E2
Requests: 3 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-3tEdWlcmXfC6bn1jvdKWSs9fOv3iFq34VpAxBg&expires=30
Frame ID: FD84216E5335548891363169958E0C9D
Requests: 27 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 62DF5D5988102FF8BDA94B439BE34F62
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D96480C820841F4D0956D17D265FDEAB
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=KsF69dJw7x&t=1&renderingType=2&ev=01_247
Frame ID: 2F1814D682896F15DCC43F39D79C8C9B
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 72CA75BCF90D30D6A1178E71CA019E17
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=pJzTncXvUy&t=1&renderingType=2&ev=01_247
Frame ID: A6A12AB7F2C0341D3C0A6C698DD4C0F3
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=kNUwJd80MJ&t=1&renderingType=2&ev=01_247
Frame ID: AD0F90D9586F1579EF21673F5D707B9E
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D4A113DA22DEFC415AD44BC7431FF050
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3F6855E9BDBD69D46E94ADACBB5ADD0C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2574FF9B8B746C6EA23BBAAF159BADDE
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js
Frame ID: 68E27AC6F35A742FF01D9AB6042BE630
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js
Frame ID: AC100838151F9E8F106F5850A6D725DA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js
Frame ID: 9D328D1605557F494971365AE6F6C972
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js
Frame ID: 5FF7D5AB48AF4F895B9B46BBEFAE50D0
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.kanui.com.br
Frame ID: 296B488582DD4C1E3233C7C5A6586E4E
Requests: 2 HTTP requests in this frame

Frame: https://colrep.sitelabweb.com/chpdata/
Frame ID: 40C562D773FAA383F69959D9A6122A72
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kanui | Ofertas - Tênis, Roupas Esportivas, Acessórios e Mais.FavoritosCarrinho

Page URL History Show full URLs

http://kanui.com.br/ HTTP 301
https://www.kanui.com.br/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AWIN (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

dwin1\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Dynamic Yield (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

cdn\.dynamicyield\.\w+/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

618
Requests

86 %
HTTPS

31 %
IPv6

81
Domains

119
Subdomains

89
IPs

16
Countries

7147 kB
Transfer

16090 kB
Size

108
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.kanui.com.br/customer/account/login/
Title: Entrar

Search URL Search Domain Scan URL

URL: https://secure.kanui.com.br/customer/account/home/
Title: Olá, !

Search URL Search Domain Scan URL

URL: https://secure.kanui.com.br/customer/order/index/
Title: Meus Pedidos

Search URL Search Domain Scan URL

URL: https://secure.kanui.com.br/customer/order/listforexchange/
Title: Trocas e Devoluções

Search URL Search Domain Scan URL

URL: https://secure.kanui.com.br/customer/wishlist/index/
Title: Meus Favoritos

Search URL Search Domain Scan URL

URL: https://secure.kanui.com.br/customer/account/list/
Title: Informações de Conta

Search URL Search Domain Scan URL

URL: https://secure.kanui.com.br/customer/address/index/
Title: Meus Endereços

Search URL Search Domain Scan URL

URL: https://secure.kanui.com.br/customer/account/logout/
Title: Sair

Search URL Search Domain Scan URL

URL: https://secure.kanui.com.br/cart/
Title: Carrinho

Search URL Search Domain Scan URL

URL: https://dafitistatic.dafiti.com.br/stores-tests/docs-shops/Contrato-de-Compra-e-Venda-Kanui.pdf
Title: Contrato de Compra e Venda

Search URL Search Domain Scan URL

URL: https://www.dafitigroup.com/politica-de-privacidade/
Title: Política de Privacidade

Search URL Search Domain Scan URL

URL: https://www.dafitigroup.com/termos-de-uso
Title: Termos de uso

Search URL Search Domain Scan URL

URL: https://www.dafitigroup.com/
Title: Sobre o Dafiti Group

Search URL Search Domain Scan URL

URL: https://www.dafitigroup.com/oportunidades
Title: Trabalhe Conosco

Search URL Search Domain Scan URL

URL: https://www.dafitigroup.com/nossos-fornecedores
Title: Nossos fornecedores

Search URL Search Domain Scan URL

URL: https://www.dafitigroup.com/sustentabilidade
Title: Sustentabilidade

Search URL Search Domain Scan URL

URL: https://confi.com.vc/lojas-confiaveis/detalhes?id=102462

Search URL Search Domain Scan URL

URL: https://alias.eureciclo.com.br/consumidores

Search URL Search Domain Scan URL

URL: https://www.facebook.com/kanuibr

Search URL Search Domain Scan URL

URL: https://www.instagram.com/kanuibr/

Search URL Search Domain Scan URL

URL: https://twitter.com/KanuiBR

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kanui.com.br/ HTTP 301
https://www.kanui.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 146

https://us.creativecdn.com/tags?type=img&id=pr_IPLlnE0J1CFYQ2Frojl7&ncm=1&id=pr_IPLlnE0J1CFYQ2Frojl7_uid_&su=https%3A%2F%2Fwww.kanui.com.br%2F%3Fsr%3D&ts=1677744508455 HTTP 302
https://us.creativecdn.com/tags?type=img&id=pr_IPLlnE0J1CFYQ2Frojl7&ncm=1&id=pr_IPLlnE0J1CFYQ2Frojl7_uid_&su=https%3A%2F%2Fwww.kanui.com.br%2F%3Fsr%3D&ts=1677744508455&tc=1

Request Chain 147

https://us.creativecdn.com/tags?type=img&id0=pr_IPLlnE0J1CFYQ2Frojl7_uid_&id=pr_IPLlnE0J1CFYQ2Frojl7_home&su=https%3A%2F%2Fwww.kanui.com.br%2F%3Fsr%3D&ts=1677744508456 HTTP 302
https://us.creativecdn.com/tags?type=img&id0=pr_IPLlnE0J1CFYQ2Frojl7_uid_&id=pr_IPLlnE0J1CFYQ2Frojl7_home&su=https%3A%2F%2Fwww.kanui.com.br%2F%3Fsr%3D&ts=1677744508456&tc=1 HTTP 302
https://ssc-cms.33across.com/ps/?us_privacy=USP&xi=52&xu=pBx2Rh5v81QnQ50yKtj2

Request Chain 203

https://gum.criteo.com/sid/json?origin=onetag&domain=kanui.com.br&sn=ChromeSyncframe&so=0&topUrl=www.kanui.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=_AzRZHxQVWVXMVcyeDg0b25DTTJVK3ZZdEdnVFVJdVBiOWhMTnZtNmJCV09PNm1SbWtkV2d2MVUyNFZwY3YwRXMwWFhoSGV3MnZ2RUN3dDF6VWFmT0dGNElWamEyVHVVZHYycGlVUzkyOTdMSHh6RHAyWHlYV3hrelBaSnpUNlJTS01WeDdlZmNESDBaL2RmT3RTZ2dXSElUZE1vNnlIKzZoVnRqMVhPbjV0RG5CcTJvSlA5b09IbkdjYTlhN0FGallQa01TUk12ZFMyTzBqKy9XVUJlQXZQem0wTDRXK1VwUncvZGFjTlFTMnZEdG5qU0FVRGE5NW5xcU94dmRjbTdXN2YzKzFMT2hkNXZKWlNSUWFwMGdMQ256Zz09fA&cppv=2

Request Chain 247

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGWw2blSMZNL_Q-LfNq9iM&google_cver=1

Request Chain 248

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZABZfRnE7DVKtaD5T6KZGAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGWw2blSMZNL_Q-LfNq9iM&google_cver=1

Request Chain 249

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMgEbTRSRRK7BdVQJY4PTaU&google_cver=1

Request Chain 250

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA0MTc1MjA0MTQ2NDc5NzA1OQ%3D%3D

Request Chain 251

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPBE3woYCHUk9nvQHm7zO8E&google_cver=1

Request Chain 253

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEO8WOK3KP5vLWoMdJB1Ftso&google_cver=1

Request Chain 258

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAD9SCjv0CYRYvWGX64KhC4&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAD9SCjv0CYRYvWGX64KhC4&google_cver=1&__user_check__=1&sync_id=6acd437a-b8d1-11ed-b09d-16a7f9820306

Request Chain 259

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=6ac8589e-b8d1-11ed-8082-14d534130106 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NmFjODU4M2ItYjhkMS0xMWVkLTgwODItMTRkNTM0MTMwMTA2

Request Chain 260

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS0zNU1tQUI5RTJ1RnVOVDUyMzhGcjFuS3ZlRnVrVjR4VH5B

Request Chain 261

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAD9SCjv0CYRYvWGX64KhC4&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAD9SCjv0CYRYvWGX64KhC4&google_cver=1&__user_check__=1&sync_id=6ad1f07b-b8d1-11ed-a37f-1a377c5d0206

Request Chain 262

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=6acb1ec0-b8d1-11ed-931e-1e5bf6c20206 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NmFjZDQzMmEtYjhkMS0xMWVkLWIwOWQtMTZhN2Y5ODIwMzA2

Request Chain 263

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS0zNU1tQUI5RTJ1RnVOVDUyMzhGcjFuS3ZlRnVrVjR4VH5B

Request Chain 297

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEO8llZSdtmEclcsUMixYK4E&google_cver=1&google_push=Aa02lx_THuqQ0HD1VA_r02MJET69C6JsLubNPvnDUDyO-sXYLPs4BtYeKiwvYzYztaL7GKarorxh_6XPyUT61eojOiEyol57SIxT HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_THuqQ0HD1VA_r02MJET69C6JsLubNPvnDUDyO-sXYLPs4BtYeKiwvYzYztaL7GKarorxh_6XPyUT61eojOiEyol57SIxT

Request Chain 298

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEDM9xBvTF_6DMAu_KAFMgAc&google_cver=1&google_push=Aa02lx-PCXrXIwvoDLFYp8eXm0iFy8ZDrl_k450l50fJ1Hdr5nvumg-ojADlc-asCKZ3lOUvkGnx897vNYJLohWVRpF0SemN-SDr HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEDM9xBvTF_6DMAu_KAFMgAc&google_cver=1&google_push=Aa02lx-PCXrXIwvoDLFYp8eXm0iFy8ZDrl_k450l50fJ1Hdr5nvumg-ojADlc-asCKZ3lOUvkGnx897vNYJLohWVRpF0SemN-SDr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=T7g2qhTGSKuFvm2SC1W8HGQAWX0

Request Chain 299

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEsXUVsFqkGp_6krvlffYp0&google_cver=1&google_push=Aa02lx_WKAOsyTNcpfTbBZal_mGvBhc2XD9OE7XP0X1cHdxoTonmvBmgMBODpIVC6WoW6cn8yD4QsICNxhmvAaluxg8YC5YSG39U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx_WKAOsyTNcpfTbBZal_mGvBhc2XD9OE7XP0X1cHdxoTonmvBmgMBODpIVC6WoW6cn8yD4QsICNxhmvAaluxg8YC5YSG39U&google_hm=FeQGs1vEQFG27LSJGGuz3YY

Request Chain 300

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMCs1XTEidWjxYPLqImpmyU&google_cver=1&google_push=Aa02lx9NjzMTO8psEBF8fjUUnIsnnvvINh0ZwGtkXIAz4WhmpisCZY90xToX-jDGTMyOI5Lx4C42wXSxhiU2qxIggxxhfLoawCzx HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMCs1XTEidWjxYPLqImpmyU&google_cver=1&google_push=Aa02lx9NjzMTO8psEBF8fjUUnIsnnvvINh0ZwGtkXIAz4WhmpisCZY90xToX-jDGTMyOI5Lx4C42wXSxhiU2qxIggxxhfLoawCzx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzYxMzcxNTc0MDQyMTc3OTQ5MA&google_push=Aa02lx9NjzMTO8psEBF8fjUUnIsnnvvINh0ZwGtkXIAz4WhmpisCZY90xToX-jDGTMyOI5Lx4C42wXSxhiU2qxIggxxhfLoawCzx

Request Chain 301

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMCs1XTEidWjxYPLqImpmyU&google_cver=1&google_push=Aa02lx9GRxLAZ4-61FESfEo9Sg5f4DCToSTTmPRskYmbwOzIFoOzRz7mhdrzoGDSJiEiL_lFVF8hhBhvI5qIRdQO7f-Fm9PE_kg HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMCs1XTEidWjxYPLqImpmyU&google_cver=1&google_push=Aa02lx9GRxLAZ4-61FESfEo9Sg5f4DCToSTTmPRskYmbwOzIFoOzRz7mhdrzoGDSJiEiL_lFVF8hhBhvI5qIRdQO7f-Fm9PE_kg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQ1NTExMDk0NjY5NTY4NzI3OQ&google_push=Aa02lx9GRxLAZ4-61FESfEo9Sg5f4DCToSTTmPRskYmbwOzIFoOzRz7mhdrzoGDSJiEiL_lFVF8hhBhvI5qIRdQO7f-Fm9PE_kg

Request Chain 302

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEK1DtALz0RqLw3Z1nFZjM8o&google_cver=1&google_push=Aa02lx_zSLnFSrrpJOtfZBwwYo8Ea52PHupr2_tZomXhDO5eCWkESudrpazvxM_VJjr4_H6bmIz-m0BKN8T_hAYC2zgvkKr42MPi HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEK1DtALz0RqLw3Z1nFZjM8o&google_cver=1&google_push=Aa02lx_zSLnFSrrpJOtfZBwwYo8Ea52PHupr2_tZomXhDO5eCWkESudrpazvxM_VJjr4_H6bmIz-m0BKN8T_hAYC2zgvkKr42MPi&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_zSLnFSrrpJOtfZBwwYo8Ea52PHupr2_tZomXhDO5eCWkESudrpazvxM_VJjr4_H6bmIz-m0BKN8T_hAYC2zgvkKr42MPi&google_hm=GPfosGZHN9Nl8nW5Rda9EyYp

Request Chain 304

https://sslwidget.criteo.com/event?a=4236&v=5.13.0&p0=e%3Dexd%26ci%3D%26prmEmailYes%3D1%26site_type%3Dd&p1=e%3Dvh%26si%3D1&p2=e%3Ddis&adce=1&bundle=Mo7RnF9idiUyQlV5YXNuclJEVCUyRkI2RDdFVGdrbTJKQTVod3J1aDN5Z256QXJUdDBURjBpU1l5dSUyRlprNSUyRloxdnVBRVllSjB2dkNsOGxDMDBXcU1sbFdvT0ozQWM0UGYyZmdRTTBEZnhWYUNjUlZTRXJMdHlLS3BzRCUyRmhOekJKTTdQeGhDaGV3cDRHV1gxR0lQNldFJTJGV3FTRVFMaWclM0QlM0Q&tld=kanui.com.br&fu=https%253A%252F%252Fwww.kanui.com.br%252F&dtycbr=48895 HTTP 302
https://widget.us.criteo.com/event?a=4236&v=5.13.0&p0=e%3Dexd%26ci%3D%26prmEmailYes%3D1%26site_type%3Dd&p1=e%3Dvh%26si%3D1&p2=e%3Ddis&adce=1&bundle=Mo7RnF9idiUyQlV5YXNuclJEVCUyRkI2RDdFVGdrbTJKQTVod3J1aDN5Z256QXJUdDBURjBpU1l5dSUyRlprNSUyRloxdnVBRVllSjB2dkNsOGxDMDBXcU1sbFdvT0ozQWM0UGYyZmdRTTBEZnhWYUNjUlZTRXJMdHlLS3BzRCUyRmhOekJKTTdQeGhDaGV3cDRHV1gxR0lQNldFJTJGV3FTRVFMaWclM0QlM0Q&tld=kanui.com.br&fu=https%253A%252F%252Fwww.kanui.com.br%252F&dtycbr=48895

Request Chain 321

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMO-IXjkwGipxXgQANM7j7A&google_cver=1&google_push=Aa02lx_ZnRuPeTML95wizc8ziRv4US4klWSGKEpqFaSqiy3eRU80nhiZq0pAbwgmeyueo_ZA5VqTKStAiK7kWiIMBqUMSr229w HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMO-IXjkwGipxXgQANM7j7A&google_cver=1&google_push=Aa02lx_ZnRuPeTML95wizc8ziRv4US4klWSGKEpqFaSqiy3eRU80nhiZq0pAbwgmeyueo_ZA5VqTKStAiK7kWiIMBqUMSr229w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=N1hoWkhiUXgxUHhEWms1&google_gid=CAESEMO-IXjkwGipxXgQANM7j7A&google_cver=1&google_push=Aa02lx_ZnRuPeTML95wizc8ziRv4US4klWSGKEpqFaSqiy3eRU80nhiZq0pAbwgmeyueo_ZA5VqTKStAiK7kWiIMBqUMSr229w

Request Chain 322

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEN3weGuwmOotzxYoIf9awoY&google_cver=1&google_push=Aa02lx8RKwzPhS5XZ38-bvOVtlAoUNIgnQgyEIHDX7WYBjT1_W10kUyJYjojlOCCUOWVyuojcQp2EirOiIvToahwuq1uyoLv3_w HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEN3weGuwmOotzxYoIf9awoY&google_cver=1&google_push=Aa02lx8RKwzPhS5XZ38-bvOVtlAoUNIgnQgyEIHDX7WYBjT1_W10kUyJYjojlOCCUOWVyuojcQp2EirOiIvToahwuq1uyoLv3_w&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sceCJEHPQdGC_XO6es-Wgg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx8RKwzPhS5XZ38-bvOVtlAoUNIgnQgyEIHDX7WYBjT1_W10kUyJYjojlOCCUOWVyuojcQp2EirOiIvToahwuq1uyoLv3_w

Request Chain 323

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEK1DtALz0RqLw3Z1nFZjM8o&google_cver=1&google_push=Aa02lx9sQ9VsQJBPPZwFuujyQGi_8xv8QU3x0buuT9tn-VQdZRNugG3qbwMS0ZIbX9p91gybGve7IFDaLbUt0_OJ7hIGpQ0KuGc HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9sQ9VsQJBPPZwFuujyQGi_8xv8QU3x0buuT9tn-VQdZRNugG3qbwMS0ZIbX9p91gybGve7IFDaLbUt0_OJ7hIGpQ0KuGc&google_hm=GPfosGZHN9Nl8nW5Rda9EyYp

Request Chain 324

https://match.360yield.com/match/ebda?google_gid=CAESEFBtOeUVixqIny7s2E-uYP4&google_cver=1&google_push=Aa02lx_CxAyGfDjzIh-QdJMIA01dpiK8avzCoOyilYxeiJ544k1zoy29X6ZmqHr_E5xODctfmhQI0OWDgZdjF_3E6s2Jtlkdp4Y HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEFBtOeUVixqIny7s2E-uYP4&google_cver=1&google_push=Aa02lx_CxAyGfDjzIh-QdJMIA01dpiK8avzCoOyilYxeiJ544k1zoy29X6ZmqHr_E5xODctfmhQI0OWDgZdjF_3E6s2Jtlkdp4Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ppKoB0PpRDSYgtupVqwACA&google_push=Aa02lx_CxAyGfDjzIh-QdJMIA01dpiK8avzCoOyilYxeiJ544k1zoy29X6ZmqHr_E5xODctfmhQI0OWDgZdjF_3E6s2Jtlkdp4Y

Request Chain 325

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBXRAGyAcwr-wX6Pf6OiM7U&google_cver=1&google_push=Aa02lx-CAF2QXS8q9wVI24OXqOFFBK_s7d4q4Ntv2MW0D4MG7G_Au6doZECq5kXDHWr-GBeGknfpiCKyDo_DzSHBlLbZTPSUyYpx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-CAF2QXS8q9wVI24OXqOFFBK_s7d4q4Ntv2MW0D4MG7G_Au6doZECq5kXDHWr-GBeGknfpiCKyDo_DzSHBlLbZTPSUyYpx HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 326

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFemk3s7q1v90qwMqzeiUvY&google_cver=1&google_push=Aa02lx-aJ2P5lHaaMYvuvsDZsWe8xt9XyeLkoAZz9sJTT6HWlBoHIxv7UQyns3lI5xxbMh3r4SR3TC8q-7rjQuxz4-ZkOhGbzwO- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx-aJ2P5lHaaMYvuvsDZsWe8xt9XyeLkoAZz9sJTT6HWlBoHIxv7UQyns3lI5xxbMh3r4SR3TC8q-7rjQuxz4-ZkOhGbzwO- HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 328

https://a.tribalfusion.com/i.match?p=b6&u=CAESEP0_0_9pZ3iZnTXVgogR0fs&google_cver=1&google_push=Aa02lx93f2uZo5YhWwSuzQZbYbN0bdjYOXNoN8i49cv1iOzGq7N9SQyY1hEhWk2Tl2TR3yD_sCW6i0Flk17sk1yrceM0HQcb-xYn&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx93f2uZo5YhWwSuzQZbYbN0bdjYOXNoN8i49cv1iOzGq7N9SQyY1hEhWk2Tl2TR3yD_sCW6i0Flk17sk1yrceM0HQcb-xYn%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEP0_0_9pZ3iZnTXVgogR0fs&google_cver=1&google_push=Aa02lx93f2uZo5YhWwSuzQZbYbN0bdjYOXNoN8i49cv1iOzGq7N9SQyY1hEhWk2Tl2TR3yD_sCW6i0Flk17sk1yrceM0HQcb-xYn&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx93f2uZo5YhWwSuzQZbYbN0bdjYOXNoN8i49cv1iOzGq7N9SQyY1hEhWk2Tl2TR3yD_sCW6i0Flk17sk1yrceM0HQcb-xYn%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 329

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJfLcmFWkowDAxE74bZzIKE&google_cver=1&google_push=Aa02lx8I5qV3m35xeVNzaHRJJJ5jgf6Pr2Tu_I6YZozgwgNyt_xGesGfVS8H-Xb0w_dTY4k_hdEGGwVIbWtIiKM1qqIHA86nH5LB HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8I5qV3m35xeVNzaHRJJJ5jgf6Pr2Tu_I6YZozgwgNyt_xGesGfVS8H-Xb0w_dTY4k_hdEGGwVIbWtIiKM1qqIHA86nH5LB&google_hm=eS1rWXZ0aTNaRTJwRktsTGhQR1RIeHZTbWsuYWMxRjMzOX5B

Request Chain 330

https://d5p.de17a.com/cookies/google?google_gid=CAESEFGPTpqiUfrrzVnFGd6UZck&google_cver=1&google_push=Aa02lx8FxX4LPKZAdGI1NA4gpnCiTpjUopx0t55YGGPFa_qg5rPQCuj8XqLPVB2O1P1WYgIns9fQqkFjR_kRHQjEwNXEQHWRmcQq HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFGPTpqiUfrrzVnFGd6UZck&google_cver=1&google_push=Aa02lx8FxX4LPKZAdGI1NA4gpnCiTpjUopx0t55YGGPFa_qg5rPQCuj8XqLPVB2O1P1WYgIns9fQqkFjR_kRHQjEwNXEQHWRmcQq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx8FxX4LPKZAdGI1NA4gpnCiTpjUopx0t55YGGPFa_qg5rPQCuj8XqLPVB2O1P1WYgIns9fQqkFjR_kRHQjEwNXEQHWRmcQq

Request Chain 331

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMCs1XTEidWjxYPLqImpmyU&google_cver=1&google_push=Aa02lx8lzUohZ13rbsFpPYfGTZD5-XfT_xU9qMcCqD5nJVjku3w6bzLVXqRTcCmWGak-gcFoy_SKtjDKNGGzJwZEcLVR_UP6iKk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzYxMzcxNTc0MDQyMTc3OTQ5MA&google_push=Aa02lx8lzUohZ13rbsFpPYfGTZD5-XfT_xU9qMcCqD5nJVjku3w6bzLVXqRTcCmWGak-gcFoy_SKtjDKNGGzJwZEcLVR_UP6iKk

Request Chain 332

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEK1DtALz0RqLw3Z1nFZjM8o&google_cver=1&google_push=Aa02lx8--R9TeQl9Sp3EkAUi3CdN9--_TvQSqD2CC7_0O1sJGRI1TJxsdxrCbpubrRUfkZr-QCYwDvufNZ0s7fvD0frGdd0LKJE HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx8--R9TeQl9Sp3EkAUi3CdN9--_TvQSqD2CC7_0O1sJGRI1TJxsdxrCbpubrRUfkZr-QCYwDvufNZ0s7fvD0frGdd0LKJE&google_hm=GPfosGZHN9Nl8nW5Rda9EyYp

Request Chain 333

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBXRAGyAcwr-wX6Pf6OiM7U&google_cver=1&google_push=Aa02lx9PcY0fUT37I2vJIWTMe6UtrfDiBcwpBdIljb_h9FnsoyYXJ-EVxpVTbR2lFEGRva05mBsN0Ml-pvUsBszQIGz6hRUtv2nQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9PcY0fUT37I2vJIWTMe6UtrfDiBcwpBdIljb_h9FnsoyYXJ-EVxpVTbR2lFEGRva05mBsN0Ml-pvUsBszQIGz6hRUtv2nQ

Request Chain 334

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEMgi6X-WEeO3UOi6CRKdGvY&google_cver=1&google_push=Aa02lx_pa6NwACbuYmgAzMcWMTXchIJz1SSqvgIuS0-mI3qKbqqVcRBaZFOSSuH6WBJSnFxr63EwAYGQPZMlZxb_cvTNkJVrmZuhUA HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEMgi6X-WEeO3UOi6CRKdGvY&google_cver=1&google_push=Aa02lx_pa6NwACbuYmgAzMcWMTXchIJz1SSqvgIuS0-mI3qKbqqVcRBaZFOSSuH6WBJSnFxr63EwAYGQPZMlZxb_cvTNkJVrmZuhUA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=298e5f06-3932-43a5-b584-70c5cab0008c&%%GOOGLE_PUSH_PAIR%%

Request Chain 351

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHHVvxm9rKmOkeo4Of1tLNc&google_cver=1&google_push=Aa02lx_BeWTWoEWkFL2-QZX8dSLLVNr-v9bN4sfghCZxGirEIr5vignJU4vfOfmcTXe6o9kzGQtbUdCb9B8ymaUmBFcBvQqJ_kU HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx_BeWTWoEWkFL2-QZX8dSLLVNr-v9bN4sfghCZxGirEIr5vignJU4vfOfmcTXe6o9kzGQtbUdCb9B8ymaUmBFcBvQqJ_kU&google_hm=Rv2fEd5EC5z6CA2K3s9kyQ

Request Chain 352

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESELwALyANoC8O6-iBkT7K12U&google_cver=1&google_push=Aa02lx9trsRBRcD-xTPeHHhGjc0UcVUL7h1EEA-KXar-Ou1wtPQ7IPB5BszdQfIajP6MYBOHmWM-Ng4mZYiLv0gD1maNDoPcmk0n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELwALyANoC8O6-iBkT7K12U&google_push=Aa02lx9trsRBRcD-xTPeHHhGjc0UcVUL7h1EEA-KXar-Ou1wtPQ7IPB5BszdQfIajP6MYBOHmWM-Ng4mZYiLv0gD1maNDoPcmk0n

Request Chain 355

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMCs1XTEidWjxYPLqImpmyU&google_cver=1&google_push=Aa02lx8erLh3KIbEX9WEHq6MujncIWUOu0UBzB02GvzKTXCZnsj7XtFTCDhe9NXQXJELXzIbsZqFKl5LSPpb613oMZMOZqgKyF-0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzYxMzcxNTc0MDQyMTc3OTQ5MA&google_push=Aa02lx8erLh3KIbEX9WEHq6MujncIWUOu0UBzB02GvzKTXCZnsj7XtFTCDhe9NXQXJELXzIbsZqFKl5LSPpb613oMZMOZqgKyF-0

Request Chain 356

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBXRAGyAcwr-wX6Pf6OiM7U&google_cver=1&google_push=Aa02lx-iYU0yeW2msnwuNBMQNXqIFsy946YubiZ5yaFonSw_pFXB78Eg_bLPM8B8uM1l-hFhn9LnOiaxPDxp7mCUY3wxB1pV-upd HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-iYU0yeW2msnwuNBMQNXqIFsy946YubiZ5yaFonSw_pFXB78Eg_bLPM8B8uM1l-hFhn9LnOiaxPDxp7mCUY3wxB1pV-upd

Request Chain 357

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEACJ_UjZo8z-KCZTEameRa4&google_cver=1&google_push=Aa02lx9X8kng0MHdmNyf86qMtsJ_BJgvA359dmJY1wW5Nn5wTo_mLtShqL1d7dag6gbAq72VunKFH2pR9CkavCDVYNYIyyb_RQOGfQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTA0MTc1MjA0MTQ2NDc5NzA1OQ%3D%3D&google_gid=CAESEACJ_UjZo8z-KCZTEameRa4&google_cver=1&google_push=Aa02lx9X8kng0MHdmNyf86qMtsJ_BJgvA359dmJY1wW5Nn5wTo_mLtShqL1d7dag6gbAq72VunKFH2pR9CkavCDVYNYIyyb_RQOGfQ

Request Chain 428

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESELGRSkKtrif60OP14tDWOgE&google_cver=1

Request Chain 430

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESELGRSkKtrif60OP14tDWOgE&google_cver=1

Request Chain 432

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESELGRSkKtrif60OP14tDWOgE&google_cver=1

Request Chain 457

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESELwALyANoC8O6-iBkT7K12U&google_cver=1&google_push=Aa02lx8nXdM_7OQxpc2OQUwIv7UhSZ2jAcLetYJDo8CSmqtcDoLxPgTfIA-kPaPT1zlnfLhKX9o-Nei-XK6qdUfTd9QXj82kGy5fZw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WkFCWmZnQUFCZHh5WEFCaA==&google_gid=CAESELwALyANoC8O6-iBkT7K12U&google_cver=1&google_push=Aa02lx8nXdM_7OQxpc2OQUwIv7UhSZ2jAcLetYJDo8CSmqtcDoLxPgTfIA-kPaPT1zlnfLhKX9o-Nei-XK6qdUfTd9QXj82kGy5fZw

Request Chain 458

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJfLcmFWkowDAxE74bZzIKE&google_cver=1&google_push=Aa02lx83NI1DHigS-q0Nhst1edokgWzkCISjEOIgV74YJwN47hU5O-xQpDjiabTI1apkrHyTOvHz1OEFnhmLjqrWdkyjyuDfOGFqBg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx83NI1DHigS-q0Nhst1edokgWzkCISjEOIgV74YJwN47hU5O-xQpDjiabTI1apkrHyTOvHz1OEFnhmLjqrWdkyjyuDfOGFqBg&google_hm=eS1rWXZ0aTNaRTJwRktsTGhQR1RIeHZTbWsuYWMxRjMzOX5B

Request Chain 459

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMCs1XTEidWjxYPLqImpmyU&google_cver=1&google_push=Aa02lx_vo2Gj9N4XhC6_Ey-poGhoyuhxboV6JjQQNBiJz1GCL46Wr-Td7xi737DSDg87a4FX87fOvKU-3ZF-_Cf9nN7Rbx5HReXO7g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzYxMzcxNTc0MDQyMTc3OTQ5MA&google_push=Aa02lx_vo2Gj9N4XhC6_Ey-poGhoyuhxboV6JjQQNBiJz1GCL46Wr-Td7xi737DSDg87a4FX87fOvKU-3ZF-_Cf9nN7Rbx5HReXO7g

Request Chain 460

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIaTNYY_bFXq09Ga4-EnrVE&google_cver=1&google_push=Aa02lx-hl45AWuY96NlM8tdr2R3EbWwdCPW-_Lq1mW2aFAH7VkI6CytvsoG2mZ-WwyFQN34eikihG2fS2LdpjFZBSEGItfpfLfFc HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIaTNYY_bFXq09Ga4-EnrVE&google_hm=ZABZfRnE7DVKtaD5T6KZGAAAFJEAAAAB&google_nid=index&google_push=Aa02lx-hl45AWuY96NlM8tdr2R3EbWwdCPW-_Lq1mW2aFAH7VkI6CytvsoG2mZ-WwyFQN34eikihG2fS2LdpjFZBSEGItfpfLfFc

Request Chain 461

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBXRAGyAcwr-wX6Pf6OiM7U&google_cver=1&google_push=Aa02lx8nHDVVvuVCSU7RKo9PEGmr3ikWXYa_iOm8RFVzfMozb1DDN4kvTCBCX4LFBshNjB7xk_ILdCldCY-M_9bPOWBEjPwRyIk7kQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8nHDVVvuVCSU7RKo9PEGmr3ikWXYa_iOm8RFVzfMozb1DDN4kvTCBCX4LFBshNjB7xk_ILdCldCY-M_9bPOWBEjPwRyIk7kQ

Request Chain 462

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFemk3s7q1v90qwMqzeiUvY&google_cver=1&google_push=Aa02lx_1Ftcy7PN2hsgpz-OaujM-aNLlvbD5TxZmbnT-3h99BazLazFTPY7xNN_xWSTcARmJzEem-I3VSAPMhSHOLW6p2hZU20bM8TY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx_1Ftcy7PN2hsgpz-OaujM-aNLlvbD5TxZmbnT-3h99BazLazFTPY7xNN_xWSTcARmJzEem-I3VSAPMhSHOLW6p2hZU20bM8TY HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 468

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-_guoBFcmXfC6bn1jvdKWSs9fOv0oOb4cAKbTUA&google_cm&google_hm=ay1fZ3VvQkZjbVhmQzZibjFqdmRLV1NzOWZPdjBvT2I0Y0FLYlRVQQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-_guoBFcmXfC6bn1jvdKWSs9fOv0oOb4cAKbTUA&google_gid=CAESEIt2YUmZyI_bA4mzD3Z9tjY&google_cver=1&google_ula=913071,0

Request Chain 469

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5041752041464797059

Request Chain 482

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=aclCV7hTn3LzENLrp_rSqGLOWTOLOuMz HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=aclCV7hTn3LzENLrp_rSqGLOWTOLOuMz

Request Chain 528

https://um.simpli.fi/gp_match?google_gid=CAESEKXroLI2_ISJbrY5I5tjU50&google_cver=1&google_push=Aa02lx-RXo67Inh-6CC0MLL-jmGiorSAc5eOzGI8K3IWn_MCA-y_R-0PtKjv6YaM12xjKKlC2YZAvcFg0duxW6UMjuTiIh7PYCOV HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D07EFC8E7C9D4515AC7EDD71E52A1E1F&google_push=Aa02lx-RXo67Inh-6CC0MLL-jmGiorSAc5eOzGI8K3IWn_MCA-y_R-0PtKjv6YaM12xjKKlC2YZAvcFg0duxW6UMjuTiIh7PYCOV

Request Chain 530

https://d5p.de17a.com/cookies/google?google_gid=CAESEFGPTpqiUfrrzVnFGd6UZck&google_cver=1&google_push=Aa02lx9I0pGDfXUtYsKfAG34tAjt_GxsJT4lrkoYDBCLWOF1LwEVtstn2cF-rpXbX9-newdWk3b3mBzDAHOeOH0quS82LpLbDSB9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx9I0pGDfXUtYsKfAG34tAjt_GxsJT4lrkoYDBCLWOF1LwEVtstn2cF-rpXbX9-newdWk3b3mBzDAHOeOH0quS82LpLbDSB9

Request Chain 531

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEHKDxmVpLh1EduWYsco7jp4&google_cver=1&google_push=Aa02lx9l3GbmtauGu2OxXNOw_VoC_CpRt636zx13m8fflOn8a9t3FUuWLZldu34ksLpVWVdCiAdfZ5CSQ1eETLXi7affzCD-8SG9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9l3GbmtauGu2OxXNOw_VoC_CpRt636zx13m8fflOn8a9t3FUuWLZldu34ksLpVWVdCiAdfZ5CSQ1eETLXi7affzCD-8SG9

Request Chain 532

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEACJ_UjZo8z-KCZTEameRa4&google_cver=1&google_push=Aa02lx_Dl4TCDGpj8b02KDbkaBnw3y8g1mdvAMjcAwKAq4a_9eny28Xg7QGoECRb0ePkDeczI5iRF3b8x6TXvSTz4HsWjFtOmzQDiw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTA0MTc1MjA0MTQ2NDc5NzA1OQ%3D%3D&google_gid=CAESEACJ_UjZo8z-KCZTEameRa4&google_cver=1&google_push=Aa02lx_Dl4TCDGpj8b02KDbkaBnw3y8g1mdvAMjcAwKAq4a_9eny28Xg7QGoECRb0ePkDeczI5iRF3b8x6TXvSTz4HsWjFtOmzQDiw

Request Chain 536

https://ad.turn.com/r/cs?pid=3&google_gid=CAESED-J2Tgq8No33CVvExwUyE8&google_cver=1&google_push=Aa02lx9Slh6oa7DC3HojVInSRyB2frgkzNCF1nkPUWEhhbtyM_0MuGqshJvb2qNm7raa4ecmTtAnscWTGNPM59ZssmmVeItIARis HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzU1MzYzNTU0NTM4NjU3ODQxNQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED-J2Tgq8No33CVvExwUyE8&google_cver=1

Request Chain 537

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMO-IXjkwGipxXgQANM7j7A&google_cver=1&google_push=Aa02lx_QBT_jVGZqm-7_aeOoEIcsZPujTF3SfKpIwp9y4yBazrglPTQzHm27l6HoHcj1xCk0_sZ-Yc97YSGTKVRJnOcSy92qQ6gT HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=N1hoWkhiUXgxUHhEWms1&google_gid=CAESEMO-IXjkwGipxXgQANM7j7A&google_cver=1&google_push=Aa02lx_QBT_jVGZqm-7_aeOoEIcsZPujTF3SfKpIwp9y4yBazrglPTQzHm27l6HoHcj1xCk0_sZ-Yc97YSGTKVRJnOcSy92qQ6gT

Request Chain 538

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEO8llZSdtmEclcsUMixYK4E&google_cver=1&google_push=Aa02lx_a3PqKMpMGvYq0IrNaoYdfFx8SVkqEGSodlScZYXrT25A6gVxipfteY2Vj_afh00-c9DE1x3uZjjiaLiHvA8lNns8lscrrlQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=K3lkAFl9QwCI-azl3-cDWQ&google_push=Aa02lx_a3PqKMpMGvYq0IrNaoYdfFx8SVkqEGSodlScZYXrT25A6gVxipfteY2Vj_afh00-c9DE1x3uZjjiaLiHvA8lNns8lscrrlQ

Request Chain 539

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJzJuvG5qzo3_Nxf00r4HXU&google_cver=1&google_push=Aa02lx9JCgPrQTKIZlz4mgCbkp0_wjC2ioJ1hDm5IxFvua79mg_TSh3hCejEL1DfCaeQiJD03fVWo7V1wBTYgbh0S-8weIpKLGI HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=QEieu5XnQ-GPEZ24hJPLNg2&google_push=Aa02lx9JCgPrQTKIZlz4mgCbkp0_wjC2ioJ1hDm5IxFvua79mg_TSh3hCejEL1DfCaeQiJD03fVWo7V1wBTYgbh0S-8weIpKLGI

Request Chain 540

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELh589EYG88AtK-Qhnnvquk&google_cver=1&google_push=Aa02lx8V_Zzc7imtB-oD3MxlqiN9bqU_s-V__CRBN9le8Off3qrhgk6x7LPwkhq3_XHLDTHioN9vRabO-TXGgXm_Jr6osZeaLGwiFQ HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=ee53945c-f417-4adf-b091-40a270010799&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx8V_Zzc7imtB-oD3MxlqiN9bqU_s-V__CRBN9le8Off3qrhgk6x7LPwkhq3_XHLDTHioN9vRabO-TXGgXm_Jr6osZeaLGwiFQ&google_hm=KY5fBjkyQ6W1hHDFyrAAjA==

Request Chain 541

https://d5p.de17a.com/cookies/google?google_gid=CAESEFGPTpqiUfrrzVnFGd6UZck&google_cver=1&google_push=Aa02lx_QxyuQ3ReAKB1y7iYSDaz-NMIBU6hjzp71Lk94M_lnVOD6c9i1xSHmjKc0aEiByyAn1VZzWt6VL5I4GIECNMu-_9i9J1XJ-w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_QxyuQ3ReAKB1y7iYSDaz-NMIBU6hjzp71Lk94M_lnVOD6c9i1xSHmjKc0aEiByyAn1VZzWt6VL5I4GIECNMu-_9i9J1XJ-w

Request Chain 542

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEH--mx4jbChbirfc9Ce2tGM&google_cver=1&google_push=Aa02lx9vA8kaF79569Hooo2VVC58nabQRiCuydl-zyF_si5YgBGpjar2TtrBvYc4d7WRk43077Ik4MXbThV5aMc6iQkch53g8RcFLQ HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx9vA8kaF79569Hooo2VVC58nabQRiCuydl-zyF_si5YgBGpjar2TtrBvYc4d7WRk43077Ik4MXbThV5aMc6iQkch53g8RcFLQ&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1677744511518 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-fc20f249-46c5-4559-a823-125401196f30-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx9vA8kaF79569Hooo2VVC58nabQRiCuydl-zyF_si5YgBGpjar2TtrBvYc4d7WRk43077Ik4MXbThV5aMc6iQkch53g8RcFLQ%26google_hm%3DA_wg8klGxUVZqCMSVAEZbzA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx9vA8kaF79569Hooo2VVC58nabQRiCuydl-zyF_si5YgBGpjar2TtrBvYc4d7WRk43077Ik4MXbThV5aMc6iQkch53g8RcFLQ&google_hm=A_wg8klGxUVZqCMSVAEZbzA

Request Chain 546

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOn0GPzZp0f_E7M-h-2_3v8&google_cver=1&google_push=Aa02lx95dvyQeX1VEN0F_V8IqxDGPuNUYjeBxhdn9VsXgEveL-5kaTbX5yXnnYYXd6mt8Co1pKpFih52VM2JU6SwXEJG4E8Wwvdw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwNTg1NzgxMDA5NjcxNTkxOQ%3D%3D&google_push=Aa02lx95dvyQeX1VEN0F_V8IqxDGPuNUYjeBxhdn9VsXgEveL-5kaTbX5yXnnYYXd6mt8Co1pKpFih52VM2JU6SwXEJG4E8Wwvdw

Request Chain 548

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEK1DtALz0RqLw3Z1nFZjM8o&google_cver=1&google_push=Aa02lx-lhZa8jc5jNYQtZ956QNP2ieFKCuKi_Zhk56Pbzi8A4T1IFqjfSGUBj6PuE-eqbb3Sa7kBjQp1_q5W1vkKwwobLXAwqoVR HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-lhZa8jc5jNYQtZ956QNP2ieFKCuKi_Zhk56Pbzi8A4T1IFqjfSGUBj6PuE-eqbb3Sa7kBjQp1_q5W1vkKwwobLXAwqoVR&google_hm=GPfosGZHN9Nl8nW5Rda9EyYp

Request Chain 549

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBXRAGyAcwr-wX6Pf6OiM7U&google_cver=1&google_push=Aa02lx_py6j_9c1LzAoD6zBjDEx_vtVLi7ICNj1j-XpD9UH98yBYF_EwgO1plW_UFztKQ_9QQbjVlcRuQ4H9PkcN0-8pdkDJiHU4sQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_py6j_9c1LzAoD6zBjDEx_vtVLi7ICNj1j-XpD9UH98yBYF_EwgO1plW_UFztKQ_9QQbjVlcRuQ4H9PkcN0-8pdkDJiHU4sQ HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 550

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEACJ_UjZo8z-KCZTEameRa4&google_cver=1&google_push=Aa02lx9V97EJlV3sRSjElWLIHwr4xgsMx1NhJ1xq94Pg696Czv9rJrRXr0MSxf2Qe11yN0Byd-V1TTRJit6IGCgX8le3gzPdMKXTaA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTA0MTc1MjA0MTQ2NDc5NzA1OQ%3D%3D&google_gid=CAESEACJ_UjZo8z-KCZTEameRa4&google_cver=1&google_push=Aa02lx9V97EJlV3sRSjElWLIHwr4xgsMx1NhJ1xq94Pg696Czv9rJrRXr0MSxf2Qe11yN0Byd-V1TTRJit6IGCgX8le3gzPdMKXTaA

Request Chain 551

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEMgi6X-WEeO3UOi6CRKdGvY&google_cver=1&google_push=Aa02lx9r9WPc3AxwjWq8QyRYTHXx0JptVhmBuyfdyVSLDSbDmprWZSRoVTsj_0Y_hzdKllo5cxKOrSUMsiaw8pnb331YZBbZh-X7Og HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=298e5f06-3932-43a5-b584-70c5cab0008c&%%GOOGLE_PUSH_PAIR%%

Request Chain 607

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=WpTJgW331uahQmjC_FK7QXeNJfJhUnHH

Request Chain 613

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=HTtdU_8IgKGiooLeoFSJx18JgtiHp8_e

Request Chain 615

https://gum.criteo.com/sid/json?origin=publishertag&domain=kanui.com.br&sn=ChromeSyncframe&so=3&topUrl=www.kanui.com.br&bundle=Mo7RnF9idiUyQlV5YXNuclJEVCUyRkI2RDdFVGdrbTJKQTVod3J1aDN5Z256QXJUdDBURjBpU1l5dSUyRlprNSUyRloxdnVBRVllSjB2dkNsOGxDMDBXcU1sbFdvT0ozQWM0UGYyZmdRTTBEZnhWYUNjUlZTRXJMdHlLS3BzRCUyRmhOekJKTTdQeGhDaGV3cDRHV1gxR0lQNldFJTJGV3FTRVFMaWclM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=kbj7JnxxUVE1V3pNRFc0c1BHR1FNNFlyejlOUmFtTmpHYWxBOWJ4OEhiTmtUMm9BMnRaemExbnpNQzd2ZTZ6MitSc3Z0V2ZrOEkyOVJVR0VtUDRwMTVQdk5XZ0d3T3N6Y1pBekd1dDF0OUhxbWdGUkdQUUV3d29OMVhCVkk4YUJIakVhcVFUQ3pqTlh6Wm1GWEZ6ZlZOMHU1MlM0Q0NFOFNBTUxQSzk2NUlHLzJxbGNRMG5zVzNvTHAxMFdLU2ZsOU5ad2lxb3ZkWXJBeXc2WlBvMUR3aXo0Z05iRlNSSWpmbFpVYytOOXdTZ1VvcTA1bEdzd1U5TWtjVG1iN0gwcTVJRExlTXh4bm01UEl5QUh4NWhSSVJiYm1XeVN1M3NodFByZXBnSEpNQ1QwdE03VT18&cppv=2

618 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.kanui.com.br/
Redirect Chain

http://kanui.com.br/
https://www.kanui.com.br/

145 KB
36 KB

1102ms
504ms

Document
text/html

185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kanui.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-185-76-11-52.azioncdn.net

Software

nginx /

Resource Hash

318c21a89841cc0dfbf54b2e35099729891f33531802683cb00b44c4eca3c8a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=3600
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 02 Mar 2023 08:08:25 GMT
expires: Thu, 02 Mar 2023 09:08:25 GMT
server: nginx
server-timing: intid;desc=9bd1a5c545164985
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-host: kanui.com.br
x-message-id: ip-10-100-2-54-1677744505.708-12508
x-server: ip-10-100-2-54
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 134
Content-Type: text/html
Date: Thu, 02 Mar 2023 08:08:24 GMT
Location: https://www.kanui.com.br:443/
Server: awselb/2.0

GET
H2 200 eum.min.js Show response
eum.instana.io/ 26 KB
10 KB 73ms
14ms Script
application/javascript 2606:4700::6810:cc16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eum.instana.io/eum.min.js
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5efb60430b5eff8addca6f52bfee090e9a318381e834b6401021b70838f05059

Request headers

Referer: https://www.kanui.com.br/
Origin: https://www.kanui.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:25 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 1 Jan 1970 00:00:01 GMT
server: cloudflare
age: 277036
etag: 1712844505--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
timing-allow-origin: *
cf-ray: 7a1826da4b463721-FRA

GET
H2 200 api_dynamic.js Show response
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/ 698 KB
103 KB 829ms
425ms Script
application/javascript 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/api_dynamic.js
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: AmazonS3 /
Resource Hash: 88a403e8dd61340c5d32379b7569a4c38e3253fc3739a8f30478699af486ff6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:26 GMT
x-amz-version-id: 31Bo6pB6Uweh0kWZIZ2NhPIeJkpv5Jyq
content-encoding: gzip
last-modified: Thu, 02 Mar 2023 00:44:59 GMT
server: AmazonS3
x-amz-request-id: 910QCMKP45KWFF9K
etag: W/"6b3d349e6110ccab3c44de13a0691ed3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
x-amz-meta-ctime: 1677717898
x-amz-meta-gid: 1001
x-amz-meta-uid: 1001
x-amz-id-2: GthcPfE9y5rI8VToq4P+xZ344XiGXIJumHHDK6UKw4su/Gj/h4Hv5e9Z4o+XdoZOBLFGu04AeB4=
x-amz-meta-mtime: 1677717898

GET
H2 200 api_static.js Show response
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/ 283 KB
98 KB 447ms
42ms Script
application/javascript 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/api_static.js
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: AmazonS3 /
Resource Hash: 73298c5946d1119054eab2d334cc97c4ecf0e77c5a2387b7249351e101fcbe37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:26 GMT
x-amz-version-id: C6VIgqCcyc7i4dJk4Ac7VIiWFmu0x53z
content-encoding: gzip
last-modified: Tue, 21 Feb 2023 14:18:10 GMT
server: AmazonS3
x-amz-request-id: G79MF9Y3Z56425Q2
etag: W/"fad92995b21ce36302f95f98d312a853"
x-amz-meta-uid: 1001
vary: Accept-Encoding
x-amz-meta-ctime: 1676989089
content-type: application/javascript
x-amz-meta-gid: 1001
x-amz-id-2: W8RPCYVV33Xwq1pbpZ6PqAcdiXfGxRt6Rc41yg+VW70kJ8IsPdR3wlyx5Dn0IpSPBEIrWUH/jec=
x-amz-meta-mtime: 1676989089

GET
H2 200 prebid.js Show response
dafitistatic.dafiti.com.br/prebid/ 87 KB
32 KB 42ms
40ms Script
application/javascript 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://dafitistatic.dafiti.com.br/prebid/prebid.js
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: nginx /
Resource Hash: e920df2d72369d6d348a9216cde2ba6fd1c9fe0e3d93faa55e1b3acde4addaaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:26 GMT
content-encoding: gzip
via: 1.1 fe106b75368b4a44b0461d7e712cd360.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Fri, 29 Jun 2018 21:35:38 GMT
server: nginx
x-amz-cf-pop: AMS54-C1
etag: W/"5eabbbe957ce0a7d35da032ee51f4e31"
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-id: EfH-ECQXF342rWZKmxITAOq2JtYX2aBsPHfxLqWq1L624lAcHOvzoQ==
expires: Mon, 19 Dec 2022 18:54:19 GMT

GET
H2 200 index-2014-9cd53880.css
static.dafiti.com.br/vendor/dafiti/bootstrap/dist/cssl/index/ 195 KB
42 KB 658ms
294ms Stylesheet
text/css 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dafiti.com.br/vendor/dafiti/bootstrap/dist/cssl/index/index-2014-9cd53880.css?1677744428
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: nginx /
Resource Hash: 0381b72a136f013fcc946287a803f69926971505c77c94ffbd1a91cb54353a42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:26 GMT
content-encoding: gzip
via: 1.1 c8263b555e3bc428ed67d6128589b204.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Mon, 27 Feb 2023 05:11:22 GMT
server: nginx
x-amz-cf-pop: MAD53-P1
etag: W/"77476541f5621478c54f61cbdb0275ca"
x-cache: RefreshHit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-id: WvRFYD7ayLXxMqzJJTqf9FuEMMCVGcU1c6fMHeutGNBisg22Qe9stA==
expires: Sat, 01 Apr 2023 08:08:26 GMT

GET
H2 200 main-0e171c9d1f.css
static.dafiti.com.br/css/kanui/ 126 KB
28 KB 652ms
289ms Stylesheet
text/css 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dafiti.com.br/css/kanui/main-0e171c9d1f.css?1677744428
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: nginx /
Resource Hash: 39f78d52618f6b636b5502d662d4485521e4ca148d5dd3b659e481f9749a325c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:26 GMT
content-encoding: gzip
via: 1.1 22f5cdc4c7620f0e1f6ec898881407b8.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Thu, 02 Mar 2023 08:05:24 GMT
server: nginx
x-amz-cf-pop: MAD53-P1
etag: W/"22d202d151fa9eca24b6f2a6c6ba1d8e"
x-cache: Miss from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-id: CO1tRTagLqYKexYbVSnpVhAPZNCRnFT4AYmVQEwyS23Q2zgdL9ZoYw==
expires: Sat, 01 Apr 2023 08:08:26 GMT

GET
H2 200 header-javascript.min-e8228339.js Show response
static.dafiti.com.br/vendor/dafiti/bootstrap/dist/js/ 26 KB
9 KB 404ms
41ms Script
application/javascript 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dafiti.com.br/vendor/dafiti/bootstrap/dist/js/header-javascript.min-e8228339.js
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: nginx /
Resource Hash: 491826940e7f69544d4ad7d9692f7a3ad70bed2796ca7efed26316fea6ed73d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:26 GMT
content-encoding: gzip
via: 1.1 93bbc6688f0d24cc7122c5dfa105d524.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Mon, 20 Feb 2023 06:51:47 GMT
server: nginx
x-amz-cf-pop: DUB56-P1
etag: W/"af66e3e695e4cca88c3c03f05efa618a"
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
content-length: 9177
x-amz-cf-id: 13CL6MKovI8mbe-oSmkyNDTOzDfP8W6lJMhKofhg-1a2i_R39OKWTA==
expires: Sat, 01 Apr 2023 08:08:26 GMT

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
1 KB 117ms
46ms Stylesheet
text/css 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oswald:wght@200;300;400;500;600;700&display=swap

Requested by

Host: www.kanui.com.br
URL: https://www.kanui.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

58cbefaf0f461dc0670eaff4da9f2a2e4f1000e1dfebec0ba390f9859b7792f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Mar 2023 08:08:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 08:06:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Mar 2023 08:08:25 GMT

GET
H2 200 logo-kanui.png
static.dafiti.com.br/images/kanui/ 2 KB
2 KB 44ms
41ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dafiti.com.br/images/kanui/logo-kanui.png
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: b9b90f5b0ab7d55d88ecc7fab5b8ac2a37ef20857cfae21327104667857bd525

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:26 GMT
server: Azion IMS
x-original-image-size: 3382
etag: "f14f560c9ee5467b70a7d41deb3568c24055c745"
x-ims: Enabled
content-type: image/webp
cache-control: max-age=2592000
content-length: 1624
expires: Sat, 01 Apr 2023 08:08:26 GMT

GET
H2 200 getData.js Show response
selo.compreconfie.com.br/scripts/ 4 KB
2 KB 314ms
10ms Script
application/x-javascript 2620:1ec:4f:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://selo.compreconfie.com.br/scripts/getData.js?sellerId=102462
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7da80713891021cc2787c767bc376d8029ed7087fb9c2b70acb4faea5dbd9dde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 02 Mar 2023 08:08:26 GMT
content-encoding: br
last-modified: Mon, 02 Jan 2023 18:21:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: xB1x5xESRo1223eVQ1EIog==
x-azure-ref-originshield: 0008AZAAAAABP0WQiirO2TZqTm4xs8diBRlJBMjMxMDUwNDE3MDMzAGZmZjgwNjQ3LTM0YTMtNGY1YS05YTQ4LTRmMWMzYzQ5M2YxYg==
etag: 0x8DAECEE3CB1BF0D
x-azure-ref: 0elkAZAAAAACB1vH0ufKqRIiBL2v/2gF+RlJBMzFFREdFMDMxNQBmZmY4MDY0Ny0zNGEzLTRmNWEtOWE0OC00ZjFjM2M0OTNmMWI=
x-cache: TCP_HIT
content-type: application/x-javascript
x-ms-request-id: fc158c11-501e-001f-4dd8-4c7106000000
x-ms-version: 2009-09-19

GET
H2 200 1dcf6353e1eef__selo-eu-reciclo.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 1 KB
1 KB 50ms
47ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/1dcf6353e1eef__selo-eu-reciclo.png
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: b52baea12d32e2e512df377c2bb4ef3ca1b633e7d5abed226dfaebb8450f8d53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:26 GMT
server: Azion IMS
x-original-image-size: 3295
etag: "0b4d557b5990e3356b284d6d4e5d8737df7a0db4"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 1252
expires: Thu, 23 Feb 2023 12:19:22 GMT

GET
H2 200 15f6536f28fec__logo-kanui-footer.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 1 KB
1 KB 51ms
49ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/15f6536f28fec__logo-kanui-footer.png
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: ce3a57d6a9a3e5993d28efaf5fb03738b912fdfb6c7ed7a5df56bcd63e37cec2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:26 GMT
server: Azion IMS
x-original-image-size: 2830
etag: "9a87a9b551ecac40f10f601cb5535fdb377acb12"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 1268
expires: Tue, 13 Dec 2022 19:04:05 GMT

GET
H2 200 gfg-logo.png
static.kanui.com.br/cms/ 29 KB
30 KB 291ms
39ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kanui.com.br/cms/gfg-logo.png
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 1af4b0c0e13785b45fba4c149b03f3b68c0a3a93714f73b0d13fe61e718104f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 82402
etag: "e7fb4a016a252a19b9cdec00880c8414ddd64b56"
x-ims: Enabled
content-type: image/webp
cache-control: max-age=2592000
content-length: 30204
expires: Sat, 01 Apr 2023 08:08:27 GMT

GET
H2 200 1c8898362baad__facebook.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 3 KB
4 KB 52ms
50ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/1c8898362baad__facebook.png
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 96f452c979bde4478c26318d9bfaafaa28f3bd8fa295918901bf4ba6dd96933c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:26 GMT
server: Azion IMS
x-original-image-size: 4164
etag: "aab1614c2da787428f1a79b6371649446eb68125"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 3578
expires: Thu, 23 Feb 2023 12:26:51 GMT

GET
H2 200 22bc19454ff31__instagram.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 708 B
893 B 53ms
52ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/22bc19454ff31__instagram.png
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 2a3f84875353e59da6e4efb3b38bddb9d4e5d54dc0e8d10e4f872abb89d13e5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:26 GMT
server: Azion IMS
x-original-image-size: 4430
etag: "3cc4fc056b46eac88b3e64580f9606a1d2144257"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 708
expires: Tue, 13 Dec 2022 18:47:09 GMT

GET
H2 200 15561876cbd26__twitter.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 560 B
745 B 56ms
55ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/15561876cbd26__twitter.png
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: ff0c083a624d58fde02443e7587d9fa86bb0b192bba55065d4d4cfdf595988fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:26 GMT
server: Azion IMS
x-original-image-size: 4253
etag: "19452d1ea64e732016a1bf555ca1d6b008f73eb3"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 560
expires: Thu, 23 Feb 2023 12:26:51 GMT

GET
H2 200 6an24182.css
cdn.privacytools.com.br/public_api/banner/style/ 9 KB
3 KB 87ms
16ms Stylesheet
text/css 2606:4700:20::681a:b5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacytools.com.br/public_api/banner/style/6an24182.css?t=1

Requested by

Host: www.kanui.com.br
URL: https://www.kanui.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75ca3a72714106fdf040a115ac9e32c64a1a456e5c23a0d24e55bb748403292f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Mar 2023 06:14:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6821
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0hvoyHTwvpM9r8YlfJs4k%2BK6Eilyjvx%2BAyobiAQLlH7sHblUN0RSOmjtCIewQFcParKzFq64S3kodqGbFehQm%2BWIp5FM3cLiDwT%2F40jNrUVeL5jkPj1VANuEfLPaaSKETPjxXsclOTSjufxYXZ85xmDSKxt"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
x-robots-tag: noindex
cf-ray: 7a1826dfca3c9bb3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 6an24182.js Show response
cdn.privacytools.com.br/public_api/banner/script/bottom/ 115 KB
21 KB 22ms
19ms Script
text/javascript 2606:4700:20::681a:b5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacytools.com.br/public_api/banner/script/bottom/6an24182.js?t=1

Requested by

Host: www.kanui.com.br
URL: https://www.kanui.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdde167af79d5c3b96f167a19918eaebf846f16d287c44edc2b9df7d1690609f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Mar 2023 17:16:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 53528
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uXVAF08a4iv9d6I8xylY%2FgNfxskU9mAAw2VOrb4OtNInn0bbLFsOfBYSrk5%2Bn3lHzx5m2ZdZTuZccOMJqaxeBYstMhFDZhvcqJg5FPX%2BofNLoK%2Fc1rmZh7Oii8iB4AXEWKYf4pyi0Iz3Ilw6yfhN7d6NI5DU"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cache-control: public, max-age=14400, s-maxage=86400, must-revalidate, proxy-revalidate
x-robots-tag: noindex
cf-ray: 7a1826dfca409bb3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 st Show response
st.dynamicyield.com/ 13 KB
3 KB 189ms
107ms Script
text/javascript 2600:9000:21f3:1a00:15:ad21:c740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.dynamicyield.com/st?sec=8767638&inHead=true&id=0&jsession=&ref=&scriptVersion=1.158.0&dyid_server=&ctx=%7B%22type%22%3A%22HOMEPAGE%22%7D
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:1a00:15:ad21:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e5ed7c1a00eb17cf75dfb9fad7fcdbc3ae0834257b2a8b2ab1396650d0831aef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:26 GMT
content-encoding: gzip
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: no-cache
x-amz-cf-id: 4IxSDhyW5d8i3ASqlNWsYRqN6Ko93vILIiyCtfvXSsIlSiPeyeXMrw==
expires: Thu, 02 Mar 2023 08:08:25 GMT

GET
H2 200 Roboto-Bold-webfont.woff
dafitistatic.dafiti.com.br//vendor/dafiti/bootstrap/dist/fonts/ 24 KB
25 KB 55ms
18ms Font
binary/octet-stream 212.102.54.14
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://dafitistatic.dafiti.com.br//vendor/dafiti/bootstrap/dist/fonts/Roboto-Bold-webfont.woff
Requested by: Host: static.dafiti.com.br
URL: https://static.dafiti.com.br/vendor/dafiti/bootstrap/dist/cssl/index/index-2014-9cd53880.css?1677744428
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.54.14 Milan, Italy, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-212-102-54-14.azioncdn.net
Software: nginx /
Resource Hash: c94ac252c2a3319406032032154badff85d43db816667ea65f7c97d951a33cb7

Request headers

Referer: https://static.dafiti.com.br/
Origin: https://www.kanui.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:26 GMT
x-amz-version-id: null
via: 1.1 1ecf5fa27459072719e9ca6299706af8.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C3
age: 245
x-cache: Hit from cloudfront
content-length: 24808
last-modified: Mon, 12 Dec 2022 08:09:20 GMT
server: nginx
etag: "8b18d65d6824460ad37616723e493bcd"
vary: Accept-Encoding, Origin
content-type: binary/octet-stream
access-control-allow-origin: https://www.kanui.com.br
cache-control: max-age=604800
x-amz-cf-id: TLG3Rb3oTs6RLGAOayzhNW_7vEHPDuLlmEO8E4hTx3loLiX-EPWSKw==
expires: Mon, 19 Dec 2022 18:51:44 GMT

GET
H2 200 dafiticons_14e8ccccc5dcd089e4f3f583f659489d.woff2
dafitistatic.dafiti.com.br//vendor/dafiti/bootstrap/dist/fonts/ 15 KB
16 KB 70ms
35ms Font
binary/octet-stream 212.102.54.14
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://dafitistatic.dafiti.com.br//vendor/dafiti/bootstrap/dist/fonts/dafiticons_14e8ccccc5dcd089e4f3f583f659489d.woff2
Requested by: Host: static.dafiti.com.br
URL: https://static.dafiti.com.br/vendor/dafiti/bootstrap/dist/cssl/index/index-2014-9cd53880.css?1677744428
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.54.14 Milan, Italy, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-212-102-54-14.azioncdn.net
Software: nginx /
Resource Hash: 2211ff2fd5a69d2f222920ca8d1c6a14041806fdace4d702ab79c1d1e2428d91

Request headers

Referer: https://static.dafiti.com.br/
Origin: https://www.kanui.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:26 GMT
x-amz-version-id: null
via: 1.1 950da666aeb2f1c767ee4d6f91c2858e.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C3
age: 238
x-cache: Hit from cloudfront
content-length: 15680
last-modified: Mon, 12 Dec 2022 08:09:21 GMT
server: nginx
etag: "c36f9bf6e1c31a6f2db3dcbaacfda177"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://www.kanui.com.br
cache-control: max-age=604800
vary: Accept-Encoding, Origin
x-amz-cf-id: -Yw5KNlmyX02iAHGyu_UI7UQr7tiY_3nb3D6iuzZTX3IAvgAR2IY9g==
expires: Mon, 19 Dec 2022 18:53:06 GMT

GET
H2 200 MuseoSans_700-webfont.woff
dafitistatic.dafiti.com.br//vendor/dafiti/bootstrap/dist/fonts/ 33 KB
33 KB 53ms
19ms Font
binary/octet-stream 212.102.54.14
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://dafitistatic.dafiti.com.br//vendor/dafiti/bootstrap/dist/fonts/MuseoSans_700-webfont.woff
Requested by: Host: static.dafiti.com.br
URL: https://static.dafiti.com.br/vendor/dafiti/bootstrap/dist/cssl/index/index-2014-9cd53880.css?1677744428
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.54.14 Milan, Italy, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-212-102-54-14.azioncdn.net
Software: nginx /
Resource Hash: 74df85b4472f8037e7e4ea143f1443d8eca40a01591e698d900bf6b8a18b85c8

Request headers

Referer: https://static.dafiti.com.br/
Origin: https://www.kanui.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:26 GMT
x-amz-version-id: null
via: 1.1 b23e0cf8a6d3410d603ef3fb3377aa08.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C3
age: 245
x-cache: Hit from cloudfront
content-length: 33344
last-modified: Mon, 12 Dec 2022 08:09:20 GMT
server: nginx
etag: "49a5667e6bf445d549f34def603cd0f4"
vary: Accept-Encoding, Origin
content-type: binary/octet-stream
access-control-allow-origin: https://www.kanui.com.br
cache-control: max-age=604800
x-amz-cf-id: _UQ5nUUtoS0k5NZdA1i56IP4KoxbuSsRu6KJIVrjSuzm7k_CvF1nUw==
expires: Mon, 19 Dec 2022 18:51:44 GMT

GET
H2 200 Oswald-Light.otf
static.dafiti.com.br/vendor/dafiti/bootstrap/dist/fonts/ 25 KB
26 KB 118ms
39ms Font
binary/octet-stream 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dafiti.com.br/vendor/dafiti/bootstrap/dist/fonts/Oswald-Light.otf
Requested by: Host: static.dafiti.com.br
URL: https://static.dafiti.com.br/css/kanui/main-0e171c9d1f.css?1677744428
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: nginx /
Resource Hash: 49d7201c3b4337a86357646a2db5cfcddcf79fa5a638f24b172821e560b9fb4c

Request headers

Referer: https://static.dafiti.com.br/css/kanui/main-0e171c9d1f.css?1677744428
Origin: https://www.kanui.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:26 GMT
x-amz-version-id: null
via: 1.1 90a99800d5bb7015eb3541f7198e08cc.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD53-P1
x-cache: Miss from cloudfront
content-length: 25660
last-modified: Thu, 10 Nov 2022 22:47:11 GMT
server: nginx
etag: "4dfd3dfb06126e122600cf063048d5f2"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://www.kanui.com.br
cache-control: max-age=600
x-amz-cf-id: g8-XooCTV0o5XEVi8clieIbZqjWOWBCdZaHJJ9iZj2YYM4U1VdrTRw==
expires: Thu, 02 Mar 2023 08:18:26 GMT

GET
H2 200 Roboto-Regular-webfont.woff
dafitistatic.dafiti.com.br//vendor/dafiti/bootstrap/dist/fonts/ 24 KB
25 KB 63ms
36ms Font
binary/octet-stream 212.102.54.14
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://dafitistatic.dafiti.com.br//vendor/dafiti/bootstrap/dist/fonts/Roboto-Regular-webfont.woff
Requested by: Host: static.dafiti.com.br
URL: https://static.dafiti.com.br/vendor/dafiti/bootstrap/dist/cssl/index/index-2014-9cd53880.css?1677744428
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.54.14 Milan, Italy, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-212-102-54-14.azioncdn.net
Software: nginx /
Resource Hash: a1e5b0dd9cd90fe3ef3e24aea202819ee74693d62c00bac8e3fb7c837d8adbfe

Request headers

Referer: https://static.dafiti.com.br/
Origin: https://www.kanui.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:26 GMT
x-amz-version-id: null
via: 1.1 31806b2c47634ce66d4f41f8f0f3e17c.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C3
age: 245
x-cache: Hit from cloudfront
content-length: 25020
last-modified: Mon, 12 Dec 2022 08:09:21 GMT
server: nginx
etag: "3e5675c89f974f7811eeaf07e2dd5ba3"
vary: Accept-Encoding, Origin
content-type: binary/octet-stream
access-control-allow-origin: https://www.kanui.com.br
cache-control: max-age=604800
x-amz-cf-id: vrH0dix5PfsjJUIQMKs4yLSHs5uBCnnAyBwa3Hi-VvuuqwV84IvEeg==
expires: Mon, 19 Dec 2022 18:51:44 GMT

GET
H2 200 ka-sprite-desktop-1677744153191.png
static.dafiti.com.br/images/kanui/ 27 KB
27 KB 913ms
913ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dafiti.com.br/images/kanui/ka-sprite-desktop-1677744153191.png
Requested by: Host: static.dafiti.com.br
URL: https://static.dafiti.com.br/css/kanui/main-0e171c9d1f.css?1677744428
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 03182da888f9caa3000a98799a29f652403e401b1e5385d7a616d0d96f9561d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.dafiti.com.br/css/kanui/main-0e171c9d1f.css?1677744428
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 68166
etag: "e81b9e69e5858aa79b9c0b375f8e2d433ed80ffb"
x-ims: Enabled
content-type: image/webp
cache-control: max-age=2592000
content-length: 27394
expires: Sat, 01 Apr 2023 08:08:27 GMT

GET
H2 200 default_201869.png
static.dafiti.com.br/images/bootstrap/sprites/ 65 KB
65 KB 47ms
47ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dafiti.com.br/images/bootstrap/sprites/default_201869.png
Requested by: Host: static.dafiti.com.br
URL: https://static.dafiti.com.br/vendor/dafiti/bootstrap/dist/cssl/index/index-2014-9cd53880.css?1677744428
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: bac18217eff428a695ca1b18b1a989a6ed411b354f773c11949ca58b820c6057

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.dafiti.com.br/vendor/dafiti/bootstrap/dist/cssl/index/index-2014-9cd53880.css?1677744428
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:26 GMT
server: Azion IMS
x-original-image-size: 39243
etag: "7d8a7551c91dde3df88e902448ad76dc368839cf"
x-ims: Enabled
content-type: image/webp
cache-control: max-age=2592000
content-length: 66738
expires: Sat, 01 Apr 2023 08:08:26 GMT

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v49/ 25 KB
25 KB 88ms
23ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald:wght@200;300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.kanui.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 09:20:13 GMT
x-content-type-options: nosniff
age: 82093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25372
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 09:20:13 GMT

GET
H2 200 getData.css
cdn.confi.com.vc/styles/ 2 KB
1 KB 118ms
9ms Stylesheet
text/css 2620:1ec:4f:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confi.com.vc/styles/getData.css
Requested by: Host: selo.compreconfie.com.br
URL: https://selo.compreconfie.com.br/scripts/getData.js?sellerId=102462
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 985e58230b45baac2febe13ac675118309e93e1686f5ce83634e5353b2f6c75b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 02 Mar 2023 08:08:26 GMT
content-encoding: br
last-modified: Mon, 02 Jan 2023 18:00:21 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: slTBOvtoFRTXBXP3j606lA==
x-azure-ref-originshield: 0008AZAAAAABNaNCORLKvS4yVeWxRG9z8RlJBMjMxMDUwNDE4MDMxAGZmZjgwNjQ3LTM0YTMtNGY1YS05YTQ4LTRmMWMzYzQ5M2YxYg==
etag: 0x8DAECEB372F1605
x-azure-ref: 0e1kAZAAAAAC3wwY9IiRhRIBTy0ajsRqnRlJBMzFFREdFMDQwNgBmZmY4MDY0Ny0zNGEzLTRmNWEtOWE0OC00ZjFjM2M0OTNmMWI=
x-cache: TCP_HIT
content-type: text/css
x-ms-request-id: d93da2e8-001e-005f-23d8-4c763e000000
x-ms-version: 2009-09-19

GET 102462
analytics-stamp.confi.com.vc/api/v1/stamp/ 0
0

GET
H2 200 102462.png
cdn.confi.com.vc/reputation/ 3 KB
3 KB 931ms
822ms Image
image/png 2620:1ec:4f:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.confi.com.vc/reputation/102462.png
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 51edc6ff383d4aeac24084eebdcbddae44b3f85f77992c0591bdb1366a8c180d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 02 Mar 2023 08:08:27 GMT
last-modified: Thu, 02 Mar 2023 07:16:38 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: 9OP9rG6jh3sEMam6oth5yQ==
x-azure-ref-originshield: 0e1kAZAAAAAAl6l5b+4mzTbMhq4A3l8z9RlJBMjMxMDUwNDE4MDUzAGZmZjgwNjQ3LTM0YTMtNGY1YS05YTQ4LTRmMWMzYzQ5M2YxYg==
etag: 0x8DB1AEE10BCA0A6
x-azure-ref: 0e1kAZAAAAACKaj0k9hZCQbChBVnrz/X7RlJBMzFFREdFMDQwNgBmZmY4MDY0Ny0zNGEzLTRmNWEtOWE0OC00ZjFjM2M0OTNmMWI=
x-cache: TCP_MISS
content-type: image/png
x-ms-request-id: 2b0ad7b9-301e-0019-7bde-4c42b9000000
x-ms-version: 2009-09-19
content-length: 3006

OPTIONS
H/1.1 401
Unauthorized 102462
analytics-stamp.confi.com.vc/api/v1/stamp/ Frame 0
0 659ms
200ms Preflight
application/json 20.206.128.53
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-stamp.confi.com.vc/api/v1/stamp/102462
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.206.128.53 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.kanui.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 14
Content-Type: application/json; charset=utf-8
Date: Thu, 02 Mar 2023 08:08:27 GMT

GET
H2 200 dy-coll-min.js Show response
cdn.dynamicyield.com/scripts/1.158.0/ 181 KB
59 KB 186ms
38ms Script
application/javascript 2600:9000:2050:a600:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dynamicyield.com/scripts/1.158.0/dy-coll-min.js
Requested by: Host: st.dynamicyield.com
URL: https://st.dynamicyield.com/st?sec=8767638&inHead=true&id=0&jsession=&ref=&scriptVersion=1.158.0&dyid_server=&ctx=%7B%22type%22%3A%22HOMEPAGE%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2050:a600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: 1a55fa64fdace75513520ac7ff9a0fcb193805ba870692498b4e9cea3bd24821

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 02:56:42 GMT
content-encoding: gzip
via: 1.1 bef2aa0a3399e7cf217d61d0ac883834.cloudfront.net (CloudFront)
last-modified: Sun, 19 Feb 2023 09:45:49 GMT
server: DYCDN
age: 623506
x-amz-cf-pop: BUD50-C1
etag: W/"ed48a67075313fd7062b2b29e027ddd5"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id: Cgsy_yn1Su39a0kpmX6id2cg61425G3iSI9M8Yiv5QMsU7ygOL6QNQ==

GET
H2 200 731d4c06f83a6a9fb2a9f5e8afeef622.json Show response
cdn.dynamicyield.com/variations/8767638/466965/10304425/ 141 B
827 B 115ms
71ms XHR
application/json 2600:9000:2050:a600:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dynamicyield.com/variations/8767638/466965/10304425/731d4c06f83a6a9fb2a9f5e8afeef622.json
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2050:a600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: ce6141070b094e2b86bc5576dc4b7e91ad38476dbfa30f3c8bc6871234f15c16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 11:22:59 GMT
via: 1.1 098a40a244b2c7fde2801a1f5e41d6ca.cloudfront.net (CloudFront)
age: 74729
x-amz-cf-pop: BUD50-C1
x-cache: Hit from cloudfront
content-length: 141
last-modified: Tue, 08 Nov 2022 16:03:42 GMT
server: DYCDN
etag: "731d4c06f83a6a9fb2a9f5e8afeef622"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id: bk0b_Wq2_5XCFtbLAU68IbZHCLR-rrRKw3GKVHW7OrEaeUDDc0XPGg==

POST
H2 200 uia Show response
async-px.dynamicyield.com/ 0
385 B 213ms
123ms XHR
text/plain 13.32.110.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/uia?cnst=1&_=1677744507321
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-64.vie50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kanui.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:27 GMT
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: nlUjLBL4DemtnelLLNYrtUDaVghlJGzKZOc4q4uUGBFvm0N3WUJW4Q==
expires: 0

GET
H2 200 1f174f3c786bf__truck.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 476 B
661 B 42ms
40ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/1f174f3c786bf__truck.png
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: c9d7795c4b2e5d92fe1ab5ba475728ede6a5adb840f829f3f56a753b58084163

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 807
etag: "eda86390e1ab4c3bd6878670cee0e5ea79f83522"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 476
expires: Tue, 13 Dec 2022 18:46:47 GMT

GET
H2 200 accd689fac38__exchange.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 320 B
505 B 43ms
42ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/accd689fac38__exchange.png
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: d539a287e1880ad8031510d4e96baecb9222de505f0d11f01c85855bba99658f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 515
etag: "045c7aefee3cc93ff86e0723b0bfa3c79b7da9dd"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 320
expires: Tue, 13 Dec 2022 18:46:42 GMT

GET
H2 200 198053f540c3d__store.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 310 B
495 B 45ms
44ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/198053f540c3d__store.png
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 963682b6480c487be0f00e54a32989eddc38611839c1ba052d541d8f9d5532f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 536
etag: "53e177f23f302bab0bb736a45353fbf8270a7a44"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 310
expires: Tue, 13 Dec 2022 18:51:44 GMT

GET
H2 200 a782830483d4__creditcard.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 212 B
397 B 45ms
44ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/a782830483d4__creditcard.png
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 9634e8d62507de8ffd2a253deca5f7bc48a274c3a7a62b5a4f85bcb8b089b32c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 306
etag: "b9af3d19cb429d55ce81c3d56b1cf3c0805a378d"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 212
expires: Thu, 23 Feb 2023 12:19:22 GMT

GET
H2 200 32f032c8cd7a1__sale.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 788 B
973 B 46ms
44ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/32f032c8cd7a1__sale.png
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: af7c563112880ec7ebde4e8d9700a759699a1bdf84023783ec4ed81e59d87e33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 1240
etag: "b7215fd2fd41baa1ff25e34f541bac16787082b3"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 788
expires: Thu, 23 Feb 2023 12:19:22 GMT

GET
H2 200 1f85c5c0c2c4f__tag.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 340 B
525 B 47ms
46ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/1f85c5c0c2c4f__tag.png
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: cc5803ab4343f70b4b4993aa04e32e5bddab6f1191a2daa8f2e88c1b55e42167

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 562
etag: "27bec634be2ca09d4762fa44dbb4c5ee1141eb87"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 340
expires: Tue, 13 Dec 2022 19:21:18 GMT

GET
H2 200 22606fb753e45__box.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 536 B
721 B 47ms
46ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/22606fb753e45__box.png
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 95e80901adda93269fa97276326096f8e3537aa30d4684411dc79f4c48ff2189

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 934
etag: "05286b13ccd1c321d92f4d36d76fa799dce37b1e"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 536
expires: Thu, 23 Feb 2023 12:16:59 GMT

GET
H2 200 2338e8e7b6acb__tommy_sneaker.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/ 878 B
1 KB 64ms
61ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/2338e8e7b6acb__tommy_sneaker.jpg
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 908d3d9814bd9773ba374617281297c3e74d15fde0a189013e45b23cce49ad33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 3651
etag: "affbb63a5b1e9838cc2ae5449b748a4e90a250ff"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 878
expires: Thu, 23 Feb 2023 13:30:38 GMT

GET
H2 200 20293c981fed8__Asics.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/ 4 KB
4 KB 67ms
64ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/20293c981fed8__Asics.jpg
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 3acb0aed241bf33a59d203919cdf44c343c7b3e383fad0809f5581e6981778e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 47274
etag: "f0c553ef439aedcf3886d1dc0602f8035936964b"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 4324
expires: Tue, 13 Dec 2022 20:10:47 GMT

GET
H2 200 106638f282872__vans.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/ 2 KB
2 KB 68ms
65ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/106638f282872__vans.jpg
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 974af4d36f26a2ebee2dd0d43165f5943340dd5e6d064c8627342b733abe1e0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 4164
etag: "b4a2480dd72ca49dcf54241592298dddc63fd57a"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 1550
expires: Thu, 23 Feb 2023 13:30:37 GMT

GET
H2 200 5aeea86dec17__nike_sneaker.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/ 1 KB
2 KB 68ms
65ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/5aeea86dec17__nike_sneaker.jpg
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 6c902c245ddca0826e20d37ff8a07f1ce2b30477fadefee3da8b285cfe1ca31e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 4421
etag: "7089d2f4e219a819ff7ff158dd112207154d259b"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 1482
expires: Thu, 23 Feb 2023 13:30:39 GMT

GET
H2 200 209778fe3de54__fila.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/ 892 B
1 KB 69ms
66ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/209778fe3de54__fila.jpg
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 4873e89721ee7fc0df35a1886dd9464fed179aff9ee147be8f1ee567b225e25f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 3519
etag: "c30697e98d78b8fa539c272de27f60c561edfbe7"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 892
expires: Thu, 23 Feb 2023 13:30:38 GMT

GET
H2 200 a23bc0504ee2__adidas.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/ 2 KB
2 KB 69ms
66ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/a23bc0504ee2__adidas.jpg
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: dc2bbcece24a41494bd7d15dbe450e37f167abcbb30c063772d1972bef448329

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 4712
etag: "21c9a4eee102380d78eabdff910546f7c27c21e9"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 1626
expires: Tue, 13 Dec 2022 20:14:07 GMT

GET
H2 200 19906956ca42e__starter.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/ 2 KB
2 KB 69ms
67ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/19906956ca42e__starter.jpg
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 337574d8c79eaf4393e3c01f40c95865ecdfdd387b9d06e09783a77d20650e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 4387
etag: "91ef21405838d055469e9f3bb5f0f9bfa78bcaa9"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 1584
expires: Tue, 13 Dec 2022 20:10:53 GMT

GET
H2 200 2b63b0d157ff6__new-era.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/ 1 KB
1 KB 71ms
68ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/2b63b0d157ff6__new-era.jpg
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: d7aa5ee5fc5e760558483ae97feffb192e6eaf5f7d58cd8cb65699188b1baaa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 3777
etag: "e1439f56f3b4f6d908948cf97c9b7b436e91190a"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 1136
expires: Tue, 13 Dec 2022 20:10:54 GMT

GET
H2 200 1c4384d4d39a__new-balance.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/ 2 KB
2 KB 74ms
71ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/1c4384d4d39a__new-balance.jpg
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: c4e3a6660841a2aaefca4bc6bd707c3a83291d96e44afabc7a51a875be30e1f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 4655
etag: "6ba330b2e9c19d1ebc4bc47d64f45bdbae12fdb6"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 1748
expires: Tue, 13 Dec 2022 20:10:54 GMT

GET
H2 200 1af456f0d78ea__puma.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/ 1 KB
1 KB 74ms
72ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/1af456f0d78ea__puma.jpg
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 9586724a8919b155316b62e47f38a6b58205d06648560034004209e2d238555d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 3873
etag: "3d1e273d7f71473ce2ead1ca7abf4c76febbb1aa"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 1100
expires: Tue, 13 Dec 2022 20:14:07 GMT

GET
H2 200 203a74480da40__converse_sneaker.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/ 1 KB
2 KB 74ms
72ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/203a74480da40__converse_sneaker.jpg
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 34213292a4712c8f99b268cd03d6a1e8624a62e58ade88fd5edb560cf13f1de9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 4701
etag: "db28c9b1ad51d4a20641f60088234da7918b8a34"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 1500
expires: Tue, 13 Dec 2022 20:14:07 GMT

GET
H2 200 2023_02_13_15_44_49_TABOMBANDO_377x500.png
dafitistatic.dafiti.com.br/cms/ 20 KB
20 KB 63ms
60ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/cms/2023_02_13_15_44_49_TABOMBANDO_377x500.png
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 2f9cf38b325a6ab648141068fea1e9533cdeb1f7773b1ad13fbb2b92d25e1526

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 331843
etag: "bf62772d703d9f27bc94325e6fb22c4ce4e3c7d5"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 20380
expires: Wed, 15 Feb 2023 14:17:13 GMT

GET
H2 200 2023_02_13_15_37_40_TABOMBANDO_377x500.png
dafitistatic.dafiti.com.br/cms/ 16 KB
16 KB 63ms
61ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/cms/2023_02_13_15_37_40_TABOMBANDO_377x500.png
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 536c1a2ba46652b76b340e48eb1a5bc6fc30fd362e7b47b44025820fad67c4d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 328451
etag: "7753f81d64e4e5f041d70bd63bf5b06d5323c49e"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 16006
expires: Wed, 15 Feb 2023 14:17:12 GMT

GET
H2 200 4a5bfdf1c6a5__tabombando_377x500.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 18 KB
18 KB 64ms
62ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/4a5bfdf1c6a5__tabombando_377x500.png
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: f099d9829912fe9b0af297ea3db2e61eb0a978e913ca6027da037a5f2be1da98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 323190
etag: "e8baf84fd5889eb3248d66e73cec1224e03f6c94"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 18710
expires: Wed, 15 Feb 2023 14:18:19 GMT

GET
H2 200 2023_02_13_15_47_03_TABOMBANDO_377x500.png
dafitistatic.dafiti.com.br/cms/ 26 KB
26 KB 65ms
63ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/cms/2023_02_13_15_47_03_TABOMBANDO_377x500.png
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 29d04049dd0b9f96f193260137c10d105a0e8dfc76d42b5126ac2f6e8ff87bef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 350783
etag: "7fd14146f580125cf24cbd7dac33bd1d533714fc"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 26460
expires: Wed, 15 Feb 2023 14:17:12 GMT

GET
H2 200 2023_02_13_15_42_58_TABOMBANDO_377x500.png
dafitistatic.dafiti.com.br/cms/ 11 KB
11 KB 66ms
64ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/cms/2023_02_13_15_42_58_TABOMBANDO_377x500.png
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: bd405d3bb8370979f861ced2c97a6d823710a62c3ba8b615366777d1f9cae157

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 281623
etag: "25a2b3afbdf838af1e86a591630800104ddcc2b7"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 11260
expires: Wed, 15 Feb 2023 14:17:12 GMT

GET
H2 200 28e98449df18__destaque_desk_-_1805_1-_liquida_verao_-_tudo_ate_65_off.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 116 KB
116 KB 61ms
59ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/28e98449df18__destaque_desk_-_1805_1-_liquida_verao_-_tudo_ate_65_off.png
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: c385ee06f92348f31c3e8427f9d973ca59bb531d0584ebd0239a74191b0b1e2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 2091092
etag: "933912348bbad79142e4d9ddf68ae59e943a6a6e"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 118282
expires: Tue, 24 Jan 2023 09:36:24 GMT

GET
H2 200 2023_02_13_15_53_25_Destaque_Desk_2.png
dafitistatic.dafiti.com.br/cms/ 92 KB
92 KB 86ms
84ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/cms/2023_02_13_15_53_25_Destaque_Desk_2.png
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 51dad4fedd9849d7aa5caf7fa39c918d32659f73fb52c0e6d9386e7820f74197

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 2171113
etag: "bde1eda845bbec8a645099f6878a87bda221d6d9"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 94200
expires: Wed, 15 Feb 2023 13:45:35 GMT

GET
H2 200 249ff67cf6e9c__destaq_2.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 127 KB
127 KB 94ms
93ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/249ff67cf6e9c__destaq_2.png
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: a5357c6b96f3aaf49fc84cafb47ba6f1202f755973399303b31ba9389a2aee00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 1927381
etag: "2045c90b54f1810a6fef7494825c1de8d5fdae6f"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 129610
expires: Tue, 24 Jan 2023 09:36:23 GMT

GET
H2 200 142b522ef6d01__destaque_desk_3.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 100 KB
100 KB 99ms
98ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/142b522ef6d01__destaque_desk_3.png
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: ab174b9b6829f343ba6e67dfab7541cdc0c5d34952a02f7ea12ec7f237845127

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 1998239
etag: "3f17bfbde9754337ff96539e27932f5beaf91fba"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 101902
expires: Wed, 15 Feb 2023 13:45:34 GMT

GET
H2 200 2023_02_13_15_55_04_Destaque_Desk_.png
dafitistatic.dafiti.com.br/cms/ 110 KB
110 KB 102ms
100ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/cms/2023_02_13_15_55_04_Destaque_Desk_.png
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 5a97bffa1ac99b422cb47985d177bae57d5e4d57caf0e209d0fa4415e17602f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 2364638
etag: "913efc5ac3ba215a7c4ab74d48b89f7c743f6db8"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 112142
expires: Wed, 15 Feb 2023 13:37:58 GMT

GET
H2 200 b4151b349dea__afterheader_1920x50.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/tricae/images/ 7 KB
7 KB 100ms
95ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/tricae/images/b4151b349dea__afterheader_1920x50.png
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 370f748e48e2a50a14e44f17fc0950f082b338a1fe186c18fd62336201963ff6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 9513
etag: "2d8c07742097d3cf1ce00fa3caed3c7559e63d53"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 6694
expires: Wed, 15 Feb 2023 14:03:58 GMT

GET
H2 200 3688414a749c2__afterheader_mobile_640x80.gif
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/tricae/images/ 8 KB
8 KB 100ms
95ms Image
image/gif 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/tricae/images/3688414a749c2__afterheader_mobile_640x80.gif
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 6cbefdd512e671e776fa034a3aee5e047e74b1f15e966b51486c8f76aed124b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 8348
etag: "cc6088b7a74e4dc022ed9d57c2c155b4d7466430"
x-ims: Enabled
content-type: image/gif
content-length: 8348
expires: Wed, 15 Feb 2023 13:38:03 GMT

GET
H2 200 a00451ce4db5__camiseta.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 3 KB
3 KB 152ms
149ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/a00451ce4db5__camiseta.jpg
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: bae8601a65f20808c0c7439df7f17d89c3f92fa625fd0b38232f0a581a0ecaec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 10411
etag: "ff77a9420a751c7da73286c973e9345165c3cacc"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 3092
expires: Thu, 23 Feb 2023 13:30:38 GMT

GET
H2 200 235d71e3a15fa__1_banner-categoria_180x180_masc_bermudas.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 2 KB
3 KB 153ms
150ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/235d71e3a15fa__1_banner-categoria_180x180_masc_bermudas.jpg
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: c8015792fdcae6f89230c479fd95e5998bf815c6d882c64fa6a7cecdb3c724d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 9631
etag: "544ca3e82387c02e0fadd32bd097f78057591eb5"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 2478
expires: Thu, 23 Feb 2023 13:30:38 GMT

GET
H2 200 9237855ea58__moletom.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 3 KB
3 KB 153ms
150ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/9237855ea58__moletom.jpg
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 29eb18e4d01a9572f259847e4028769fadd2eb1bc0f4f3827a37e18ec60c878c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 10143
etag: "1cd8194e2c9861e93d4fa74bfe8ad46073ff25cc"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 2564
expires: Tue, 13 Dec 2022 20:14:07 GMT

GET
H2 200 802581da7ce0__calca.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 5 KB
5 KB 153ms
150ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/802581da7ce0__calca.jpg
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 8121a35a4a3f74f2c76f84c38b8151f2505d451df55e1a0e7590534445741c55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 18063
etag: "ac7a134579f7f0f11744afa8d00c5ab095683e8b"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 4684
expires: Thu, 23 Feb 2023 13:30:38 GMT

GET
H2 200 931ca880e309__image20221128175209.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 5 KB
5 KB 154ms
151ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/931ca880e309__image20221128175209.png
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 549f9de3c5a955391f4987c6ffbe3adec7b4874ff054a1068285d50613bfaba4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 21534
etag: "0824fef8529364f7bd2dea65b563422abfac2350"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 4772
expires: Tue, 13 Dec 2022 20:10:52 GMT

GET
H2 200 2817badb95f3b__jaqueta-corta-vento.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 2 KB
2 KB 154ms
151ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/2817badb95f3b__jaqueta-corta-vento.jpg
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 0957a5f33d0d003416b56df67bec374ce7e043f2d9a4b43094006e16d1ed2aa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 8252
etag: "9d19b05c9ce4d54f433844565e455b5ae86c2cb4"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 1812
expires: Tue, 13 Dec 2022 20:14:07 GMT

GET
H2 200 41e383cab926__bone.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 2 KB
2 KB 154ms
152ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/41e383cab926__bone.jpg
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 184b30d1518c6bb7cabedaefe2922ecc99ca0aac477af10e4da550e145850945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 11660
etag: "a34cd5a0d69a2f4f6078a5fff191e4ac10048159"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 2300
expires: Tue, 13 Dec 2022 20:10:51 GMT

GET
H2 200 13f49305a2fd4__8_banner-categoria_180x180_masc_tenisesportivo.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 3 KB
3 KB 154ms
152ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/13f49305a2fd4__8_banner-categoria_180x180_masc_tenisesportivo.jpg
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: ecbfd8af4ffefb5858aca70106068396e0ae614c372921550e70ff02bddfebca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 11059
etag: "cb72e3c9e0ab5c67b42436ee1f784cbca92beb70"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 3144
expires: Tue, 13 Dec 2022 20:10:52 GMT

GET
H2 200 add365da0d76__tenis.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 3 KB
3 KB 155ms
153ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/add365da0d76__tenis.jpg
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: acff40324ef40543d8d84a31217c27188b8a3f1cee1dff3cb1b3fd8a6073cd65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 9060
etag: "66c19be8c36424346890d797b3bb4d23a6f4bf81"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 2876
expires: Tue, 13 Dec 2022 20:14:07 GMT

GET
H2 200 218d7a31ac0bb__image20220805140011.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/ 4 KB
4 KB 155ms
153ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/218d7a31ac0bb__image20220805140011.png
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: a9c5e748ccf72f5ed630e6e11eef4cb90aa6897e7116cfa2f45d3573dc47480d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 37669
etag: "4a56ebabd8c266b4253745ac819c4b023f53e6a1"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 4294
expires: Tue, 13 Dec 2022 20:14:07 GMT

GET
H2 200 57628ef9a1bf__4_banner-categoria_180x180_masc_mochilasshoulderbags.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 4 KB
4 KB 155ms
154ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/57628ef9a1bf__4_banner-categoria_180x180_masc_mochilasshoulderbags.jpg
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 141725991fd548609dc13233286c4bd66b4d15871966379929567f2e64ef0fcc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 14597
etag: "dadf5f251e8d040e1146f01e08ae25d4672f0e9b"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 4418
expires: Thu, 23 Feb 2023 13:30:37 GMT

GET
H2 200 1-product.jpg
static.dafiti.com.br/72/737401/ 7 KB
7 KB 147ms
144ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dafiti.com.br/72/737401/1-product.jpg
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: c435e5f9bace6c1aa72b0a590b0a795c1abb4cf4ef11efd4c18fd4b76376800f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 34823
etag: "4994cddf1004872c85603977ce1b5b9028113170"
x-ims: Enabled
content-type: image/webp
cache-control: max-age=2592000
content-length: 7150
expires: Sat, 01 Apr 2023 08:08:27 GMT

GET
H2 200 1-product.jpg
static.dafiti.com.br/19/351911/ 13 KB
13 KB 148ms
144ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dafiti.com.br/19/351911/1-product.jpg
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 1a473ea128fcbd96490e88e32a0cc150bcc5d116e026ebd9cb243e93cedb4e37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 111276
etag: "09eb26378fe4593cac85f3cdacffb2e338eff084"
x-ims: Enabled
content-type: image/webp
cache-control: max-age=2592000
content-length: 13592
expires: Sat, 01 Apr 2023 08:08:27 GMT

GET
H2 200 1-product.jpg
static.dafiti.com.br/96/028811/ 8 KB
8 KB 148ms
145ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dafiti.com.br/96/028811/1-product.jpg
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: fed6b43a86af8a09064c7c480ce24cbe8b0d95421dda200f2e39bf09a5fec725

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 77846
etag: "0b48f2dc76d99eebb093cbd3ebaa889ba100dc14"
x-ims: Enabled
content-type: image/webp
cache-control: max-age=2592000
content-length: 8132
expires: Sat, 01 Apr 2023 08:08:27 GMT

GET
H2 200 1-product.jpg
static.dafiti.com.br/36/094711/ 3 KB
3 KB 149ms
146ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dafiti.com.br/36/094711/1-product.jpg
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 8926dd42d0097bfd782a16d20a63c5868578949eba73a6d6a0bd515421d9b55d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 28295
etag: "1602797b7189b038c3171d1e663e46f463d727ec"
x-ims: Enabled
content-type: image/webp
cache-control: max-age=2592000
content-length: 2872
expires: Sat, 01 Apr 2023 08:08:27 GMT

GET
H2 200 1-product.jpg
static.dafiti.com.br/31/746711/ 5 KB
5 KB 149ms
146ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dafiti.com.br/31/746711/1-product.jpg
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 992bd3ee0d5870e5bc0e068fd99d9807f1ae09f3b5a9499bbecc754811943247

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 55919
etag: "83f5b1f7a94a3aa8248f056602ac2345b8cc4d8e"
x-ims: Enabled
content-type: image/webp
cache-control: max-age=2592000
content-length: 4860
expires: Sat, 01 Apr 2023 08:08:27 GMT

GET
H2 200 1-product.jpg
static.dafiti.com.br/32/146711/ 6 KB
7 KB 150ms
147ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dafiti.com.br/32/146711/1-product.jpg
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 821c39db06af69044aef60e3def81045e8a9f364ef2151db6d06e47f49fea380

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 73482
etag: "19113e107453ae53f978b46eb284f7709c2bc572"
x-ims: Enabled
content-type: image/webp
cache-control: max-age=2592000
content-length: 6460
expires: Sat, 01 Apr 2023 08:08:27 GMT

GET
H2 200 1-product.jpg
static.dafiti.com.br/38/963121/ 9 KB
9 KB 150ms
148ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dafiti.com.br/38/963121/1-product.jpg
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: c292f61f54af368905af4b9d7b54338fb2da302c15f596c694fa68b210f2daaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 87215
etag: "59d9fcb314b0ee6d187d68d533c2597cd4c75364"
x-ims: Enabled
content-type: image/webp
cache-control: max-age=2592000
content-length: 9396
expires: Sat, 01 Apr 2023 08:08:27 GMT

GET
H2 200 1-product.jpg
static.dafiti.com.br/92/234711/ 5 KB
5 KB 151ms
149ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dafiti.com.br/92/234711/1-product.jpg
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 456b197900bf184cf841cc79ec46f03dcdc948a16eb877c2b1ae2fac44e8899b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 27699
etag: "93506125570530bdcac6c854003e22530660cdd8"
x-ims: Enabled
content-type: image/webp
cache-control: max-age=2592000
content-length: 5014
expires: Sat, 01 Apr 2023 08:08:27 GMT

GET
H2 200 1-product.jpg
static.dafiti.com.br/77/565711/ 9 KB
9 KB 152ms
150ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dafiti.com.br/77/565711/1-product.jpg
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 027658e1822c7365a4a373756661a814c2a40226aa524c970087852890200020

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 73621
etag: "0135e2e0a95e69d45626f0a9d356240da325be22"
x-ims: Enabled
content-type: image/webp
cache-control: max-age=2592000
content-length: 8854
expires: Sat, 01 Apr 2023 08:08:27 GMT

GET
H2 200 1-product.jpg
static.dafiti.com.br/11/049501/ 10 KB
10 KB 152ms
150ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dafiti.com.br/11/049501/1-product.jpg
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: e4d047e7e7b02c62e3caeecb369a8d227fded92617b4742a2db890838041d34f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 93536
etag: "bc9d283ab77837edc81a74d302f711e50642060f"
x-ims: Enabled
content-type: image/webp
cache-control: max-age=2592000
content-length: 10536
expires: Sat, 01 Apr 2023 08:08:27 GMT

GET
H2 200 1-product.jpg
static.dafiti.com.br/75/839501/ 9 KB
9 KB 153ms
151ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dafiti.com.br/75/839501/1-product.jpg
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: a3e3c127819cdeebf9f6643a051410e2bbb6e0b06a54db535205eec983de6c1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 78604
etag: "4d8268f2844eac4690167351022096c76a50cfca"
x-ims: Enabled
content-type: image/webp
cache-control: max-age=2592000
content-length: 9080
expires: Sat, 01 Apr 2023 08:08:27 GMT

GET
H2 200 1-product.jpg
static.dafiti.com.br/74/337401/ 7 KB
7 KB 154ms
153ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dafiti.com.br/74/337401/1-product.jpg
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 6d8f2a3d75984a2bef4ebe162c8e2db27f7fbd065c2b73f474440e409f5f6bb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 24524
etag: "2e2906ab95b815abdeaf3472a0c860cbc746202a"
x-ims: Enabled
content-type: image/webp
cache-control: max-age=2592000
content-length: 6688
expires: Sat, 01 Apr 2023 08:08:27 GMT

GET
H2 200 2a5aab88783ea__novidade_575x6201770_-_merchan_masc_-_bermudas_de_praia_na_promo.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 56 KB
57 KB 147ms
147ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/2a5aab88783ea__novidade_575x6201770_-_merchan_masc_-_bermudas_de_praia_na_promo.png
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 2a93e30b924d9f441fb9cf629a06b37796dc4769854b77d0c8a12e04978162de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 700626
etag: "78496e274c5333605d1d153d2be3cd277ed3d835"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 57714
expires: Tue, 03 Jan 2023 12:59:27 GMT

GET
H2 200 131bc0b98795b__novidade_575x620_1769_-_merchan_masc_-_camisetas_ate_r_39_99.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 31 KB
32 KB 148ms
148ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/131bc0b98795b__novidade_575x620_1769_-_merchan_masc_-_camisetas_ate_r_39_99.png
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 87b6afca5e2d6da865253e4fdc93b97a2bf922ded9793443e5f3fd83d364d894

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 607727
etag: "9af9fd34f8fae521325108c220ac8638b4eeebd4"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 32054
expires: Thu, 23 Feb 2023 13:30:40 GMT

GET
DATA 200
OK truncated
/ 334 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 360f7707ffa97c30d46cf1b7ac868405ef0082cee8188eedc9868ca7e6c9edad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 332 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38299603ce44a55c924225e7c33259514bfb7f3197cdc94d69cf8ae7973f450f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 batch
async-px.dynamicyield.com/ 0
381 B 414ms
124ms Ping
text/plain 13.32.110.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/batch?cnst=1&_=1677744507463_196418
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.158.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-64.vie50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kanui.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:27 GMT
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: DAuaeYit-F7IxAay4W1Z_l-dfHeFkktXbTkcHn21scCUY-2iHp55nA==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 125ms
120ms Fetch 13.32.110.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=133411&uid=7066148057540221306&sec=8767638&t=ri&e=288237&p=1&ve=3238047&va=%5B8765873%5D&ses=7722156ab996e8c03252ba0aec3fea81&expSes=24874&aud=299323.299350.327524.327526&expVisitId=-5480539332717472547&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1677744506475&rri=1308976
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-64.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:27 GMT
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: -HxKig_i0Dzwj5OSsV-YTxyu-W1kujyMAlZmFAMQu8RLBOn-97Uqwg==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 131ms
127ms Fetch 13.32.110.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=852547&uid=7066148057540221306&sec=8767638&t=ri&e=375834&p=1&ve=4057828&va=%5B10924534%5D&ses=7722156ab996e8c03252ba0aec3fea81&expSes=24874&aud=299323.299350.327524.327526&expVisitId=-5480539331397325246&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1677744506477&rri=3856901
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-64.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:27 GMT
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: saKk3LoSu8EdMq09zAP5zfFKQzpjJjKxiaOGPd-3fc_hgnjTSO_xlA==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 130ms
127ms Fetch 13.32.110.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=636822&uid=7066148057540221306&sec=8767638&t=ri&e=629847&p=1&ve=6185263&va=%5B16876701%5D&ses=7722156ab996e8c03252ba0aec3fea81&expSes=24874&aud=299323.299350.327524.327526&expVisitId=-5480539333420292398&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1677744506479&rri=1691314
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-64.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:27 GMT
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: wtCXvXAFXa83-a9V0UFg_SdXG8guQbP1z23vIGwBFrzkP32IpfC8CQ==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 122ms
122ms Fetch 13.32.110.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=958188&uid=7066148057540221306&sec=8767638&t=ri&e=859593&p=1&ve=11749613&va=%5B21011461%5D&ses=7722156ab996e8c03252ba0aec3fea81&expSes=24874&aud=299323.299350.327524.327526&expVisitId=-5480539334661960994&mech=0&smech=2&eri=1&tsrc=Direct&reqts=1677744506524&rri=9006271
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-64.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:27 GMT
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: cl1GEfSr0XVIi7z5f2mKJeJFAIpqjxCI6pHyYDOjuQ1H3vHcqd0fuw==
expires: 0

POST
H2 200 batch
async-px.dynamicyield.com/ 0
384 B 213ms
123ms Ping
text/plain 13.32.110.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/batch?cnst=1&_=1677744507664_821924
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.158.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-64.vie50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kanui.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:27 GMT
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: SsC7z8GGym-QuK0jUuJzu_uF0qGtFZ2fx7rsnM-pFwtzPJ7pM8BU6A==
expires: 0

GET
H2 200 javascript.min-22d96198.js
static.dafiti.com.br/vendor/dafiti/bootstrap/dist/js/ 81 KB
81 KB 40ms
40ms Image
application/javascript 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dafiti.com.br/vendor/dafiti/bootstrap/dist/js/javascript.min-22d96198.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
content-encoding: gzip
via: 1.1 78a48d8d46b0e5cf69ec8a7f633776e0.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Mon, 27 Feb 2023 07:17:31 GMT
server: nginx
x-amz-cf-pop: CDG52-P1
etag: W/"e2116903da1cd3e010ad8a8454e16232"
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-id: 9DyfbbjcTHPHLHShZ26d4JQC7IPQR-4zrd7zOT52bhhz_KTAc2n5bg==
expires: Sat, 01 Apr 2023 08:08:27 GMT

GET
H2 200 136c8bbb3b03c__adidas.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 1 KB
1 KB 50ms
40ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/136c8bbb3b03c__adidas.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: b5c105c2b621413cb431064c0f40cf9f985e84dd293da14d93d2f102703dbf40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 5684
etag: "45af98ab06de7c5f433827b60355fa75fe5dce22"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 1170
expires: Tue, 13 Dec 2022 19:04:08 GMT

GET
H2 200 27f64f096ce1c__dc_shoes.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 4 KB
4 KB 51ms
41ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/27f64f096ce1c__dc_shoes.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: ecc3da4087e1ff05f5492df1dee43224adce7750e28d3b212c1764a63559cd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 4788
etag: "ecedeaee0e96587a711c881041a9b60b244d0012"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 4016
expires: Thu, 23 Feb 2023 13:22:51 GMT

GET
H2 200 23aaaee7b7942__element.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 1 KB
1 KB 51ms
41ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/23aaaee7b7942__element.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: c4430b97b55b8103f278e137eda1a2acae554981e0baa81c8cf45313ca4865f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 5359
etag: "104052c441d6a8a156f703a463c8f290d5665bc4"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 1112
expires: Tue, 13 Dec 2022 18:46:42 GMT

GET
H2 200 217196e041182__hang_losse.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 4 KB
5 KB 55ms
45ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/217196e041182__hang_losse.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: c6fc12970d7832adef2d4c1d569d84c66496046048ab7b916b143d23ccdb1117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 6334
etag: "b16b67ca828d11da9c9870cf32649481ddc3efa4"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 4448
expires: Tue, 13 Dec 2022 19:04:09 GMT

GET
H2 200 1b59440d576dd__hurley.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 4 KB
4 KB 56ms
46ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/1b59440d576dd__hurley.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 3b267a7c2fba5cdeb5f060f693ebda234ad29aeccc3e523605727b6981e8ce64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 4651
etag: "dfd5356b6d103296d46e439a4f058e2c96e4f158"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 3920
expires: Tue, 13 Dec 2022 18:46:44 GMT

GET
H2 200 117e9d7fa8545__newera.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 1 KB
1 KB 56ms
46ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/117e9d7fa8545__newera.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 5c1d9e173f6c357d72a617dca08e5ec8fbf78c2e7bfc5eba8821568ebee85af2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 5598
etag: "a4c3e9174aa0d0a699f946db9d6710c87a96c858"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 1064
expires: Thu, 23 Feb 2023 13:22:51 GMT

GET
H2 200 4b39d5946f0b__nike.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 954 B
1 KB 56ms
47ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/4b39d5946f0b__nike.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: bc348fdf3d6e98dfb1b06c53951baba12ccb2041a63a044d166ce5e4a4e61f06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 4984
etag: "0419b428f6b20f62cefcbd237771429f62e9bb11"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 954
expires: Thu, 23 Feb 2023 13:22:51 GMT

GET
H2 200 cf83781dbf52__oakley.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 4 KB
4 KB 56ms
47ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/cf83781dbf52__oakley.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 697d597df5ca9a0ceff77072433a2ec5a934720509605f5fecd52b3f39ac7ff2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 4856
etag: "2ba59a79fc7f62befca5793a651569d70225957c"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 3992
expires: Tue, 13 Dec 2022 19:04:10 GMT

GET
H2 200 1ae934687ab1b__quicksilver.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 1010 B
1 KB 57ms
48ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/1ae934687ab1b__quicksilver.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 249cfda2569911bfbf5a352e5bfeb9cc5fe78946863bf3e6c5a4934776a26b31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 5209
etag: "35d828e2a9081bbfd453cd9ba2b735a88777786d"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 1010
expires: Tue, 13 Dec 2022 19:04:10 GMT

GET
H2 200 320d6f04b87be__rip_curl.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 882 B
1 KB 57ms
48ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/320d6f04b87be__rip_curl.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 9289a2f488a316419058b1b7e635ffac86eadb2a780c6845dc910dc85ed4b132

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 5346
etag: "803b3beadd20ff1a9c545b6e44f25828cbb07d4d"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 882
expires: Tue, 13 Dec 2022 19:04:10 GMT

GET
H2 200 a5a12ad969c6__rusty.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 862 B
1 KB 57ms
49ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/a5a12ad969c6__rusty.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 07633ec2e227d5847138980c35c177458b1118d7701cac7e7cb6151e2df2e0d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 4880
etag: "d4e02801bc3a9f784be4500c434d01da2e2d1df3"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 862
expires: Tue, 13 Dec 2022 19:04:10 GMT

GET
H2 200 50b85ce796c2__vans.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 2 KB
2 KB 58ms
49ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/50b85ce796c2__vans.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 990708a370fc7f0173e951516c5ec91ce9d2e3ff35c2471e40bb3ba4ee43bc9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 7804
etag: "334115264776ddf6331a86b3238eb7c45fc084bc"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 1638
expires: Tue, 13 Dec 2022 18:46:42 GMT

GET
H2 200 1a81268fa6c8a__adidas_originals.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 822 B
1007 B 58ms
50ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/1a81268fa6c8a__adidas_originals.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: c8eab4253dfcb0a960d80bd71d5e2849a0cd77139cdf8a05412c55c3e7da0cd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 4909
etag: "c9827688e566e40ab22aeabb80e4b33dd120069c"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 822
expires: Thu, 23 Feb 2023 13:22:51 GMT

GET
H2 200 347e632212c7d__asics.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 1 KB
1 KB 59ms
50ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/347e632212c7d__asics.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: b612c829e284a05a3c1ad7c038a0256a8bb1b51ad5c755ec464db9d297d0231f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 5453
etag: "0800064959dac77a0809245bb6628de116e9034f"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 1188
expires: Tue, 13 Dec 2022 19:04:10 GMT

GET
H2 200 1abb973b53a89__converse.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 926 B
1 KB 59ms
51ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/1abb973b53a89__converse.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 56a7e557715091a4a0429c162ea64459b1bd92f7ad7f6a9ba7a3d202788afbcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 5112
etag: "903d17f3444463bca4bebc625e389f59bc01e9a5"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 926
expires: Tue, 13 Dec 2022 18:46:42 GMT

GET
H2 200 3632929913700__fila.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 4 KB
4 KB 60ms
52ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/3632929913700__fila.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: c577735e9622a8b742dac8dc5152f9db28af301e63d23dc82c2e19336d9a9b27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 5298
etag: "9b8a94715f5a6730d7a9cb0c57c165cc4a9d279e"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 4000
expires: Tue, 13 Dec 2022 18:46:42 GMT

GET
H2 200 1d868d622a828__new_balance.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 1 KB
2 KB 61ms
53ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/1d868d622a828__new_balance.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: d7971b9f10a7f8a94f87b5820ee0421e39ad41c8ad90c64fbdc7cf7b5431d8f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 6970
etag: "db49455d198d730d9a8b0559597b1ab261b3e3c3"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 1532
expires: Thu, 23 Feb 2023 13:22:51 GMT

GET
H2 200 215a004d193bf__puma.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 738 B
923 B 61ms
53ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/215a004d193bf__puma.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 194bff381ec3d81f6f66034f0ff9eeee31361b982ce0d050bc5d62372cf449cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 4417
etag: "99745a049dc1f26f55928ddfbecd123cf9990903"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 738
expires: Tue, 13 Dec 2022 19:04:11 GMT

GET
H2 200 1842992de8719__roxy.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 894 B
1 KB 61ms
54ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/1842992de8719__roxy.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 7de00920bb0b147111be6d35c3d9f3d5cb63fbd4dc81c94f333607797ee7c48f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 5263
etag: "5f56933cfbbd29ed9a0847db36e8347bc5073e50"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 894
expires: Thu, 23 Feb 2023 13:22:51 GMT

GET
H2 200 33613a64cfa07__volcom.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 4 KB
4 KB 61ms
54ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/33613a64cfa07__volcom.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 7551480907a2cf13b43a57267750cf88b619d7161f4678de3b6a8fbf0489e5a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 5614
etag: "1569e05814e68dff00d370f984841cb1fd42fb8b"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 4250
expires: Tue, 13 Dec 2022 18:46:42 GMT

GET
H2 200 9c3581308585__novidades50off_home.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 17 KB
17 KB 62ms
55ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/9c3581308585__novidades50off_home.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 83f9f6450a9f79a3c5fa90cc2fdbb1c745958d47cf8dc2def841f52efffc3751

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 133525
etag: "536cdfe41943a7c9350bbdecb180058d9545e195"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 17534
expires: Tue, 13 Dec 2022 19:04:12 GMT

GET
H2 200 6512593ccec3__kanui-eco.jpg
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/ 23 KB
23 KB 62ms
56ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/dafiti/images/6512593ccec3__kanui-eco.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 7a5b82771f46d2e3ec4320e55319f8c1d88219d2dbc5e643bee96f0c82592f89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 77659
etag: "f8ccd6102bc7cf74882885049f07f1eccb4654d7"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 23514
expires: Tue, 13 Dec 2022 18:46:46 GMT

GET
H2 200 2a35b2871b194__Image20190823155023.png
dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/ 15 KB
15 KB 60ms
57ms Image
image/webp 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dafitistatic.dafiti.com.br/dynamic_yield/cms/static/kanui/images/2a35b2871b194__Image20190823155023.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: Azion IMS /
Resource Hash: 970e322932327436b9fbbba9bf325d576d04448a1d722b8ebb55c0cd747e18a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
server: Azion IMS
x-original-image-size: 129396
etag: "91716fb6952d18e582600b30d52f3c2d7f945390"
vary: Accept
content-type: image/webp
x-ims: Enabled
content-length: 15568
expires: Thu, 23 Feb 2023 13:22:51 GMT

GET
H3 200 6an24182.html Show response
cdn.privacytools.com.br/public_api/banner/pop/ 8 KB
2 KB 32ms
19ms XHR
text/plain 2606:4700:20::681a:b5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacytools.com.br/public_api/banner/pop/6an24182.html?t=1&m=0&c=1,666,029,767,229

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:b5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

344d52234fdfd14efd6d3a3b433daa8f548ab20d8adc561eac0d4e4a8db086d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 97416
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"Mon Oct 17 15:02:50 GMT-03:00 2022"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N0IeHsYZvoQBCGSGcSiTSpW7k39G3wSQQjCZlwIpVnnqIFfCkhdAWa5pXx0PZWn%2BRXIfTTXt5iq8j9KKdIr5mI9q1r%2F%2BwD23A0wY0mINerLXzFj9sO2vzNVjhqOxEqlPqZjc3jipVnilExKJPwD%2BacNp3SE1"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=2678400
x-robots-tag: noindex
cf-ray: 7a1826e67a299180-FRA

GET
H2 200 javascript.min-22d96198.js Show response
static.dafiti.com.br/vendor/dafiti/bootstrap/dist/js/ 770 KB
252 KB 39ms
39ms Script
application/javascript 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dafiti.com.br/vendor/dafiti/bootstrap/dist/js/javascript.min-22d96198.js
Requested by: Host: static.dafiti.com.br
URL: https://static.dafiti.com.br/vendor/dafiti/bootstrap/dist/js/header-javascript.min-e8228339.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: nginx /
Resource Hash: f5257c898a6c432fcd5db3d3eb15b8a9bf34680ab718caf491842311ccc1b827

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:28 GMT
content-encoding: gzip
via: 1.1 78a48d8d46b0e5cf69ec8a7f633776e0.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Mon, 27 Feb 2023 07:17:31 GMT
server: nginx
x-amz-cf-pop: CDG52-P1
etag: W/"e2116903da1cd3e010ad8a8454e16232"
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-id: 9DyfbbjcTHPHLHShZ26d4JQC7IPQR-4zrd7zOT52bhhz_KTAc2n5bg==
expires: Sat, 01 Apr 2023 08:08:28 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 366 KB
108 KB 138ms
70ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KBHCZ4N

Requested by

Host: www.kanui.com.br
URL: https://www.kanui.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

64efa1cac10befe798efe207f80c6fb2ef281ab05f7092b8e18637442846aa02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 110296
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 Mar 2023 08:08:28 GMT

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 121ms
121ms Fetch 13.32.110.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=563257&uid=7066148057540221306&sec=8767638&t=ri&e=1262096&p=1&ve=12040276&va=%5B%7B%22id%22%3A27761508%2C%22idx%22%3A0%7D%5D&ses=7722156ab996e8c03252ba0aec3fea81&expSes=24874&aud=299323.299350.327524.327526&expVisitId=-5480539335129789080&mech=2&smech=3&eri=1&tsrc=Direct&reqts=1677744507293&rri=4123380
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-64.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:28 GMT
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: HTLAQWvhT8yHCiq4upcLKn2tDKwkU9m68MWVRMPdXQPhUDfHATxllA==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 122ms
122ms Fetch 13.32.110.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=270060&uid=7066148057540221306&sec=8767638&t=ri&e=1395333&p=1&ve=11810947&va=%5B%7B%22id%22%3A27613323%2C%22idx%22%3A0%7D%5D&ses=7722156ab996e8c03252ba0aec3fea81&expSes=24874&aud=299323.299350.327524.327526&expVisitId=-5480539334634543395&mech=2&smech=3&eri=1&tsrc=Direct&reqts=1677744507294&rri=6076661
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-64.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:28 GMT
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: 3nA5_mBt62Q2-66hWJYt4GC2ZVbLSTn6a-AA8PUHsCrrXRbF1d5q2w==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 326ms
326ms Fetch 13.32.110.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=932243&uid=7066148057540221306&sec=8767638&t=ri&e=1423384&p=1&ve=12003121&va=%5B%7B%22id%22%3A27712022%2C%22idx%22%3A0%7D%5D&ses=7722156ab996e8c03252ba0aec3fea81&expSes=24874&aud=299323.299350.327524.327526&expVisitId=-5480539334040654859&mech=2&smech=3&eri=1&tsrc=Direct&reqts=1677744507294&rri=9072305
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-64.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:28 GMT
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: q679G8oby1RHHje-7zyN5M-oNTQrWvXalT5yMClx9PkL-CjB1cnbuA==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 325ms
325ms Fetch 13.32.110.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=380112&uid=7066148057540221306&sec=8767638&t=ri&e=1437062&p=1&ve=12003268&va=%5B%7B%22id%22%3A27758916%2C%22idx%22%3A0%7D%5D&ses=7722156ab996e8c03252ba0aec3fea81&expSes=24874&aud=299323.299350.327524.327526&expVisitId=-5480539332772597569&mech=2&smech=3&eri=1&tsrc=Direct&reqts=1677744507295&rri=8087446
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-64.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:28 GMT
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: sBbJyauR4sZvZ8fRi31Scyr0R5-GoWcf2FtZGm5ElNhblCibHJ-BSA==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 325ms
325ms Fetch 13.32.110.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=57977&uid=7066148057540221306&sec=8767638&t=ri&e=1378491&p=1&ve=12000121&va=%5B27558328%5D&ses=7722156ab996e8c03252ba0aec3fea81&expSes=24874&aud=299323.299350.327524.327526&expVisitId=-5480539334706035013&mech=2&smech=3&eri=1&tsrc=Direct&reqts=1677744507295&rri=4355767
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-64.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:28 GMT
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: eCOQiM2IcSezc_y7CASkoXGIm5OKn6B6N6OtKXWK_he1Zso19ms8tw==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 325ms
325ms Fetch 13.32.110.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=769093&uid=7066148057540221306&sec=8767638&t=ri&e=1388255&p=1&ve=11820065&va=%5B27589802%5D&ses=7722156ab996e8c03252ba0aec3fea81&expSes=24874&aud=299323.299350.327524.327526&expVisitId=-5480539331152931452&mech=2&smech=3&eri=1&tsrc=Direct&reqts=1677744507296&rri=3183904
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-64.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:28 GMT
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: vpe2LsSbwTcFnVD5EQ7kSeRYGTpQMocJ7EmO-4H6UraHL1ZW5DQd7w==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 326ms
326ms Fetch 13.32.110.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=571419&uid=7066148057540221306&sec=8767638&t=ri&e=291960&p=1&ve=11507665&va=%5B8896603%5D&ses=7722156ab996e8c03252ba0aec3fea81&expSes=24874&aud=299323.299350.327524.327526&expVisitId=-5480539334128550759&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1677744507296&rri=1014234
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-64.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:28 GMT
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: lf4LoZoTERC_-HKZ0BSek0sLGhBMQqhSvcxjpBh9bA6Pl5ynfLGAeA==
expires: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 98ms
25ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.kanui.com.br
URL: https://www.kanui.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 Mar 2023 07:17:30 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3058
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 02 Mar 2023 09:17:30 GMT

GET
H2 200 autotrack.js Show response
dafitistatic.dafiti.com.br/cms/ 26 KB
9 KB 39ms
39ms Script
application/javascript 185.76.11.52
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://dafitistatic.dafiti.com.br/cms/autotrack.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBHCZ4N
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.76.11.52 Madrid, Spain, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-76-11-52.azioncdn.net
Software: nginx /
Resource Hash: bcc1afc53529416fc5780618306f4e39ed3f38af3ea776aa4282a91878062b73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:28 GMT
content-encoding: gzip
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-version-id: G1YgCBpozcfqIGIxxPAI4k4UqkC34L4v
last-modified: Tue, 30 Aug 2016 16:04:11 GMT
server: nginx
x-amz-cf-pop: AMS54-C1
etag: W/"6c409f89b8d33449cc7943c8b7740c89"
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 8360
x-amz-cf-id: lWeBbvs2s3fx2HxU4CgPPh6MdSdwDxl3pQAlZGpHrrkGcEMMX6C7rw==
expires: Mon, 19 Dec 2022 18:54:54 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 112 KB
44 KB 93ms
53ms Script
application/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=OPT-N3QSNMV

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBHCZ4N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

83453ff48c3dd90b8bd512de1413c133bb8e8174e36e2fdd945c4eaded8edfb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44738
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Mar 2023 08:08:28 GMT

GET
H2 200 17715.js Show response
www.dwin1.com/ 34 KB
10 KB 58ms
12ms Script
application/javascript 2600:9000:21f3:5800:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/17715.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBHCZ4N
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:5800:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d03fc00c09f917899e6c13953c91f1605e12ec308c5bdfa9df65b085e32b879

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: .LCA9wU2OuLeqI2qyZfc5hHlKGI_wKy6
content-encoding: gzip
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
date: Thu, 02 Mar 2023 08:04:21 GMT
x-amz-cf-pop: FRA2-C2
age: 248
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 28 Feb 2023 09:17:22 GMT
server: AmazonS3
etag: W/"7681804dd52b631a741725c4b4f8ff23"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, s-maxage=600
x-amz-cf-id: ZC1kiK851DJfryzxahmaVFtSMYNPWC-BZfiD7a86ZOKTzvl5ae8PFQ==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1012508079/ 3 KB
2 KB 162ms
88ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1012508079/?random=1677744508447&cv=11&fst=1677744508447&bg=ffffff&guid=ON&async=1&gtm=45He32r0&u_w=1600&u_h=1200&label=GNVwCLnZ-gIQr8vm4gM&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.kanui.com.br%2F&tiba=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&auid=358296808.1677744508&uamb=0&uaw=0&data=ecomm_pagetype%3Dhome&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBHCZ4N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

138e68b3dad0b5d43a778381befd300d1da61690175dc26f6ae4d50383d97bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hotjar-1196013.js Show response
static.hotjar.com/c/ 9 KB
4 KB 75ms
38ms Script
application/javascript 13.225.78.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1196013.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBHCZ4N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-14.fra2.r.cloudfront.net

Software

Resource Hash

b56c08d481289e5d7be0718cd15edb295b71473c1d950bc278fd016cf9dc7f63

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/4c2132e39933e1618ace12bfc04af970
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: _ij1a-UbiodamqBtP9cvlf-ehgurh-R9goup-fvrFTtLdhnBU6qE7A==

GET
H2 200 fbds.js Show response
connect.facebook.net/en_US/ 4 KB
3 KB 42ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbds.js

Requested by

Host: www.kanui.com.br
URL: https://www.kanui.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a21604056f2bc5a91168f26342ac42159b10d692d6332cb77e50de32f5680b9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 Mar 2023 08:08:28 GMT
content-md5: /gC2oPUUusLA/9o+R/NyPA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2166
x-fb-rlafr: 0
x-fb-debug: mKiVhgb9+AzfompzQqPlOczIrxTe/TyI6htsd7Q4WgIF9rQgEO0S2txYjYl/VoxfuGxwDG85Tqi11H5bgMvQhA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
x-fb-content-md5: 5fda2345ab905d38804ccffb44451b42
cross-origin-opener-policy: same-origin-allow-popups
etag: "587e3b450a454c63d43df2d20007070d"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Thu, 02 Mar 2023 08:19:59 GMT

GET
H/1.1 200
OK DADJEF833.js Show response
wkxppshj-qx.global.ssl.fastly.net/ 146 KB
65 KB 39ms
7ms Script
application/x-javascript 151.101.129.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://wkxppshj-qx.global.ssl.fastly.net/DADJEF833.js

Requested by

Host: www.kanui.com.br
URL: https://www.kanui.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

470e846b069b5b7942f7f066f11c0f4998677f8da02788f019997347118acdc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Via: 1.1 varnish
Date: Thu, 02 Mar 2023 08:08:28 GMT
Age: 1227
X-Cache: HIT
Connection: keep-alive
Content-Length: 65761
X-Served-By: cache-hhn-etou8220045-HHN
Last-Modified: Mon, 20 Feb 2023 08:51:22 GMT
X-Timer: S1677744508.491245,VS0,VE1
ETag: "d5a631a7e2990fc50986aa0704ecbbcf"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 77 KB
27 KB 127ms
57ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.kanui.com.br
URL: https://www.kanui.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1fc3d86200fd1777715fb6f15f32bfc075284dcd9c2b1e9a2cf3cb011990df4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26902
x-xss-protection: 0
server: sffe
etag: "1498 / 340 of 1000 / last-modified: 1677712017"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 02 Mar 2023 08:08:28 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 80ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.kanui.com.br
URL: https://www.kanui.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 02 Mar 2023 08:08:28 GMT
last-modified: Thu, 16 Feb 2023 18:31:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C99975523FB647DC926225F37833FEDC Ref B: FRA31EDGE0613 Ref C: 2023-03-02T08:08:28Z
etag: "8072cff03442d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11894

GET
H/1.1 200
OK lc.js Show response
kibana-mkt.dafiti.com.br/track/ 4 KB
4 KB 512ms
98ms Script
application/javascript 44.199.3.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kibana-mkt.dafiti.com.br/track/lc.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBHCZ4N
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.199.3.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-199-3-212.compute-1.amazonaws.com
Software: nginx/1.8.0 /
Resource Hash: ac07b21b9c8016dd564bf9de88d4b0f401ac0c90b586c59b6af3f62d8cd80c2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 08:08:28 GMT
Last-Modified: Mon, 27 May 2019 14:56:10 GMT
Server: nginx/1.8.0
ETag: "5cebfa8a-e9c"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3740

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 43 KB
14 KB 52ms
24ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBHCZ4N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

d1ff0de8bc0eef53396c02f1c428f62b25f05306692a9eed14a09e02a77af0ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 02 Jan 2023 16:36:54 GMT
server: nginx
etag: W/"63b30826-aae4"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Mar 2023 08:08:28 GMT

GET
H/1.1 200
OK dj.200.min.js Show response
d34e3zwe3zzpan.cloudfront.net/ 34 KB
11 KB 86ms
24ms Script
application/x-javascript 18.65.40.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34e3zwe3zzpan.cloudfront.net/dj.200.min.js
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.40.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-40-10.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 11ce26e765d589e5cda02781e1a5984398b420d0499b5ab4a551d33327c339bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 08:08:28 GMT
Content-Encoding: gzip
Via: 1.1 5e1e1cde81deec56515dcc5317501fe8.cloudfront.net (CloudFront)
Last-Modified: Thu, 18 Feb 2016 10:53:53 GMT
Server: AmazonS3
X-Amz-Cf-Pop: AMS1-P1
Age: 2437
ETag: W/"915e08c94ec67cb2086c0197d036d887"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: IYxO_A2-BM5Ls9RhFOZybTGWlDNaff-xDEYIuhRpc6hoEC9rYKFjFw==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 278ms
141ms Script
application/javascript 2.23.97.97
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9UKI83C77UCFR8RC6JG&lib=ttq
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.97 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-97.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5ec54b50a7dff777e752d15302e63c2dc3de6faf9eade95b20794f25d1aac478

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-akamai-request-id: 6ac1e7fe.a224b980
date: Thu, 02 Mar 2023 08:08:28 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-23-97-93.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 108,2.23.97.93
server-timing: cdn-cache; desc=MISS, edge; dur=103, origin; dur=5, inner; dur=2
content-length: 1153
pragma: no-cache
server: nginx
x-tt-logid: 202303020808286EFB2D0466B94CE03765
x-cache-remote: TCP_MISS from a23-220-106-9.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 5,23.220.106.9
x-tt-trace-host: 01ca5754d83224ad6ee886f811f650030819e4d3dbac4faa52c53a4d5431a607f10cc0d225bd0726a2ea498d508e5061e04792a61bc44f58018ce9329d086102491ac6cc6ca7465c7c811c6dba061b88dad278f6927e9ab3ec65a203c58ecb99ec67000e02d88c5735776b3bbf6b274478
expires: Thu, 02 Mar 2023 08:08:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
74 KB 58ms
57ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-44NBXM9HZG&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBHCZ4N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

79120538c0743a2c284a4b97e91f7783f4c62303bdae3347a17a46ef1491ad1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75686
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 Mar 2023 08:08:28 GMT

GET
H2

200

tags
us.creativecdn.com/
Redirect Chain

https://us.creativecdn.com/tags?type=img&id=pr_IPLlnE0J1CFYQ2Frojl7&ncm=1&id=pr_IPLlnE0J1CFYQ2Frojl7_uid_&su=https%3A%2F%2Fwww.kanui.com.br%2F%3Fsr%3D&ts=1677744508455
https://us.creativecdn.com/tags?type=img&id=pr_IPLlnE0J1CFYQ2Frojl7&ncm=1&id=pr_IPLlnE0J1CFYQ2Frojl7_uid_&su=https%3A%2F%2Fwww.kanui.com.br%2F%3Fsr%3D&ts=1677744508455&tc=1

42 B
362 B

159ms
158ms

Image
image/gif

185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us.creativecdn.com/tags?type=img&id=pr_IPLlnE0J1CFYQ2Frojl7&ncm=1&id=pr_IPLlnE0J1CFYQ2Frojl7_uid_&su=https%3A%2F%2Fwww.kanui.com.br%2F%3Fsr%3D&ts=1677744508455&tc=1
Protocol: H2
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT, Thu, 02 Mar 2023 08:08:29 GMT
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials: true
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Thu, 02 Mar 2023 08:08:28 GMT
vary: Origin
access-control-max-age: 3600
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST
location: https://us.creativecdn.com/tags?type=img&id=pr_IPLlnE0J1CFYQ2Frojl7&ncm=1&id=pr_IPLlnE0J1CFYQ2Frojl7_uid_&su=https%3A%2F%2Fwww.kanui.com.br%2F%3Fsr%3D&ts=1677744508455&tc=1
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

/
ssc-cms.33across.com/ps/
Redirect Chain

https://us.creativecdn.com/tags?type=img&id0=pr_IPLlnE0J1CFYQ2Frojl7_uid_&id=pr_IPLlnE0J1CFYQ2Frojl7_home&su=https%3A%2F%2Fwww.kanui.com.br%2F%3Fsr%3D&ts=1677744508456
https://us.creativecdn.com/tags?type=img&id0=pr_IPLlnE0J1CFYQ2Frojl7_uid_&id=pr_IPLlnE0J1CFYQ2Frojl7_home&su=https%3A%2F%2Fwww.kanui.com.br%2F%3Fsr%3D&ts=1677744508456&tc=1
https://ssc-cms.33across.com/ps/?us_privacy=USP&xi=52&xu=pBx2Rh5v81QnQ50yKtj2

0
73 B

353ms
104ms

Image
text/plain

67.202.105.21
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssc-cms.33across.com/ps/?us_privacy=USP&xi=52&xu=pBx2Rh5v81QnQ50yKtj2
Protocol: H2
Server: 67.202.105.21 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip21.67-202-105.static.steadfastdns.net
Software: 33XP001 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-33x-status: 2000208
date: Thu, 02 Mar 2023 08:08:28 GMT
server: 33XP001

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT, Thu, 02 Mar 2023 08:08:29 GMT
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST
access-control-allow-origin: *
location: https://ssc-cms.33across.com/ps/?us_privacy=USP&xi=52&xu=pBx2Rh5v81QnQ50yKtj2
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 39ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=645747682160894&ev=PixelInitialized&dl=https%3A%2F%2Fwww.kanui.com.br%2F&rl=&if=false&ts=1677744508499

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 02 Mar 2023 08:08:28 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
BLOB 200
OK 6ed32315-06f3-4b61-85a5-9ecc888e65c7
https://www.kanui.com.br/ 163 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.kanui.com.br/6ed32315-06f3-4b61-85a5-9ecc888e65c7
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06a1e588118bd582160e9616f004650fb7e290847427dc0b48961996d92d1bcb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Length: 163
Content-Type

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 32ms
31ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 07:51:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1030
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 02 Mar 2023 08:51:18 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
183 B 47ms
46ms XHR
text/plain 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2053376196&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=301698643-Home%20Mista%20-%20Desktop%20-%2021%2F11%2F22%20&el=Homepage&_u=YEBAAAIJQAAAACAAI~&jid=1961855244&gjid=673244493&cid=510490145.1677744509&tid=UA-24844488-1&_gid=107326882.1677744509&_r=1&_slc=1&did=i5iSjo&z=490370189

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kanui.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kanui.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
130 B 28ms
24ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2053376196&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=1704549942-add%20cookie%20&el=true&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=510490145.1677744509&tid=UA-24844488-1&_gid=107326882.1677744509&did=i5iSjo&z=496363401

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 21:22:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 38773
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 30ms
25ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2053376196&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=533085504-USP%20-%20Desktop%20-%2008%2F11%2F22%20&el=USP&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=510490145.1677744509&tid=UA-24844488-1&_gid=107326882.1677744509&did=i5iSjo&z=1849197729

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 21:22:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 38773
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 30ms
26ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2053376196&t=event&ni=1&_s=4&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=1960279520-MASCULINO%20-%20besthomepage%20-%20Liquida%20Ver%C3%A3o%20-%2013%2F02%20&el=Control%20Group%3A%20No%20Action&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=510490145.1677744509&tid=UA-24844488-1&_gid=107326882.1677744509&did=i5iSjo&z=1600405179

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 21:22:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 38773
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 31ms
26ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2053376196&t=event&ni=1&_s=5&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=1960279520-MASCULINO%20-%20besthomepage%20-%20Liquida%20Ver%C3%A3o%20-%2013%2F02%20&el=Control%20Group%3A%20No%20Action&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=510490145.1677744509&tid=UA-24844488-1&_gid=107326882.1677744509&did=i5iSjo&z=812415230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 21:22:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 38773
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 31ms
27ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2053376196&t=event&ni=1&_s=6&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=1960279520-MASCULINO%20-%20besthomepage%20-%20Liquida%20Ver%C3%A3o%20-%2013%2F02%20&el=Control%20Group%3A%20No%20Action&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=510490145.1677744509&tid=UA-24844488-1&_gid=107326882.1677744509&did=i5iSjo&z=284824400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 21:22:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 38773
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 31ms
27ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2053376196&t=event&ni=1&_s=7&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=1960279520-MASCULINO%20-%20besthomepage%20-%20Liquida%20Ver%C3%A3o%20-%2013%2F02%20&el=Control%20Group%3A%20No%20Action&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=510490145.1677744509&tid=UA-24844488-1&_gid=107326882.1677744509&did=i5iSjo&z=1161757128

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 21:22:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 38773
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 31ms
27ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2053376196&t=event&ni=1&_s=8&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=1960279520-MASCULINO%20-%20besthomepage%20-%20Liquida%20Ver%C3%A3o%20-%2013%2F02%20&el=Control%20Group%3A%20No%20Action&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=510490145.1677744509&tid=UA-24844488-1&_gid=107326882.1677744509&did=i5iSjo&z=1167024852

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 21:22:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 38773
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 32ms
28ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2053376196&t=event&ni=1&_s=9&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=1812454102-ALL%20HOMES%20-%20Gerando%20Falc%C3%B5es%20-%2014%2F02%20&el=NA-NA-BRF01-AcaoGerandoFalcoes&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=510490145.1677744509&tid=UA-24844488-1&_gid=107326882.1677744509&did=i5iSjo&z=1657081446

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 21:22:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 38773
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 33ms
30ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2053376196&t=event&ni=1&_s=10&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=521560443-MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20&el=Control%20Group%3A%20No%20Action&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=510490145.1677744509&tid=UA-24844488-1&_gid=107326882.1677744509&did=i5iSjo&z=851376652

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 21:22:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 38773
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 34ms
30ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2053376196&t=event&ni=1&_s=11&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=521560443-MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20&el=Control%20Group%3A%20No%20Action&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=510490145.1677744509&tid=UA-24844488-1&_gid=107326882.1677744509&did=i5iSjo&z=948205457

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 21:22:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 38773
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 34ms
30ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2053376196&t=event&ni=1&_s=12&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=521560443-MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20&el=Control%20Group%3A%20No%20Action&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=510490145.1677744509&tid=UA-24844488-1&_gid=107326882.1677744509&did=i5iSjo&z=888803803

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 21:22:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 38773
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 33ms
31ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2053376196&t=event&ni=1&_s=13&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=521560443-MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20&el=Control%20Group%3A%20No%20Action&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=510490145.1677744509&tid=UA-24844488-1&_gid=107326882.1677744509&did=i5iSjo&z=396059836

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 21:22:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 38773
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 34ms
31ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2053376196&t=event&ni=1&_s=14&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=521560443-MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20&el=Control%20Group%3A%20No%20Action&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=510490145.1677744509&tid=UA-24844488-1&_gid=107326882.1677744509&did=i5iSjo&z=1027719137

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 21:22:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 38773
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 34ms
32ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2053376196&t=event&ni=1&_s=15&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=521560443-MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20&el=Control%20Group%3A%20No%20Action&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=510490145.1677744509&tid=UA-24844488-1&_gid=107326882.1677744509&did=i5iSjo&z=2135692677

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 21:22:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 38773
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 51ms
49ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2053376196&t=event&ni=1&_s=16&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=521560443-MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20&el=Control%20Group%3A%20No%20Action&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=510490145.1677744509&tid=UA-24844488-1&_gid=107326882.1677744509&did=i5iSjo&z=1366729375

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 21:22:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 38773
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 51ms
49ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2053376196&t=event&ni=1&_s=17&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=521560443-MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20&el=Control%20Group%3A%20No%20Action&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=510490145.1677744509&tid=UA-24844488-1&_gid=107326882.1677744509&did=i5iSjo&z=441416423

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 21:22:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 38773
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 51ms
50ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2053376196&t=event&ni=1&_s=18&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=521560443-MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20&el=Control%20Group%3A%20No%20Action&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=510490145.1677744509&tid=UA-24844488-1&_gid=107326882.1677744509&did=i5iSjo&z=1641043752

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 21:22:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 38773
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 52ms
50ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2053376196&t=event&ni=1&_s=19&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=521560443-MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20&el=Control%20Group%3A%20No%20Action&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=510490145.1677744509&tid=UA-24844488-1&_gid=107326882.1677744509&did=i5iSjo&z=1601516209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 21:22:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 38773
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 52ms
50ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2053376196&t=event&ni=1&_s=20&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Test&ea=521560443-MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20&el=Control%20Group%3A%20No%20Action&_u=YEBAAAIJQAAAACAAI~&jid=&gjid=&cid=510490145.1677744509&tid=UA-24844488-1&_gid=107326882.1677744509&did=i5iSjo&z=1102451616

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 21:22:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 38773
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.3bdf981e73ecd1bf9fca.js Show response
script.hotjar.com/ 263 KB
68 KB 55ms
8ms Script
application/javascript 13.224.189.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.3bdf981e73ecd1bf9fca.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1196013.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-42.fra2.r.cloudfront.net

Software

Resource Hash

5cfe66ee024c0c4640ab3f01e85b885bf78a44e65ac037af6c5d1d1d5c15907e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 09:09:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 f046bfa1468bb4385e357c8c9128cf50.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 255562
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68683
last-modified: Mon, 27 Feb 2023 09:08:08 GMT
etag: "ebfd5ece1732ea77a9b33e8ec7afb91a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: K3ll1dXGqdl2bMbE6mhFlJJaIEq7U_UO_dIDS5K1Vc0a2v1jTwxavg==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 48ms
17ms XHR
text/plain 2a00:1450:4025:402::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-24844488-1&cid=510490145.1677744509&jid=1961855244&gjid=673244493&_gid=107326882.1677744509&_u=YEBAAAIIQAAAACAAI~&z=852467676

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kanui.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 02 Mar 2023 08:08:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kanui.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 5488107.js Show response
bat.bing.com/p/action/ 0
119 B 115ms
114ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5488107.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 02 Mar 2023 08:08:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D57A5985D16B49BDBFF9B6E4F7181177 Ref B: FRA31EDGE0613 Ref C: 2023-03-02T08:08:28Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
287 B 32ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5488107&Ver=2&mid=0e63b275-e713-4427-a4fd-fd540d9582f1&sid=6a1cb860b8d111edaf1223fa59c3c631&vid=6a1ce640b8d111ed9909e5efc848a579&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis,%20Roupas%20Esportivas,%20Acess%C3%B3rios%20e%20Mais.&p=https%3A%2F%2Fwww.kanui.com.br%2F&r=&lt=3617&evt=pageLoad&sv=1&rn=119522

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 02 Mar 2023 08:08:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 84C08AFEA2C74A87A3DE1062C67C911C Ref B: FRA31EDGE0613 Ref C: 2023-03-02T08:08:28Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 46ms
46ms XHR
text/plain 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2053376196&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAAIJQAAAACAAI~&jid=1962884214&gjid=255992240&cid=510490145.1677744509&tid=UA-86950572-1&_gid=107326882.1677744509&_r=1&_slc=1&gtm=45He32r0n81KBHCZ4N&did=i5iSjo&z=1859673246

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kanui.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kanui.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 90ms
23ms Script
text/javascript 2a00:1450:400d:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.kanui.com.br
URL: https://www.kanui.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 Mar 2023 06:30:34 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5874
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Thu, 02 Mar 2023 08:30:34 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 37ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-44NBXM9HZG&gtm=45je32r0&_p=2053376196&_gaz=1&cid=510490145.1677744509&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&cu=BRL&sid=1677744508&sct=1&seg=0&dl=https%3A%2F%2Fwww.kanui.com.br%2F&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&en=page_view&_fv=1&_ss=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-44NBXM9HZG&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kanui.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 18ms
17ms Ping
text/plain 2a00:1450:4025:402::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-44NBXM9HZG&cid=510490145.1677744509&gtm=45je32r0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-44NBXM9HZG&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kanui.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 115ms
47ms Image
image/gif 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-44NBXM9HZG&cid=510490145.1677744509&gtm=45je32r0&aip=1&z=393891064

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 114ms
48ms Image
image/gif 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-24844488-1&cid=510490145.1677744509&jid=1961855244&_u=YEBAAAIIQAAAACAAI~&z=1328136363

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 105ms
47ms Image
image/gif 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-24844488-1&cid=510490145.1677744509&jid=1961855244&_u=YEBAAAIIQAAAACAAI~&z=1328136363

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2023022701.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
130 KB 129ms
24ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js?cb=31072759

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6265a847e8ef645ae49eefb6efdd0659672dd17c55167c74bb067750daa399f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 15:56:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144704
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132634
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 09:35:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 28 Feb 2024 15:56:44 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 95 B
615 B 160ms
56ms XHR
application/json 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.kanui.com.br

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d1011ed38488c5f0a9b8c921a6448218d4ae328a2d4b3a8db4af44eb9521358

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73
x-xss-protection: 0
expires: Thu, 02 Mar 2023 08:08:28 GMT

POST
H2 200 /
eum-orange-saas.instana.io/ 0
130 B 198ms
114ms Ping
text/plain 34.120.4.21
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://eum-orange-saas.instana.io/
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.4.21 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 21.4.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kanui.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 02 Mar 2023 08:08:28 GMT
cache-control: no-cache, no-store
via: 1.1 google
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/1012508079/ 42 B
154 B 50ms
48ms Image
image/gif 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1012508079/?random=1677744508447&cv=11&fst=1677744000000&bg=ffffff&guid=ON&async=1&gtm=45He32r0&u_w=1600&u_h=1200&label=GNVwCLnZ-gIQr8vm4gM&frm=0&url=https%3A%2F%2Fwww.kanui.com.br%2F&tiba=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&data=ecomm_pagetype%3Dhome&fmt=3&is_vtc=1&random=3847477326&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1012508079/ 42 B
154 B 51ms
50ms Image
image/gif 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1012508079/?random=1677744508447&cv=11&fst=1677744000000&bg=ffffff&guid=ON&async=1&gtm=45He32r0&u_w=1600&u_h=1200&label=GNVwCLnZ-gIQr8vm4gM&frm=0&url=https%3A%2F%2Fwww.kanui.com.br%2F&tiba=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&data=ecomm_pagetype%3Dhome&fmt=3&is_vtc=1&random=3847477326&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 log Show response
pond.datajet.io/1.0/ 16 B
249 B 290ms
32ms XHR
application/javascript 52.209.30.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pond.datajet.io/1.0/log?key=tbKXv0Wxvo3gqHPZy1y6yrkM3eUZ5r4&p=%7B%22event%22%3A%22pageview%22%2C%22payload%22%3A%5B%7B%22pageName%22%3A%22Index%22%2C%22ET%22%3A%22cmspage%22%2C%22brandName%22%3A%22%22%2C%22pageCategorySubcategoryBrand%22%3A%22%22%2C%22pageType%22%3A%22%22%2C%22skuTop3%22%3A%5B%22%22%2C%22%22%2C%22%22%5D%2C%22wt_cc1%22%3A%22%22%2C%22wt_cc2%22%3A%22%22%2C%22wt_cc3%22%3A%22%22%2C%22wt_cc4%22%3A%22%22%2C%22wt_cc5%22%3A%22%22%2C%22wt_cc6%22%3A%22%22%2C%22keyword%22%3A%22%22%2C%22googleRemarketingLabel%22%3A%22UWWxCIyIlAIQ5NyG1gM%22%7D%2C%5B%5D%2C%5B%5D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22Test%20A%2FB%20-%20Best%20Homepage%20-%20Homes%20-%20(15%2F08%2F18)%22%2C%22eventLabel%22%3A%22Home%20Mista%20-%20Desktop%20-%2021%2F11%2F22%20(Homepage)%22%2C%22gtm.uniqueEventId%22%3A1%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Action%22%2C%22eventAction%22%3A%22PCI%20-%20teste%20A%2FB%22%2C%22eventLabel%22%3A%22add%20cookie%20(true)%22%2C%22gtm.uniqueEventId%22%3A4%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22unique-selling-proposition%20(tarja%20usp)%22%2C%22eventLabel%22%3A%22USP%20-%20Desktop%20-%2008%2F11%2F22%20(USP)%22%2C%22gtm.uniqueEventId%22%3A7%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22cluster-conteudo%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20Liquida%20Ver%C3%A3o%20-%2013%2F02%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A10%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22cluster-conteudo%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20Liquida%20Ver%C3%A3o%20-%2013%2F02%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A13%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22cluster-conteudo%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20Liquida%20Ver%C3%A3o%20-%2013%2F02%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A16%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22cluster-conteudo%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20Liquida%20Ver%C3%A3o%20-%2013%2F02%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A19%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22cluster-conteudo%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20Liquida%20Ver%C3%A3o%20-%2013%2F02%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A22%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22after-header-homepages%22%2C%22eventLabel%22%3A%22ALL%20HOMES%20-%20Gerando%20Falc%C3%B5es%20-%2014%2F02%20(NA-NA-BRF01-AcaoGerandoFalcoes)%22%2C%22gtm.uniqueEventId%22%3A25%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22categorias-homepage%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A28%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22categorias-homepage%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A31%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22categorias-homepage%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A34%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22categorias-homepage%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A37%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22categorias-homepage%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A40%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22categorias-homepage%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A43%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22categorias-homepage%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A46%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22categorias-homepage%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A49%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22categorias-homepage%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A52%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22categorias-homepage%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A55%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22categorias-homepage%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20Natal%20-%2029%2F11%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A58%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22cluster-skus%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20GDocs%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A61%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22cluster-skus%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20GDocs%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A64%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22cluster-skus%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20GDocs%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A67%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22cluster-skus%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20GDocs%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A70%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22cluster-skus%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20GDocs%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A73%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22cluster-skus%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20GDocs%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A76%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22cluster-skus%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20GDocs%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A79%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22cluster-skus%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20GDocs%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A82%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22cluster-skus%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20GDocs%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A85%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22cluster-skus%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20GDocs%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A88%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22cluster-skus%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20GDocs%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A91%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22cluster-skus%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20GDocs%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A94%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22cluster-novidades%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20Liquida%20Ver%C3%A3o%20-%2014%2F02%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A97%7D%2C%7B%22event%22%3A%22GAEvent%22%2C%22eventCategory%22%3A%22DY%20Smart%20Object%22%2C%22eventAction%22%3A%22cluster-novidades%22%2C%22eventLabel%22%3A%22MASCULINO%20-%20besthomepage%20-%20Liquida%20Ver%C3%A3o%20-%2014%2F02%20(Control%20Group%3A%20No%20Action)%22%2C%22gtm.uniqueEventId%22%3A100%7D%2C%5B%5D%2C%5B%5D%2C%7B%22gtm.start%22%3A1677744508197%2C%22event%22%3A%22gtm.js%22%2C%22gtm.uniqueEventId%22%3A103%7D%2C%7B%22event%22%3A%22gtm.dom%22%2C%22gtm.uniqueEventId%22%3A126%7D%2C%7B%22event%22%3A%22gtm.load%22%2C%22gtm.uniqueEventId%22%3A127%7D%2C%7B%22event%22%3A%22gtm.js%22%2C%22gtm.uniqueEventId%22%3A128%7D%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.kanui.com.br%2F%22%2C%22url_referrer%22%3A%22%22%2C%22local_timestamp%22%3A1677744508681%2C%22client%22%3A%7B%22platform%22%3A%22Win32%22%2C%22agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.177%20Safari%2F537.36%22%7D%2C%22consumer_id%22%3A%22tbKXv0Wxvo3gqHPZy1y6yrkM3eUZ5r4%22%2C%22bid%22%3A%2234e661d21b52eb5018c2ce408a9431f8%22%7D
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.30.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-30-249.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 317d808c8d92f3485f748223ac58434addf9fca51c5e46a7c8960dedec53e96d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://www.kanui.com.br
date: Thu, 02 Mar 2023 08:08:29 GMT
access-control-allow-credentials: true
content-length: 16
content-type: application/javascript

GET
H2 204 1196013 Show response
vc.hotjar.io/sessions/ 0
255 B 90ms
33ms XHR
text/plain 13.225.78.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1196013?s=0.25&r=0.17570294786752316
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-105.fra2.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:29 GMT
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: C2oGJ86i4hCRSopvBBDc9PGcz9F4-90KhiBfBH1p6QziNDqEE9nsJA==

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
197 B 44ms
44ms Image
image/gif 2a00:1450:400d:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=95491884&utmhn=www.kanui.com.br&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&utmhid=2053376196&utmr=-&utmp=%2F&utmht=1677744509017&utmac=UA-24844488-4&utmcc=__utma%3D227738178.510490145.1677744509.1677744509.1677744509.1%3B%2B__utmz%3D227738178.1677744509.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1998659887&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAABAAAE~

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK nmg_tag.json Show response
colrep.sitelabweb.com/ 89 B
513 B 94ms
7ms Script
application/json 3.122.81.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://colrep.sitelabweb.com/nmg_tag.json
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.81.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-81-162.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 25da12fc31fc9fa0ff52291ab2922f620fda69977a55e1521f48f1b92990b4f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 08:08:29 GMT
Server: nginx
etag: 613-1677744509.114-43f3e042e32ba0b5c271a038552a4ecc-533
Access-Control-Allow-Methods: POST,GET,OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
cache-control: max-age=31536000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With,Content-Type
Content-Length: 89

GET
H2 200 main.MTE3ZGZjMmFkMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 238 KB
65 KB 31ms
31ms Script
application/javascript 2.23.97.97
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9UKI83C77UCFR8RC6JG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.97 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-97.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a6563f1b77608e27cb823aeea1c95a4db298557918d9ed6e8e9db5160d8aabdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-akamai-request-id: a224bb82
date: Thu, 02 Mar 2023 08:08:29 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023022114532425F59E44AB664D2A2985
vary: Accept-Encoding
x-cache: TCP_HIT from a2-23-97-93.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 018d7917d3add05ae924503078f5adf5d51e5d2cc3ace9c757846efa3890a8255273266fa4d7a5b5e3e02ea43d754ce060f8fbab305c6479ba0952a7dabfa3c7a0c2b18dd00ba943e3d60eea7e23b57db01c5ccae3e9ec752ea4aa39a7bffceaab
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=3
content-length: 66119

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 133ms
48ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.kanui.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js?cb=31072759

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 128ms
47ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.kanui.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js?cb=31072759

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 71 KB
23 KB 395ms
395ms XHR
text/plain 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3892986568155865&correlator=3227554112659920&eid=31072019%2C31072759%2C44752585%2C21065724&output=ldjh&gdfp_req=1&vrg=2023022701&ptt=17&impl=fifs&iu_parts=98468451%2CKANUUI_HOME&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=728x90%2C300x250%2C300x250%2C300x250&ifi=1&adks=3254371550%2C2490721833%2C2490721832%2C2490721835&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1677744509067&lmt=1677744509&dlt=1677744505895&idt=3143&adxs=206%2C330%2C650%2C970&adys=3454%2C3399%2C3399%2C3399&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C3%7C4&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.kanui.com.br%2F&frm=20&vis=1&psz=1188x35%7C320x0%7C320x0%7C300x0&msz=1188x0%7C300x0%7C300x0%7C300x0&fws=4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600&ga_vid=510490145.1677744509&ga_sid=1677744509&ga_hid=2053376196&ga_fc=true

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19540b1f104f27709a4566be68a8a2f231c22a1be2c32cadeaf0c34726f03045

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23217
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kanui.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 82ms
70ms XHR
application/json 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023022701&st=env

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9eca60bfa621ca629f50e003001da5eccfa5172751bfa1360f26ad345dc0cfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11315
x-xss-protection: 0

GET
H2 200 container.html Show response
01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8D6D 6 KB
3 KB 193ms
55ms Document
text/html 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js?cb=31072759

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kanui.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 08:08:29 GMT
expires: Fri, 01 Mar 2024 08:08:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK LDADJEF833.json Show response
wkxppshj-qx.global.ssl.fastly.net/ 41 KB
24 KB 8ms
8ms Script
application/x-javascript 151.101.129.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://wkxppshj-qx.global.ssl.fastly.net/LDADJEF833.json

Requested by

Host: www.kanui.com.br
URL: https://www.kanui.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7d7690bb92a5a174e21159de1e86c5b155e5fe9e418077a0a553a34856ec19e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Via: 1.1 varnish
Date: Thu, 02 Mar 2023 08:08:29 GMT
Age: 1227
x-amz-server-side-encryption: AES256
X-Cache: HIT
Connection: keep-alive
Content-Length: 23483
X-Served-By: cache-hhn-etou8220045-HHN
Last-Modified: Tue, 24 Jan 2023 10:46:14 GMT
X-Timer: S1677744509.097757,VS0,VE1
ETag: "43ccc4206f6c064b5b811a54ade4055d"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7F92 15 KB
6 KB 42ms
14ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.kanui.com.br&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

97d67f8c2575e19d30ae28a32bad7610849e0e56c81ca66e51178124a5c5eed2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.kanui.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 08:08:29 GMT
server: Kestrel
server-processing-duration-in-ticks: 366528
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
218 B 104ms
24ms XHR
text/plain 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=8&cb=72307269785

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.kanui.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 02 Mar 2023 08:08:28 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://www.kanui.com.br
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 identify_cab4d.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 27ms
26ms Script
application/javascript 2.23.97.97
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_cab4d.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.97 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-97.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-akamai-request-id: a224bc0e
date: Thu, 02 Mar 2023 08:08:29 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023022114532525F59E44AB664D2A29A1
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-23-97-93.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 018d7917d3add05ae924503078f5adf5d51e5d2cc3ace9c757846efa3890a8255273266fa4d7a5b5e3e02ea43d754ce0603ebef0d9cd17df1c73dbbc3d19fda9179d02ba7781121896b6551c93f53e89a320d6fc0807eed897567b9154336a1679
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=9
content-length: 30763

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
549 B 147ms
147ms Ping
text/plain 2.23.97.97
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.97 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-97.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kanui.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
x-akamai-request-id: a224bc3c
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20230302080829ADE5779106D1922AC69C
x-cache: TCP_MISS from a2-23-97-93.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 116,2.23.97.93
x-tt-trace-host: 01ca5754d83224ad6ee886f811f65003081cd5978f030db6383021473396d73a3adb1a333a0c89955e3a3d5e80316f0731f63e6632d821b1172b41994763c632f92645656d4691b60ba8bcf08242d8f01a1382e02161ba9230f09d89d29bba8ddd
server-timing: inner; dur=17, cdn-cache; desc=MISS, edge; dur=6, origin; dur=116
content-length: 0
expires: Thu, 02 Mar 2023 08:08:29 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 184ms
104ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js?cb=31072759

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 08:08:29 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 7F92
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=kanui.com.br&sn=ChromeSyncframe&so=0&topUrl=www.kanui.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=_AzRZHxQVWVXMVcyeDg0b25DTTJVK3ZZdEdnVFVJdVBiOWhMTnZtNmJCV09PNm1SbWtkV2d2MVUyNFZwY3YwRXMwWFhoSGV3MnZ2RUN3dDF6VWFmT0dGNElWamEyVHVVZHYycGlVUzkyOTdMSHh6RHAyWHlYV3hrelBaSn...

438 B
653 B

643ms
172ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=_AzRZHxQVWVXMVcyeDg0b25DTTJVK3ZZdEdnVFVJdVBiOWhMTnZtNmJCV09PNm1SbWtkV2d2MVUyNFZwY3YwRXMwWFhoSGV3MnZ2RUN3dDF6VWFmT0dGNElWamEyVHVVZHYycGlVUzkyOTdMSHh6RHAyWHlYV3hrelBaSnpUNlJTS01WeDdlZmNESDBaL2RmT3RTZ2dXSElUZE1vNnlIKzZoVnRqMVhPbjV0RG5CcTJvSlA5b09IbkdjYTlhN0FGallQa01TUk12ZFMyTzBqKy9XVUJlQXZQem0wTDRXK1VwUncvZGFjTlFTMnZEdG5qU0FVRGE5NW5xcU94dmRjbTdXN2YzKzFMT2hkNXZKWlNSUWFwMGdMQ256Zz09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fd83afd7d6dca40a1d4f9b0e0a5b33a93f099f7f41e7a6c0d489abe83870adf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2500911
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:28 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=_AzRZHxQVWVXMVcyeDg0b25DTTJVK3ZZdEdnVFVJdVBiOWhMTnZtNmJCV09PNm1SbWtkV2d2MVUyNFZwY3YwRXMwWFhoSGV3MnZ2RUN3dDF6VWFmT0dGNElWamEyVHVVZHYycGlVUzkyOTdMSHh6RHAyWHlYV3hrelBaSnpUNlJTS01WeDdlZmNESDBaL2RmT3RTZ2dXSElUZE1vNnlIKzZoVnRqMVhPbjV0RG5CcTJvSlA5b09IbkdjYTlhN0FGallQa01TUk12ZFMyTzBqKy9XVUJlQXZQem0wTDRXK1VwUncvZGFjTlFTMnZEdG5qU0FVRGE5NW5xcU94dmRjbTdXN2YzKzFMT2hkNXZKWlNSUWFwMGdMQ256Zz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 366758
content-length: 0
expires: 0

GET
H2 200 sid Show response
session.sitelabweb.com/ 197 B
367 B 190ms
36ms XHR
application/json 52.209.246.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://session.sitelabweb.com/sid?userId=613-1677744509.114-43f3e042e32ba0b5c271a038552a4ecc-533&clientTag=DADJEF833
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.246.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-246-127.eu-west-1.compute.amazonaws.com
Software: nginx / Express
Resource Hash: f575632892d61be95912442a17eef76b765dc85b9e300618645bb8afdad91cd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 02 Mar 2023 08:08:29 GMT
server: nginx
x-powered-by: Express
content-length: 197
etag: W/"c5-qOF3w/XjOBlDKAc1HB+I11tpNjQ"
content-type: application/json; charset=utf-8

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 48ms
48ms Ping
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kanui.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.kanui.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1B16 13 KB
5 KB 24ms
22ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kanui.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 8922
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 05:39:47 GMT
expires: Fri, 01 Mar 2024 05:39:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 215A 783 B
954 B 46ms
45ms Document
text/html 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

42972e6187b97f00dca7551ab8d5b9e6a500960125174592940ac023720b3426

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mO51RMumk7gpjjFtaFbuxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kanui.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-mO51RMumk7gpjjFtaFbuxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 08:08:29 GMT
expires: Thu, 02 Mar 2023 08:08:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js Show response
pagead2.googlesyndication.com/bg/ Frame 1B16 36 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f618aeae3ef8800f20ca9e7b2313104b64c81e24aad04f306665e66555f6b09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:39:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48557
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14309
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 18:39:12 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 215A 0
0 54ms
54ms Image
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023022701&jk=3892986568155865&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 container.html Show response
01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3C87 6 KB
3 KB 24ms
23ms Document
text/html 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js?cb=31072759

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kanui.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 08:08:29 GMT
expires: Fri, 01 Mar 2024 08:08:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 70C9 6 KB
3 KB 23ms
22ms Document
text/html 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js?cb=31072759

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kanui.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 08:08:29 GMT
expires: Fri, 01 Mar 2024 08:08:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A797 6 KB
3 KB 23ms
22ms Document
text/html 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js?cb=31072759

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kanui.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 08:08:29 GMT
expires: Fri, 01 Mar 2024 08:08:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 16ED 6 KB
3 KB 23ms
22ms Document
text/html 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js?cb=31072759

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kanui.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 08:08:29 GMT
expires: Fri, 01 Mar 2024 08:08:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 98DD 624 B
307 B 63ms
61ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjkifncATAB&v=APEucNWq14ms67SqgF8DbeL5eynrHBrMgUpKDZgagai5KjeOKJPKVhzZjLi2EwTGk4CZYeSiX68MDn6Qz4GynrCDycRJQEKZ_e3Qlc-mlG3Gy4qEjJn-zE1ZYZyXoYUgxFZ3IcmZiAp3ehd2Xfv1fU-LP9KYn7OaVx3ZTh7v6LJxPZTIF0NOrf8

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 08:08:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3C87 78 KB
27 KB 67ms
66ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 08:08:29 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C87 42 B
63 B 56ms
54ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ca6zf5oGcK1_DDisc5kAJV0u5ZrIM4jr7mssSqpBybM1hbuBMSov3mccYxxpBtH8qDLfclTrnddEpILnvhkrdCiQsRRSq4q6Wobbx2Mz8MLwLXY0Q

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C87 0
20 B 56ms
54ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3408243638496263281&x=1&ct=76

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 3C87 3 KB
1 KB 25ms
22ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 04:59:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11320
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 04:59:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 3C87 20 KB
8 KB 25ms
23ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:40:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:40:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3C87 0
0 48ms
46ms Image
text/html 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQA70cXOtVuF36TH2y7K6l0s4Ei31ioVPWVBhz_rTKK9zS7FPrYzSPLyTpR1SIikYXH8uLNPk7XVt__460ilz9rlaAbSg
Requested by: Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3C87 158 KB
49 KB 98ms
96ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 08:08:29 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 72E0 640 B
308 B 62ms
60ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj5oqp5MAE&v=APEucNUgeFB-aTvvHdbJObHJ5heuGjfDU4tcTZPAXVWY1c4uIMMcmensNj5cTf2POsfYuOihfxDIptLO_c-tKMHZaveGF39J9R4ASvrxxKkzdlIO9mZ5JnJpdDWa84hsodIPSvsPHqqmkZeo_qzlZBnw-Ue_AAlGoUfm6UpVJ_jV9CcAaHJx6pA

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 08:08:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 70C9 78 KB
27 KB 128ms
128ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 08:08:29 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 70C9 42 B
63 B 67ms
65ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C0hazcdxqXBu-WZLa3lg-GUFBAKl9cIv4sf6Y5Kz11GhXZsDZkJRbe_apNInKlYrI4XbROf2LH3d1OiCAtnNQYVHVsqy_ntXZHtxvRk1QC93wlHCg

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 70C9 0
20 B 66ms
65ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10617340565257706804&x=1&ct=76

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 70C9 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 04:59:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11320
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 04:59:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 70C9 20 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:40:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:40:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 70C9 0
0 46ms
46ms Image
text/html 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT3iOVWSdB0yqy8u7yInodIhuogNdnNmqo6wWMEEqTj5-8sLzxV54lkGlXqFdd6PQumYxffqOkFJ_QZvrJNbaGAyaNm_w
Requested by: Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 70C9 158 KB
48 KB 162ms
161ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 08:08:29 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B2C8 466 B
281 B 64ms
63ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj5oqp5MAE&v=APEucNXG4o_uIJLkYem8tgIVQNQ6bAYgdmkYj-R2MrP03a7Lwp6SsAVqwluOX9l-K5RZ1lxICxTBo9E8jTmYa1DTyI03oLpyqn6PzO0uwMDamFfkYdzi22mRihbfTEBAAnZWI4COaYvUZmynH8RQEa0Bxt7ql0o1Zc9GLkIk46XL0gBHHwoinsM

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 08:08:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A797 78 KB
27 KB 124ms
124ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 08:08:29 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A797 42 B
63 B 65ms
64ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DLPwYkkOKSpivKmw2tl6efKwVHP-TYwLBF1MNfeb0dmIFvu7ziYQj70A4_0uZHPbHQtV2LXBX8SnnLxqMLr4UqtVcRU7iiHPjwz4cv5V06kemn7Gc

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A797 0
20 B 65ms
64ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4247703355001758779&x=1&ct=76

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame A797 3 KB
1 KB 29ms
28ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 04:59:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11320
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 04:59:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame A797 20 KB
8 KB 25ms
24ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:40:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:40:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A797 0
0 46ms
46ms Image
text/html 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSI4zDnJapy3txUyCBp39VRw-SzqoYMNGUE4m9rXqVTaLCR1DPySAzyl52ZLF-4r6VGmt_BbqnuGUj_nvZJilY4irOqqg
Requested by: Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A797 158 KB
48 KB 164ms
164ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 08:08:29 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8A45 466 B
278 B 64ms
60ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj5oqp5MAE&v=APEucNUKl6XgaPLJ8fJPhK2_uMQXL2Z718nm9ki0g7qDr5F3_Pcrz2zvR5N0OlGVzMjxyuFYA-E5Ly7tsh3PLfQj7bbCC82BK88WwhzUUXy-srPMpLI-A52hGtYGXfwv9THsHFeGtPo6EVRYxZkyPRR7ciIpABYOM3dUSW52bRq04G-cMC9g5IY

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 08:08:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 16ED 78 KB
27 KB 124ms
124ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 08:08:29 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 16ED 42 B
63 B 60ms
58ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B5mKDfPvOKS4R2tSL6GRXdlWC9Kuq_CdZbIT8j8Rs-OJFYRbHBAl_l7kiqTlvBWDEBuFt63S-q2m3IEVVcV6hSQO1T8igK5vb6AHm6yzZcf7y8G8s

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 16ED 0
20 B 61ms
59ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8442294703749423953&x=1&ct=76

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 16ED 3 KB
1 KB 24ms
22ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 04:59:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11320
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 04:59:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 16ED 20 KB
8 KB 24ms
23ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:40:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:40:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 16ED 0
0 48ms
47ms Image
text/html 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSM2j4wtMatUsvBtOrzGXnF6acuxAgjGQt2oHIFA8BcL2G3h0SzD-uRGa9yDBbdjjLNiKzUAl80ib_EfbHA77gWfR7qnw
Requested by: Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 16ED 158 KB
48 KB 141ms
138ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 08:08:29 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1B16 0
10 B 24ms
24ms Image
text/plain 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?kJIKvQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 98DD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGWw2blSMZNL_Q-LfNq9iM&google_cver=1

43 B
766 B

14ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGWw2blSMZNL_Q-LfNq9iM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjkifncATAB&v=APEucNWq14ms67SqgF8DbeL5eynrHBrMgUpKDZgagai5KjeOKJPKVhzZjLi2EwTGk4CZYeSiX68MDn6Qz4GynrCDycRJQEKZ_e3Qlc-mlG3Gy4qEjJn-zE1ZYZyXoYUgxFZ3IcmZiAp3ehd2Xfv1fU-LP9KYn7OaVx3ZTh7v6LJxPZTIF0NOrf8
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 08:08:29 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGWw2blSMZNL_Q-LfNq9iM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 98DD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZABZfRnE7DVKtaD5T6KZGAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGWw2blSMZNL_Q-LfNq9iM&google_cver=1

43 B
766 B

10ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGWw2blSMZNL_Q-LfNq9iM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjkifncATAB&v=APEucNWq14ms67SqgF8DbeL5eynrHBrMgUpKDZgagai5KjeOKJPKVhzZjLi2EwTGk4CZYeSiX68MDn6Qz4GynrCDycRJQEKZ_e3Qlc-mlG3Gy4qEjJn-zE1ZYZyXoYUgxFZ3IcmZiAp3ehd2Xfv1fU-LP9KYn7OaVx3ZTh7v6LJxPZTIF0NOrf8
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 08:08:29 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHGWw2blSMZNL_Q-LfNq9iM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 98DD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMgEbTRSRRK7BdVQJY4PTaU&google_cver=1

43 B
1 KB

14ms
8ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMgEbTRSRRK7BdVQJY4PTaU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjkifncATAB&v=APEucNWq14ms67SqgF8DbeL5eynrHBrMgUpKDZgagai5KjeOKJPKVhzZjLi2EwTGk4CZYeSiX68MDn6Qz4GynrCDycRJQEKZ_e3Qlc-mlG3Gy4qEjJn-zE1ZYZyXoYUgxFZ3IcmZiAp3ehd2Xfv1fU-LP9KYn7OaVx3ZTh7v6LJxPZTIF0NOrf8

Protocol

HTTP/1.1

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 08:08:29 GMT
AN-X-Request-Uuid: 1f8c5bf8-1c35-4dd4-abd2-33cb096324f2
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMgEbTRSRRK7BdVQJY4PTaU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 98DD
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA0MTc1MjA0MTQ2NDc5NzA1OQ%3D%3D

170 B
243 B

66ms
49ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA0MTc1MjA0MTQ2NDc5NzA1OQ%3D%3D

Requested by

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 02 Mar 2023 08:08:29 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: e3ef264b-5bd5-4ead-95d0-f3872126a988
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA0MTc1MjA0MTQ2NDc5NzA1OQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 72E0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPBE3woYCHUk9nvQHm7zO8E&google_cver=1

43 B
114 B

31ms
23ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPBE3woYCHUk9nvQHm7zO8E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj5oqp5MAE&v=APEucNUgeFB-aTvvHdbJObHJ5heuGjfDU4tcTZPAXVWY1c4uIMMcmensNj5cTf2POsfYuOihfxDIptLO_c-tKMHZaveGF39J9R4ASvrxxKkzdlIO9mZ5JnJpdDWa84hsodIPSvsPHqqmkZeo_qzlZBnw-Ue_AAlGoUfm6UpVJ_jV9CcAaHJx6pA
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPBE3woYCHUk9nvQHm7zO8E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 72E0 43 B
304 B 76ms
23ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj5oqp5MAE&v=APEucNUgeFB-aTvvHdbJObHJ5heuGjfDU4tcTZPAXVWY1c4uIMMcmensNj5cTf2POsfYuOihfxDIptLO_c-tKMHZaveGF39J9R4ASvrxxKkzdlIO9mZ5JnJpdDWa84hsodIPSvsPHqqmkZeo_qzlZBnw-Ue_AAlGoUfm6UpVJ_jV9CcAaHJx6pA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 72E0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEO8WOK3KP5vLWoMdJB1Ftso&google_cver=1

23 B
172 B

127ms
63ms

Image
image/gif

23.203.125.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEO8WOK3KP5vLWoMdJB1Ftso&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj5oqp5MAE&v=APEucNUgeFB-aTvvHdbJObHJ5heuGjfDU4tcTZPAXVWY1c4uIMMcmensNj5cTf2POsfYuOihfxDIptLO_c-tKMHZaveGF39J9R4ASvrxxKkzdlIO9mZ5JnJpdDWa84hsodIPSvsPHqqmkZeo_qzlZBnw-Ue_AAlGoUfm6UpVJ_jV9CcAaHJx6pA
Protocol: H2
Server: 23.203.125.36 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-36.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Thu, 02 Mar 2023 08:08:29 GMT
pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEO8WOK3KP5vLWoMdJB1Ftso&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 72E0 23 B
172 B 230ms
63ms Image
image/gif 23.203.125.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj5oqp5MAE&v=APEucNUgeFB-aTvvHdbJObHJ5heuGjfDU4tcTZPAXVWY1c4uIMMcmensNj5cTf2POsfYuOihfxDIptLO_c-tKMHZaveGF39J9R4ASvrxxKkzdlIO9mZ5JnJpdDWa84hsodIPSvsPHqqmkZeo_qzlZBnw-Ue_AAlGoUfm6UpVJ_jV9CcAaHJx6pA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.125.36 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-36.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Thu, 02 Mar 2023 08:08:29 GMT
pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C87 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6063226593935&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C87 0
20 B 69ms
69ms Ping
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6063226593935&version=m202301230201&ct=76&x=1&cor=3408243638496263000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3C87 84 KB
35 KB 83ms
83ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BreUzrEWxOeEo7c7teQQ78_bPqfkZuSjS2scPyGJ2AM7EuXr5BWnvLzAU6VjfgMh3ljV7w_2ZC-rVoEamHAV8PkSpFEYybjURZsLuc-2nKDnASALI&cry=1&dbm_d=AKAmf-Bdud3C1wrf0-YVYaMwfzq7WZVmZlmUHve3NL9XBcN_FwliZxN8iFRZ0kqzb06AOj-IX4kHNMPDdApBHqP4fmC9FZWefmWyVj1YG8PXzvSPUYGmA0x3opEj9jvu863HXNbBIsZA6ybTeTyBjqGoRs1m5gDdkNEnMkpip1F-txjrYKRtW0uad4Sk8ti3lcgudiJDTaMFfB8HJB1QOz00v1iT6df7vf37JISgoh3GR5rbjh_QJcnv2K_-1knxpPP5rBZ-3D_tgtkvoO2-nfFlWdX6MG4s9Srg3Q0N51DtjPsx-Y2e599Wy6neycScUc1drH42hrrMRuwK_ixP0hXH_Smc89-yCDJx7PZUJGnngt9QqDy14yGq-TEsBWSzZJp4lMV2Odw84hovjpRNixPIxB6kpbTpbT8GOabeTniaDILwzuYC7G2v8Snd5OLWEDFiyW4WwYCPohi1TeLMZPaAVNOYPbEsVcFg5XuZe0PexaIgnQHeYjhcO8im4poubtUD3I_jDcJLWXOK4FpCQf6HrHGbgTcBcAVhxCs--BKxHRpz0qCUyJG3ndlivGPckUNcqt4PRG7AJyYZ-Fw17okxpdR3fqIC8hn59PCsOsHU6mRcCoJYhwzJnRmzDEr8uI6EtD4G6QPsYzPKE3Lp8V6okppkg2smZfbDuzW55etLaCzfJZSEy6Rjm5JFWdj8jEDVUMEuffP_ms7-bcQnmDn5d8qDpZnI9hLLJyGQTFQxuuxw65RtpzWyBMMcL76Bs114Ja6pcgDY4pmM2eofSJPxWQEPlSptxp6BAJjGdcaamtxZr0vUyfclLctI8-ImDM5arWa058q8TmffiPv6cSyWHTaBq4fDKNtSrH8jwm-l5z_52nUCtl82DuSpC4OhrQ7Jt8dbC0B3LXIRX_2YvuCKlOe2A9hdJ_Nswh9nBAgdrFwfdvGn8YoDQUXdESWyqUiuoP71tCPb6cLVaMC2jJ4eOccP4wd68xOQHhjWg0OZdWe-jY8VHtXMzvZyu9SPP-ve4rq7Hpj5-B5RT_VZ13-k7XR1Wxb8seEsnRxYc-emwBv7yOeTM0jglB3KaYl3PSojR1P2zbJYm6fmPsd13HjUsoC0-MAVRB97Gh5ri8UQJqHMwyCSVxig2PApfDYE_PKeNmPS9cvQU7VzrDmF7lBWP9IM0AzuRSrg0P5k5mIyqUW4cbMN6GIGeOflluAn8zdbyyZ-y8DTHtdPCVxzIuRwOLkm355cs6-4MaHGTEXtUcb9XmASf9ddyBRo4On3bhQsg6fY4kLmXaTwA7XW-PScha81zF95utflXLGnX7EIlxKEwjXnrwkmPC9TgYHd6C8x3grxLFYnee6m4BX_nqSFyT4FPKcW4orXnLVoW-F7eReMmI67wS_d1Ic7CajoEwOI79Z-VB4YcfijMO6g1-UfObW8trpucDWWN9HbO668qjVagGfSbyL_RMk9gQiC8Bkc9NHCabbpSvWG565jkjv_L7z26Otey7ywktOHDaAOrCTOYH6_ap5bxUVOmuYI5t9b1yCWZ5R8GXqWaiWy2l37avJ4MDGvP3Wjz0ZVy1Yx-Kv5fQocuGzgcB0vMXW4JeNstcZH1IkE7j0h7ejDmeHHPA4DcOV_JP8wK2jQXngmOauAWimgSp3clQrnOMxkRx80me3pD9w3zq5fWKS3Fkvczgfu7s1bv0lVoeqRk4qSVaiVmsbygALNJ5xWYE6nIjfefYl5TD2ZQueqtwELH6jpzvwvLuozD-8-8PM98EputjupXGuFHXzjv2C4wNk-Y3fpIarYdyWhorMuvYxFhooeECtQfcoBo9uGRzDdj96iOmiwz5iWsHFffxXkJt8fka0MJfCJzC_Va7SutUEEOXiIg3YOokrYuZWtamJ7dbE7ZmxYZy39COyIwWmRy75Vx9EhARtqlZAeOWK2SmqJKg57d6cmUEZfvCPCjqESHrjxQcqdpMof7s8kd6DSzlfCaVA3Clc-HHkPhmiAscOYCssiVOs0QP1ScXvhMT0rZUFiyFonaVco1IHF6x5uXeMaePg2RV3P_1ZdZpRsnXySECgMbIRZ0d6EvEAnXcdeLD9TAhgbcuqrNa8iCh1KsDs-cVpNJkIkSE6_p-P06PPWGef9ILqZtp-qgeMYYzcR2GoyTXwU9f1PU0EZXkxOX7U0fw79FuJtHgwN3Oc1nCPbVMGvko_NDhohRdZq4BhCqnwTkh90sWJRCSiE6zh-h0Ywx_1y-J4D4qjnTlDX8eqj0XGz4k87IBCMOpd_-nBV0hSh9KlhLUpK7TKxyycHqKZhZmnyuw05p5uQB8GIyO3PHbXN45L18OECs0lF6rtNK86HgQ8YsZB4K91lBeHXuYGIiyHWrKZPqTwxYJNvSfcJAwGfb9lzGLoP3TDbvkH_YB7isNyimKZeLSPJozqKWZym-Uzejsn7VmRXacFMBXMkb1TVMb4tjb1q2GiEUXNmqlFmamdhOg2KwFu4uLW7MPaSwqy2O-sXXKEcAlHgcuwL2noFvqt6nZF4Dmof2YnLPFDl5h-xm6neBBMjSMHCtYXJLtFy90hWlyq6lRmaQK-jtISTBNf9AqdemglyADd0eCtg_53aUncvc86V6nOsRS9eW5gx8crDFrF-3pvWXbWW2rVjimBGdtCcRA7NkpToA5KCX5yCqcyeJYSy80pQ6xlxwd7eFek_bJbMjp848cfz8Rgs9gE_XC4J8s8G2nWCfuCmFMA_p6d1Z0vXT5413zaIBe-4EdKFS0528axMLNiTX4t7JHe0aFPM_1MdPpmDp5v6Nu1J0TlgK8DruBGbhnw8lXKGDv1LosyBl73b_oJXZlUPcegWTQLd86Z92_lONo8IR4hyG5zZV1lGHO6SlVJczWTMVKpIh3tBgPr8s0gwX0vloG7k3AEsEYIykcqsJlJTgGlvuqtEAu_GhWk1xYBJOm5Wn981DTqXkghiQJkAmkVYdpPCojdiwuISVA2mL8--v1k_kriAua8guO0XPZRfySXvO062zjyRRGAejsI4I-QpvfYUxMttd3tjqZIlvljiGeZnBVfu_Wexbc-KKXTNquqmMOrXF8MbGk0W0ogJQUQCWNUEehFqsbeQHTzbiUMEP8WYWw3ZTTeeGEUC3CN0prlDedDBIJB5wdr4gfrLORmGZ0wHEu1t0dd9rQYjBd3k2oj9tITZgvOWVjV2POUPoWwUyBEy9ffm_cXX7M6V8KcTg6ArohVJjDRVjM7OfSO5pGimFP4BijBMROlHPTwPAH6bTUmajWTXcvWiEBdYh03NqsSOt_poXpbGPHgrN7K5BqOHcfVG4dV-XhV7xUb7e-stS3qg-b6c&cid=CAQSPADUE5ymsMAy_zhM_NGWgj_3GWnNOpgjtme8_bG0sX8UnODYH4q2jPiDsFYbH6zXwa4v_-k5sDVrIEtlXBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=3408243638496263000&adk=943508955&idt=81&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b017507ce5af638a1b556b46a591b1c34ccb428522ec526da5666c8b51406166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36052
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame B2C8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAD9SCjv0CYRYvWGX64KhC4&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAD9SCjv0CYRYvWGX64KhC4&google_cver=1&__user_check__=1&sync_id=6acd437a-b8d1-11ed-b09d-16a7f9820306

43 B
547 B

27ms
27ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAD9SCjv0CYRYvWGX64KhC4&google_cver=1&__user_check__=1&sync_id=6acd437a-b8d1-11ed-b09d-16a7f9820306
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj5oqp5MAE&v=APEucNXG4o_uIJLkYem8tgIVQNQ6bAYgdmkYj-R2MrP03a7Lwp6SsAVqwluOX9l-K5RZ1lxICxTBo9E8jTmYa1DTyI03oLpyqn6PzO0uwMDamFfkYdzi22mRihbfTEBAAnZWI4COaYvUZmynH8RQEa0Bxt7ql0o1Zc9GLkIk46XL0gBHHwoinsM
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 08:08:29 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 7
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Thu, 02 Mar 2023 08:08:29 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=7025&uid=CAESEAD9SCjv0CYRYvWGX64KhC4&google_cver=1&__user_check__=1&sync_id=6acd437a-b8d1-11ed-b09d-16a7f9820306
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 106
Connection: keep-alive
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B2C8
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NmFjODU4M2ItYjhkMS0xMWVkLTgwODItMTRkNTM0MTMwMTA2

170 B
232 B

44ms
44ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NmFjODU4M2ItYjhkMS0xMWVkLTgwODItMTRkNTM0MTMwMTA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj5oqp5MAE&v=APEucNXG4o_uIJLkYem8tgIVQNQ6bAYgdmkYj-R2MrP03a7Lwp6SsAVqwluOX9l-K5RZ1lxICxTBo9E8jTmYa1DTyI03oLpyqn6PzO0uwMDamFfkYdzi22mRihbfTEBAAnZWI4COaYvUZmynH8RQEa0Bxt7ql0o1Zc9GLkIk46XL0gBHHwoinsM

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 02 Mar 2023 08:08:29 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NmFjODU4M2ItYjhkMS0xMWVkLTgwODItMTRkNTM0MTMwMTA2
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 114
Connection: keep-alive
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B2C8
Redirect Chain

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS0zNU1tQUI5RTJ1RnVOVDUyMzhGcjFuS3ZlRnVrVjR4VH5B

170 B
232 B

45ms
45ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS0zNU1tQUI5RTJ1RnVOVDUyMzhGcjFuS3ZlRnVrVjR4VH5B

Requested by

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS0zNU1tQUI5RTJ1RnVOVDUyMzhGcjFuS3ZlRnVrVjR4VH5B
date: Thu, 02 Mar 2023 08:08:29 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 8A45
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAD9SCjv0CYRYvWGX64KhC4&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAD9SCjv0CYRYvWGX64KhC4&google_cver=1&__user_check__=1&sync_id=6ad1f07b-b8d1-11ed-a37f-1a377c5d0206

43 B
547 B

27ms
27ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAD9SCjv0CYRYvWGX64KhC4&google_cver=1&__user_check__=1&sync_id=6ad1f07b-b8d1-11ed-a37f-1a377c5d0206
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj5oqp5MAE&v=APEucNUKl6XgaPLJ8fJPhK2_uMQXL2Z718nm9ki0g7qDr5F3_Pcrz2zvR5N0OlGVzMjxyuFYA-E5Ly7tsh3PLfQj7bbCC82BK88WwhzUUXy-srPMpLI-A52hGtYGXfwv9THsHFeGtPo6EVRYxZkyPRR7ciIpABYOM3dUSW52bRq04G-cMC9g5IY
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 08:08:29 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 4
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Thu, 02 Mar 2023 08:08:29 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=7025&uid=CAESEAD9SCjv0CYRYvWGX64KhC4&google_cver=1&__user_check__=1&sync_id=6ad1f07b-b8d1-11ed-a37f-1a377c5d0206
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 65
Connection: keep-alive
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8A45
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NmFjZDQzMmEtYjhkMS0xMWVkLWIwOWQtMTZhN2Y5ODIwMzA2

170 B
232 B

45ms
45ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NmFjZDQzMmEtYjhkMS0xMWVkLWIwOWQtMTZhN2Y5ODIwMzA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj5oqp5MAE&v=APEucNUKl6XgaPLJ8fJPhK2_uMQXL2Z718nm9ki0g7qDr5F3_Pcrz2zvR5N0OlGVzMjxyuFYA-E5Ly7tsh3PLfQj7bbCC82BK88WwhzUUXy-srPMpLI-A52hGtYGXfwv9THsHFeGtPo6EVRYxZkyPRR7ciIpABYOM3dUSW52bRq04G-cMC9g5IY

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 02 Mar 2023 08:08:29 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NmFjZDQzMmEtYjhkMS0xMWVkLWIwOWQtMTZhN2Y5ODIwMzA2
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 29
Connection: keep-alive
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8A45
Redirect Chain

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS0zNU1tQUI5RTJ1RnVOVDUyMzhGcjFuS3ZlRnVrVjR4VH5B

170 B
232 B

45ms
45ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS0zNU1tQUI5RTJ1RnVOVDUyMzhGcjFuS3ZlRnVrVjR4VH5B

Requested by

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS0zNU1tQUI5RTJ1RnVOVDUyMzhGcjFuS3ZlRnVrVjR4VH5B
date: Thu, 02 Mar 2023 08:08:29 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A797 0
20 B 55ms
54ms Ping
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8112172109239&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A797 0
20 B 56ms
55ms Ping
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8112172109239&version=m202301230201&ct=76&x=1&cor=4247703355001758700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A797 85 KB
36 KB 83ms
82ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJKsLtSy-iIDsJza1vIx4NblsEThAAyEyPc8PFpXcpJDVFjJRwOiz461Qt8eeE8FJcZ1Kj1h6bVzvVligS7bDWDx9--LoGj8Z7efOKFo1Q_UaeREo&cry=1&dbm_d=AKAmf-A0N7FC5CnjQKtdBLxloyU9R-iUcjyCIR-Z6JgMDGXQruYKu2fgyJzxRdPDsZeUrz7XkBO2CzzJB9tqJpbJ6YBi9W7IF5_11bhG_hUOJSP5Qooekipl6AuX88lm0CzvzhrXUh-Q385_q6EQYxPIXzgARcLkSWkcItex6tNswv0GKETWKXopoa0ZSzuIDF_ZlZF8ABWUKUib2p-JqKH3RAcclgIRekLJwYL6_I9VF0-BCgTqj_X2oQXKFMgPGg2xMyoMc9Dw0BU6UJziLP6KVltDLlMGRf_A2DTpxkTmLdPDsVKqyuf8CoKVOm14U0FOHVU26AmFZF0HSAaC7W9BZbIyLPunaJkZIxNtUihXPAfFi5iAGIBCwzHs8OsQOpu4RAB7DIqfbQqKbmB2vCx3OAXjF3zLu9IwMtigOHCWhqoIu3_X6kUCzOJMD3egyymI34Tgylbc761hLIBJDPDP3aselqYYP0b9fL4_51_owz_BcTv8_2jZyUOnuSulNaFAHlMLRj4whdtP75x2K2H4BfmoVKO3YlueODzNgO9HMhGoXaWMPE_eb6jH6IhDYES3ynHqqhymqHL9komlIBcSrlLXB1GPQnVODl5VZpSpt_kVZ9Wa5tEuezit1yRUqwZYMoX_qEgIYk2iIEl7eCYcwZ3gtT5sMZ2n_6KniMF08OGIkDzhl-sWgZr3e4NfdikQC-J-I5tScT2M8bry4-d2ZrGEpq08NZq7XbLDTfl_-Qwd_2qIg4eS4LDioaZMjAf-NlqCxhwRdY1DLfGRWxpFRWyV7dEHdOiFOMojxvGlD5L2zmFf2kADFCPjBNWupMReImwxBtI3DRo3KSBx-LF7mgs12AMBpoE6icwXQz3Vbq9R_4GTrHIOiFbnzNbxrpYi3_WNZewI9tnvFJ1EAKWS93XOHRjQB_gZ8IuF4PPaB_6rsfJm5yyZxXUYhr0eY2cDJOgkcpUAYNe1gxo0SwUNZ7xV-ogvtNUjlhL3AtvtC6qOm4PtGWtocor4Q-sDBJbcME9ixaumzd-uwDsgNnCsFtxYU9ddrQa_sGxpv0YbgxiqZmDbXVEvr2mSgs0KOzBVkAY371OpodoSlppB9O3CUSWEh7_7_AuWzrxhRCLsreGl9zFiefAIId1sdb0Y1EUa1LA82czmJ86VIofBMbWFigWMOLGeY7pmHMxg_4H5iJNJxw9dgJ5wHqUz3aUAa88VmoHVq4h9R6mZsGHu73oK242_FLGZ0h-_KrV5kIkMxVhVRcaGTbGt7IjsrbKAmQhhM0fFxUpBDEs5mqH6g5vWuZyhwK3yYCPmvunFhJzH_twtIziNsLrZjQOy1pwtCxHZ6P4jcY6jPa-cyTFVDlPYxzoc5mf1x9HmjzKgSWwZmitN5_ZF6W0FWGB4coTtQ0eaXoZHXrlirUKzKL1iE0gQvavYKD1QDnq6bIwCXHHA2U_Ee6xaCZwqbua5Y1I9RdlWksDDziSvxpLy_bZFGsOJ5iOZcJmOE0S5VdqcSPqZbPlgg6Hth7fWb8q-mun9FXOWjnkwPex7WwcHOu5VetTYZdhgl99y5SVCzmgdX8SdzmWIX8gc0HRi5E2E1nl_DdIEhAH0kKFd6OJvqXLwnghz3cr_puMgXYEDLSlnoSi7yFZcdgA_DoUNc_DzFp79yntfGrUiL1O9J3h_eT8rVKJ2a3WHHIuk-EA90kvXuaj6UZLeAW7jXjIB-Ud-ulB47ha1ullFMyql-eJCgfwpcy6A4rchG1NAalclCTMNwziWfJ6g1RD_byO9kMocbBnUVdeZj6yycCKjZJovw4rgd0D4ITkQS1zmJPEqyhD3_E84nEyEpPvDgP6wMeYSHj9UZf_PUDMn-h8l6zXoWjJf9ss_jxTx2_HGlS7m5W_nZw95F45gL3cSfPYZKFKum1n4kTbpXtuyhxOdMPQ8udBelbZP4msibBLzHsAhq0eu34MLNpDXGi179xaBXXXpZewNPdBrSBi0VcXhm9J4hfyN7PJAKVUtnUtpxMAn1bjyB8MC3wEXqlA_oD7LYv6O65ib9L1gMUz2C2BRfaUXaZx4HueJ9l6CClx9TAfp3OFGCbx6-8Yb_m7FoUZzJzta0vQorPzDym29BzIXldZzVCK2C_mZiM2Rr7strSpGP5NUYgwtAz5W8ZH7FkGY8x035VXbZnvnVp6ze8NqYnqViC3OPhBbXqvicMqJqckmIY-xTaR_mFOmR_2tZ3ZzZNPPH1mhPynAW6G_1qLyPkYBVO3MkVIgfG7AfGd_VjFCO4u_snYdWTtmUDw8P6-plTLUg-UVQQJTBOBb36aLfstJE43W1MR6AT9aZkZVNCWSbpV2GJjJgQ2dqiz-1wsqKy-7_mqiWwXv43brO6kp8rVEM3pwzW6-q0j4qZTVrPEKK3MZyaJ88pPtg4cAWGBw4XeKYZXK01tYmLKAvA50AgmOg2rsw1O19akMrEe0ivs0XjZdh0B1KOXUAPUL5kDLi8FzQ0fUwOWqobUoDfVeUfuffslog5c45d3M7spX-JmS2pJZypalyC-vxZSVo6jbKWbqhd9SmYvf35Pj_1lQ5mD4nTljPOGQsFcWI26ZdNKMtO5P2pOdALeNSKPkH7b7KUypLvxCICrzv09Zeyk7mkxH48xGou3jhsfTwaJUyNwAXjS894jf86yr0IZIhVPzZTZk2utSATz0IEtPKhXgd37RRAKaStsyKAjuGaBovI-VTMUIsmC71f12zBfLz7JvReDIqRSkF8N3-SH7eblyU_CTcG8CmkDdsc0q9ncICBwHcNwLDPexVxTOkv3htaCEYY2w8d4hmlC4bnt7DUYA72GteIuok1HTHkA2ASySvPljIh4N-okPJ4A5nG9quswQNuP_tvHrUWJsqDzk-N85cQpClWQd3Et6_JnwldGB6pv26qpRRQTSohliGcfbJnHi6B2HoOPXTTZULqFJ__oZy8jmPoADNCZiRZG1dV2glVxMv5mptmZeLEKN24sfXFDNbqPk1BRGOOnRcAoXT4fDanesLvJ2Ml64XnEMTK7iPGK1xabMwTJPhnAxNZ2cirDht3oiGoLqugxZxxErSvHi-3z33YY-nAv9j7BtpYfVe3akLjgI9eQmKFAoq8z_GQ3JpVSI91rpiW9ZfzY8kp-FcImMK8wov4IICdL57xrww9TCFI9MetI_qa9sYtmvII_Z3DFxCXxG8HwCqByRWDDkvm_6DX8d-XHOg6wshPUJaXQtbDzlTVCVyQUzIFTZiXgVqQ8K3j_23rF1CpxsEKlBhx04TjLMmJYvKzBBF20_CcqlnHFECkrpN7D-bA-k4F570aEtJnYXHSKBIWFteAnI_x5NlFSmlkM-5wF0u70DzjkZQ70SUt8wy8oSSpq8QII&cid=CAQSPADUE5ymsMAy_zhM_NGWgj_3GWnNOpgjtme8_bG0sX8UnODYH4q2jPiDsFYbH6zXwa4v_-k5sDVrIEtlXBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=4247703355001758700&adk=1033480531&idt=141&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4884014257f03c641d632a3c9dcd683b5a07f590b27c4ea97c108a922b48ec9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 16ED 0
20 B 56ms
54ms Ping
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8004321601437&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 16ED 0
20 B 58ms
57ms Ping
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8004321601437&version=m202301230201&ct=76&x=1&cor=8442294703749424000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 16ED 84 KB
35 KB 88ms
88ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cz7i3Q28SZ-J2ASYXn7Vqr0JG-tHbFF5eXGL_CPKuScDGX9Hy-kgvQSufdHkpFGcBX3Z2IEqdb_LHDsk1J9Hjbzy86lef84clfe1s_G5ldfc1v45E&cry=1&dbm_d=AKAmf-Cm2HI7bMc_T4FxkoxYV78b6ZsieqF20qrHG_cZuuiR0ZSyzzEhoUhsGfB-zBpUQcDvhmefFqdlWD3bj5kdMT8M4kZHfSMcwJcAfsuXdW8z2df-cFKRserVgEPnraXriKeBz_VfdzdoJ-8jh1YXw25gRJ1LPCKoIN-h5mADfwv2IXeOHC0IOHL9MULya8V-I-wrzCFc7wCynRBySRLaDnZGJJPVj6tt1pZeymcis3U_U6BPno-pxFfY0wAeAttu3t75f-zLIBimwvDYaU6i8wk596-day3xMK_kMmBuvK2P6hFAHFt8OEfJpDM6VV2MmvYWmQjjIL3j5D-8J6K24omAG-GLVswJOPsXNf3Q24UQ_6EVJZ2ADj4o0h0pxTL9HgcN-62KTwj0FIDg4fO8Ia27IB0KDf8pOwxAS_K1TQG5fYOHDkhmb0RZE7THQJwuACWTe6uOg6pWhb8239cCcjCNrkyuXeDnoPuKfYGPQ-oeqLsQmf_sP1emASEhjSUJELztlf8jns-TzYlmc0Abk8YvqZ_dAFpcoaOvOiCV1BWJLBLRdF6B4mrK0lYRIbZbJBcXL69wziHJj1pZl0KBRn99TxiGTk88tEPVPGGWaL0xy8xvQJ3OGBoHXDac-ZOZeyuKjTQo-4Nz8HWnG3YGH82IhgdBte7MosA9uYQoPNoUdQyb4_OvrQqV1HcvN5arQvKdW8llIBtiKKjWhvIDGEycvzKq0kSGhyENYs6etn3uBIqU-lWKt2lK5R1wV2Q_RV4Jsb3IJ2qty3mt8AA4Fryxgz7koimPcdiHF8qA4ak_IktdJFV8gDLXN6ovBJAwXFLOCQU41nEQeHKMHg7M-SYe9kXhPjBl6Iz5RuuAye9CDrc33G3-X7O8fVmcYnsibUyfCEf5y8Pg0C9p_VGL2xN0czbCL8KypbwSL2CqZDresWVqkir984AWjgj_hRsux01853nObIf8g_aMlYAvHt_gs5pSMOqq-jK2-ScMTQBZWR4aGEX0CAuqbEnGvD61ClvPyV25ynt-L-0I7VmMegn5b1BSdUz68ArEIAKzDTdfXbzUARgXLC8iuz4k4hfrxPszZshW8-Y4QoTssdDilXDF-n9Kx0VHkICS9fhZEc9fJ5yWRVOkNnl0WcmHVozgLk-P6c3HzTwcMfmjXMH168j6Rmhnh36yourTC33pMSLyfNWdIt93uyNrDqMTkbxJHLqSZpTnKc9zzNn-nFqKZOdORa4wa0bXZN7mZj0GLVc4rjljcfQOm7Fmz497hIOoPg0VuESzSTLhExv6fwE3nYJFfc-VUH3oH4BtPJhjbnwskRoqQFkVsZMidhNNHFSSnW_xUjPsiZOy4FHJz_-LP_QSGJ49TxkUJVGrRSn7x04XpbgxReohBQDLq_Va6GI5cu2NpcqFSTAr8SGixNebuobeyeKSSVLbGNZRu8Qqy2axBtpIFQzOSyN0QjagJ2oMYXrC5fq7GWNoKQcPtpXmADxM67LP6ImsR_WjeBuhBJJc2rXoGNqfjqgeoUx69Bm1Ur4o0wD06GM4sDFdYwn1V6iMkgofPt-QzL4JoHvsxdPL7jtDNdVJZG49bYSYx0pdhorPPzd-pe0qY7_zSnj9ohiQhgLcWXczLV5C4fb4y85lYOMYfgcpxDuqlF6iAO2z6FB_rbG3fFEDt970glYONg_2a_kSfgljw4McQ7tnE4hLzAfss2WL-p9VVcOk1M4TtW0q6BL7A-RHoFu22_RTyd8kbObj5-_5arZnMDF1T5sKbsH7Bp1JC0mfV3Fa4bIHMgV6jwlB_kYnnHJgu-ch4Ls8dpPZaniuw_LtaTl8zkiY4ECSaqHZzVuezMeRYQrqGcd0_SzbQ6m7CvthghemiKt7yGxFccujO-UNgszo2OmK458jSU9N_elToAAbydXUoQSSlp6nOwyDXWkj2F9Rnr5Dk4USgGux-z-mDsnBb9Td19B2vFwuioAt56lgtenLiUwp4hqkeJeZBwC5YRE1sqVmkS-BRWwIduf6G6rBC4VPg7NtbCEnfH_mHBt7Ibv9M2dYO_use7fMrPrBY5uXKfZLubX1zsYYHEPLNzsRATcJvV5yc6dUdDOX70216F06jZ-iWmJvnZnkoxGvn_vKiTfweh8yR9npcOP8tmAD-xXVAJnyTpyNkLxAIyHlKbeJKK1ZfKzok7Z7e-a2E8xDkDPYFUr8ITvHJeu9bmxQVz5SH8sPcMSgv8Pbc4gEgxSkMZgjYWHP3phA3hrG0b3k2foXB2nrEEAHfRm1YX0FMNPrd4o7OI5DBnMCGZ6-zxok6p9723beQAKqPqgwNq9EwJvPNhzetdGfi0bEcsXKZK-KDIXLjfxIUaVgs6e5yX_TFBj67FpE4TTKv6Na7JhSJId8TP__nDyDWpuoxlGqFdvllNAJy30nITB6auXfNZyz7uMIBTr6TwjZ-72gBbE3C1h1IJb9O0mEuTCJLpeXXrpZXZJb4BPliI2jLAUs-72zURrRdO9iscx5py7jUpDWNnOcwMs2c3FhR400tT6f7M3Q4sfm5dKSYqYACBXy8mKc8hA9P1daZQY5iqdPcNLdRapzcogYHSob-1tdJiVr2Fs5FkgyvjYYQ2zR-OVVZ7kdIHqi47oE1VTul7MWteNSqgisAPluQkBWRA6EEpe0hGKkUZOHCm59fF2VKJlEnAs02stWY6q5G2Qk5j1vP7TR-nRqhtakjliB4dLVeA42RQN2say_UQ_iHEX8s0bA6YzJrVQsOU3FW3MadqLm8thHy8FiRhf64HiYodHRnImlMBdwFucdzkxu266mQsmUa4ZUZoAM_ZiH9vlVA9KeKJLYgv-7b2-hAawxzG6Xi0yJH0aUW5DhxY8kLqF2HOth6jR7ayEFQ85MRJodgD6CeqBFIpE9i2GCqvUD0BL9p5l58_R1sVIlQ-Lxs7yvf0LTT3KrAntGuJPcP3XFypmwIkDjUT9XGP1Bl3xNR97q8F8rWZWt3vXQlR3VlZV8mIxeNO7V-NW28LAUikM8jRia0ZtDFBgAgne54gT8N3HRvGAUbTs87cw3FklO0LKO4szArFM8OPAcf8j-2p0t9QaIqE37twsgP9m9TZ-iI56LpUNC2Qr8Vjx-YGzpsP8FifVG8IFTGk16Lp3Ac_7q-HrrbgbI3XkrDT8r9dN_7Z1Iq74tN5bqcp914z-9_nNRv1bVmFin1_NJlF5v9il2bAqaYeTsdYbIL2kXWJPEfm9Ore30j6JdbtJv5BQiLJdkgjNijVBmZv1O0wGYIHMN_aisaJCaUrTAjp5ha3bpnmNunKym1Nko3aH4U_NbR0z-Vbuh_M-hlnM0xuxlhicn_hCP3Bpf2LJ_SjTEbfok8j8ZDyC9iA_m_YTtQuw&cid=CAQSPADUE5ymsMAy_zhM_NGWgj_3GWnNOpgjtme8_bG0sX8UnODYH4q2jPiDsFYbH6zXwa4v_-k5sDVrIEtlXBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=8442294703749424000&adk=4188270525&idt=137&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d45b8ed29cae3ae0eac7811d5637719bd3e4dbaa36e29ba9f5901d59c2b239d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36116
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 70C9 0
20 B 57ms
55ms Ping
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1018811314768&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 70C9 0
20 B 58ms
55ms Ping
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1018811314768&version=m202301230201&ct=76&x=1&cor=10617340565257708000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 70C9 85 KB
35 KB 95ms
93ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A063LcdGg830aKosYq43DG9HYW3XwM2GK3sTR-qmEINdzhveAUF07jkDkxO64S8-D55SBTzEO3p02elQyhslJz58ga2DLEUMeqvH7JFpXU4MFQC7E&cry=1&dbm_d=AKAmf-ABVcKGPZ-71y-1JzF_4I-h2OqFSuL6VOA9qO2lSxLMj4VVhWpAlWTXq8ogI6wbwpZvhXQBj2VDP-QGlURuQr-udPtdnVcU4FlYfKDG4o9qXT1dU1NEr0C0xO1bE9_DJjUdna_PDT2gbat9iEX8uBL0iWnfEkDadeMI8ah24_Et9AM1X674jhtsfEUq5fOyIYZQFZSPFylO2dTQTtYSjpmiHerN-kxcx2bntoSS81YX0UoniaYC9ULyzWKdJW5UUhdJ9ecN0V3iWETQnuCmxbQ3dOCSpf06e2xz0pksIgjEpK4xbQ6XsYDEkgcuZydjrmX-aB9DZ8_Zcv0zH3wO19NxVhODgVvkBCoQnE4xyV5GxxTyJXsBxbSS4pRVE8a3QuBc4I_TuJ_ks7C5P5brR0QsSH_HbGeRJIPn2papLClNHN-cRbbBQThk9oB5BPNTGJPd-q2PVweMJkDqSxY58coIn9lqwLWCh1YJ2dyHu0Moako3YxozmXx8zD6tkbJ8B3bZ5pdId9dBXLjrKrcQy1bIQzsbMmL3I_DI12i_Kg_M6EvA6UGZePWZj38-lZQ82_VkrQhxzZME7x-3BrgkVU-zxxAvPTN-HDnEzwcBXcIj1Md5HPNJWAyApDhFylF-bzeHMvh_txN6ajLbFPwI-WI4mBevN1nMQlUW7yxwbwJDdVATCpeSPnJf3Ldz8OZCfHQrueW8uX2c-1oJezoIoKDI_XgAZD6qLWLmv1LVNltz4MDg3OTLYeFMwTc6v-7rM3SFJc_Hh1rEdl2pzMJWk-14D0Vp6mfHFqZ6SCS04xuPj3k5z1p1VCZpHOLnsfgcIV0SpG6g8B1ePpFF3Og5uO4AirbCj7_1htTx2DcF6P-TISKPVTZZdD08m-8vjf_LaLZuqs1xyle2GdMY121naVhjtIUf2bGe8ZceHmALjVHoLfn9DQ0zt_maSJkpwPK4OJCrl524kXztbOFa9f0TgLxC7bNaZ1E31DB8TBowwZ1VwTvJ6xYqmchBIvvhPZfujzoBR717nfCZBjUdm8cLrafagiolFJMem11fW9WjJGk7PVAnMwlYvOKsGhzqhS2bYCyJir4YtxQLA3ZVGUXNZ1eN17DdrLBNBavAkoctG812wB0EViFTS0YMgLbV3SlKkwXkicAcaZ2an6hDNP5mqwJVFdOjxXigbzoVVIaR6bdRfLmOoCup_WMrX33bqTFNTwHxAhnRPjSvijfitd1_mLEqpGsVJi0TA_CxoIjUIB0c1Sb9k55ucwuHmYWtAY4kcP2WTDrH7HWJ22RJk4m24t-wfcvEaANdEMwkm97lQlobSo0M-ZG8rsPybNuyMEZPB2qXb0b_j--5DRfHULaxDU4qT4PmBXqoTAjLHs_tzLOHe-pB-80hi2LEWQB_SiP_t_HEeGHsWoi11st1VRA9gb7UY1RTyXI0-DrE9icoTCA0WFcrVyTD5-zYmjeJKudT0x9DO0mi_UZOlVDSRu-9IxngBXhbiHr4xlECQu4bbLiG5jIEdk3E6oPbgApfmEgOgA0AWRB9lreEdw16Gux0N5hhUuGOw6DFPCP2cvZkrtS_YYVvZ4QOTvsS1D-fIdWltbQtxSzSFnol_ZKndaZ_eBq0-dbV9au-RGZFj4eBeEQiRU3ZtersKszmE51WVbHNKa47yqotELRPREmXtcfTGUmryJdqv7Z5e_hdZ4OdfljQj2MEyW1x_OYL54nwy8eg5R-O36gAE9woyGUp1CILbezDrnjkk4QOeXIWklHAqL6a5HPMToAM3sydNqpVKn2IS0wPs3CjsGw0hYmsidnfY6aJTQHqG0DlJIV_I6gGqFFTdRc7Nve-WQ82AoNTP6pt7hlC_PuRQR6RAzMldApQYIp7koXUUhOoDKIA0cRn4dpOKFvuvyh-PbhtBLnVIfICwJUV0faQ0k_-9RHCDbgw9gp9C7G3eH_IsPH7VFFKSzQDpiN7JU_ujzWXmiM9dO63MyuCN1t-OlwWKmp2F6TxLESWlv4yTyl_W8BGjSMTsq1OjtNM2b7iTjT6f54zQVyslbrDL83sopjdNbHACy9qXWyN0KiJFLgosADBDCVUxx39CVUm_ZvM31zqS-aG8FWF5uLML-b5yvTMN2Q7DYGhGsF1eWr5lQyMyKWX2ktbxflHrZTYUjcn-BLMWN0gj7WDuDX0rw3HpExB4eHohwvpR0IDSuV_8zW_mcfMy3DhaDZ_VMxleNGJ0z4j4mzW2WENnwj2AGfBrI4xv7GYfsPvhQM-G3Tyfrco1L_2MRquS-Hqc4tRlnDxPaDavrJxt7UZhXB5EIDyexjBqjeTRGbFnFlSHckQwqdFDJ-59z5NGvcwDg_LV9FanmmnORp4nvRUBTgnhlFqkRHcEcyrtBnkL12I5_x-IIIh9AHSCRgpkON6hRVwLZP1H-LpUb4p-2_0aIgCechEBc2WHFDWGxQCXN4c4DLNdthhnk3wamOte9XE9tUYBARCDP6ZECpTI1q035j_tS6CSRrzWXwcBgcGoWgC9ZDluGB8CN_gJ8DpO9LBaL134A4ICNxvvQkhXewxCBhUkunRBNtQXot-gNxRUBVWV3UP4XrxuqDNmEtdiiqYymPBctvfWWo7ANfBa7TW8l5kV2o9x_RY62NMEx9z0A9FgvkyBWTUzqQBST-8cbg3Zdk4sUauUJh8TqgcaNSvATDgvT_pN42PLmShPckHhm-8HbRglQduckk_dGHWZ5cN0C1gnGy1SkkWoC9nl_rPJ-_vFGhCZVG_oINZKKQDCrtd0YoseytBbNCs3MlT9sG2-Fc1CndqS0sqx9GEI4GGliGL2myz1ryuMb-cKXrChKmzX7kmsMK7t7gpD_Va0O4_-i1hIDaJy-HJPEGAiZndWCy1yPRQ8L-ho__PHZZQEnmd-chWXiXUcRv7uPDMA_DRPeg4QWNcuYTwe7ELtb7Ff4skCDuIxIV0aGIYWxsguOHjHmj8jclFxoFNT_sAt0DAtGBCEaQO6WJW_Uj5kWTX6VSsG6RtCUF4sY7hd5Z_F-B9ewaqu4bDQOM035iQ_OJIXraBky5yLow4-zzIbtd6Sl9FPtTG3unaBKZuR56Xlb8Aif3KuNDFDnI4VHPU6b0vx9rUhoh1L_OheqoBvueINJvnkJIkQs_4_9DTVN67On5MIhowSv6LB6iSZJiZBFSxmwJOJ-engthkzUccEEze8_6tHalJiYJtAynGdfTTm6TeQHNzfcr1jp204zabjoUBQcHLiYJTCnhl758ZYvDbvOvtPv9K7tfbat6ydklocUPFL5bP7_4gpI-ifKu1EmR4JQC3j4vq2MU0fGMXmqZfqixoE63O7O97tjvupKBYk67xs7IGkDfcmbhTe45Zk0vgw3yiHEc&cid=CAQSPADUE5ymsMAy_zhM_NGWgj_3GWnNOpgjtme8_bG0sX8UnODYH4q2jPiDsFYbH6zXwa4v_-k5sDVrIEtlXBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=10617340565257708000&adk=3690638929&idt=166&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6f1f19282945a59320cf20bbb8259da8652450b134f7d1c79969a4ca252dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 3C87 170 KB
59 KB 271ms
31ms Script
text/javascript 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.kanui.com.br
URL: https://www.kanui.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Origin: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 05:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7998
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 05:55:11 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/ Frame 3C87 8 KB
3 KB 33ms
24ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BreUzrEWxOeEo7c7teQQ78_bPqfkZuSjS2scPyGJ2AM7EuXr5BWnvLzAU6VjfgMh3ljV7w_2ZC-rVoEamHAV8PkSpFEYybjURZsLuc-2nKDnASALI&cry=1&dbm_d=AKAmf-Bdud3C1wrf0-YVYaMwfzq7WZVmZlmUHve3NL9XBcN_FwliZxN8iFRZ0kqzb06AOj-IX4kHNMPDdApBHqP4fmC9FZWefmWyVj1YG8PXzvSPUYGmA0x3opEj9jvu863HXNbBIsZA6ybTeTyBjqGoRs1m5gDdkNEnMkpip1F-txjrYKRtW0uad4Sk8ti3lcgudiJDTaMFfB8HJB1QOz00v1iT6df7vf37JISgoh3GR5rbjh_QJcnv2K_-1knxpPP5rBZ-3D_tgtkvoO2-nfFlWdX6MG4s9Srg3Q0N51DtjPsx-Y2e599Wy6neycScUc1drH42hrrMRuwK_ixP0hXH_Smc89-yCDJx7PZUJGnngt9QqDy14yGq-TEsBWSzZJp4lMV2Odw84hovjpRNixPIxB6kpbTpbT8GOabeTniaDILwzuYC7G2v8Snd5OLWEDFiyW4WwYCPohi1TeLMZPaAVNOYPbEsVcFg5XuZe0PexaIgnQHeYjhcO8im4poubtUD3I_jDcJLWXOK4FpCQf6HrHGbgTcBcAVhxCs--BKxHRpz0qCUyJG3ndlivGPckUNcqt4PRG7AJyYZ-Fw17okxpdR3fqIC8hn59PCsOsHU6mRcCoJYhwzJnRmzDEr8uI6EtD4G6QPsYzPKE3Lp8V6okppkg2smZfbDuzW55etLaCzfJZSEy6Rjm5JFWdj8jEDVUMEuffP_ms7-bcQnmDn5d8qDpZnI9hLLJyGQTFQxuuxw65RtpzWyBMMcL76Bs114Ja6pcgDY4pmM2eofSJPxWQEPlSptxp6BAJjGdcaamtxZr0vUyfclLctI8-ImDM5arWa058q8TmffiPv6cSyWHTaBq4fDKNtSrH8jwm-l5z_52nUCtl82DuSpC4OhrQ7Jt8dbC0B3LXIRX_2YvuCKlOe2A9hdJ_Nswh9nBAgdrFwfdvGn8YoDQUXdESWyqUiuoP71tCPb6cLVaMC2jJ4eOccP4wd68xOQHhjWg0OZdWe-jY8VHtXMzvZyu9SPP-ve4rq7Hpj5-B5RT_VZ13-k7XR1Wxb8seEsnRxYc-emwBv7yOeTM0jglB3KaYl3PSojR1P2zbJYm6fmPsd13HjUsoC0-MAVRB97Gh5ri8UQJqHMwyCSVxig2PApfDYE_PKeNmPS9cvQU7VzrDmF7lBWP9IM0AzuRSrg0P5k5mIyqUW4cbMN6GIGeOflluAn8zdbyyZ-y8DTHtdPCVxzIuRwOLkm355cs6-4MaHGTEXtUcb9XmASf9ddyBRo4On3bhQsg6fY4kLmXaTwA7XW-PScha81zF95utflXLGnX7EIlxKEwjXnrwkmPC9TgYHd6C8x3grxLFYnee6m4BX_nqSFyT4FPKcW4orXnLVoW-F7eReMmI67wS_d1Ic7CajoEwOI79Z-VB4YcfijMO6g1-UfObW8trpucDWWN9HbO668qjVagGfSbyL_RMk9gQiC8Bkc9NHCabbpSvWG565jkjv_L7z26Otey7ywktOHDaAOrCTOYH6_ap5bxUVOmuYI5t9b1yCWZ5R8GXqWaiWy2l37avJ4MDGvP3Wjz0ZVy1Yx-Kv5fQocuGzgcB0vMXW4JeNstcZH1IkE7j0h7ejDmeHHPA4DcOV_JP8wK2jQXngmOauAWimgSp3clQrnOMxkRx80me3pD9w3zq5fWKS3Fkvczgfu7s1bv0lVoeqRk4qSVaiVmsbygALNJ5xWYE6nIjfefYl5TD2ZQueqtwELH6jpzvwvLuozD-8-8PM98EputjupXGuFHXzjv2C4wNk-Y3fpIarYdyWhorMuvYxFhooeECtQfcoBo9uGRzDdj96iOmiwz5iWsHFffxXkJt8fka0MJfCJzC_Va7SutUEEOXiIg3YOokrYuZWtamJ7dbE7ZmxYZy39COyIwWmRy75Vx9EhARtqlZAeOWK2SmqJKg57d6cmUEZfvCPCjqESHrjxQcqdpMof7s8kd6DSzlfCaVA3Clc-HHkPhmiAscOYCssiVOs0QP1ScXvhMT0rZUFiyFonaVco1IHF6x5uXeMaePg2RV3P_1ZdZpRsnXySECgMbIRZ0d6EvEAnXcdeLD9TAhgbcuqrNa8iCh1KsDs-cVpNJkIkSE6_p-P06PPWGef9ILqZtp-qgeMYYzcR2GoyTXwU9f1PU0EZXkxOX7U0fw79FuJtHgwN3Oc1nCPbVMGvko_NDhohRdZq4BhCqnwTkh90sWJRCSiE6zh-h0Ywx_1y-J4D4qjnTlDX8eqj0XGz4k87IBCMOpd_-nBV0hSh9KlhLUpK7TKxyycHqKZhZmnyuw05p5uQB8GIyO3PHbXN45L18OECs0lF6rtNK86HgQ8YsZB4K91lBeHXuYGIiyHWrKZPqTwxYJNvSfcJAwGfb9lzGLoP3TDbvkH_YB7isNyimKZeLSPJozqKWZym-Uzejsn7VmRXacFMBXMkb1TVMb4tjb1q2GiEUXNmqlFmamdhOg2KwFu4uLW7MPaSwqy2O-sXXKEcAlHgcuwL2noFvqt6nZF4Dmof2YnLPFDl5h-xm6neBBMjSMHCtYXJLtFy90hWlyq6lRmaQK-jtISTBNf9AqdemglyADd0eCtg_53aUncvc86V6nOsRS9eW5gx8crDFrF-3pvWXbWW2rVjimBGdtCcRA7NkpToA5KCX5yCqcyeJYSy80pQ6xlxwd7eFek_bJbMjp848cfz8Rgs9gE_XC4J8s8G2nWCfuCmFMA_p6d1Z0vXT5413zaIBe-4EdKFS0528axMLNiTX4t7JHe0aFPM_1MdPpmDp5v6Nu1J0TlgK8DruBGbhnw8lXKGDv1LosyBl73b_oJXZlUPcegWTQLd86Z92_lONo8IR4hyG5zZV1lGHO6SlVJczWTMVKpIh3tBgPr8s0gwX0vloG7k3AEsEYIykcqsJlJTgGlvuqtEAu_GhWk1xYBJOm5Wn981DTqXkghiQJkAmkVYdpPCojdiwuISVA2mL8--v1k_kriAua8guO0XPZRfySXvO062zjyRRGAejsI4I-QpvfYUxMttd3tjqZIlvljiGeZnBVfu_Wexbc-KKXTNquqmMOrXF8MbGk0W0ogJQUQCWNUEehFqsbeQHTzbiUMEP8WYWw3ZTTeeGEUC3CN0prlDedDBIJB5wdr4gfrLORmGZ0wHEu1t0dd9rQYjBd3k2oj9tITZgvOWVjV2POUPoWwUyBEy9ffm_cXX7M6V8KcTg6ArohVJjDRVjM7OfSO5pGimFP4BijBMROlHPTwPAH6bTUmajWTXcvWiEBdYh03NqsSOt_poXpbGPHgrN7K5BqOHcfVG4dV-XhV7xUb7e-stS3qg-b6c&cid=CAQSPADUE5ymsMAy_zhM_NGWgj_3GWnNOpgjtme8_bG0sX8UnODYH4q2jPiDsFYbH6zXwa4v_-k5sDVrIEtlXBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=3408243638496263000&adk=943508955&idt=81&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:39:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48530
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3023
x-xss-protection: 0
server: cafe
etag: 4221495933888618527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:39:39 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame 3C87 29 KB
11 KB 31ms
23ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

555cb911a280dae2e7ab778b5403e27a81533f7b53cfac255d67e175a96c6e86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:39:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48530
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11134
x-xss-protection: 0
server: cafe
etag: 11889138295710991679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:39:39 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3C87 41 KB
15 KB 24ms
22ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:40:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48500
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 18:40:09 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 97FD 1 KB
643 B 24ms
23ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73576
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 11:42:13 GMT
etag: 48472445140208031
expires: Thu, 02 Mar 2023 11:42:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3C87 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a82335d7783e8ea5058196faae104f17e04800d5590d7e3f41265ada2ab83b09

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 125ms
122ms Fetch 13.32.110.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=903480&uid=7066148057540221306&sec=8767638&t=ri&e=1395333&p=1&ve=11810947&va=%5B%7B%22id%22%3A27613322%2C%22idx%22%3A6%7D%5D&ses=7722156ab996e8c03252ba0aec3fea81&expSes=24874&aud=299323.299350.327524.327526&expVisitId=-5480539334634543395&mech=2&smech=3&eri=0&tsrc=Direct&reqts=1677744508831&rri=1458232
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-64.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: MziL_re8Hgbn5mwg-2-i4lcCUFhzecGrgkyVwr_yrriBzMxcuGc45g==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 123ms
120ms Fetch 13.32.110.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=192118&uid=7066148057540221306&sec=8767638&t=ri&e=1395333&p=1&ve=11810947&va=%5B%7B%22id%22%3A27613318%2C%22idx%22%3A5%7D%5D&ses=7722156ab996e8c03252ba0aec3fea81&expSes=24874&aud=299323.299350.327524.327526&expVisitId=-5480539334634543395&mech=2&smech=3&eri=0&tsrc=Direct&reqts=1677744508832&rri=6539468
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-64.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: rJaCBjBgrO1iDGzqmeJzO3XS_UP9qT8VWqmvb4TZaAzcCKp2RUTX3A==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 327ms
326ms Fetch 13.32.110.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=822773&uid=7066148057540221306&sec=8767638&t=ri&e=1395333&p=1&ve=11810947&va=%5B%7B%22id%22%3A27613325%2C%22idx%22%3A4%7D%5D&ses=7722156ab996e8c03252ba0aec3fea81&expSes=24874&aud=299323.299350.327524.327526&expVisitId=-5480539334634543395&mech=2&smech=3&eri=0&tsrc=Direct&reqts=1677744508833&rri=3578227
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-64.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: KBqKyxkv61hBPquucGRuLhe9WpdjH6E2S48r4RlwHQO-n2NJcr1x1w==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 327ms
326ms Fetch 13.32.110.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=706861&uid=7066148057540221306&sec=8767638&t=ri&e=1395333&p=1&ve=11810947&va=%5B%7B%22id%22%3A27613316%2C%22idx%22%3A3%7D%5D&ses=7722156ab996e8c03252ba0aec3fea81&expSes=24874&aud=299323.299350.327524.327526&expVisitId=-5480539334634543395&mech=2&smech=3&eri=0&tsrc=Direct&reqts=1677744508834&rri=9790526
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-64.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: phoyVbOzVdKQoCDjRovFBSVevIzt9ZQjVPfPUgChJC3S_w3qYoiTCg==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 328ms
328ms Fetch 13.32.110.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=967968&uid=7066148057540221306&sec=8767638&t=ri&e=1395333&p=1&ve=11810947&va=%5B%7B%22id%22%3A27613319%2C%22idx%22%3A2%7D%5D&ses=7722156ab996e8c03252ba0aec3fea81&expSes=24874&aud=299323.299350.327524.327526&expVisitId=-5480539334634543395&mech=2&smech=3&eri=0&tsrc=Direct&reqts=1677744508835&rri=7945959
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-64.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: gsEqCt3b-LfIqPi9vzFHLpCRb-jzqCgYE4ohibUUW9GlmbKl6DwZHg==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 326ms
326ms Fetch 13.32.110.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=62773&uid=7066148057540221306&sec=8767638&t=ri&e=1395333&p=1&ve=11810947&va=%5B%7B%22id%22%3A27613320%2C%22idx%22%3A1%7D%5D&ses=7722156ab996e8c03252ba0aec3fea81&expSes=24874&aud=299323.299350.327524.327526&expVisitId=-5480539334634543395&mech=2&smech=3&eri=0&tsrc=Direct&reqts=1677744508835&rri=339250
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-64.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: 6pwAR7UfPrkfwvNjG6TUITufaKjqoMLcfY4pZcsIkrC9xm8n19wy5g==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 327ms
327ms Fetch 13.32.110.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=112285&uid=7066148057540221306&sec=8767638&t=ri&e=1437002&p=1&ve=12003087&va=%5B27758541%5D&ses=7722156ab996e8c03252ba0aec3fea81&expSes=24874&aud=299323.299350.327524.327526&expVisitId=-5480539331121819976&mech=2&smech=3&eri=1&tsrc=Direct&reqts=1677744508836&rri=6891707
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-64.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: SG-5XIDE7s7qOoE4r4_gqFrlmB5EPNeCbwtJCaDJKw7MQz9RDUV3dQ==
expires: 0

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame A797 170 KB
59 KB 185ms
57ms Script
text/javascript 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.kanui.com.br
URL: https://www.kanui.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Origin: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 05:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7998
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 05:55:11 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/ Frame A797 8 KB
3 KB 22ms
22ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJKsLtSy-iIDsJza1vIx4NblsEThAAyEyPc8PFpXcpJDVFjJRwOiz461Qt8eeE8FJcZ1Kj1h6bVzvVligS7bDWDx9--LoGj8Z7efOKFo1Q_UaeREo&cry=1&dbm_d=AKAmf-A0N7FC5CnjQKtdBLxloyU9R-iUcjyCIR-Z6JgMDGXQruYKu2fgyJzxRdPDsZeUrz7XkBO2CzzJB9tqJpbJ6YBi9W7IF5_11bhG_hUOJSP5Qooekipl6AuX88lm0CzvzhrXUh-Q385_q6EQYxPIXzgARcLkSWkcItex6tNswv0GKETWKXopoa0ZSzuIDF_ZlZF8ABWUKUib2p-JqKH3RAcclgIRekLJwYL6_I9VF0-BCgTqj_X2oQXKFMgPGg2xMyoMc9Dw0BU6UJziLP6KVltDLlMGRf_A2DTpxkTmLdPDsVKqyuf8CoKVOm14U0FOHVU26AmFZF0HSAaC7W9BZbIyLPunaJkZIxNtUihXPAfFi5iAGIBCwzHs8OsQOpu4RAB7DIqfbQqKbmB2vCx3OAXjF3zLu9IwMtigOHCWhqoIu3_X6kUCzOJMD3egyymI34Tgylbc761hLIBJDPDP3aselqYYP0b9fL4_51_owz_BcTv8_2jZyUOnuSulNaFAHlMLRj4whdtP75x2K2H4BfmoVKO3YlueODzNgO9HMhGoXaWMPE_eb6jH6IhDYES3ynHqqhymqHL9komlIBcSrlLXB1GPQnVODl5VZpSpt_kVZ9Wa5tEuezit1yRUqwZYMoX_qEgIYk2iIEl7eCYcwZ3gtT5sMZ2n_6KniMF08OGIkDzhl-sWgZr3e4NfdikQC-J-I5tScT2M8bry4-d2ZrGEpq08NZq7XbLDTfl_-Qwd_2qIg4eS4LDioaZMjAf-NlqCxhwRdY1DLfGRWxpFRWyV7dEHdOiFOMojxvGlD5L2zmFf2kADFCPjBNWupMReImwxBtI3DRo3KSBx-LF7mgs12AMBpoE6icwXQz3Vbq9R_4GTrHIOiFbnzNbxrpYi3_WNZewI9tnvFJ1EAKWS93XOHRjQB_gZ8IuF4PPaB_6rsfJm5yyZxXUYhr0eY2cDJOgkcpUAYNe1gxo0SwUNZ7xV-ogvtNUjlhL3AtvtC6qOm4PtGWtocor4Q-sDBJbcME9ixaumzd-uwDsgNnCsFtxYU9ddrQa_sGxpv0YbgxiqZmDbXVEvr2mSgs0KOzBVkAY371OpodoSlppB9O3CUSWEh7_7_AuWzrxhRCLsreGl9zFiefAIId1sdb0Y1EUa1LA82czmJ86VIofBMbWFigWMOLGeY7pmHMxg_4H5iJNJxw9dgJ5wHqUz3aUAa88VmoHVq4h9R6mZsGHu73oK242_FLGZ0h-_KrV5kIkMxVhVRcaGTbGt7IjsrbKAmQhhM0fFxUpBDEs5mqH6g5vWuZyhwK3yYCPmvunFhJzH_twtIziNsLrZjQOy1pwtCxHZ6P4jcY6jPa-cyTFVDlPYxzoc5mf1x9HmjzKgSWwZmitN5_ZF6W0FWGB4coTtQ0eaXoZHXrlirUKzKL1iE0gQvavYKD1QDnq6bIwCXHHA2U_Ee6xaCZwqbua5Y1I9RdlWksDDziSvxpLy_bZFGsOJ5iOZcJmOE0S5VdqcSPqZbPlgg6Hth7fWb8q-mun9FXOWjnkwPex7WwcHOu5VetTYZdhgl99y5SVCzmgdX8SdzmWIX8gc0HRi5E2E1nl_DdIEhAH0kKFd6OJvqXLwnghz3cr_puMgXYEDLSlnoSi7yFZcdgA_DoUNc_DzFp79yntfGrUiL1O9J3h_eT8rVKJ2a3WHHIuk-EA90kvXuaj6UZLeAW7jXjIB-Ud-ulB47ha1ullFMyql-eJCgfwpcy6A4rchG1NAalclCTMNwziWfJ6g1RD_byO9kMocbBnUVdeZj6yycCKjZJovw4rgd0D4ITkQS1zmJPEqyhD3_E84nEyEpPvDgP6wMeYSHj9UZf_PUDMn-h8l6zXoWjJf9ss_jxTx2_HGlS7m5W_nZw95F45gL3cSfPYZKFKum1n4kTbpXtuyhxOdMPQ8udBelbZP4msibBLzHsAhq0eu34MLNpDXGi179xaBXXXpZewNPdBrSBi0VcXhm9J4hfyN7PJAKVUtnUtpxMAn1bjyB8MC3wEXqlA_oD7LYv6O65ib9L1gMUz2C2BRfaUXaZx4HueJ9l6CClx9TAfp3OFGCbx6-8Yb_m7FoUZzJzta0vQorPzDym29BzIXldZzVCK2C_mZiM2Rr7strSpGP5NUYgwtAz5W8ZH7FkGY8x035VXbZnvnVp6ze8NqYnqViC3OPhBbXqvicMqJqckmIY-xTaR_mFOmR_2tZ3ZzZNPPH1mhPynAW6G_1qLyPkYBVO3MkVIgfG7AfGd_VjFCO4u_snYdWTtmUDw8P6-plTLUg-UVQQJTBOBb36aLfstJE43W1MR6AT9aZkZVNCWSbpV2GJjJgQ2dqiz-1wsqKy-7_mqiWwXv43brO6kp8rVEM3pwzW6-q0j4qZTVrPEKK3MZyaJ88pPtg4cAWGBw4XeKYZXK01tYmLKAvA50AgmOg2rsw1O19akMrEe0ivs0XjZdh0B1KOXUAPUL5kDLi8FzQ0fUwOWqobUoDfVeUfuffslog5c45d3M7spX-JmS2pJZypalyC-vxZSVo6jbKWbqhd9SmYvf35Pj_1lQ5mD4nTljPOGQsFcWI26ZdNKMtO5P2pOdALeNSKPkH7b7KUypLvxCICrzv09Zeyk7mkxH48xGou3jhsfTwaJUyNwAXjS894jf86yr0IZIhVPzZTZk2utSATz0IEtPKhXgd37RRAKaStsyKAjuGaBovI-VTMUIsmC71f12zBfLz7JvReDIqRSkF8N3-SH7eblyU_CTcG8CmkDdsc0q9ncICBwHcNwLDPexVxTOkv3htaCEYY2w8d4hmlC4bnt7DUYA72GteIuok1HTHkA2ASySvPljIh4N-okPJ4A5nG9quswQNuP_tvHrUWJsqDzk-N85cQpClWQd3Et6_JnwldGB6pv26qpRRQTSohliGcfbJnHi6B2HoOPXTTZULqFJ__oZy8jmPoADNCZiRZG1dV2glVxMv5mptmZeLEKN24sfXFDNbqPk1BRGOOnRcAoXT4fDanesLvJ2Ml64XnEMTK7iPGK1xabMwTJPhnAxNZ2cirDht3oiGoLqugxZxxErSvHi-3z33YY-nAv9j7BtpYfVe3akLjgI9eQmKFAoq8z_GQ3JpVSI91rpiW9ZfzY8kp-FcImMK8wov4IICdL57xrww9TCFI9MetI_qa9sYtmvII_Z3DFxCXxG8HwCqByRWDDkvm_6DX8d-XHOg6wshPUJaXQtbDzlTVCVyQUzIFTZiXgVqQ8K3j_23rF1CpxsEKlBhx04TjLMmJYvKzBBF20_CcqlnHFECkrpN7D-bA-k4F570aEtJnYXHSKBIWFteAnI_x5NlFSmlkM-5wF0u70DzjkZQ70SUt8wy8oSSpq8QII&cid=CAQSPADUE5ymsMAy_zhM_NGWgj_3GWnNOpgjtme8_bG0sX8UnODYH4q2jPiDsFYbH6zXwa4v_-k5sDVrIEtlXBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=4247703355001758700&adk=1033480531&idt=141&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:39:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48530
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3023
x-xss-protection: 0
server: cafe
etag: 4221495933888618527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:39:39 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame A797 29 KB
11 KB 23ms
22ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

555cb911a280dae2e7ab778b5403e27a81533f7b53cfac255d67e175a96c6e86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:39:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48530
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11134
x-xss-protection: 0
server: cafe
etag: 11889138295710991679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:39:39 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 16ED 170 KB
59 KB 224ms
106ms Script
text/javascript 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.kanui.com.br
URL: https://www.kanui.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Origin: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 05:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7998
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 05:55:11 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/ Frame 16ED 8 KB
3 KB 23ms
23ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cz7i3Q28SZ-J2ASYXn7Vqr0JG-tHbFF5eXGL_CPKuScDGX9Hy-kgvQSufdHkpFGcBX3Z2IEqdb_LHDsk1J9Hjbzy86lef84clfe1s_G5ldfc1v45E&cry=1&dbm_d=AKAmf-Cm2HI7bMc_T4FxkoxYV78b6ZsieqF20qrHG_cZuuiR0ZSyzzEhoUhsGfB-zBpUQcDvhmefFqdlWD3bj5kdMT8M4kZHfSMcwJcAfsuXdW8z2df-cFKRserVgEPnraXriKeBz_VfdzdoJ-8jh1YXw25gRJ1LPCKoIN-h5mADfwv2IXeOHC0IOHL9MULya8V-I-wrzCFc7wCynRBySRLaDnZGJJPVj6tt1pZeymcis3U_U6BPno-pxFfY0wAeAttu3t75f-zLIBimwvDYaU6i8wk596-day3xMK_kMmBuvK2P6hFAHFt8OEfJpDM6VV2MmvYWmQjjIL3j5D-8J6K24omAG-GLVswJOPsXNf3Q24UQ_6EVJZ2ADj4o0h0pxTL9HgcN-62KTwj0FIDg4fO8Ia27IB0KDf8pOwxAS_K1TQG5fYOHDkhmb0RZE7THQJwuACWTe6uOg6pWhb8239cCcjCNrkyuXeDnoPuKfYGPQ-oeqLsQmf_sP1emASEhjSUJELztlf8jns-TzYlmc0Abk8YvqZ_dAFpcoaOvOiCV1BWJLBLRdF6B4mrK0lYRIbZbJBcXL69wziHJj1pZl0KBRn99TxiGTk88tEPVPGGWaL0xy8xvQJ3OGBoHXDac-ZOZeyuKjTQo-4Nz8HWnG3YGH82IhgdBte7MosA9uYQoPNoUdQyb4_OvrQqV1HcvN5arQvKdW8llIBtiKKjWhvIDGEycvzKq0kSGhyENYs6etn3uBIqU-lWKt2lK5R1wV2Q_RV4Jsb3IJ2qty3mt8AA4Fryxgz7koimPcdiHF8qA4ak_IktdJFV8gDLXN6ovBJAwXFLOCQU41nEQeHKMHg7M-SYe9kXhPjBl6Iz5RuuAye9CDrc33G3-X7O8fVmcYnsibUyfCEf5y8Pg0C9p_VGL2xN0czbCL8KypbwSL2CqZDresWVqkir984AWjgj_hRsux01853nObIf8g_aMlYAvHt_gs5pSMOqq-jK2-ScMTQBZWR4aGEX0CAuqbEnGvD61ClvPyV25ynt-L-0I7VmMegn5b1BSdUz68ArEIAKzDTdfXbzUARgXLC8iuz4k4hfrxPszZshW8-Y4QoTssdDilXDF-n9Kx0VHkICS9fhZEc9fJ5yWRVOkNnl0WcmHVozgLk-P6c3HzTwcMfmjXMH168j6Rmhnh36yourTC33pMSLyfNWdIt93uyNrDqMTkbxJHLqSZpTnKc9zzNn-nFqKZOdORa4wa0bXZN7mZj0GLVc4rjljcfQOm7Fmz497hIOoPg0VuESzSTLhExv6fwE3nYJFfc-VUH3oH4BtPJhjbnwskRoqQFkVsZMidhNNHFSSnW_xUjPsiZOy4FHJz_-LP_QSGJ49TxkUJVGrRSn7x04XpbgxReohBQDLq_Va6GI5cu2NpcqFSTAr8SGixNebuobeyeKSSVLbGNZRu8Qqy2axBtpIFQzOSyN0QjagJ2oMYXrC5fq7GWNoKQcPtpXmADxM67LP6ImsR_WjeBuhBJJc2rXoGNqfjqgeoUx69Bm1Ur4o0wD06GM4sDFdYwn1V6iMkgofPt-QzL4JoHvsxdPL7jtDNdVJZG49bYSYx0pdhorPPzd-pe0qY7_zSnj9ohiQhgLcWXczLV5C4fb4y85lYOMYfgcpxDuqlF6iAO2z6FB_rbG3fFEDt970glYONg_2a_kSfgljw4McQ7tnE4hLzAfss2WL-p9VVcOk1M4TtW0q6BL7A-RHoFu22_RTyd8kbObj5-_5arZnMDF1T5sKbsH7Bp1JC0mfV3Fa4bIHMgV6jwlB_kYnnHJgu-ch4Ls8dpPZaniuw_LtaTl8zkiY4ECSaqHZzVuezMeRYQrqGcd0_SzbQ6m7CvthghemiKt7yGxFccujO-UNgszo2OmK458jSU9N_elToAAbydXUoQSSlp6nOwyDXWkj2F9Rnr5Dk4USgGux-z-mDsnBb9Td19B2vFwuioAt56lgtenLiUwp4hqkeJeZBwC5YRE1sqVmkS-BRWwIduf6G6rBC4VPg7NtbCEnfH_mHBt7Ibv9M2dYO_use7fMrPrBY5uXKfZLubX1zsYYHEPLNzsRATcJvV5yc6dUdDOX70216F06jZ-iWmJvnZnkoxGvn_vKiTfweh8yR9npcOP8tmAD-xXVAJnyTpyNkLxAIyHlKbeJKK1ZfKzok7Z7e-a2E8xDkDPYFUr8ITvHJeu9bmxQVz5SH8sPcMSgv8Pbc4gEgxSkMZgjYWHP3phA3hrG0b3k2foXB2nrEEAHfRm1YX0FMNPrd4o7OI5DBnMCGZ6-zxok6p9723beQAKqPqgwNq9EwJvPNhzetdGfi0bEcsXKZK-KDIXLjfxIUaVgs6e5yX_TFBj67FpE4TTKv6Na7JhSJId8TP__nDyDWpuoxlGqFdvllNAJy30nITB6auXfNZyz7uMIBTr6TwjZ-72gBbE3C1h1IJb9O0mEuTCJLpeXXrpZXZJb4BPliI2jLAUs-72zURrRdO9iscx5py7jUpDWNnOcwMs2c3FhR400tT6f7M3Q4sfm5dKSYqYACBXy8mKc8hA9P1daZQY5iqdPcNLdRapzcogYHSob-1tdJiVr2Fs5FkgyvjYYQ2zR-OVVZ7kdIHqi47oE1VTul7MWteNSqgisAPluQkBWRA6EEpe0hGKkUZOHCm59fF2VKJlEnAs02stWY6q5G2Qk5j1vP7TR-nRqhtakjliB4dLVeA42RQN2say_UQ_iHEX8s0bA6YzJrVQsOU3FW3MadqLm8thHy8FiRhf64HiYodHRnImlMBdwFucdzkxu266mQsmUa4ZUZoAM_ZiH9vlVA9KeKJLYgv-7b2-hAawxzG6Xi0yJH0aUW5DhxY8kLqF2HOth6jR7ayEFQ85MRJodgD6CeqBFIpE9i2GCqvUD0BL9p5l58_R1sVIlQ-Lxs7yvf0LTT3KrAntGuJPcP3XFypmwIkDjUT9XGP1Bl3xNR97q8F8rWZWt3vXQlR3VlZV8mIxeNO7V-NW28LAUikM8jRia0ZtDFBgAgne54gT8N3HRvGAUbTs87cw3FklO0LKO4szArFM8OPAcf8j-2p0t9QaIqE37twsgP9m9TZ-iI56LpUNC2Qr8Vjx-YGzpsP8FifVG8IFTGk16Lp3Ac_7q-HrrbgbI3XkrDT8r9dN_7Z1Iq74tN5bqcp914z-9_nNRv1bVmFin1_NJlF5v9il2bAqaYeTsdYbIL2kXWJPEfm9Ore30j6JdbtJv5BQiLJdkgjNijVBmZv1O0wGYIHMN_aisaJCaUrTAjp5ha3bpnmNunKym1Nko3aH4U_NbR0z-Vbuh_M-hlnM0xuxlhicn_hCP3Bpf2LJ_SjTEbfok8j8ZDyC9iA_m_YTtQuw&cid=CAQSPADUE5ymsMAy_zhM_NGWgj_3GWnNOpgjtme8_bG0sX8UnODYH4q2jPiDsFYbH6zXwa4v_-k5sDVrIEtlXBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=8442294703749424000&adk=4188270525&idt=137&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:39:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48530
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3023
x-xss-protection: 0
server: cafe
etag: 4221495933888618527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:39:39 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame 16ED 29 KB
11 KB 22ms
22ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

555cb911a280dae2e7ab778b5403e27a81533f7b53cfac255d67e175a96c6e86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:39:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48530
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11134
x-xss-protection: 0
server: cafe
etag: 11889138295710991679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:39:39 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 70C9 170 KB
59 KB 213ms
109ms Script
text/javascript 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.kanui.com.br
URL: https://www.kanui.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Origin: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 05:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7998
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 05:55:11 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/ Frame 70C9 8 KB
3 KB 22ms
22ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A063LcdGg830aKosYq43DG9HYW3XwM2GK3sTR-qmEINdzhveAUF07jkDkxO64S8-D55SBTzEO3p02elQyhslJz58ga2DLEUMeqvH7JFpXU4MFQC7E&cry=1&dbm_d=AKAmf-ABVcKGPZ-71y-1JzF_4I-h2OqFSuL6VOA9qO2lSxLMj4VVhWpAlWTXq8ogI6wbwpZvhXQBj2VDP-QGlURuQr-udPtdnVcU4FlYfKDG4o9qXT1dU1NEr0C0xO1bE9_DJjUdna_PDT2gbat9iEX8uBL0iWnfEkDadeMI8ah24_Et9AM1X674jhtsfEUq5fOyIYZQFZSPFylO2dTQTtYSjpmiHerN-kxcx2bntoSS81YX0UoniaYC9ULyzWKdJW5UUhdJ9ecN0V3iWETQnuCmxbQ3dOCSpf06e2xz0pksIgjEpK4xbQ6XsYDEkgcuZydjrmX-aB9DZ8_Zcv0zH3wO19NxVhODgVvkBCoQnE4xyV5GxxTyJXsBxbSS4pRVE8a3QuBc4I_TuJ_ks7C5P5brR0QsSH_HbGeRJIPn2papLClNHN-cRbbBQThk9oB5BPNTGJPd-q2PVweMJkDqSxY58coIn9lqwLWCh1YJ2dyHu0Moako3YxozmXx8zD6tkbJ8B3bZ5pdId9dBXLjrKrcQy1bIQzsbMmL3I_DI12i_Kg_M6EvA6UGZePWZj38-lZQ82_VkrQhxzZME7x-3BrgkVU-zxxAvPTN-HDnEzwcBXcIj1Md5HPNJWAyApDhFylF-bzeHMvh_txN6ajLbFPwI-WI4mBevN1nMQlUW7yxwbwJDdVATCpeSPnJf3Ldz8OZCfHQrueW8uX2c-1oJezoIoKDI_XgAZD6qLWLmv1LVNltz4MDg3OTLYeFMwTc6v-7rM3SFJc_Hh1rEdl2pzMJWk-14D0Vp6mfHFqZ6SCS04xuPj3k5z1p1VCZpHOLnsfgcIV0SpG6g8B1ePpFF3Og5uO4AirbCj7_1htTx2DcF6P-TISKPVTZZdD08m-8vjf_LaLZuqs1xyle2GdMY121naVhjtIUf2bGe8ZceHmALjVHoLfn9DQ0zt_maSJkpwPK4OJCrl524kXztbOFa9f0TgLxC7bNaZ1E31DB8TBowwZ1VwTvJ6xYqmchBIvvhPZfujzoBR717nfCZBjUdm8cLrafagiolFJMem11fW9WjJGk7PVAnMwlYvOKsGhzqhS2bYCyJir4YtxQLA3ZVGUXNZ1eN17DdrLBNBavAkoctG812wB0EViFTS0YMgLbV3SlKkwXkicAcaZ2an6hDNP5mqwJVFdOjxXigbzoVVIaR6bdRfLmOoCup_WMrX33bqTFNTwHxAhnRPjSvijfitd1_mLEqpGsVJi0TA_CxoIjUIB0c1Sb9k55ucwuHmYWtAY4kcP2WTDrH7HWJ22RJk4m24t-wfcvEaANdEMwkm97lQlobSo0M-ZG8rsPybNuyMEZPB2qXb0b_j--5DRfHULaxDU4qT4PmBXqoTAjLHs_tzLOHe-pB-80hi2LEWQB_SiP_t_HEeGHsWoi11st1VRA9gb7UY1RTyXI0-DrE9icoTCA0WFcrVyTD5-zYmjeJKudT0x9DO0mi_UZOlVDSRu-9IxngBXhbiHr4xlECQu4bbLiG5jIEdk3E6oPbgApfmEgOgA0AWRB9lreEdw16Gux0N5hhUuGOw6DFPCP2cvZkrtS_YYVvZ4QOTvsS1D-fIdWltbQtxSzSFnol_ZKndaZ_eBq0-dbV9au-RGZFj4eBeEQiRU3ZtersKszmE51WVbHNKa47yqotELRPREmXtcfTGUmryJdqv7Z5e_hdZ4OdfljQj2MEyW1x_OYL54nwy8eg5R-O36gAE9woyGUp1CILbezDrnjkk4QOeXIWklHAqL6a5HPMToAM3sydNqpVKn2IS0wPs3CjsGw0hYmsidnfY6aJTQHqG0DlJIV_I6gGqFFTdRc7Nve-WQ82AoNTP6pt7hlC_PuRQR6RAzMldApQYIp7koXUUhOoDKIA0cRn4dpOKFvuvyh-PbhtBLnVIfICwJUV0faQ0k_-9RHCDbgw9gp9C7G3eH_IsPH7VFFKSzQDpiN7JU_ujzWXmiM9dO63MyuCN1t-OlwWKmp2F6TxLESWlv4yTyl_W8BGjSMTsq1OjtNM2b7iTjT6f54zQVyslbrDL83sopjdNbHACy9qXWyN0KiJFLgosADBDCVUxx39CVUm_ZvM31zqS-aG8FWF5uLML-b5yvTMN2Q7DYGhGsF1eWr5lQyMyKWX2ktbxflHrZTYUjcn-BLMWN0gj7WDuDX0rw3HpExB4eHohwvpR0IDSuV_8zW_mcfMy3DhaDZ_VMxleNGJ0z4j4mzW2WENnwj2AGfBrI4xv7GYfsPvhQM-G3Tyfrco1L_2MRquS-Hqc4tRlnDxPaDavrJxt7UZhXB5EIDyexjBqjeTRGbFnFlSHckQwqdFDJ-59z5NGvcwDg_LV9FanmmnORp4nvRUBTgnhlFqkRHcEcyrtBnkL12I5_x-IIIh9AHSCRgpkON6hRVwLZP1H-LpUb4p-2_0aIgCechEBc2WHFDWGxQCXN4c4DLNdthhnk3wamOte9XE9tUYBARCDP6ZECpTI1q035j_tS6CSRrzWXwcBgcGoWgC9ZDluGB8CN_gJ8DpO9LBaL134A4ICNxvvQkhXewxCBhUkunRBNtQXot-gNxRUBVWV3UP4XrxuqDNmEtdiiqYymPBctvfWWo7ANfBa7TW8l5kV2o9x_RY62NMEx9z0A9FgvkyBWTUzqQBST-8cbg3Zdk4sUauUJh8TqgcaNSvATDgvT_pN42PLmShPckHhm-8HbRglQduckk_dGHWZ5cN0C1gnGy1SkkWoC9nl_rPJ-_vFGhCZVG_oINZKKQDCrtd0YoseytBbNCs3MlT9sG2-Fc1CndqS0sqx9GEI4GGliGL2myz1ryuMb-cKXrChKmzX7kmsMK7t7gpD_Va0O4_-i1hIDaJy-HJPEGAiZndWCy1yPRQ8L-ho__PHZZQEnmd-chWXiXUcRv7uPDMA_DRPeg4QWNcuYTwe7ELtb7Ff4skCDuIxIV0aGIYWxsguOHjHmj8jclFxoFNT_sAt0DAtGBCEaQO6WJW_Uj5kWTX6VSsG6RtCUF4sY7hd5Z_F-B9ewaqu4bDQOM035iQ_OJIXraBky5yLow4-zzIbtd6Sl9FPtTG3unaBKZuR56Xlb8Aif3KuNDFDnI4VHPU6b0vx9rUhoh1L_OheqoBvueINJvnkJIkQs_4_9DTVN67On5MIhowSv6LB6iSZJiZBFSxmwJOJ-engthkzUccEEze8_6tHalJiYJtAynGdfTTm6TeQHNzfcr1jp204zabjoUBQcHLiYJTCnhl758ZYvDbvOvtPv9K7tfbat6ydklocUPFL5bP7_4gpI-ifKu1EmR4JQC3j4vq2MU0fGMXmqZfqixoE63O7O97tjvupKBYk67xs7IGkDfcmbhTe45Zk0vgw3yiHEc&cid=CAQSPADUE5ymsMAy_zhM_NGWgj_3GWnNOpgjtme8_bG0sX8UnODYH4q2jPiDsFYbH6zXwa4v_-k5sDVrIEtlXBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=10617340565257708000&adk=3690638929&idt=166&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:39:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48530
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3023
x-xss-protection: 0
server: cafe
etag: 4221495933888618527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:39:39 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame 70C9 29 KB
11 KB 22ms
22ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

555cb911a280dae2e7ab778b5403e27a81533f7b53cfac255d67e175a96c6e86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:39:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48530
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11134
x-xss-protection: 0
server: cafe
etag: 11889138295710991679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:39:39 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 776B 22 KB
8 KB 27ms
22ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 48530
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 18:39:39 GMT
expires: Thu, 29 Feb 2024 18:39:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 97FD 35 B
463 B 93ms
8ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHHVvxm9rKmOkeo4Of1tLNc&google_cver=1&google_push=Aa02lx8dV2suzMJ2xBNdquTXiTC2ZKMxIfpSAgAcgSmXFbOqEeIzmwxYuyHyUFOuvM1MmaqV00kCEsiwR1EKAYMoHqifVRtrP7Y

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 97FD
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEO8llZSdtmEclcsUMixYK4E&google_cver=1&google_push=Aa02lx_THuqQ0HD1VA_r02MJET69C6JsLubNPvnDUDyO-sXYLPs4BtYeKiwvYzYztaL7GKarorxh_6XPyUT61eoj...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_THuqQ0HD1VA_r02MJET69C6JsLubNPvnDUDyO-sXYLPs4BtYeKiwvYzYztaL7GKarorxh_6XPyUT61eojOiEyol57SIxT

170 B
188 B

49ms
45ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_THuqQ0HD1VA_r02MJET69C6JsLubNPvnDUDyO-sXYLPs4BtYeKiwvYzYztaL7GKarorxh_6XPyUT61eojOiEyol57SIxT

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 02 Mar 2023 08:08:29 GMT
Server: MT3 530 4e92630 master cdg-pixel-x12 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_THuqQ0HD1VA_r02MJET69C6JsLubNPvnDUDyO-sXYLPs4BtYeKiwvYzYztaL7GKarorxh_6XPyUT61eojOiEyol57SIxT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 02 Mar 2023 08:08:28 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 97FD
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEDM9xBvTF_6DMAu_KAFMgAc&google_cver=1&google_push=Aa02lx-PCXrXIwvoDLFYp8eXm0iFy8ZDrl_k450l50fJ1Hdr5nvumg-ojADlc-asCKZ3lOUvkGnx897...
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEDM9xBvTF_6DMAu_KAFMgAc&google_cver=1&google_push=Aa02lx-PCXrXIwvoDLFYp8eXm0iFy8ZDrl_k450l50fJ1Hdr5nvumg-ojADlc-asCKZ3l...
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=T7g2qhTGSKuFvm2SC1W8HGQAWX0

170 B
188 B

44ms
44ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=T7g2qhTGSKuFvm2SC1W8HGQAWX0

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=T7g2qhTGSKuFvm2SC1W8HGQAWX0
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 97FD
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEsXUVsFqkGp_6krvlffYp0&google_cver=1&google_push=Aa02lx_WKAOsyTNcpfTbBZal_mGvBhc2XD9OE7XP0X1cHdxoTonmvBmgMBODpIVC6WoW6cn8yD4QsICNxhm...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx_WKAOsyTNcpfTbBZal_mGvBhc2XD9OE7XP0X1cHdxoTonmvBmgMBODpIVC6WoW6cn8yD4QsICNxhmvAaluxg8YC5YSG39U&google_hm=FeQGs1vEQFG27LSJGGuz3YY

170 B
188 B

50ms
46ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx_WKAOsyTNcpfTbBZal_mGvBhc2XD9OE7XP0X1cHdxoTonmvBmgMBODpIVC6WoW6cn8yD4QsICNxhmvAaluxg8YC5YSG39U&google_hm=FeQGs1vEQFG27LSJGGuz3YY

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx_WKAOsyTNcpfTbBZal_mGvBhc2XD9OE7XP0X1cHdxoTonmvBmgMBODpIVC6WoW6cn8yD4QsICNxhmvAaluxg8YC5YSG39U&google_hm=FeQGs1vEQFG27LSJGGuz3YY
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 97FD
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMCs1XTEidWjxYPLqImpmyU&google_cver=1&google_push=Aa02lx9NjzMTO8psEBF8fjUUnIsnnvvINh0ZwGtkXIAz4WhmpisCZY90xToX-jDGTMyOI5Lx4C42wXSx...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMCs1XTEidWjxYPLqImpmyU&google_cver=1&google_push=Aa02lx9NjzMTO8psEBF8fjUUnIsnnvvINh0ZwGtkXIAz4WhmpisCZY90xToX-jDGTMyOI5Lx4C4...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzYxMzcxNTc0MDQyMTc3OTQ5MA&google_push=Aa02lx9NjzMTO8psEBF8fjUUnIsnnvvINh0ZwGtkXIAz4WhmpisCZY90xToX-jDGTMyOI5Lx4C42wX...

170 B
188 B

50ms
50ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzYxMzcxNTc0MDQyMTc3OTQ5MA&google_push=Aa02lx9NjzMTO8psEBF8fjUUnIsnnvvINh0ZwGtkXIAz4WhmpisCZY90xToX-jDGTMyOI5Lx4C42wXSxhiU2qxIggxxhfLoawCzx

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzYxMzcxNTc0MDQyMTc3OTQ5MA&google_push=Aa02lx9NjzMTO8psEBF8fjUUnIsnnvvINh0ZwGtkXIAz4WhmpisCZY90xToX-jDGTMyOI5Lx4C42wXSxhiU2qxIggxxhfLoawCzx
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 97FD
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMCs1XTEidWjxYPLqImpmyU&google_cver=1&google_push=Aa02lx9GRxLAZ4-61FESfEo9Sg5f4DCToSTTmPRskYmbwOzIFoOzRz7mhdrzoGDSJiEiL_lFVF8hhBhv...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMCs1XTEidWjxYPLqImpmyU&google_cver=1&google_push=Aa02lx9GRxLAZ4-61FESfEo9Sg5f4DCToSTTmPRskYmbwOzIFoOzRz7mhdrzoGDSJiEiL_lFVF8...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQ1NTExMDk0NjY5NTY4NzI3OQ&google_push=Aa02lx9GRxLAZ4-61FESfEo9Sg5f4DCToSTTmPRskYmbwOzIFoOzRz7mhdrzoGDSJiEiL_lFVF8hhB...

170 B
188 B

51ms
50ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQ1NTExMDk0NjY5NTY4NzI3OQ&google_push=Aa02lx9GRxLAZ4-61FESfEo9Sg5f4DCToSTTmPRskYmbwOzIFoOzRz7mhdrzoGDSJiEiL_lFVF8hhBhvI5qIRdQO7f-Fm9PE_kg

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQ1NTExMDk0NjY5NTY4NzI3OQ&google_push=Aa02lx9GRxLAZ4-61FESfEo9Sg5f4DCToSTTmPRskYmbwOzIFoOzRz7mhdrzoGDSJiEiL_lFVF8hhBhvI5qIRdQO7f-Fm9PE_kg
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 97FD
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEK1DtALz0RqLw3Z1nFZjM8o&google_cver=1&google_push=Aa02lx_zSLnFSrrpJOtfZBwwYo8Ea52PHupr2_tZomXhDO5eCWkESudrpazvxM_VJjr4_H6bmIz-m0BKN8T_hAYC2...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEK1DtALz0RqLw3Z1nFZjM8o&google_cver=1&google_push=Aa02lx_zSLnFSrrpJOtfZBwwYo8Ea52PHupr2_tZomXhDO5eCWkESudrpazvxM_VJjr4_H6bmIz-m0BKN8T_hAYC2...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_zSLnFSrrpJOtfZBwwYo8Ea52PHupr2_tZomXhDO5eCWkESudrpazvxM_VJjr4_H6bmIz-m0BKN8T_hAYC2zgvkKr42MPi&google_hm=GPfosGZHN9Nl8nW5Rda9EyYp

170 B
188 B

46ms
45ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_zSLnFSrrpJOtfZBwwYo8Ea52PHupr2_tZomXhDO5eCWkESudrpazvxM_VJjr4_H6bmIz-m0BKN8T_hAYC2zgvkKr42MPi&google_hm=GPfosGZHN9Nl8nW5Rda9EyYp

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 02 Mar 2023 08:08:30 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_zSLnFSrrpJOtfZBwwYo8Ea52PHupr2_tZomXhDO5eCWkESudrpazvxM_VJjr4_H6bmIz-m0BKN8T_hAYC2zgvkKr42MPi&google_hm=GPfosGZHN9Nl8nW5Rda9EyYp
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 97FD 0
50 B 44ms
43ms Image
text/html 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JWgYwDV-w5Byz9MrQytRBFw6UNY06C_AEh-Z3mZlYldxrOtR7s2wk34uQJx6RlTodAMj08

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=4236&v=5.13.0&p0=e%3Dexd%26ci%3D%26prmEmailYes%3D1%26site_type%3Dd&p1=e%3Dvh%26si%3D1&p2=e%3Ddis&adce=1&bundle=Mo7RnF9idiUyQlV5YXNuclJEVCUyRkI2RDdFVGdrbTJKQTVod...
https://widget.us.criteo.com/event?a=4236&v=5.13.0&p0=e%3Dexd%26ci%3D%26prmEmailYes%3D1%26site_type%3Dd&p1=e%3Dvh%26si%3D1&p2=e%3Ddis&adce=1&bundle=Mo7RnF9idiUyQlV5YXNuclJEVCUyRkI2RDdFVGdrbTJKQTVod...

8 KB
4 KB

351ms
104ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=4236&v=5.13.0&p0=e%3Dexd%26ci%3D%26prmEmailYes%3D1%26site_type%3Dd&p1=e%3Dvh%26si%3D1&p2=e%3Ddis&adce=1&bundle=Mo7RnF9idiUyQlV5YXNuclJEVCUyRkI2RDdFVGdrbTJKQTVod3J1aDN5Z256QXJUdDBURjBpU1l5dSUyRlprNSUyRloxdnVBRVllSjB2dkNsOGxDMDBXcU1sbFdvT0ozQWM0UGYyZmdRTTBEZnhWYUNjUlZTRXJMdHlLS3BzRCUyRmhOekJKTTdQeGhDaGV3cDRHV1gxR0lQNldFJTJGV3FTRVFMaWclM0QlM0Q&tld=kanui.com.br&fu=https%253A%252F%252Fwww.kanui.com.br%252F&dtycbr=48895

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

3181a86ed109de11d63b424a00ffa2272c5a8d88147e43e7038f6dd325be0c5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 12254275
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://widget.us.criteo.com/event?a=4236&v=5.13.0&p0=e%3Dexd%26ci%3D%26prmEmailYes%3D1%26site_type%3Dd&p1=e%3Dvh%26si%3D1&p2=e%3Ddis&adce=1&bundle=Mo7RnF9idiUyQlV5YXNuclJEVCUyRkI2RDdFVGdrbTJKQTVod3J1aDN5Z256QXJUdDBURjBpU1l5dSUyRlprNSUyRloxdnVBRVllSjB2dkNsOGxDMDBXcU1sbFdvT0ozQWM0UGYyZmdRTTBEZnhWYUNjUlZTRXJMdHlLS3BzRCUyRmhOekJKTTdQeGhDaGV3cDRHV1gxR0lQNldFJTJGV3FTRVFMaWclM0QlM0Q&tld=kanui.com.br&fu=https%253A%252F%252Fwww.kanui.com.br%252F&dtycbr=48895
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4606956
timing-allow-origin: *
content-length: 0
expires: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A797 41 KB
15 KB 31ms
31ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:40:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48500
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 18:40:09 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C702 1 KB
643 B 85ms
85ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73576
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 11:42:13 GMT
etag: 48472445140208031
expires: Thu, 02 Mar 2023 11:42:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A797 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0406d6e3ef0f60e431f4db58c16f55208feb392491c084f7674f119104fa290d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 16ED 41 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:40:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48501
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 18:40:09 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 513E 1 KB
643 B 23ms
23ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73577
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 11:42:13 GMT
etag: 48472445140208031
expires: Thu, 02 Mar 2023 11:42:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 16ED 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b4ce6a39401cd0174fb02fbdcd32facaf216c718fb163956fe904f200f296f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK DADJEF833JDL.js Show response
wkxppshj-qx.global.ssl.fastly.net/ 265 KB
77 KB 10ms
9ms Script
application/x-javascript 151.101.129.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://wkxppshj-qx.global.ssl.fastly.net/DADJEF833JDL.js

Requested by

Host: www.kanui.com.br
URL: https://www.kanui.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5cbf277634a9ce552a315b709351783474d7fc4414878e93ddb94e4c59b73412

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Via: 1.1 varnish
Date: Thu, 02 Mar 2023 08:08:30 GMT
Age: 1227
x-amz-server-side-encryption: AES256
X-Cache: HIT
Connection: keep-alive
Content-Length: 78110
X-Served-By: cache-hhn-etou8220045-HHN
Last-Modified: Sun, 26 Feb 2023 12:45:18 GMT
X-Timer: S1677744510.119420,VS0,VE3
ETag: "5be7d19b19dd09db605d0280f16134ce"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H2 200 ads.js Show response
cdn.480app.com/ 21 B
330 B 84ms
7ms Script
application/x-javascript 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.480app.com/ads.js?r=10412199532817068

Requested by

Host: www.kanui.com.br
URL: https://www.kanui.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 varnish
date: Thu, 02 Mar 2023 08:08:30 GMT
age: 2814
x-cache: HIT
content-length: 41
x-served-by: cache-hhn-etou8220042-HHN
last-modified: Tue, 23 Jun 2015 06:50:40 GMT
x-timer: S1677744510.199879,VS0,VE0
etag: "8a68886c66c8ca4dccac563705f5891c"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 2896

GET
H/1.1 200
OK /
colrep.sitelabweb.com/chpdata/ 42 B
271 B 8ms
7ms Image
image/gif 3.122.81.162
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://colrep.sitelabweb.com/chpdata/?d=v7Up0CJnqIH23id_zvub1ncGZxaFRjTVNAmTJpJbI0igEKFDZlca_9f5ImMDU8J3FwSV0T_TXyMY9msVQSVGAlb5Pwqr1wc3ZcZLNQShZCqHUbbn-xc-N1WDq-M1l2bfNacDKENFRvRll5oWN1ZakssfZBUWS-Ypq9j6F2RkoUOWEz7mZ3qjJpNG34gQZ-UjqxOXuxbeNXOTYGNGV3BCQL_DzvOHPmxjESLWz5ap9sqKUmQjn6MVMyABhqoWOcbtczcgIDLlEkM1Oxe44kITgQJlAwJ1lCajidMqHlfxBNFjEoJmWwiPBkaGokZoBLPWQ3_kqvMnbufBY2Ej~nSKvUlMw_LkfzM03sPVt3XTaoRsUjuG86BT6vQMvyuw1_ITcUMl6w9iACaTiyMG3xgBc2Ej-SYpmhvek_LkrFMGVuAyY4oGYrRLg0sj5GTWztPmOmwPVdYDLwY0_jNlZ0bGapN1kifgZ~GTZ1OXh1gOYvXmc~M36zCBZHoWi1OHMks~IEFmI1Y4d4f5gsLzZxMlM3MSgH_Gr_YYL3gxg3RXFgZLizrPJ7YDKGMlEtASYNazvuN1Twhf4EETEsNXamewUkMDczMGBiMSB0aWeqNnEhfRMNFTIxYmelqwMhMTfBJ3N0MVdmmXfraK8uljQSFj2yLmS2frctMDjFMWcuASEKZTirZYMlfRQFRTAxY4SwqbVYLjw9Yl2zCCUL_mXuZKMjegUGE0FARY1FjbgnLzYGNGV3BCQL_D1rNYbmwVYSESNnc4imhOhqcHVBJlFB7SJ_XTb8dtc3e~t~UnJoL4avuK5XbinAR-R0NVdGcXzeaLMJv~Z2Q3FkZXEwbepnW2g7doz0RmkTpnnkb0YjrgESJ02wL1_ueLAtLzbGOWZy9iEMazvxN1P1fRk3Q22xPnrBeK4lKjn9MWI5ACEKaSNpNYb3gBQJFT~4J49zhPRmcWn~c4E9NlFAq2mebbI2igA3VmJvbNX0hKZm_TK9&c=468
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.81.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-81-162.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 08:08:30 GMT
Last-Modified: Tue, 13 Jul 2021 10:02:51 GMT
Server: nginx
ETag: "60ed64cb-2a"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 70C9 41 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:40:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48501
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 18:40:09 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1742 1 KB
643 B 22ms
22ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73577
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 11:42:13 GMT
etag: 48472445140208031
expires: Thu, 02 Mar 2023 11:42:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 70C9 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 429fe77b9e8bfbff344236e65603c9eadf8201cc37a602b9e67d6f905541c6b8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 90FF 22 KB
8 KB 24ms
24ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 48531
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 18:39:39 GMT
expires: Thu, 29 Feb 2024 18:39:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B70E 22 KB
8 KB 23ms
23ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 48531
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 18:39:39 GMT
expires: Thu, 29 Feb 2024 18:39:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js Show response
pagead2.googlesyndication.com/bg/ Frame 776B 36 KB
14 KB 24ms
23ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f618aeae3ef8800f20ca9e7b2313104b64c81e24aad04f306665e66555f6b09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:39:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14309
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 18:39:12 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 513E 0
104 B 76ms
23ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESELiJaarRKDpxDXzrmmsX5xM&google_cver=1&google_push=Aa02lx9AklmPDZdzFi9Yz8uxUZAwvtGK726rkBOOpFNvsf8_AQOhfzjSR5pZg6rxNSkfFM6aKmFU9bjH6ejs0xz4WCCffx9APg
Requested by: Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 513E
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMO-IXjkwGipxXgQANM7j7A&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMO-IXjkwGipxXgQANM7j7A&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=N1hoWkhiUXgxUHhEWms1&google_gid=CAESEMO-IXjkwGipxXgQANM7j7A&google_cver=1&google_push=Aa02lx_ZnRuPeTML95wizc8ziRv4US4klWSGKEpqFaSqiy3...

170 B
188 B

45ms
45ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=N1hoWkhiUXgxUHhEWms1&google_gid=CAESEMO-IXjkwGipxXgQANM7j7A&google_cver=1&google_push=Aa02lx_ZnRuPeTML95wizc8ziRv4US4klWSGKEpqFaSqiy3eRU80nhiZq0pAbwgmeyueo_ZA5VqTKStAiK7kWiIMBqUMSr229w

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 08:08:29 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-769-g9857bbc#rel-ec2-master i-05d0778f17fb7936d@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=N1hoWkhiUXgxUHhEWms1&google_gid=CAESEMO-IXjkwGipxXgQANM7j7A&google_cver=1&google_push=Aa02lx_ZnRuPeTML95wizc8ziRv4US4klWSGKEpqFaSqiy3eRU80nhiZq0pAbwgmeyueo_ZA5VqTKStAiK7kWiIMBqUMSr229w
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 513E
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sceCJEHPQdGC_XO6es-Wgg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

47ms
47ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sceCJEHPQdGC_XO6es-Wgg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx8RKwzPhS5XZ38-bvOVtlAoUNIgnQgyEIHDX7WYBjT1_W10kUyJYjojlOCCUOWVyuojcQp2EirOiIvToahwuq1uyoLv3_w

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sceCJEHPQdGC_XO6es-Wgg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx8RKwzPhS5XZ38-bvOVtlAoUNIgnQgyEIHDX7WYBjT1_W10kUyJYjojlOCCUOWVyuojcQp2EirOiIvToahwuq1uyoLv3_w
date: Thu, 02 Mar 2023 08:08:30 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 513E
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEK1DtALz0RqLw3Z1nFZjM8o&google_cver=1&google_push=Aa02lx9sQ9VsQJBPPZwFuujyQGi_8xv8QU3x0buuT9tn-VQdZRNugG3qbwMS0ZIbX9p91gybGve7IFDaLbUt0_OJ7...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9sQ9VsQJBPPZwFuujyQGi_8xv8QU3x0buuT9tn-VQdZRNugG3qbwMS0ZIbX9p91gybGve7IFDaLbUt0_OJ7hIGpQ0KuGc&google_hm=GPfosGZHN9Nl8nW5Rda9EyYp

170 B
188 B

46ms
45ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9sQ9VsQJBPPZwFuujyQGi_8xv8QU3x0buuT9tn-VQdZRNugG3qbwMS0ZIbX9p91gybGve7IFDaLbUt0_OJ7hIGpQ0KuGc&google_hm=GPfosGZHN9Nl8nW5Rda9EyYp

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 02 Mar 2023 08:08:30 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9sQ9VsQJBPPZwFuujyQGi_8xv8QU3x0buuT9tn-VQdZRNugG3qbwMS0ZIbX9p91gybGve7IFDaLbUt0_OJ7hIGpQ0KuGc&google_hm=GPfosGZHN9Nl8nW5Rda9EyYp
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 513E
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEFBtOeUVixqIny7s2E-uYP4&google_cver=1&google_push=Aa02lx_CxAyGfDjzIh-QdJMIA01dpiK8avzCoOyilYxeiJ544k1zoy29X6ZmqHr_E5xODctfmhQI0OWDgZdjF_3E6s2Jtl...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEFBtOeUVixqIny7s2E-uYP4&google_cver=1&google_push=Aa02lx_CxAyGfDjzIh-QdJMIA01dpiK8avzCoOyilYxeiJ544k1zoy29X6ZmqHr_E5xODctfmhQI0OWDgZdjF_3E...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ppKoB0PpRDSYgtupVqwACA&google_push=Aa02lx_CxAyGfDjzIh-QdJMIA01dpiK8avzCoOyilYxeiJ544k1zoy29X6ZmqHr_E5xODctfmhQI0OWDgZdjF_3...

170 B
188 B

49ms
48ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ppKoB0PpRDSYgtupVqwACA&google_push=Aa02lx_CxAyGfDjzIh-QdJMIA01dpiK8avzCoOyilYxeiJ544k1zoy29X6ZmqHr_E5xODctfmhQI0OWDgZdjF_3E6s2Jtlkdp4Y

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ppKoB0PpRDSYgtupVqwACA&google_push=Aa02lx_CxAyGfDjzIh-QdJMIA01dpiK8avzCoOyilYxeiJ544k1zoy29X6ZmqHr_E5xODctfmhQI0OWDgZdjF_3E6s2Jtlkdp4Y
access-control-allow-origin: *
date: Thu, 02 Mar 2023 08:08:30 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

/
onetag-sys.com/match/ Frame 513E
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBXRAGyAcwr-wX6Pf6OiM7U&google_cver=1&google_push=Aa02lx-CAF2QXS8q9wVI24OXqOFFBK_s7d4q4Ntv2MW0D4MG7G_Au6doZECq5kXDHWr-GBeGknfpiCKyDo_...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-CAF2QXS8q9wVI24OXqOFFBK_s7d4q4Ntv2MW0D4MG7G_Au6doZECq5kXDHWr-GBeGknfpiCKyDo_DzSHBlLbZTPSUyYpx
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

7ms
7ms

Image
text/plain

51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 513E
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFemk3s7q1v90qwMqzeiUvY&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx-aJ2P5lHaaMYvuvsDZsWe8xt9XyeLkoAZz9sJTT6HWlBoHIxv7UQyns3lI5xxbMh3r4SR3TC8q-7rjQuxz4-ZkOhGbzwO-
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

59ms
59ms

Image
image/gif

23.203.125.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 23.203.125.36 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-36.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Thu, 02 Mar 2023 08:08:30 GMT
pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 513E 0
12 B 46ms
44ms Image
text/html 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jbh1KRtLcnYtsN8narWb6ZU1wB4Yh-Y3L3OIEijbiS0lPdhVr_v7P5eB_oUmeg4KVicgLpRAo

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:30 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET

i.match
s.tribalfusion.com/z/ Frame C702
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEP0_0_9pZ3iZnTXVgogR0fs&google_cver=1&google_push=Aa02lx93f2uZo5YhWwSuzQZbYbN0bdjYOXNoN8i49cv1iOzGq7N9SQyY1hEhWk2Tl2TR3yD_sCW6i0Flk17sk1yrceM0HQcb-xYn&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEP0_0_9pZ3iZnTXVgogR0fs&google_cver=1&google_push=Aa02lx93f2uZo5YhWwSuzQZbYbN0bdjYOXNoN8i49cv1iOzGq7N9SQyY1hEhWk2Tl2TR3yD_sCW6i0Flk17sk1yrceM0HQcb-xY...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C702
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJfLcmFWkowDAxE74bZzIKE&google_cver=1&google_push=Aa02lx8I5qV3m35xeVNzaHRJJJ5jgf6Pr2Tu_I6YZozgwgNyt_xGesGfVS8H-Xb0w_dTY4k_hdEGGwVIbWtIiKM1qqIHA86...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8I5qV3m35xeVNzaHRJJJ5jgf6Pr2Tu_I6YZozgwgNyt_xGesGfVS8H-Xb0w_dTY4k_hdEGGwVIbWtIiKM1qqIHA86nH5LB&google_hm=eS1rWXZ0aTNaRTJwRktsTG...

170 B
188 B

51ms
46ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8I5qV3m35xeVNzaHRJJJ5jgf6Pr2Tu_I6YZozgwgNyt_xGesGfVS8H-Xb0w_dTY4k_hdEGGwVIbWtIiKM1qqIHA86nH5LB&google_hm=eS1rWXZ0aTNaRTJwRktsTGhQR1RIeHZTbWsuYWMxRjMzOX5B

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Mar 2023 08:08:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8I5qV3m35xeVNzaHRJJJ5jgf6Pr2Tu_I6YZozgwgNyt_xGesGfVS8H-Xb0w_dTY4k_hdEGGwVIbWtIiKM1qqIHA86nH5LB&google_hm=eS1rWXZ0aTNaRTJwRktsTGhQR1RIeHZTbWsuYWMxRjMzOX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C702
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEFGPTpqiUfrrzVnFGd6UZck&google_cver=1&google_push=Aa02lx8FxX4LPKZAdGI1NA4gpnCiTpjUopx0t55YGGPFa_qg5rPQCuj8XqLPVB2O1P1WYgIns9fQqkFjR_kRHQjEwNXEQHW...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFGPTpqiUfrrzVnFGd6UZck&google_cver=1&google_push=Aa02lx8FxX4LPKZAdGI1NA4gpnCiTpjUopx0t55YGGPFa_qg5rPQCuj8XqLPVB2O1P1WYgIns9fQqkFjR_kRHQjEwNXEQ...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx8FxX4LPKZAdGI1NA4gpnCiTpjUopx0t55YGGPFa_qg5rPQCuj8XqLPVB2O1P1WYgIns9fQqkFjR_kRHQjEwNXEQHWRmcQq

170 B
188 B

45ms
45ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx8FxX4LPKZAdGI1NA4gpnCiTpjUopx0t55YGGPFa_qg5rPQCuj8XqLPVB2O1P1WYgIns9fQqkFjR_kRHQjEwNXEQHWRmcQq

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx8FxX4LPKZAdGI1NA4gpnCiTpjUopx0t55YGGPFa_qg5rPQCuj8XqLPVB2O1P1WYgIns9fQqkFjR_kRHQjEwNXEQHWRmcQq
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C702
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMCs1XTEidWjxYPLqImpmyU&google_cver=1&google_push=Aa02lx8lzUohZ13rbsFpPYfGTZD5-XfT_xU9qMcCqD5nJVjku3w6bzLVXqRTcCmWGak-gcFoy_SKtjDK...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzYxMzcxNTc0MDQyMTc3OTQ5MA&google_push=Aa02lx8lzUohZ13rbsFpPYfGTZD5-XfT_xU9qMcCqD5nJVjku3w6bzLVXqRTcCmWGak-gcFoy_SKtj...

170 B
188 B

52ms
51ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzYxMzcxNTc0MDQyMTc3OTQ5MA&google_push=Aa02lx8lzUohZ13rbsFpPYfGTZD5-XfT_xU9qMcCqD5nJVjku3w6bzLVXqRTcCmWGak-gcFoy_SKtjDKNGGzJwZEcLVR_UP6iKk

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzYxMzcxNTc0MDQyMTc3OTQ5MA&google_push=Aa02lx8lzUohZ13rbsFpPYfGTZD5-XfT_xU9qMcCqD5nJVjku3w6bzLVXqRTcCmWGak-gcFoy_SKtjDKNGGzJwZEcLVR_UP6iKk
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C702
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEK1DtALz0RqLw3Z1nFZjM8o&google_cver=1&google_push=Aa02lx8--R9TeQl9Sp3EkAUi3CdN9--_TvQSqD2CC7_0O1sJGRI1TJxsdxrCbpubrRUfkZr-QCYwDvufNZ0s7fvD0...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx8--R9TeQl9Sp3EkAUi3CdN9--_TvQSqD2CC7_0O1sJGRI1TJxsdxrCbpubrRUfkZr-QCYwDvufNZ0s7fvD0frGdd0LKJE&google_hm=GPfosGZHN9Nl8nW5Rda9EyYp

170 B
188 B

52ms
47ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx8--R9TeQl9Sp3EkAUi3CdN9--_TvQSqD2CC7_0O1sJGRI1TJxsdxrCbpubrRUfkZr-QCYwDvufNZ0s7fvD0frGdd0LKJE&google_hm=GPfosGZHN9Nl8nW5Rda9EyYp

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 02 Mar 2023 08:08:30 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx8--R9TeQl9Sp3EkAUi3CdN9--_TvQSqD2CC7_0O1sJGRI1TJxsdxrCbpubrRUfkZr-QCYwDvufNZ0s7fvD0frGdd0LKJE&google_hm=GPfosGZHN9Nl8nW5Rda9EyYp
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C702
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBXRAGyAcwr-wX6Pf6OiM7U&google_cver=1&google_push=Aa02lx9PcY0fUT37I2vJIWTMe6UtrfDiBcwpBdIljb_h9FnsoyYXJ-EVxpVTbR2lFEGRva05mBsN0Ml-pvUs...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9PcY0fUT37I2vJIWTMe6UtrfDiBcwpBdIljb_h9FnsoyYXJ-EVxpVTbR2lFEGRva05mBsN0Ml-pvUsBszQIGz6hRUtv2nQ

170 B
188 B

51ms
46ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9PcY0fUT37I2vJIWTMe6UtrfDiBcwpBdIljb_h9FnsoyYXJ-EVxpVTbR2lFEGRva05mBsN0Ml-pvUsBszQIGz6hRUtv2nQ

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9PcY0fUT37I2vJIWTMe6UtrfDiBcwpBdIljb_h9FnsoyYXJ-EVxpVTbR2lFEGRva05mBsN0Ml-pvUsBszQIGz6hRUtv2nQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C702
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEMgi6X-WE...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEMg...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=298e5f06-3932-43a5-b584-70c5cab0008c&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

49ms
48ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=298e5f06-3932-43a5-b584-70c5cab0008c&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=298e5f06-3932-43a5-b584-70c5cab0008c&%%GOOGLE_PUSH_PAIR%%
date: Thu, 02 Mar 2023 08:08:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C702 0
12 B 45ms
43ms Image
text/html 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KvZFbuscM61_nN-9TDPynieBnsE_x5X0_SBMvfhUWoyVvTeiZFENYJEa1Yz0zpchoVOdhRtQ

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:30 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7314573151872791710/ Frame DAD2 108 KB
25 KB 125ms
77ms Document
text/html 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=LBsomf4waO&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22ec56df25744866a27efb0d3a95c71bec34cd151f986376a9f2e10f498760c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 08:08:30 GMT
expires: Fri, 01 Mar 2024 08:08:30 GMT
last-modified: Thu, 23 Jun 2022 10:58:10 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3C87 0
0 157ms
65ms Fetch
image/gif 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsugwOsWhEV8CGNjVGy1nSp91BqPU-8IiBUCAufP8LUX_enRg33Nm3WzIDJMmcTN-x2s1NfV9CNtZCGPRBpgrCGmwLJ49QJMQuDNJcgSGmAK0_yOKj-iMNZflT-Ws6qzUG4LpFnn81Bnj85BbzXvbgFqlTHD4fwMcvCmFPWG9LZj6crbCVePPdYXXI3Di8DKMl95-Ts-0qFZfAQxD53-LDv8VRVXCqc3zowUiZeRwiM-i4RQpJRpGsK7bO87jruabQioXxz8y_vO3goSKW8iLNJGkKEprhn6wlpAF4tO0wgdPeBAbtTRISdslNjD68RbX7wF0_5fo47y2skqBApniWzw-KYHXYmrzYTlM9QQGKfjc0PlkRqS34adRpAg30dss61cYL0y_DOO12xw2RW621JPvd1GFhPSMnFKLTzEnSHhhfhWzhqTlR87inJ1xgJzA3JYifh1z5iRLAS54fFCOrSC1EEi-kwUOXQZ1f3Ang7-jstfFG8wYEUYK0JW0c03_NCoYEG1OA2xuMlewr55IITYeEBYHlI1_Xe94zTy7ejnDAm5XejaxmeAu8R9lVkmBhkSeBiX9LbKpftcNUqzKeNu0B1UOnQVhyeU72UEzdDTw9wReJHXpOmvlXhwx33JPd0LDareKbPV1hlq5HZB0UxMQu7dulRsUPxgEIJkAle6UbztmOGqQ0SG2tReQshEdKXdRtLgDihGfQxzQMdq_apTe2NS442DdfgKKR_Jdm2pn9nOh_sNNv7WYeKbL8o00H0hp5E5rnstqsK6trJWYtc8hfmU81Zp5Dlr4tYx-2N4jB6HsbyZjZfUVoZCGqtdrC7nqZltOOVqo8OMy60L-Qw94pB3JGLudOCAhrhvofLtprEb86eIYGjO7HosTiavgAYMuAOR6WurYVsK5lG-jFug6gyfm8KYYBRG-_8sadFWIkwoVA-RBhBQL2qOf8VdbksKfpA2A62veqQl1k9zo3rLblpNTP5qSC0uCrhs8xNuRQsns5bkFkzH9NP5tyy2CuJ5Gz0dhrj7wCPSc5jpPAsNOMLkVnhAt1oDncRww83NRnQnf8mkZaZdjubaP_IFFb4oS1adyE2nIycvAVTT3U9bvX9V5ZGH24tvLrno1GlPsTCmAnmi7ibUPbuKFLJYRFOPBQ8Ps6Nk64GVctl5TY6TXbVL_tlpzkNsBos4Fz_QqySkDS_xvX8gx26tu2wn06KtKUPk-8UvqvSvTYfjdjbRTmssgfauzk5fQGc8Pb_pygQDbyHE&sai=AMfl-YRlU6sfNzsL0Yg0HUEsva_f0sc_W2ZsFhToCl3ZNhdYeIs0IjUP-SrPXpS92wf7TlrAI2gtuD5K9aMXNDVaVGI0m6J0EI3KhmWLsbZRsx-3M9BymLwGxv3XjDne9b6mJtRu9slB8K2oe15Qz1cbdNqudA-5InDD36c0d2tSfsOMyCRA6cdmACAWotOCLru86TUt43qD8RYdSPPT8Rd6R2QFdqxR8BklLJRl0H8y2YJJESV90tbOrZbjluXW9dZ4tCd8hpM&sig=Cg0ArKJSzNdgWGSqv7Z1EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=517&cbvp=1&cstd=509&cisv=r20230227.07995&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.kanui.com.br
URL: https://www.kanui.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Mar 2023 08:08:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 08:08:30 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7024728442041512453/ Frame 2B7E 115 KB
25 KB 93ms
56ms Document
text/html 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=9iIKUIe4Ta&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7733207cffdf30a54d5243350f4d55e696721a83a3022df349ce7ee17cbd3c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 08:08:30 GMT
expires: Fri, 01 Mar 2024 08:08:30 GMT
last-modified: Thu, 23 Jun 2022 10:58:01 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A797 0
0 150ms
66ms Fetch
image/gif 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstqzPo9YNCZiExMrzn-L5NTSWf9gozYVy1CKci2N-5o07p4TSwfejrgXJOEaJ61f1-5y57rkt9SBKHa9xn7r1I3PBNIEZ-th16jMxESBIBZH6Qrb3zuaAovoT8zh0zt0FTLvh3gRLc6kGi_pV5QXFHdCNj_BQxPC5RP8Xhuow2yzRX6zCndwtFygl3r9PwRaHCCxBqCW7xWHPkaM7SD3pv90VP8EzO019quY0AihdOBIxFuDvje2_FZonA0unbXTmpVFUayaZ7TeuxCRtmr2unZcq_wc2bnm-bS0wNi9ujxvld48xTtyLNnLXcj8tEtWMJV3lDVLhs3IJ-MxnqisxMNq0WEGPIwAI1sOaaMGiqqEatiNVHff5x_Or_p7fijG2MufxH_LuWtXmPxuCovtf623G4rAwcLNKFJnADrLrzMpIHQA8bcrwz_wnZOY2B4m28EgLTLF58wt7K-FHs3KgSaeuFgTsIwEJwA6KlWtwrw84qu1SYXWrlV5R-tNSJBS6YYR60c9Uzdydgay_FyuxmY5z_cLOwlyLkr8GMQ_2RrqXrxbo-lid2SLvC0FvPl02CgiDLBTG_BjAEoGhJPuF32BP6zAnkzrdww_NQWYlBgEdvzU4KT0ZyI80pG5cNV21_xML4EnB3f_slLjLT0K_F0_6PUTvsYNZzTz8m8Vhp92ECPW0jL-4IoBTGj8PSy0cVf2sS3wcEhoRjgOlMy3Uo8uA2o6izeZ_YvV6g-zu9lav5wGEu07paXvQh-48QsiDpeW-e72U4Nzy62f3TnqDWniAOs2x2Pl4ptaBkT-KpLd6832Hys7LWySu3TXW0HcsS277V7514RY_motvv7JFOlxRo1DndYaCXb7D57Xcy1WfGbTrj2MiXM6hRdQAHdM6bpxBFnlgsQnXb6YCLV7HOMW6rVW_a7aVPQGBmz5AdzTje0RXubNrZS7SCUuYJlC3S-S_CqbfSm8wuufILmPTX3pJY8Vl4-R2ORkitUDaXEgWv3WHAv3ZWbBCorAo6XHwFueP6PrflEgAIzINkAmY-iwh7DBb2HMY51dVycBi0OY6axeVZk4ak2QTNjCQpIgIBTE_b77uvpdED0zwvp_RjBALZYA8toWmSDEKnPWruaxeHllSF9fO8BV8XXc05NAnA4wYCMxsk3h61TPCReGJaoiiraZsW8rGdhFHg9NGldkziIH7QnShJ1jZ84RjfYtOSfjNkWtpvdvaMAehtWxSEI9UyHfHaKe1C2MEVv6R91jS16H8Tqx0WYuk-3hj0P6CH7&sai=AMfl-YQlNJsRw7P0TmZIrSpMmtro8weK3LPuH0hsYkzZoTiXYTnhFELI8AwmNfwCfnIXsfaYLWM0mwH71CeFjtt1MsM7dFdzo4xH9NHMxVXNbBeFUE9GsfTcMsJbHRz5faehjAncLZWu7rA8koyRp2VcLWKRgl3ZgqEDV8qMFkVssNIRwW5bBmCsuzQOHql62OQR_mhJv-hNn2tAtoqDuHioWN05PgMeMGYCrc9etNkTiEW_gsGGym4f8r-2--xSzvEOpTbMRiM&sig=Cg0ArKJSzF27Do1Nflo_EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=412&cbvp=1&cstd=409&cisv=r20230227.03112&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.kanui.com.br
URL: https://www.kanui.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Mar 2023 08:08:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 08:08:30 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 48ms
47ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.kanui.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js?cb=31072759

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 45ms
45ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.kanui.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js?cb=31072759

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 70 KB
23 KB 348ms
347ms XHR
text/plain 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3892986568155865&correlator=2985310409883851&eid=31072019%2C31072759%2C44752585%2C21065724&output=ldjh&gdfp_req=1&vrg=2023022701&ptt=17&impl=fifs&iu_parts=98468451%2CKANUUI_HOME&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=728x90%2C300x250%2C300x250%2C300x250&ifi=5&adks=3254371550%2C2490721833%2C2490721832%2C2490721835&sfv=1-0-40&ris=1~1~1~1&rcs=1%2C1%2C1%2C1&eri=1&sc=1&cookie=ID%3De6b5782cdeb757af%3AT%3D1677744509%3AS%3DALNI_Mbfc2lp1yvec_UwtlYkXo54sECZmg&gpic=UID%3D00000bbd8f160470%3AT%3D1677744509%3ART%3D1677744509%3AS%3DALNI_MZSMLfbSsdHXUF7aAiPTkuzYcoLBw&abxe=1&dt=1677744510276&lmt=1677744510&dlt=1677744505895&idt=3143&adxs=436%2C330%2C650%2C970&adys=3704%2C3399%2C3399%2C3399&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5%7C6%7C7%7C8&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.kanui.com.br%2F&frm=20&vis=1&psz=1188x125%7C320x250%7C320x250%7C300x250&msz=1188x90%7C300x250%7C300x250%7C300x250&fws=4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600&ga_vid=510490145.1677744509&ga_sid=1677744509&ga_hid=2053376196&ga_fc=true

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6fb8e3c15d67f697e16526eb90f609199af1ffcbae3e10f932b06223d1570ef4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23181
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kanui.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7024728442041512453/ Frame 229A 115 KB
25 KB 76ms
76ms Document
text/html 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=4AnNLuKT7l&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7733207cffdf30a54d5243350f4d55e696721a83a3022df349ce7ee17cbd3c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 08:08:30 GMT
expires: Fri, 01 Mar 2024 08:08:30 GMT
last-modified: Thu, 23 Jun 2022 10:58:01 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 16ED 0
0 112ms
65ms Fetch
image/gif 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv3qVr7tnMkOCa95ElNKVJ_cdUGbpVuTJ-CSqpcm0uAZyUXTVRMjwS74Q9yjWNJ21_znV7iReMt7cjzu1mXvKSvkt9Y9b6adg63St4DNSugXxTzBkpQDlaC2MrP8lMamsvbydenBucK-YqLbw87dYKTOTqZIBFX2NGpCpFvAX9AuMRrImrCYZGcyRcbV_RQr2Lg5hH9KFg_af6Hsc6UiIdWJN72MVTK1pMnHmDMfHrGuMOojLyAmbvSKBhMnBYYHDo92iWxOgDsYC4BP2xkmAWLR1Q9fuXieWqJpX2oyms1yaRwwTsIRBqjTzBwGAFJaw35389ew2YKm51MBQ61nOTayg67s4GC4VWfAATkV1TD1lBl4keRY2r47LSDSdKBOc5eQUaKwi7nC0h4YG_kpHZUU1CkW-oCF92QGnJsMVaW5bq5SfgQxmovzWkjuBrozrCGlHI7s32peG8MfhskAv7li2Qr3JF3oH29NhAxQsVaRPtvNVQe-Y-z7nFZe_l39c4QMDHPfRLx4BuyfsVZ4B7rO_7zFUH-7HjtsyqYWG1hFUWhmR3PKucHlfS_bMUuLUyTIkgf_bIqLcI3sHo8xPquS-88lkJdUBzSm3AJTo0_Vm-Mu8oBOTbfB6ScRbUGt6vCl2mmYGVvqyZ1iNrRZJ8g89TBF3eV3NhdH9iAHH2iJ-F06ZvxCtjUYA2PZtXISxuEoTr0hIjjGGxJtvuayhO-SSmVnUQbvQCNAVX1W2WwAShiiSRt0yNtzwjXS44GH-XKavkNc1LnokHgy-VaL7sneXEYDxqAq-CfsBRrFet-ghssxVJYR1KaehptxPRBr-lpoq-inbsPyKvMk15fsfvKR1G5fRGogn5Q3fV_3kJgsUobwIj723xLRNUl0PvyOeBKTWoL7m-t3luDR-7_pWCat8HG9odeRoJP03fhIrVS5T2hsxAQx_uRPfl5i1ApQ2eaqvqAqcRidWJ8Jb2hcGGd2am7_ksugFqR0A14IaYeJJocuhAfYeB7dbq4Zbnu-mVB-5zAq6q9ZVYE3-cytJJBbKprm99C4nTwL7kp1-URAyTq7P-s2wBiWmfkoedhXIWR5jXL04ZU1xkodMl26MCvJ5pA2rY5BKfXFbHsCF0HueZXLMCVAW7VIj8VdfskKykBWMtR1XxHGjAUL0e0V3Qki5e6wrM9T2_sLignj2xcP2mb2kbe0NwlESYuipEiNVgA4qsPlBorlZRMw4b6-LQ5Th-ljG0fbLJFnEsu4ByghQgRwP_vLfZpKoo1QJdGYwnW&sai=AMfl-YSjeFaOFiY5HlIZGAsPrCry6OS8RwFZso1WmnjIWujhksRBtDMqdOjeP4hle7OZUdKjfbqUXMX8wkHgAV9M44-5Z3IgHpbt7EcrtfZFr-KCdXjOfpYWzBIB_huPgQxWALOyd3q8hbpYp9GShumPWR07GpMye_Fl5riza6odhWLUKa_LqubqsYUp8ySBpC347mmo8UlRSq0YG97zAa0lsFBsTjbyDAg1C6NhdoB_P81zRTIGCBEFN6ugU-ahr1WcIIJH60Q&sig=Cg0ArKJSzDIHJqYFDumqEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=441&cbvp=1&cstd=437&cisv=r20230227.43414&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.kanui.com.br
URL: https://www.kanui.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Mar 2023 08:08:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 08:08:30 GMT

POST
H2 200 /
eum-orange-saas.instana.io/ 0
41 B 110ms
110ms Ping
text/plain 34.120.4.21
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://eum-orange-saas.instana.io/
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.4.21 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 21.4.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kanui.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 02 Mar 2023 08:08:30 GMT
cache-control: no-cache, no-store
via: 1.1 google
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7024728442041512453/ Frame 8F4A 115 KB
25 KB 77ms
76ms Document
text/html 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=GAOXdyiT15&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7733207cffdf30a54d5243350f4d55e696721a83a3022df349ce7ee17cbd3c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 08:08:30 GMT
expires: Fri, 01 Mar 2024 08:08:30 GMT
last-modified: Thu, 23 Jun 2022 10:58:01 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 70C9 0
0 90ms
64ms Fetch
image/gif 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssmFRnpIpw12qMlTAXHQ1DuEpZIK3vjjIUSOSilyh-h-imaAWshPJ1Krim2Ng9KJvEdo4_LPJrSvZpg17wY1gAKa4dhno18C8HEfQt_4DcF-Gu_0V18Grlz8MZvl5ziyNRAxquWaVANIO8Z5c5Wz_Mibig8XAvrpFxBUZSFcP3aXcfFtjjG3ugo2R0ScW0ZBfSd_RZQdWYDznDiX7BHEXHAQAzvN-AJdPmtLurIGlGr-d5H8LYChllXbFjNIqEfRzDnRwhlGFe6rAMEzOMKfIc9RSGMa3S2iY9hZ1Jvr4p3a079e1g4IB9pw2bQQibGL-Zc9M2xKCWagJo0slzc5u7G7FKbCjAeEk_JwHbH6_GG4LyxBa2XKmdHUXrjb5_uVEqvI6UveVX9TclDpcvzFG5GwhAk4ihnwwD7DkURnH2oEUgNj4dwGbvtvc3MlSWLy92wVwIm0SASuIWk3HQhagkpSSjCKBUY0E-haOm1tDEV0k9foO3LOhq6-MwV3q6CRB2BnX0-daJhpE541b5goCqrKEkZuB8lKhWxTtYb_xVXrFVOYalPNAd0iR7MKYzIRyl4-HWeaTs7cgOcvbyvP9fkRJ7BtuGMQxbovPfreJVM5oalTMSA3XrZUqddkgrBiPa32GuRp-58CFJcVV_2fn8tkfqlLv-Lo8w0Q7faH-U5pkNMGyUO7ZpIUJAgWW5zAqpAFZrzHYQ-k5Snk2h44xJMPyLz1GP1Z060ZB3jyzsSyJ-AEIjQ3fTeFSsJOsBbhkjlWq3dB760lM1syHMxrUgFiVWmopAIc8gpPa3bw4Jc9ans8itAvUImAvLvPMcwojFcbawMARQTJvL0lddKQBjbzBTaMvSF_5dvFP7bl6STmtO0oL7jcyR2YSXU0lrBVev1UCopkrKVJ-_GafudcB4YxJGT-KM_92O2chbV6qaNwUrP3NLvTR6lOuAaQY4B2XuYND-HzG0wWgdKILgEWqjhfvwE3dVsrv0J2CK5HppJBIq4vmUmR8W9sFoxTa3xqIdrcQ4ve-IA4hkI2cndIbfT4f6ZQvim3G7CUyVYeyQOAKNHhqtaywWoD_TPtvkrq_vbS6kEWtHOTb4q24omsHJ_LsAyCYKyE4etD-WMcHhY45rDf4-pF8-_93RLAoc8SKdzvEgJ7iEYssjOlWXAk-jxBMI2lcQVQ55DGZ4wwu5mXlwJCkz_ur5d65S86JZij5r91ht1MjOnDmtoOHQHCEu5UMHfkOqnUBoigcF33JRt1RTIghdto-SbmEfrxC88AwLq&sai=AMfl-YS0A2AKRidAHkjXH60DIlmu9qyMlphcz7dcF5LuDWABLwLbgnf9VIIozxOnDspX-YjVblFIB9IgwGyMYhacEzVZ6oSGZagyieQgWvsiL1MtVTDDkkuPrZ-KwkEmo-T6PJi1WffpJretRj2ZwRk9GNMZxfF4aZvfwMTGvLPUeRMWYVdBTb5ggThBmaHe5WAerg2nCudR8T0YC-lR3gyvCTJRToWOdFp8eo7LuIh1geHFxn1NcUn6-bsP_Vk9EE5PQ6gJ0tM&sig=Cg0ArKJSzFaW6WzYjDfNEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=448&cbvp=1&cstd=444&cisv=r20230227.61389&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.kanui.com.br
URL: https://www.kanui.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Mar 2023 08:08:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 08:08:30 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 63ms
62ms Image
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023022701&jk=3892986568155865&bg=!V1SlVADNAAbK-VRH6vk7ADkAdvg8Wg3FPlVLXIqWIuqjB9GBbenx-e2RNa-0RteBg4sYr6jyVf_T-vLWJmi7faIk8rEGON0q9-sCAAAAjVIAAAADaAEHmQKgIo6serCrs0kd94rWtL4jo2yOTvW8zKnDpIMfXvczpp4cIwgGKzG9g6niZ7As-pGCORDFQfd01kZM4wHT-SfwnjsWtzUMxdg4S1yMnmSRN_-Knx9k0rTUdKNgh22_yfF03B02Tle1o-Ot2iZvALMWn59vwK3N6SQa2TMuAhrZ3mnOZ-jFE7h1kvHkaN926IUqWzgQzt7ADy0qKe5Dl4fZneKjx8sLYkCMWE4S2prJPx-FvJ91nOAE5N0AHddMKi9YvrFkVGkAoT3gO7BVAHVdOuhB0piKh2q1AL9bDtsH2a4VYWdoNimxl63VePuW_4kzSY5EolSc2XwoFhbMNkD1kKNxPrRd0sIIQQf03e36h90PqhTp5oSx7HKolZSwwZ_8_PHap8D3Tx5Fs-jo5kPBQLlAfGjpXaEtb8nN3LPIqw7Ff3Ge74YqBB3lpURjbPcU2t3c5z_gOtwWIqu11Fwys8zlnDVScb1PHe8PVFTxhS49f1oMUnEtGRs1eWcp_N_hgWrlHGeszIfNFfs01ns7A41OjTilFv5B4ryIs28q0RSEVPLmHSd6ekOjsNPkP2f5ew1kM5PllIvn3UHVdFXh1hbApJ-xkSN58SZ4QB7XGKU2GGbTAm3CeDHHW3k3kspQeO-9ZkmwnheHs_G0kBMHlakS0ADPNNEhp20HOOqo6wwTbvMB2px-7Td7KpAYJgngbFHXeggH_fOYJRnq5-n_O4zrtb8iIx0e0PPbchUsvrDTAM5f9DjC1qpGSQ32SaAtXCASY8LNeKoEMXJfezF4LS7V-UiNFEqo3a67BLWmWwHGCJWATLuiSX0zAirc2wDGwxNv4lm9BumNE7fEnZmUpys1N_qUyqaotSEuEB0PTYtvhdM_-CrCqusESdnQIkjk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H/1.1 200
OK DADJEF833.snp Show response
wkxppshj-qx.global.ssl.fastly.net/ 38 KB
28 KB 29ms
7ms Fetch
application/x-javascript 151.101.129.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://wkxppshj-qx.global.ssl.fastly.net/DADJEF833.snp

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

16ec076d7ee6db7c6ea49ec4b1f3e964c0fd0333a7d28cd330896422a6a1351e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Via: 1.1 varnish
Date: Thu, 02 Mar 2023 08:08:30 GMT
Age: 1227
x-amz-server-side-encryption: AES256
X-Cache: HIT
Connection: keep-alive
Content-Length: 27574
X-Served-By: cache-hhn-etou8220042-HHN
Last-Modified: Sun, 19 Feb 2023 09:51:39 GMT
X-Timer: S1677744510.401522,VS0,VE1
ETag: "0d04a764822c2b3e1aee4d7bd8cc4e0b"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8C47 22 KB
8 KB 30ms
25ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 48531
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 18:39:39 GMT
expires: Thu, 29 Feb 2024 18:39:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1742
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHHVvxm9rKmOkeo4Of1tLNc&google_cver=1&google_push=Aa02lx_BeWTWoEWkFL2-QZX8dSLLVNr-v9bN4sfghCZxGirEIr5vignJU4...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx_BeWTWoEWkFL2-QZX8dSLLVNr-v9bN4sfghCZxGirEIr5vignJU4vfOfmcTXe6o9kzGQtbUdCb9B8ymaUmBFcBvQqJ_kU&google_hm=Rv2fEd5EC5z6C...

170 B
188 B

47ms
46ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx_BeWTWoEWkFL2-QZX8dSLLVNr-v9bN4sfghCZxGirEIr5vignJU4vfOfmcTXe6o9kzGQtbUdCb9B8ymaUmBFcBvQqJ_kU&google_hm=Rv2fEd5EC5z6CA2K3s9kyQ

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx_BeWTWoEWkFL2-QZX8dSLLVNr-v9bN4sfghCZxGirEIr5vignJU4vfOfmcTXe6o9kzGQtbUdCb9B8ymaUmBFcBvQqJ_kU&google_hm=Rv2fEd5EC5z6CA2K3s9kyQ
pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1742
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELwALyANoC8O6-iBkT7K12U&google_push=Aa02lx9trsRBRcD-xTPeHHhGjc0UcVUL7h1EEA-KXar-Ou1wtPQ7IPB5Bs...

170 B
188 B

45ms
44ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELwALyANoC8O6-iBkT7K12U&google_push=Aa02lx9trsRBRcD-xTPeHHhGjc0UcVUL7h1EEA-KXar-Ou1wtPQ7IPB5BszdQfIajP6MYBOHmWM-Ng4mZYiLv0gD1maNDoPcmk0n

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220071-HHN
pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1677744510.450278,VS0,VE93
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELwALyANoC8O6-iBkT7K12U&google_push=Aa02lx9trsRBRcD-xTPeHHhGjc0UcVUL7h1EEA-KXar-Ou1wtPQ7IPB5BszdQfIajP6MYBOHmWM-Ng4mZYiLv0gD1maNDoPcmk0n
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 1742 0
173 B 91ms
18ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEIaJr1T-N2pfHaR1PN0X-HY&google_cver=1&google_push=Aa02lx-n2DthkGYGSW1_v6hNMArLuFC2rwISO7s6-_Nz0zcXxeEFe7i4Rfh0LvCWC_UCgauB8-uTWfmmaYjy5pE75lDo54B77bnJ
Requested by: Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:30 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 204 sync
x.bidswitch.net/ Frame 1742 0
71 B 24ms
14ms Image
text/plain 35.157.135.232
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELh589EYG88AtK-Qhnnvquk&google_cver=1&google_push=Aa02lx8ija5qbUDdTRvn9TEOjkhyL7F71VQ-qXYXh6kLWdU_j-JyWthZKITWmRs5xQY0iZ599KbrYHlxeXSDXZ_GA-uTD8iPNFIm
Requested by: Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.135.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-135-232.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:30 GMT
cache-control: no-cache, no-store, must-revalidate

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1742
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMCs1XTEidWjxYPLqImpmyU&google_cver=1&google_push=Aa02lx8erLh3KIbEX9WEHq6MujncIWUOu0UBzB02GvzKTXCZnsj7XtFTCDhe9NXQXJELXzIbsZqFKl5L...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzYxMzcxNTc0MDQyMTc3OTQ5MA&google_push=Aa02lx8erLh3KIbEX9WEHq6MujncIWUOu0UBzB02GvzKTXCZnsj7XtFTCDhe9NXQXJELXzIbsZqFKl...

170 B
188 B

48ms
48ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzYxMzcxNTc0MDQyMTc3OTQ5MA&google_push=Aa02lx8erLh3KIbEX9WEHq6MujncIWUOu0UBzB02GvzKTXCZnsj7XtFTCDhe9NXQXJELXzIbsZqFKl5LSPpb613oMZMOZqgKyF-0

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzYxMzcxNTc0MDQyMTc3OTQ5MA&google_push=Aa02lx8erLh3KIbEX9WEHq6MujncIWUOu0UBzB02GvzKTXCZnsj7XtFTCDhe9NXQXJELXzIbsZqFKl5LSPpb613oMZMOZqgKyF-0
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1742
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBXRAGyAcwr-wX6Pf6OiM7U&google_cver=1&google_push=Aa02lx-iYU0yeW2msnwuNBMQNXqIFsy946YubiZ5yaFonSw_pFXB78Eg_bLPM8B8uM1l-hFhn9LnOiaxPDxp...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-iYU0yeW2msnwuNBMQNXqIFsy946YubiZ5yaFonSw_pFXB78Eg_bLPM8B8uM1l-hFhn9LnOiaxPDxp7mCUY3wxB1pV-upd

170 B
188 B

46ms
45ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-iYU0yeW2msnwuNBMQNXqIFsy946YubiZ5yaFonSw_pFXB78Eg_bLPM8B8uM1l-hFhn9LnOiaxPDxp7mCUY3wxB1pV-upd

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-iYU0yeW2msnwuNBMQNXqIFsy946YubiZ5yaFonSw_pFXB78Eg_bLPM8B8uM1l-hFhn9LnOiaxPDxp7mCUY3wxB1pV-upd
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1742
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEACJ_UjZo8z-KCZTEameRa4&google_cver=1&google_push=Aa02lx9X8kng0MHdm...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTA0MTc1MjA0MTQ2NDc5NzA1OQ%3D%3D&google_gid=CAESEACJ_UjZo8z-KCZTEameRa4&google_cver=1&google_push=Aa02lx9X8kng0MHdmNyf86qMtsJ_BJgvA3...

170 B
188 B

46ms
46ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTA0MTc1MjA0MTQ2NDc5NzA1OQ%3D%3D&google_gid=CAESEACJ_UjZo8z-KCZTEameRa4&google_cver=1&google_push=Aa02lx9X8kng0MHdmNyf86qMtsJ_BJgvA359dmJY1wW5Nn5wTo_mLtShqL1d7dag6gbAq72VunKFH2pR9CkavCDVYNYIyyb_RQOGfQ

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 02 Mar 2023 08:08:30 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 001ae3c1-bf95-42bc-82d1-8f94f16e6702
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTA0MTc1MjA0MTQ2NDc5NzA1OQ%3D%3D&google_gid=CAESEACJ_UjZo8z-KCZTEameRa4&google_cver=1&google_push=Aa02lx9X8kng0MHdmNyf86qMtsJ_BJgvA359dmJY1wW5Nn5wTo_mLtShqL1d7dag6gbAq72VunKFH2pR9CkavCDVYNYIyyb_RQOGfQ
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1742 0
12 B 49ms
44ms Image
text/html 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KSpIws4wKFV9Z4aMr7wKoB8KUcTQYJsS2PhYEWzU1fuc_xNJRkAfqQTgDRUICo1q5Kkiq3Iw

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:30 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 2B7E 118 KB
40 KB 31ms
23ms Script
text/javascript 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=9iIKUIe4Ta&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=9iIKUIe4Ta&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 05:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7999
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 05:55:11 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 17ms
16ms XHR
text/plain 2a00:1450:4025:402::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-24844488-1&cid=510490145.1677744509&jid=177157642&gjid=1824726101&_gid=107326882.1677744509&_u=aGDCgAIJQAAAAGAMI~&z=1651172360

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kanui.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 02 Mar 2023 08:08:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kanui.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 26ms
26ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2053376196&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.kanui.com.br%2F&ul=en-us&de=UTF-8&dt=Kanui%20%7C%20Ofertas%20-%20T%C3%AAnis%2C%20Roupas%20Esportivas%2C%20Acess%C3%B3rios%20e%20Mais.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Namogoo%20Malware&ea=Infected&el=Infected%20-%20Monitoring&_utma=227738178.510490145.1677744509.1677744509.1677744509.1&_utmz=227738178.1677744509.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1677744510410&_u=aGDCgAIJQAAAACAMI~&jid=177157642&gjid=1824726101&cid=510490145.1677744509&tid=UA-24844488-1&_gid=107326882.1677744509&gtm=45He32r0n81KBHCZ4N&did=i5iSjo&cd18=Infected%20-%20Monitoring&z=819852504

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 09:52:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 80189
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 229A 118 KB
40 KB 23ms
23ms Script
text/javascript 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=4AnNLuKT7l&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=4AnNLuKT7l&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 05:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7999
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 05:55:11 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame DAD2 118 KB
40 KB 23ms
23ms Script
text/javascript 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=LBsomf4waO&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=LBsomf4waO&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 05:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7999
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 05:55:11 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 8F4A 118 KB
40 KB 24ms
23ms Script
text/javascript 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=GAOXdyiT15&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=GAOXdyiT15&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 05:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7999
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 05:55:11 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 49ms
48ms Image
image/gif 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-24844488-1&cid=510490145.1677744509&jid=177157642&_u=aGDCgAIJQAAAAGAMI~&z=607958613

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 47ms
46ms Image
image/gif 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-24844488-1&cid=510490145.1677744509&jid=177157642&_u=aGDCgAIJQAAAAGAMI~&z=607958613

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js Show response
pagead2.googlesyndication.com/bg/ Frame 90FF 36 KB
14 KB 23ms
23ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f618aeae3ef8800f20ca9e7b2313104b64c81e24aad04f306665e66555f6b09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:39:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14309
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 18:39:12 GMT

GET
H3 200 H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js Show response
pagead2.googlesyndication.com/bg/ Frame B70E 36 KB
14 KB 26ms
25ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f618aeae3ef8800f20ca9e7b2313104b64c81e24aad04f306665e66555f6b09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:39:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14309
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 18:39:12 GMT

GET
H/1.1 200
OK /
colrep.sitelabweb.com/chpdata/ 42 B
271 B 8ms
8ms Image
image/gif 3.122.81.162
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://colrep.sitelabweb.com/chpdata/?d=uK16zeNNI42MlddOvwh1x~GcRa~SjI8N9ET7zJ9x0jRM1iSwdc-v0-MIM1zHoYRp1wR0viT2fMESkHr1DDyfwcepjjVp1zUXVZX42yP5DIGUxPqwmx0R~lTnlMlJmGgZJ4TX5J8nyvUdnyjPUaYqlyP5AE3YjZLfEkSRInUvnM-FmHPVF4TL3L5J0dkJslTfnOF7mBgIS1Te5NLF0hBUukDroNES1B51fH3wrbd_hdRJEjSSdJVBwztd6HmYxdR~lghBMrCrfMF7w~MA210PnM5pXvU40jCrgQkNy-vgL2CrnM5pBxFBqvV-TYmmpHqUF6ja-NKizhgUwiC32SHKN6qUF5ya~Md_pv0UjijZ~ZYGrFak21jIFaexvwUUjikveMV3u-q4K2DnzL5s3hwUwiFkPZo8yE4UF6ja-NKizhgZmuXkyeJKlFQN6H2BBM_B4yVVnvDOoZVd4-8Z012a3OaF0gRc2iDfdY-d3BPF-2zbkZasxtQZ-~W7SPYCi1uN3EmP6Y5s0iUIvjmboOVR405UOEjskY8AysRM2fnkXZFv5-gR3DjL4ZqBitBg~kDvgMYFx05d~3DTyZ8tigxc0kCwTdI8n89N2IksmPqAxgw0vjj~mN-J005AO0jLzN_e0g0YxvTYjMoNz-PJ~1GP3YLw3gUEuiz2kNVCh0uV0Dy73ML~mtVRfv1kTc5GpFg5bED74Mq~tgRY1jz~jNFNw144E1TXvNa-mg0UujDgTM-CiB5B-2WT~NLthgBM2jTrfYVKlBgMA2TT-RbtEmiVEkDjgMVR30bcJ2DayOq~2hwZu~jOeJoayC8YSGHY2ce~lg~EjikvTMmS3HhcBG2MwdtNus09rhmgfJVCGyQR2E3PBe_Bpx~lsvmsRdIOk29RFJWaoa9-fs09-ynofeVwuH8x9~mUjMqfHkREsiySeMFWz-MYN3DPwMqA3hxc~jDrdOUSjB5IS60LzL5~uhREujD6dMVJ1~MEL2zj5Na21gBkkuWoQbI2jEgVF4THobe~9yFJ-vSwfc-wmB8xGESflc5elh~IjijgfMl3y-LUF1ia-Qqw3dRJBfTffclBw-MM21jPnMOs4dRJBfTffcl710MU21jPnMOsxdRdCfmTfdlvwyPh2ImFBdex1tQZsxW6sMUSuBM0D~mfraqexdlNkxTOeJpClGu9FJD7nNOwlghJQvXwXeoOyy5IF~TUDMp63lAZwxTOfJp4mHr0E2Dnb&c=468
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.81.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-81-162.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 08:08:30 GMT
Last-Modified: Tue, 13 Jul 2021 10:02:51 GMT
Server: nginx
ETag: "60ed64cb-2a"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42

GET
H3 200 btn_cta_arrow.svg
s0.2mdn.net/sadbundle/7024728442041512453/ Frame 2B7E 363 B
294 B 24ms
23ms Image
image/svg+xml 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7024728442041512453/btn_cta_arrow.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=9iIKUIe4Ta&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47a278025cea905349e975bf082b6d027e22a536a4b3d370afeb04d8fc5b2ca4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=9iIKUIe4Ta&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127878
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 265
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 10:58:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Feb 2024 20:37:12 GMT

GET
H3 200 kia.woff
s0.2mdn.net/sadbundle/7024728442041512453/ Frame 2B7E 23 KB
23 KB 25ms
24ms Font
font/woff 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7024728442041512453/kia.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=9iIKUIe4Ta&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4974622fff31e0fe9dcc6c31c33e3f74dfb665d2678bd876ab807506e3bab60c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=9iIKUIe4Ta&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:50:24 GMT
x-content-type-options: nosniff
age: 55086
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23072
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 10:58:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Feb 2024 16:50:24 GMT

GET H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js
pagead2.googlesyndication.com/bg/ Frame 8C47 0
0

GET
H3 200 btn_cta_arrow.svg
s0.2mdn.net/sadbundle/7024728442041512453/ Frame 229A 363 B
294 B 23ms
23ms Image
image/svg+xml 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7024728442041512453/btn_cta_arrow.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=4AnNLuKT7l&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47a278025cea905349e975bf082b6d027e22a536a4b3d370afeb04d8fc5b2ca4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=4AnNLuKT7l&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127878
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 265
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 10:58:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Feb 2024 20:37:12 GMT

GET
H3 200 kia.woff
s0.2mdn.net/sadbundle/7024728442041512453/ Frame 229A 23 KB
23 KB 24ms
23ms Font
font/woff 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7024728442041512453/kia.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=4AnNLuKT7l&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4974622fff31e0fe9dcc6c31c33e3f74dfb665d2678bd876ab807506e3bab60c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=4AnNLuKT7l&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:50:24 GMT
x-content-type-options: nosniff
age: 55086
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23072
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 10:58:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Feb 2024 16:50:24 GMT

GET
H3 200 btn_cta_arrow.svg
s0.2mdn.net/sadbundle/7314573151872791710/ Frame DAD2 366 B
298 B 24ms
24ms Image
image/svg+xml 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7314573151872791710/btn_cta_arrow.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=LBsomf4waO&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65ecaacea233cbd58cd42e885e80df77cbc92fc6cfd6e85f1d0e9d2852e1e7ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=LBsomf4waO&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 563066
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 269
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 10:58:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Feb 2024 19:44:04 GMT

GET
H3 200 kia.woff
s0.2mdn.net/sadbundle/7314573151872791710/ Frame DAD2 23 KB
23 KB 24ms
24ms Font
font/woff 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7314573151872791710/kia.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=LBsomf4waO&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4974622fff31e0fe9dcc6c31c33e3f74dfb665d2678bd876ab807506e3bab60c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=LBsomf4waO&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 21:37:52 GMT
x-content-type-options: nosniff
age: 556238
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23072
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 10:58:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Feb 2024 21:37:52 GMT

GET view
googleads4.g.doubleclick.net/pcs/ Frame A797 0
0

GET btn_cta_arrow.svg
s0.2mdn.net/sadbundle/7024728442041512453/ Frame 8F4A 0
0

GET kia.woff
s0.2mdn.net/sadbundle/7024728442041512453/ Frame 8F4A 0
0

GET view
googleads4.g.doubleclick.net/pcs/ Frame 3C87 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 3C87 0
0

GET dc_oe=ChMIvpaXrOW8_QIVhYP9Bx2noAYlEAAYACCdh_JKQhMIsoH3q-W8_QIVVoeDBx1lyQ8B;met=1;&timestamp=1677744510673;eid1=871060;ecn1=1;etm1=0;
ade.googlesyndication.com/ddm/activity/ Frame 3C87 0
0

GET view
googleads4.g.doubleclick.net/pcs/ Frame 70C9 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 70C9 0
0

GET dc_oe=ChMIjuKcrOW8_QIVb5L9Bx0Raw60EAAYACDmztVKQhMIs4H3q-W8_QIVVoeDBx1lyQ8B;met=1;&timestamp=1677744510683;eid1=871060;ecn1=1;etm1=0;
ade.googlesyndication.com/ddm/activity/ Frame 70C9 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame A797 0
0

GET dc_oe=ChMI75ubrOW8_QIVTuu7CB063wN_EAAYACDmztVKQhMItIH3q-W8_QIVVoeDBx1lyQ8B;met=1;&timestamp=1677744510690;eid1=871060;ecn1=1;etm1=0;
ade.googlesyndication.com/ddm/activity/ Frame A797 0
0

GET view
googleads4.g.doubleclick.net/pcs/ Frame 16ED 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 16ED 0
0

GET dc_oe=ChMI7sSbrOW8_QIViP-7CB1nfATWEAAYACDmztVKQhMItYH3q-W8_QIVVoeDBx1lyQ8B;met=1;&timestamp=1677744510696;eid1=871060;ecn1=1;etm1=0;
ade.googlesyndication.com/ddm/activity/ Frame 16ED 0
0

GET
H3 200 container.html Show response
01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6E0A 6 KB
3 KB 23ms
23ms Document
text/html 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js?cb=31072759

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kanui.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 08:08:29 GMT
expires: Fri, 01 Mar 2024 08:08:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CE54 6 KB
3 KB 23ms
22ms Document
text/html 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js?cb=31072759

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kanui.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 08:08:29 GMT
expires: Fri, 01 Mar 2024 08:08:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 12E3 6 KB
3 KB 23ms
23ms Document
text/html 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js?cb=31072759

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kanui.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 08:08:29 GMT
expires: Fri, 01 Mar 2024 08:08:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3791 6 KB
3 KB 23ms
22ms Document
text/html 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js?cb=31072759

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kanui.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 08:08:29 GMT
expires: Fri, 01 Mar 2024 08:08:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FAEF 398 B
222 B 69ms
67ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjkifncATAB&v=APEucNVgIo6a9bK4rTcDM0LJ6AVRqy5i1-f3HB_ogd3ELYeH-r1pLnO3WtxgwwYaRr1azo6hFC0BXZruR850ND2eL64WKzJm-pgBrlEiW7lhXNjcOgj7tXyPHOR6X3-uHE6quSer4g5sp-ZRPCwah1TABOwE59EMhnIla0o85PebR3JDHtLSiQw

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 202
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 08:08:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6E0A 78 KB
27 KB 105ms
103ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 08:08:30 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E0A 42 B
63 B 59ms
57ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C3eOjWAsAtJ9cMWqFnn51YlI8Qj6-ge6jwIfqoJUCRRt--fpXRPx-hYn_dY1PkYlGscFJqw_HbyZzJJDQ79C9G8NDPB2udCokqMniKu2DyNCA0F8M

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E0A 0
20 B 63ms
61ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7122693300833545217&x=1&ct=76

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 6E0A 3 KB
1 KB 27ms
25ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 04:59:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 04:59:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 6E0A 20 KB
8 KB 28ms
26ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:40:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:40:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6E0A 0
0 52ms
50ms Image
text/html 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTcOLAB1fU9HkQek7qmPPTshnZ6Wr9oMPzfbV6jPzNdNj6PSZ762hcwYCH3U1SUsNQs6VNngbDvjxNpWbNHpEvbNYNNaA
Requested by: Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6E0A 158 KB
48 KB 70ms
66ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 08:08:30 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9C39 398 B
222 B 62ms
60ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGPTP3d4BMAE&v=APEucNUqrUeNvFQw-F_R5piVuHcH58EjaYNyfuvFD6Z8CPJ_hjQbu_5E_QIwgfK3b52Ac7UqOs1NaJ5mWWTq2ZOrcOK2wGhRp_U7DeFAyDKrdKSaA5zp04l2iWobrseMT_F5Owpgqo_zwGiPD-aIDbzLCZ5vtGnzzW_NM5KQ4N-KqX5kGQBTUxI

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 202
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 08:08:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame CE54 78 KB
27 KB 215ms
213ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 08:08:30 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CE54 42 B
63 B 57ms
56ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AnEqZrGT9sxPRiYu1WvsSNyjYWFh_MTUX1RMwi3f1N-S0BQujn_G-Lt7VcbRVbj2sdt4zqC2T7oLvremTUZtoUtL5SoJetgpKpRXH-ovJ30xuNbow

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CE54 0
20 B 60ms
59ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17453470618543036989&x=1&ct=76

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame CE54 3 KB
1 KB 27ms
26ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 04:59:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 04:59:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame CE54 20 KB
8 KB 25ms
24ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:40:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:40:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CE54 0
0 48ms
47ms Image
text/html 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQJ_MQ3E1R2ZkDUPx_ATQ_7R6-5jthrsX3Z6kVUlRijmpN3R72ekxTwBzdfp81RA6c31hmiwNjxEaixU7GdS7NCO2N6Zg
Requested by: Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CE54 158 KB
48 KB 147ms
146ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 08:08:30 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9747 398 B
222 B 61ms
60ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj5oqp5MAE&v=APEucNV27MlQMYSYr_yeYJWB5Uz36paHXh3VOlVj5wePuRMotRXr3n6lILeZM2pDtzHE4kjNpYWYE1EqWv97N1a2nuiKSksFEPY3SbJaue7Lw3MeSXmB9klE_QJaYNZ3XQQngiM6iv9RcoWq16W3o8YC2BEyldMuw89j85UyTwi0foNQI-YmST8

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 202
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 08:08:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 12E3 78 KB
27 KB 209ms
208ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 08:08:30 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 12E3 42 B
63 B 57ms
55ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BTYbUKm-OmP_hCSiilRdokHQeuQsH5nCwmGu4cIQ2slqeIrNME81zVM2uARwPnU5lzYON64uZ9PsdwkPC0uFhdp7ExOZbQxk0RzcH4cmqCbxeE9LM

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 12E3 0
20 B 56ms
55ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9640784952009606573&x=1&ct=76

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 12E3 3 KB
1 KB 24ms
22ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 04:59:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 04:59:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 12E3 20 KB
8 KB 24ms
23ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:40:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:40:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 12E3 0
0 47ms
46ms Image
text/html 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRqisrTRrmwVEbrrUldZrc754F0OPjkvVgAz4fNQkZ1tck2evy8QW-Eo9S6mGl-0T93_xm4s5-1dTnN2EvzNyga4LZt_g
Requested by: Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 12E3 158 KB
48 KB 136ms
135ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 08:08:30 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B4C4 0
16 B 61ms
59ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj5oqp5MAE&v=APEucNU-EV34fYJD8WWLEaoxwDRlVX-oQEWYSUC8jToBse3cLiW8TRohIGX61dLsXY8CEPnILT9AtWF18xSk-9g44nNi11MTMNUJAjp9kB_mePDr5g5j-hStG7umkF73YIFkhV-9gEsBFWZqyOnk5Jwy7sv0OkTCZWputB4nVLHqE2sXKqDEM0A

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 08:08:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3791 78 KB
27 KB 209ms
208ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 08:08:30 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3791 42 B
63 B 56ms
54ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CDnHI_Rtpi9_k3pQj54vWc_d-Y5nkSwdt7838tKc9xxv1ZVaHOW3fy5XTDPSw7k4NeZZ45gie62x_mbL_szPBxjT-I4e6cj3xgA5BhuAEp1XRbDkI

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3791 0
20 B 55ms
54ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6440936307390847262&x=1&ct=76

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 3791 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 04:59:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 04:59:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 3791 20 KB
8 KB 24ms
22ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:40:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:40:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3791 0
0 48ms
46ms Image
text/html 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSPFjsYSIWHBAfEEE7p6tKYSaW7qpml7_xsiugsQIEZ4yBfegRXGjayUpAqcWCfYLRjKv6aZQ7-PNradJ-sU08cXY9jnQ
Requested by: Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3791 158 KB
48 KB 123ms
122ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 08:08:30 GMT

GET
H/1.1 200
OK DADJEF833.cjos-module.js Show response
wkxppshj-qx.global.ssl.fastly.net/ 114 KB
31 KB 211ms
210ms Script
application/x-javascript 151.101.129.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://wkxppshj-qx.global.ssl.fastly.net/DADJEF833.cjos-module.js

Requested by

Host: wkxppshj-qx.global.ssl.fastly.net
URL: https://wkxppshj-qx.global.ssl.fastly.net/DADJEF833JDL.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ec8c388d2bb913de2bb156a81d8420811e6c0ece26a6e4ad52ce7a60fb738f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Via: 1.1 varnish
Date: Thu, 02 Mar 2023 08:08:30 GMT
Age: 0
x-amz-server-side-encryption: AES256
X-Cache: HIT
Connection: keep-alive
Content-Length: 30821
X-Served-By: cache-hhn-etou8220045-HHN
Last-Modified: Sun, 26 Feb 2023 12:45:18 GMT
X-Timer: S1677744511.789370,VS0,VE204
ETag: "4d65378cd463a303cb956fe399e9c5be"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H2

200

/
rtb-csync.smartadserver.com/redir/ Frame 9C39
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESELGRSkKtrif60OP14tDWOgE&google_cver=1

43 B
113 B

86ms
18ms

Image
image/gif

185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESELGRSkKtrif60OP14tDWOgE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGPTP3d4BMAE&v=APEucNUqrUeNvFQw-F_R5piVuHcH58EjaYNyfuvFD6Z8CPJ_hjQbu_5E_QIwgfK3b52Ac7UqOs1NaJ5mWWTq2ZOrcOK2wGhRp_U7DeFAyDKrdKSaA5zp04l2iWobrseMT_F5Owpgqo_zwGiPD-aIDbzLCZ5vtGnzzW_NM5KQ4N-KqX5kGQBTUxI
Protocol: H2
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:30 GMT
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESELGRSkKtrif60OP14tDWOgE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame 9C39 43 B
114 B 130ms
16ms Image
image/gif 185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGPTP3d4BMAE&v=APEucNUqrUeNvFQw-F_R5piVuHcH58EjaYNyfuvFD6Z8CPJ_hjQbu_5E_QIwgfK3b52Ac7UqOs1NaJ5mWWTq2ZOrcOK2wGhRp_U7DeFAyDKrdKSaA5zp04l2iWobrseMT_F5Owpgqo_zwGiPD-aIDbzLCZ5vtGnzzW_NM5KQ4N-KqX5kGQBTUxI
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:30 GMT
content-type: image/gif

GET
H2

200

/
rtb-csync.smartadserver.com/redir/ Frame 9747
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESELGRSkKtrif60OP14tDWOgE&google_cver=1

43 B
113 B

74ms
17ms

Image
image/gif

185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESELGRSkKtrif60OP14tDWOgE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj5oqp5MAE&v=APEucNV27MlQMYSYr_yeYJWB5Uz36paHXh3VOlVj5wePuRMotRXr3n6lILeZM2pDtzHE4kjNpYWYE1EqWv97N1a2nuiKSksFEPY3SbJaue7Lw3MeSXmB9klE_QJaYNZ3XQQngiM6iv9RcoWq16W3o8YC2BEyldMuw89j85UyTwi0foNQI-YmST8
Protocol: H2
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:30 GMT
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESELGRSkKtrif60OP14tDWOgE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame 9747 43 B
113 B 122ms
18ms Image
image/gif 185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj5oqp5MAE&v=APEucNV27MlQMYSYr_yeYJWB5Uz36paHXh3VOlVj5wePuRMotRXr3n6lILeZM2pDtzHE4kjNpYWYE1EqWv97N1a2nuiKSksFEPY3SbJaue7Lw3MeSXmB9klE_QJaYNZ3XQQngiM6iv9RcoWq16W3o8YC2BEyldMuw89j85UyTwi0foNQI-YmST8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:30 GMT
content-type: image/gif

GET
H2

200

/
rtb-csync.smartadserver.com/redir/ Frame FAEF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESELGRSkKtrif60OP14tDWOgE&google_cver=1

43 B
113 B

68ms
20ms

Image
image/gif

185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESELGRSkKtrif60OP14tDWOgE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjkifncATAB&v=APEucNVgIo6a9bK4rTcDM0LJ6AVRqy5i1-f3HB_ogd3ELYeH-r1pLnO3WtxgwwYaRr1azo6hFC0BXZruR850ND2eL64WKzJm-pgBrlEiW7lhXNjcOgj7tXyPHOR6X3-uHE6quSer4g5sp-ZRPCwah1TABOwE59EMhnIla0o85PebR3JDHtLSiQw
Protocol: H2
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:30 GMT
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESELGRSkKtrif60OP14tDWOgE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame FAEF 43 B
113 B 114ms
17ms Image
image/gif 185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjkifncATAB&v=APEucNVgIo6a9bK4rTcDM0LJ6AVRqy5i1-f3HB_ogd3ELYeH-r1pLnO3WtxgwwYaRr1azo6hFC0BXZruR850ND2eL64WKzJm-pgBrlEiW7lhXNjcOgj7tXyPHOR6X3-uHE6quSer4g5sp-ZRPCwah1TABOwE59EMhnIla0o85PebR3JDHtLSiQw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:30 GMT
content-type: image/gif

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E0A 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8417798887904&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E0A 0
20 B 55ms
54ms Ping
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8417798887904&version=m202301230201&ct=76&x=1&cor=7122693300833545000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6E0A 84 KB
35 KB 90ms
90ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CAfPM04yvi_3hpnB-kxxdEBAmBtQPdJlckhfbuc4_bL78XRIRGpr6E8TSZQftWLnql6urepvzWOB-diLWcXjQI3mWCp8CJCWCLUIDg_LPV8gi2GyQ&cry=1&dbm_d=AKAmf-A6rRKjRdZe6JEJc3MzyoT0ZWJJs6aWcxwMeNAhtu1457JiT6tA1ZKYUsrTwX0NX_ulo9S4htbbhPa-D0LW3u_btiPnMKi5SpLKlxtrayU51-YcgfuHi8cjuXpgVByTvNFa4gyXi9886rm5fnxdN8wfWF3M1h9LE8CX5JnQLHcJNRV3ckNduj6HqMFshwb4lEGGBYFzh6uPwJO29GZ1EfsbzR2DT2lCdD_Re3PvqCrvEuMFKiKfYJq7ikLLgk-tMAxCcRFJ82JZ9kDvomcJNwejRepprKu0UYiuicaz4cQwxhxHXXceVYl4uqjexmueChQg3kfmXAQyPXuqHNNOhRtHNkgoOK7nBLrG1QNfWR35cH2ZR3uL2us1Wra0cgnZu1goIjEJt7qC10j9Zcuv49mcQ51g1LPL1-7wuTlTntrDJzeTeNcW77BhjWJwsxVfvWXGHF_c9xKua-5yWviSP3kB2JHKTXwqYIJ9sILsM4UFtHaDk5gYFA8FGc2p2HTBPF5rnf-SQf1egdIRQMIlpfBQht4hFQ5BjnI5_oRXv8Ie2mT9uaAOH4M-ryj4Y3WjKSmHjfrFjeD3aGIKf06pWQGVR3298zsb4pcFAreuAAgG9uAFFgorhRkLihXWaD0O4yg5O3-oKBotw4lwtRP7sXSS925VjWywyR95bm2jt8GwAc9bvmoWqaZqv9RvQ7MTPz1J9YWyFgPWVIGBqKNDKWSJopbA5OlYL9sQLFHYB8WjS8BqU5eTz5gEcTDOoQ5bVPBCSOnkUZGGwN0U2j8EKSQSuoEkcPNKTsymdP8M7awdi6DrgM_4FXM0AnR8YaUZaKJ4pEkZKejMZXYQn6MHOG8eekWn7XSNx4AGirM8twif4YvYE80GXaDEVteyqyf_cKpY6uwrito6Y0oMnsabhiXTGl6fbxybPhHXa4gswI5odIKEgKHfps8Zflb6d9wzFLuKujOEAZq9m9lP0Am6KsG8bWqkaUBpT3yWzOrcpkSiH-mLixO0glOjEzqLy6UqyRBNiMeroN5lVc05qM8yENmkeioHNeBMidrSTHFYmomgpOkWqevfePOL8C6iYHB8445t9XipKvj5gQy2LLq03Knr6LJuQvvURK10FdTNXCup_nV0YixJ9nKXn_Q0OoPgmtHnzCmL8_WC02c9TGyhtOL-JQMXbZDEpez9V6Q5cEEEnxiOLfmIXPGkKhwb5WDQh4Iyw-dXsLXqSGNAoDnPXapA1kFO4Oh7dbWoKdw_GrgWDTt1mDDWGil4yqVTLOwC0ivVVYlNKg1kYn-aL1kqKq3ChPn38y_7uKrAvc0PNmiOT9oUUb4iKWIaDBASyT3BJtOAC-b0pnq-uttoM8AlWvUPQM9Yw6KobhfQ8GCioA5drfKV7fwNRvOygMqROqr2sE_NLC7zI2cIJAJ1rik3VN2x-oDSu4ki9xZiAo1H2IEMMew9ex0ju_RKffdorc1Z_6gUhN9Fe4fL6ppovF1BKwD5YdQ3EdbtvS6HPK-R_lb-4YQn-rVw70hKFwvRI4-nKG_-2pohy2lTekWyofyqmNsnGGBTIdh4vFPkyCKsa83gieQ14AuShgRdUg9MUSzp-xhi-2agAqEbD8IT0J85OXUXmofbHp6i2EeyBJ4YOkjEO-dH9bYcqas45hjLPOrRFLaJCziuBCr_hwGNQKc2U7T460hFQxDl8E56e9GTBl60BzLdQmSjnMggSabEFXxgtMsyM-aa3E6tFujHAE8En4BLBNtBCzscYUcmUpW_5EOIFGGR7XX_sG2w4WZyZCcaAhLIMJI8agcmE-G10F04BWxt6ZcUBzkDqpnJ9ju5-iNUhdjpd0uUtcS4BHKEjcBeQDRM8vsWLoysvJ2JUFB3E_i-2U1HNmfvxWVkFjOYVsRnOWh5l3-qcB_b3TlILnwDGEs-zvoagQdnVNChCn2FjpG2FTbgIEKKjr_z2hppVmaEGgItuFirwUZXR1gfOwao5uDzwUr4wSYZgjKm7HNSvsDQ3BpsOLFbo_7dW8D2ZRTRfyY_-Yu33xaqp8tmMb92EOeGYCsCYAFnYXixLiCGn4oa5nr32KbTjfFARsVV9tX5iLes4m-1JlrgWd9CMipWWK5fFfdkBRss3w-rx7YPOpmDIP7ygsRIZit6LuBlQtaB6t_xTuIstO5uDjg7kyXJbPtlf1bsO1ZmGANdtT67om6Tq9sobGGYmZkopQ2Dt2ck8BNiYN7eOqlYIoW7Xp5mGPuC9aPvtW4J3E9XzZBgGJ9E6xW7b--KI5dgTNGl1TJDbwrqpgNtq_RM_z4UYSvqpuX8lQuvtpaIFpgnIq3zL2pZsIFsW56tQrrq9lQccz_Nn-csSuBAUzpa7m9yN5BoNqenazjHfdfpaekS509_j0GQq5uDKClH3GivJ59TAQwc8jzPwbiLMSneS_HU24UifBqWPKdrS5ylCd885ZQ59J33tTtl2W8uJunaX7X4y4hkoe4SrLSNnnwIBXMbqDMNig8r2lKzduKO0A0ZvWN3bPJS-LNruabPKQ0V3hVv2ag0QzNRAL9yZlQF4i9uwgiEXG6h26nJ5svvtdqHMja1PhKbbnAThh2bw43gGN3Kn6vLd8N0QBWHM3WS89mN8IWvkt6xTBMLcuIU3B9GBg4TuM0XWTMCLblKvKUAXGBYjk0FnCvQLnhRZQ-rVVUyB4SD_L3GKyhQyz75z-s6mDJX0rEhm1DgmVFwxWEIfCSYqiD8JFM9Q2vxRT-OaKZhNwk8rPbsCeNhmyrjbecmYpqYJzZ0XESOdP1x3mH9LJFjXSVW1B3TiG4xUWlWuUan_rG0d6OrvJV3KQQKcskP7J3tkbU5q0zJlVrNttyRfvdH9NO_2flq9mJ7vw20Ef7GpG19_GcUlyYHWobjO2BASzznYr68tURCy_oZNwcDNE20RVZ5jjumJOiyT7kJ2f7Eq6uF2jVwNEZb2qPDxNutgWqCy7yVio8bvjRlpoB691wKs6ukpwLL8nEnDAPBrzVKnthaIlukPqDNLW4fOTSfnM5KGTkgeyD3rccyiY1gUqjyNQqFdZbZnnBurPUU3USNXNY8v0nacxkDEQ19qLFUtSTK4Cj4N2wPy4igpFrLtuGyNrDDxIDmZk6WUivPmMuG3npM9hB9RsHHTHQSrVXeJQfuvj_Lu2Bq8tdY7G7GO1LeYCaCf-PFBiR2lBt_KSrA2GcVHPALGFimEMRn4ne5IcJE5QU7_i_ODw&cid=CAQSPADUE5ymHxG3aWsRI3swdICf9UWs5GAY-zKkuaQLYpNbnx43Y0uC4Hricm77PJddaqbicjyvy6kRHmt7ZxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=7122693300833545000&adk=3944675600&idt=113&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8ef4854044d58ebc308959b05c9602c5c840aa820110ba5b679a766b2f9028f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36141
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 6E0A 170 KB
59 KB 24ms
23ms Script
text/javascript 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.kanui.com.br
URL: https://www.kanui.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Origin: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 05:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7999
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 05:55:11 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/ Frame 6E0A 8 KB
3 KB 22ms
22ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CAfPM04yvi_3hpnB-kxxdEBAmBtQPdJlckhfbuc4_bL78XRIRGpr6E8TSZQftWLnql6urepvzWOB-diLWcXjQI3mWCp8CJCWCLUIDg_LPV8gi2GyQ&cry=1&dbm_d=AKAmf-A6rRKjRdZe6JEJc3MzyoT0ZWJJs6aWcxwMeNAhtu1457JiT6tA1ZKYUsrTwX0NX_ulo9S4htbbhPa-D0LW3u_btiPnMKi5SpLKlxtrayU51-YcgfuHi8cjuXpgVByTvNFa4gyXi9886rm5fnxdN8wfWF3M1h9LE8CX5JnQLHcJNRV3ckNduj6HqMFshwb4lEGGBYFzh6uPwJO29GZ1EfsbzR2DT2lCdD_Re3PvqCrvEuMFKiKfYJq7ikLLgk-tMAxCcRFJ82JZ9kDvomcJNwejRepprKu0UYiuicaz4cQwxhxHXXceVYl4uqjexmueChQg3kfmXAQyPXuqHNNOhRtHNkgoOK7nBLrG1QNfWR35cH2ZR3uL2us1Wra0cgnZu1goIjEJt7qC10j9Zcuv49mcQ51g1LPL1-7wuTlTntrDJzeTeNcW77BhjWJwsxVfvWXGHF_c9xKua-5yWviSP3kB2JHKTXwqYIJ9sILsM4UFtHaDk5gYFA8FGc2p2HTBPF5rnf-SQf1egdIRQMIlpfBQht4hFQ5BjnI5_oRXv8Ie2mT9uaAOH4M-ryj4Y3WjKSmHjfrFjeD3aGIKf06pWQGVR3298zsb4pcFAreuAAgG9uAFFgorhRkLihXWaD0O4yg5O3-oKBotw4lwtRP7sXSS925VjWywyR95bm2jt8GwAc9bvmoWqaZqv9RvQ7MTPz1J9YWyFgPWVIGBqKNDKWSJopbA5OlYL9sQLFHYB8WjS8BqU5eTz5gEcTDOoQ5bVPBCSOnkUZGGwN0U2j8EKSQSuoEkcPNKTsymdP8M7awdi6DrgM_4FXM0AnR8YaUZaKJ4pEkZKejMZXYQn6MHOG8eekWn7XSNx4AGirM8twif4YvYE80GXaDEVteyqyf_cKpY6uwrito6Y0oMnsabhiXTGl6fbxybPhHXa4gswI5odIKEgKHfps8Zflb6d9wzFLuKujOEAZq9m9lP0Am6KsG8bWqkaUBpT3yWzOrcpkSiH-mLixO0glOjEzqLy6UqyRBNiMeroN5lVc05qM8yENmkeioHNeBMidrSTHFYmomgpOkWqevfePOL8C6iYHB8445t9XipKvj5gQy2LLq03Knr6LJuQvvURK10FdTNXCup_nV0YixJ9nKXn_Q0OoPgmtHnzCmL8_WC02c9TGyhtOL-JQMXbZDEpez9V6Q5cEEEnxiOLfmIXPGkKhwb5WDQh4Iyw-dXsLXqSGNAoDnPXapA1kFO4Oh7dbWoKdw_GrgWDTt1mDDWGil4yqVTLOwC0ivVVYlNKg1kYn-aL1kqKq3ChPn38y_7uKrAvc0PNmiOT9oUUb4iKWIaDBASyT3BJtOAC-b0pnq-uttoM8AlWvUPQM9Yw6KobhfQ8GCioA5drfKV7fwNRvOygMqROqr2sE_NLC7zI2cIJAJ1rik3VN2x-oDSu4ki9xZiAo1H2IEMMew9ex0ju_RKffdorc1Z_6gUhN9Fe4fL6ppovF1BKwD5YdQ3EdbtvS6HPK-R_lb-4YQn-rVw70hKFwvRI4-nKG_-2pohy2lTekWyofyqmNsnGGBTIdh4vFPkyCKsa83gieQ14AuShgRdUg9MUSzp-xhi-2agAqEbD8IT0J85OXUXmofbHp6i2EeyBJ4YOkjEO-dH9bYcqas45hjLPOrRFLaJCziuBCr_hwGNQKc2U7T460hFQxDl8E56e9GTBl60BzLdQmSjnMggSabEFXxgtMsyM-aa3E6tFujHAE8En4BLBNtBCzscYUcmUpW_5EOIFGGR7XX_sG2w4WZyZCcaAhLIMJI8agcmE-G10F04BWxt6ZcUBzkDqpnJ9ju5-iNUhdjpd0uUtcS4BHKEjcBeQDRM8vsWLoysvJ2JUFB3E_i-2U1HNmfvxWVkFjOYVsRnOWh5l3-qcB_b3TlILnwDGEs-zvoagQdnVNChCn2FjpG2FTbgIEKKjr_z2hppVmaEGgItuFirwUZXR1gfOwao5uDzwUr4wSYZgjKm7HNSvsDQ3BpsOLFbo_7dW8D2ZRTRfyY_-Yu33xaqp8tmMb92EOeGYCsCYAFnYXixLiCGn4oa5nr32KbTjfFARsVV9tX5iLes4m-1JlrgWd9CMipWWK5fFfdkBRss3w-rx7YPOpmDIP7ygsRIZit6LuBlQtaB6t_xTuIstO5uDjg7kyXJbPtlf1bsO1ZmGANdtT67om6Tq9sobGGYmZkopQ2Dt2ck8BNiYN7eOqlYIoW7Xp5mGPuC9aPvtW4J3E9XzZBgGJ9E6xW7b--KI5dgTNGl1TJDbwrqpgNtq_RM_z4UYSvqpuX8lQuvtpaIFpgnIq3zL2pZsIFsW56tQrrq9lQccz_Nn-csSuBAUzpa7m9yN5BoNqenazjHfdfpaekS509_j0GQq5uDKClH3GivJ59TAQwc8jzPwbiLMSneS_HU24UifBqWPKdrS5ylCd885ZQ59J33tTtl2W8uJunaX7X4y4hkoe4SrLSNnnwIBXMbqDMNig8r2lKzduKO0A0ZvWN3bPJS-LNruabPKQ0V3hVv2ag0QzNRAL9yZlQF4i9uwgiEXG6h26nJ5svvtdqHMja1PhKbbnAThh2bw43gGN3Kn6vLd8N0QBWHM3WS89mN8IWvkt6xTBMLcuIU3B9GBg4TuM0XWTMCLblKvKUAXGBYjk0FnCvQLnhRZQ-rVVUyB4SD_L3GKyhQyz75z-s6mDJX0rEhm1DgmVFwxWEIfCSYqiD8JFM9Q2vxRT-OaKZhNwk8rPbsCeNhmyrjbecmYpqYJzZ0XESOdP1x3mH9LJFjXSVW1B3TiG4xUWlWuUan_rG0d6OrvJV3KQQKcskP7J3tkbU5q0zJlVrNttyRfvdH9NO_2flq9mJ7vw20Ef7GpG19_GcUlyYHWobjO2BASzznYr68tURCy_oZNwcDNE20RVZ5jjumJOiyT7kJ2f7Eq6uF2jVwNEZb2qPDxNutgWqCy7yVio8bvjRlpoB691wKs6ukpwLL8nEnDAPBrzVKnthaIlukPqDNLW4fOTSfnM5KGTkgeyD3rccyiY1gUqjyNQqFdZbZnnBurPUU3USNXNY8v0nacxkDEQ19qLFUtSTK4Cj4N2wPy4igpFrLtuGyNrDDxIDmZk6WUivPmMuG3npM9hB9RsHHTHQSrVXeJQfuvj_Lu2Bq8tdY7G7GO1LeYCaCf-PFBiR2lBt_KSrA2GcVHPALGFimEMRn4ne5IcJE5QU7_i_ODw&cid=CAQSPADUE5ymHxG3aWsRI3swdICf9UWs5GAY-zKkuaQLYpNbnx43Y0uC4Hricm77PJddaqbicjyvy6kRHmt7ZxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=7122693300833545000&adk=3944675600&idt=113&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:39:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48531
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3023
x-xss-protection: 0
server: cafe
etag: 4221495933888618527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:39:39 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame 6E0A 29 KB
11 KB 23ms
23ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

555cb911a280dae2e7ab778b5403e27a81533f7b53cfac255d67e175a96c6e86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:39:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48531
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11134
x-xss-protection: 0
server: cafe
etag: 11889138295710991679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:39:39 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CE54 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3619918817291&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CE54 0
20 B 55ms
54ms Ping
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3619918817291&version=m202301230201&ct=76&x=1&cor=17453470618543036000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame CE54 88 KB
36 KB 77ms
76ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhGzScjwVby7c1i7PIJsFL51BX2tz1DM4O0Iy8s6A5IaWEu5YnrQOU2qnaQL2Knf2Gab-NRaocWOA3_mMKd4u2PLOrzk1mW0BlbqZcAxxHvJ5_SC4&cry=1&dbm_d=AKAmf-BG1ijQYfVz06sv-I0Ki4x4oiJrzy3bhR-tVugaYxQozNqygnM_f-E5rPUXjw77Kcbe58BHJjmispdO0ACWIbLzD3Yfh7yL1Rmsz5_l_ctNxIvJG_uvQEfMprFhRGGpPjF2gqMwhxj-1dGKOgq0-R1mzLkeM5CLUQ9A607EvuZPTM4TEzdSm95As6BGGjIRfdjeY1iLDLhrsyRQJrWRh0MCsDyBl2EfkuTg35ECY7yewn0R0Y4jBvmnCjPJYZjO1C8hiOAje7R_MT0sN_lNlrVnZga52Oe32aOf2NlZQqryb0C93v9SIWKGUpKzx74VymaQjy9DNOqUfSxRhOzRm5hcK9dSHuh-a8ZknxEzqsTFxdxaDsXKtD06DOyO9h3DYHdWBngdV5J3R4Ih_FuGry4k4At2o9Br3olmU-8coBCBVPX14KuaJ3grVIehE_OrV-M64rcvop_S6Mik3LAnoyCdBO_1RB4lIWsUVe9VaCAt0ppl2w4EP_twVv2cNdB70PwvVMEO7EnXzTLF7d8YqgmpxKBIZj_lD-JDIu8zR-bbis2jFnmC-EdatQhWOOmOTqMUO8qmt6e0mRefYvrDRAW0swD_2Er5LqHWWyH9kdrX-lpulDq0O6w12zhOPSkDrGu8I3INQf6pemQ-_5Q6UhIzvPnieqZMwYuhcvsfEmWLEm0aEOqCjqqHC3s1fCGDzqRyYOnZgK12ngI8ArWKKjaN4KaFVpEakWw3oST7HvL5amrcVwvAzrTUC-rbmERLRHnIB0cqt2rnGswoUKEWw11Pjm6A1rEmeTaZtLAKVgTMxRJEAl24TGwBcHJhYWO4zACulxVVH57L--RN2eP-EghoHoi3wLeF8lMcpoKQPIFvQDRZrX4KB4mgYCqGEGHQvCYUbmRnwsUmmRV99Gk5AiT2Sw62MNdF7HmRG7zQrcu75Pcj9qUQLbDgGg5tJi5x5FJLdMpgfbjh4XmO2nlzT-cNl-5AEeLTP3iyu7iKizCXIXymHusGR5QEuynrm_y9t-uKUvNJxEU0D6pYvjVQXEo4e71bAB7I5tN5vcRDTcauc6f9nmgOk7Y4Mbf4AKBSZgfb_FFbgI6R-w5njGYKF_XOJU-_Yj0y4IkyUh5ieafllS8zXjW3hJIb5geBL9vF-RE1XlhCbKTTgUdTK-4nhlYLlABPM0A5u260RfDQHUmGUTZAvShRKgdsicK-tzb1CAfgFyZyKQemwOcog2eXgXqIS8K3s_D6JU3x5a08nAGm3VqdRtPdDwoU5tmGXPwOwzCyveQppchH2kgrLRytIBwepvtTmcFMTPYU_BEx96IKCHxyIdFMFXCMFsOXnMX4aeOJmhelvjt-HeotsuwKvQEH7SEkR2cGLW2dTKCPiNy3vipNX4yTyMTzDAVYFHSKPuhZ1_TaAwKlpJgHcTo4HSbg0QasJXpIoqNhSJHuFi9aImaNAsR2lCuOBo-rO9wvX5tI72aPxss8XpbZjEuFVzWppjD7B4FfeJoX1U4LnHwDgAG_btn7aeQk1GbZJz8_a7uIxBEbdqcyosrpFtTPdZBKvdsnaiQHxIR3BqvVbmONwoQft2qMutrETIYNIaaOI8j5s85j-zrkkZ71yyvUrCknurl4NeMbXvrIE4CVIlRbP2Sw9fqWswRd_K6KGwAhcRMykaNLgIuWTO4wz0pVoQlGPVuzDQ4gl5moPH_r-4K6yTZvcaWDK9iro7FXurk73EL6ZGErRSeVo24PhfwuDva6iVQZ02Y3PfD6WX1BeP-NNx3wlS6VPnziquwkKsOwUnncqdTFrbVwWd0by7blaMGNFBBNGTiJfZNDblWFXgTxzTyxU9X3-eWaQfYxkjIbjAk_K9YhLnDMeWgqiobzkrngZ6rx3-KLZDNPy5yYk-80-lJhgbhWmeND5UZxXnjAwnOxm5dRqO_h5MTWtf1QpaItOkTyZjMwyCQ7bvmoY5PidmgZwbfn6eUAeU_r7oqWzrixP_8EwQgiCSZ4LylN8lSxeHH8xIYl8liMALeSrK_6BFPJ7ajvdrtK43UzxEIrS_VlxJ8gZlakMcnX-CEWXTAI5vTYP6hKSeSINKSO8x95wxJ6oQugIEqdZfXuZbgG4-Ul_P_BrUVQiLLZVJz26O2UY7HCQCWGhnLsjaSLEi9KeBOuDywtwPXiPWs5aILrZipK9k08n1Fck9dPIodPaZNBEZcHo2rLcByFcNDslu43Hd9S0cUcusipM-zh0ec8Fr352UaPtBs7MGKSdAREhFz5CTUgFcRXsY9B7_nOLiywADny7-HfbEQy6Qp8Y9FPXME-1tnUxtnctMkqWBK2FvuPnPCijClxD0I14vF2iHZ8q9khuIh-rRaqIP6yRLEm5cMgakRZFloqnTIBgC80tsBWNmrTcFqeu9MFdd60ZgsWWxntEPUIi-0DBlwsLQMv1YzDBbxyrYP8lgQ6iDpMB1gb19DLJ1woc7uFFB2frQdJqcBAKJppqaRSwqfnzcoasSNFiOrGBFTD513nCT1SC2YhjHc2oKFAmObrw-9ovD3giLfTYDoVgeHYmqIdT8piUs_QdVevQERZERBqpjL2nw2B7HTrpMQqvUqr6Z8B29KLphuFP-5q0RXRhiwuHyBgJpD5-qmRRHFmfsUQZNVepGaP3aFd0z3n7RHTJv9Xvuc3ZxkeQ4xUyfSIdEQ2pFfWaXeh_IoPKZIj3f16XJiaNLijWplK4q-Z9oh9_aUG12axyBw4Mh_ZWKRANVDRzKeaFook3EgdCqmV-YTtvlZ0pj0VwjDCZdzA-z4KWxbTI2VYKjycS8AvYN8jhb9rK4EdgYUv5qrOb5oIHZa0MKwSsgfvJVn4ND2n8dq-Zg6aZRCuNPQOpPzyovnRyPNIdhSheJ-ButlBIE9ysTVLQ1UJ0mQfoT3H8FrNm-4hISqA8rO_6juBgL6BK5vd5mTSbEgFCNqC7P5FfUsTGE3fofCs6UFRh6-vM11aQbZeN2oFO_kz7E2qKoOVGZZ_38CgfZctSds5loIL3pOW3GVFgq0HbeaxZ2RCKUaHgwJu7oBZ5Bz9wBfIAXH-O1hMvwutgWmSxjCx9Di3uebheRvmV5uShN5_Vrxipi0erXMZOnHQu08iiT2Z0YIyTCgcH97ldJp1SB1D54t7k6o_y2qiQ3fuCm7IvX3QLd2I8h2JHtsL9PYYn1KDP-MsfhpZRKzvQkV5aMO2gjr4W9IWo06VPVKztRY8sQsyGeapkyiiIg4qIUJJjGwk7GJST-7mAyMZMAhA7tTMDSLcmCEn08m38o3lLU1hREyXK4uwuebP2VvjkyGZwO6jUP8u1OMmZd2ypbZGyeF5UDOL&cid=CAQSPADUE5ymHxG3aWsRI3swdICf9UWs5GAY-zKkuaQLYpNbnx43Y0uC4Hricm77PJddaqbicjyvy6kRHmt7ZxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=17453470618543036000&adk=943508955&rc=1&idt=226&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0de86bfde00c8ca236e7176af921bdbc8db377e1a3ae56d8466a3e5a48d69542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36592
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 12E3 0
20 B 54ms
53ms Ping
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=472118276150&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 12E3 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=472118276150&version=m202301230201&ct=76&x=1&cor=9640784952009607000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 12E3 85 KB
35 KB 87ms
85ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CaQowwu7JVP8IsXhBVOTFyZcWNPQfd6H_IF2P_iMW3KnoaYj8yR9y4dlUAfKHtNobhsk_t73Hl_6essdZwAh00Quw4yptJNjsndCYRWfDodiNiRZo&cry=1&dbm_d=AKAmf-C8muIGy2T0uK_UioZrrB8z6hNeGqbzDzulpRMYP4k7Dm-iR2Gp_GvfD1wIuSTZMoLoDDCpXmczZCsR0fgUMOPhpV9GDtJe2104yIqAw5Vh7yZ8KKWHzABxPtW0akErKYkTcvO4_IqI5muNKkrxSSkaX3No-JDzJg9yS-36Dj98OkYGTxnsjblIeolXaLBx29SkrLGSmvUhfvd7QXXKc2KpzmNUoEoqyYb6vrOk1Mkw2BHMqlaoqQI174KS4nQXGVPHoK-05JwtECPxZVIZXLQ32_qOc3PbILvZSn9rE75w5cjGxJNKD9Hx_HBgyaYeOLYEJ9WvJZdd9kteuC3zoThypkD-21Y4GFhjax2OZQWU_TBc2OpJIMlllUT3bPH6NQ8oabXwuftPbsiRJ_ph48LhUt0LB_Bob1hr9yJ_A-unRsgRYJsC8VStMtDhWd1x1w0Xt-k4jzb7ufdV9xdBQN15VnWNEqufHmxxDre6kQnA7sFKYtG_Y1Oa-AepBji31zWvrh81uLP2A2--jUKdqdXvznNnb2E7unCE0SQclon2XVZkTJsyAVY1FaqRCq0CyHkObirWXHhWaRzrGylALmuunJaSaODk4PVgbSCMjRoaeKU5Lx8cMPmnoLe-B_EgKEAIVm73CMS6bWFSWSk9_bpt046siNgb4XOoxL31jzqPE-OD0e9DQCJqgir5eS7Y_ui0s0apto2cJhNeXtoDv8HXkE8OmIsi7IHr_oIW_XTjTyM1N1GiIYcjsZp0IPAKPZpCQPWmykCFyjucN--HNthPjbt5ZxxjtQ1_FeXTVlgzvG0QlfNUHRTSzP1R4-0ZtCrCcJAZ128rUioLFmb-2dWpZWdwaLjkoYBb6mskQwYgjKaltQ2VxwZhzEELfXYsXNq1b-yxkBTpzFGLUJnULeaA3UzQhTOzJ6Zc9ewUTHk6QzROdgZ1LXHWTYHO7gc2JomlLTM67pbpLZ8Z7mGsizOBl9Jq45zaN1-BLwHnMmbuFc-ZonVADUJDdVqP7BYyP7SEs2CWuNLaOWF1FJVsP5-d-_FvJNpQBzYbauni4DQ1BcnBNkjqSoBAgwHdRr0FkeckktCioqu1P3tAuYcpI7mdW2jPSMBmMeX_A6OKvtr0F1QWJUi44gC-HlqpFOSSI-XhuVN-9EGw2DawDsTv_W3jeEYifWavrlz15V89TeKS5iAtFdqwxvDLUTe5pOlRRjC9XZgRLbPrjNCeYto1MlXvL5T4wOoKF2g0TUYCWvMzxcBK6JngeyEFIyqtZ4hJz06-5ApnhlnR6q2zxGLGnL-0GijzSZ4xTiZ9o0u8ILowC9bgZFHte1AAGzCCfC1GsDZfX3sWdJsYH4ZnZ1LSzZyQO2hcE9gugdJriTdhdCR-9hTpu3TZOTBnb-ce9-XvjKjaG0phRFp6Frygm2q1JActvXmqm1R7FK3jOrcfz-2iE0K4eA0PVPjSTHBW8IxDoNpvuEFyxKxoZK7TWCQe5pyCUtOALSBpngdYZF3OGEONfRM0EAQPL7Ft27mO4JBobjlSBvTSWmy_sGOF0PtoytodPiZn6srfsRMoNV7I12ngp3K7jKlRz7hlG-7Bo6fsya-DitVsD8w4yzMVsg03Q4M1eamp2ck0eL7EHzScxn2xOqGS9TW3GIfaBC5t8zddkEo18tdrUR5KwY_teX7f9BU8bzZuSDspF7slCSYNN8LrtQsbEslskFRFaCi0-xe4W19CGj1xzHcD2AZIoK8PB43PfWoeaCaYswaONdRIV4KI_8F-uBEsjmvMW2mbDFG6Gk9aef05wFUd42cm42uZGAjdFmESSuyYBDN3vFLTAvzIpj7m1UDqbWOYQvUg1Q_W2YDtOnTDCcNKiSOyuuRPc7AWtInnbpyL3UR0jHEilxt3nLDqq_0Av24NsRcXX7xR9S_RPbRpOpJTt8cKV5qwkur-X176Ni0WfO0zDSfsfS3gN2MXITHHQCM5tQ9QDBPzEq-ezNlf000QyPj7ntEhdKgkH6gjZiSKXKwv8kq9Zf7bCa4r7b0hyTJnQ_wSte2UPZFpJz9PJc1JOh-2GuDHMtQIZHAke9Bz-wHkJXEbebyi_gZCSn_aUcZBjmdeMT5KidH2tXeo8GjJH1M1G1pil0LHfYlW4pcmemrpMg6zzSXTXyw9bfuPLTDJtyvCAZvCV48dl5TduDr3rVBM59VKB7QQaNVySzC2zKrBb7AJBsm_6o7IBNOWV1ygi7M0_BwqymIh_3epuA5hNdwiJcbfJnibZJn1itMeERVS7M_kzJXDfubUe-0yEC_3i_Ct5Ia99fkC2gocmpUtkQCZLsNuv2jdfpH7L1WvVjw-PeeUNlVxWjSUR51GEabgmOZw9OjBltyGLhICsPJ5xxp527AhH5yjG9f7SUjK3mAePKWM01-8PqO3EsYAMGEv7UWmcqprzkYQ40QO1Q_K5gWOY0DtPQcxrTecqDRW3AXm8v93-2ADI7IG3PwrRGBAEmBBUxikd7B_xpOTzBEMm4gkodpVzNAf86K9Lir3v9Nk5WDGaAU7wmxay-Y8s18qaefd_404_eG5H5FB9ClAXov3e5ojMJmpn7jnSzITND2TqC8EVcHBzJmEDP4rkr1icjlfdlXfiXBDQZh9pN5c2aIu0PIrH_w8qLTQgMg4mSG65YY6BJdeQ0rzLeonBbcSjwKhenbXzjy5KzCWpJQIG29n1aZIyQeXYb6q0z8dyQ4I67TAsF9ZOvw0YbSVu8IgUb-gQHnLi9KKGfnw5CSYcgBcCCjnklUobnTK-7XcQImjrJKjQjb6fH9CVoE94rHDrM4kKq6eMSh7iCoa0b9YgeYYC8mrh9dubK5GlpykqP12ODya12X1mh1X69UXY0X8ExPzpdW2bcDZVKm2VKc1kMTaPLmbHUkaTAEsE_cLx85q5dtk7w4VyDBsW0OGNoB7WVncUQQOkuCmVUBz5Hbql3Bw_VQF7TdYwBz2cJ4rjoJTQW90j9GRaZbZof-OY80RhQ3s1pSwJ6WISAgb1gbFUyp1GBlUBiRRB8bn490gN7MDhkwWRF9_VQWcds9qGiDcDJDn2vOW030NVrZa6X5GuVmjTsZfe9xkcE0qhzmstnavoM1gIf1wZmxH1JKOzayoVZGM02Hrs7CuKfC-85IDRT_7HZpEdSIxNQ4VYbFLznhzUCw6mypudABYmojpUMPY1NAlotS_2631c13cpOSgvhIp-FOWHL81OPQ3gVMFEWD_x7dv3tw5TWwU9iR4hIonMv_fUotnTd2tzaYeWjphvltnDP8iy2xVEu9pkU5XX5C8SnI6POkGa6AtqVG_Mz3tiqiD9giJfrLOAKkKizENJ4SUUbfMg_n5e-ZTQ1xLZTK0vSJKFIT1sUmCLJI&cid=CAQSPADUE5ymHxG3aWsRI3swdICf9UWs5GAY-zKkuaQLYpNbnx43Y0uC4Hricm77PJddaqbicjyvy6kRHmt7ZxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=9640784952009607000&adk=3690638929&rc=1&idt=222&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f16a6a31973f964f825aff8f1cfdf69310eff4d2649d5e41d47dad744d06a7f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36215
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3791 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9537610787179&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3791 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9537610787179&version=m202301230201&ct=76&x=1&cor=6440936307390847000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3791 84 KB
35 KB 90ms
89ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DcBdJ_hbxBP7DPTES1JaMLPwEtTZqs_h5x5v78cQOWpczzg9CsriOQ4lC9DpFhSzVVPR0CWVsRCMfZ43YmFx_4lDXAqX0h19V6smaRP_c7cwYq-l0&cry=1&dbm_d=AKAmf-BvxkGMQh85-7FycqlbjTeyaw1OAKhBCu-0kTwAx4GLhhy3NY2Bpv2c-2on15H1uGBIdJFK34e8byerVcaR2nmJAfO1BpHl2fcrpTvL0uwCVGBdjfEvC73dJwPpDoDcXj2bPX1lxHcTIY8g3TNHEYXePNp6G9-2gkARCRbhIGXrBGgITDW9E6NV1fiCnFVJ7mXiT0ywDZSnokSSvKYrVW51Zr6i9Yd9JqbmdHG9z98CbzLozvZ3SjW34wKitNYBTiCfnWKHZj1w6MizdfOClgQdIxbbOjcuY_MyOUSrJl-02ElElrcayH3aoTIb7bEv8FBJ3FABkfGcvpxDQh8FBFDt2u37t3hYk9HckJVYjSnu6CwDDjCEcIZZSMxdi8SZz6olO1s7jbNlnOzBoBpJYA9fpCPff2TI6-fJ9JUz6ds1LnJx4TlB2YVSAyWR3XGB3KJf6SutcAYEF1fPnBVImBEPDbWSnRHSj6Itc3rTzVq4Ui0BYdDtT80dMHaAsjbSgR-pKE4K1bqxv39SqCedgGs4NWyDs-M65zm26ocpjtgEsrly9_KSLwd-ldZPud6ScG7St04gPhVRYwZbcIln9gaKxp94ZnbWbZV0XxtoKhs-nk_uu_XKW4BAT6pbmzDX-6oiVA9tyEtIsw7FBzymB6SmmrB0s3psUvbpkNFTWAiIQlrROvBxoChICDe9y4E6whHH21G2OMDpYM-qMFIWtAS80Sh4YsJNUlFE8kLpEhOhvy4MPD99UBPm8JR538X6xdOz_k5QJ-GSEjJNXfHalDgVq07bMKocvo22zYQADKqJ64Eai2vmeq82thcDMjEzz3ckVQU9th1xxXhcCWABZ_906yrEOcrh77OIrSz5X9-XmwMjveqCBBhheiHrNHa5UsMGCTRrofkcPn2giW_RYLymTEWjFO4CPyMr_0BNNf4zTD7WBuywWgC-V1OI63WYk52DNl6cZNhHrU3GTWEleOSKMv1MsTdfszOGkUTFnU3sQDwMqBaSI-I7wL_ffbamxhKqDIx14Xgob9JEYot2RAVc2o9XdKTUhB2VJz4W_ZRCo8iMi_F3Ze5BSl4SIuhnDoavMNsoU523dwZTq0jWLYhAyPh01Q6I_wKrkFLZ7Tp8mLd6E7IjP6eAKjxuP0ewyRgZEUAtKnBsbXOeQP0t_DThtGZf_QhsDiqw5we-thmZFQWl4MwxzvtCHYpIKiqrixrIYJoeRRsxCqGMqdbEYBrh6SYbzuXUZC2XevFDlZpc7DVnaNYCHXJVVMK9NAe2qtqUnIix8V_5C_s7eWflXlaToVxf55G9KCd9pvKiF5AbZXu5cnURRiLPfWTWqLAVcl9kgTH2is-wI_FVd9YJLWWnRisMKK2xss7xEJ1s8quVYVNGCzNXYsOo2F4MHf033vXefFkVfiL5N-E8_z5ArLVmz_HqmAzUCf9VtrlNqcBH_DBubf05hIsz6jcQEfwbkHZrPQdHU_vT2d87MEzVKSpXjR4LeRKaW4TIG5wxKcGd94DB9BeMaxhgfyNCBx1mamRgNNFLTaya6NfVOiTgM0OUu6PfOIKLlTrRW6sfEUDRasrf2cBG3ptazCq3dZ4CDCn19rD6mU65X2fXtNr3E8Dn_E_4CbNa0smupPdEgwy9-Q2DGzQB17Pe1_bmju6pP7eSPDfAgjcPC_F3WQP9q6jCDRlw_ZFV6zj5gJfCPPc_run12MNI8rok4k5NJWuOqgslVXBpOJ7A-W0svQtACYbJFvlX20lFjnGj95nAwZ_OwNmUdZKAe6HwNbGyLf_53rwyuQZCDXsF5VkpF49My-kDqAXHsPNV0b8DIP-3yr_owc4CtSir7_PY7-WIVLrZJqerdfNrpFXOnf6UepbO3mmB_tJnKgrK9wISWGXD2OkvO-OLUs8RqRg9zXH67Kj0gUU8gcNwU7eZ65yChKoXXGMX25wE34j_mSwAkZOlAanMvOKUdHuQxjxmmGNo-EVQltRGmQN3HS_Stb2xSEmWs_ALB_8c4K07tv0Og_dyDGYQ0x9t0EpPlaFmNRdl6h5fKuoppykg9MMLIzr9IXSkRq_zUHHOKCSgGvCZ2oTOEzrSHr5e68MGHJ1jxYgmqdDtpUl72RkDZfnaS--zUPvw_OLx6U5GQ0Yn4BJU5FcUaGhYC4Uz9vjEtbIH3DVdJDSf0PBdU6tADEXelURRVmXpJ5MKTACN7SaUKrdhJTpOHmzhUyeJizVwot8wAEUFIsQ8kKVmhV9UQhWAsK0jh0KTEf5RIrPot8EBrKqE6KLcV30D7ry2Vgy5f3NB2PbtQzqBgtwIiLpi3FSymfBaDksDOlgiku-nCEZc-19RGH74rIEqvqc8V-732fzPUeKFKcYzv2QgvmThIi8uN8XUc4FJSSs_A3tnLw9HiXhD8QWANr204m1lsGQ8adIxQc6oow1gQ7SHobp8Cw5qE7moEm7IKzKfL__7VxqTMgsB-igU7suEK6k7TgfOsP_b0TFFocOouVqiOv58Z5njXu2tze8QGr95qPYNjkKZUgDJVGSVi_Jj75OWIhVviH7cpXMvW9AmHBtH5Tx_cwRf1tXQ-jOtjqTDvdbwIPyFWtsnQpDIrKmO387M_Wh-9DZ11o1COgu091XjpxXmgJuXIogS18pkU6oZl9v-Wt2rdE8_0ahsqRR0Po-Z7XqzdnttafV92abPS-cB7pmR6i__KqhWxfEmRpvW-j8LXnBXnWxpWiS9DSEjfG7Z-K1YFLFUl0VWe-TUn0-kuFJ7b068sqTq-q2HotVhX3DVytXP4o3upKfz_heoa-BRXUovPBvYi9cZi7hEcVzFZNXC6VaFzkOlMV-T76_N3Jdg0giL4VZWpDTpAFH1ikHBR6VfOYzqM8w0wPcJePsVjc2Xf2aKSaG2H_3uqY0XQxrg3A_bWJqATW6cdeOCCy5IlfvV3Kw4eUcetaQ1m30LXOopoNW-V_WHlovzhkIm5FvE5ZQNveN8vTXDQiFzhL1Hc7LSw46Nrm_QhBP08ug9lqNTCPjSlh2I7rHUleGEaTnjQcXHBZFrUiBOKP6mutVYCHwcGXsjt-a4SkbfKMwBJcKArw_pu6YnhUGzpDANfUOsTPXBUdLYU3SluSH-rzKZfkPNFNsyJ-6iAIr6Ku23z1y-IzLgXnJLT-3Xeyhd8HlJT7YzlFNbXT-Sz_BwzVlWhkH9ydagvMn8bIBH53y0801fjeWO1QhQDhFazKkLJU5sx4_XPAs_gMZBUpBF1J30NT5_AyiUr3egR7OsG-i9-MjY&cid=CAQSPADUE5ymHxG3aWsRI3swdICf9UWs5GAY-zKkuaQLYpNbnx43Y0uC4Hricm77PJddaqbicjyvy6kRHmt7ZxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=6440936307390847000&adk=1033480531&rc=1&idt=220&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1034c5bd7ff5e68ae9e5746f3c2022b3bd3571cfdb3ba1a6304e8fd5f6eb1f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36086
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6E0A 41 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:40:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48502
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 18:40:09 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FD65 1 KB
643 B 22ms
22ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73578
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 11:42:13 GMT
etag: 48472445140208031
expires: Thu, 02 Mar 2023 11:42:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6E0A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28bad771223c4b2396e9a114d7202e3d33380242ba75368b9dee471b5549a112

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK DADJEF833_SE.js Show response
ascpqnj-oam.global.ssl.fastly.net/ 188 KB
82 KB 305ms
260ms Script
application/x-javascript 151.101.65.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ascpqnj-oam.global.ssl.fastly.net/DADJEF833_SE.js

Requested by

Host: www.kanui.com.br
URL: https://www.kanui.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e00317ad1b0f6f184b95faadcc899fa8852eb78644c456f5b3a4624700070480

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Via: 1.1 varnish
Date: Thu, 02 Mar 2023 08:08:31 GMT
Age: 0
x-amz-server-side-encryption: AES256
X-Cache: HIT
Connection: keep-alive
Content-Length: 83215
X-Served-By: cache-hhn-etou8220071-HHN
Last-Modified: Mon, 20 Feb 2023 09:00:27 GMT
X-Timer: S1677744511.089340,VS0,VE254
ETag: "bfb603db5ba8b642ebdc2f698a188522"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7314573151872791710/ Frame 1581 108 KB
25 KB 56ms
55ms Document
text/html 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=sxmYLT0KD1&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22ec56df25744866a27efb0d3a95c71bec34cd151f986376a9f2e10f498760c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 08:08:31 GMT
expires: Fri, 01 Mar 2024 08:08:31 GMT
last-modified: Thu, 23 Jun 2022 10:58:10 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6E0A 0
0 66ms
65ms Fetch
image/gif 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstzjOyNFbLvxsClVL-LsIkQrV-znDuGH0l4Osgn-M20A1S5Cwe-JmBFSG7VLKKOrpwNX8432BihoZoK9e_5yqyYVOd_P-m_9gEbFGdKm8Uo1jcmnrK9PEFjX1ODjjVKlmj78sQLYsDw2EwTQc9z4fmolXccvi35D8d8rtR3nPykU0xG10Sgn7eM8UaHF_sLGhB85RMYb06oGEfM5JVm8NYj1j6GerG-7S2chYB02Rx3GJmAVT6X_LsWKLcr5J715SgM4oAO15P14PIwuHs26L5eRTf2XcwRGbwYgGFEhorkYAgl42l5IK3CfmFdDRMiaejaTpZK76NrqgQBqxxSJS3xQD-u-tQFjSOfZt-nHJfRGmEcagZt8xW2bvZUlbEpTz0b2snpp3-sC0q4iTRw8HtqFVEW_f1eY_yHeqp4Ui3XbGv8XTZXlX05pVXQLmgj40wbAHVZYv6YMwKyaAQ27L5RGv1mEeGSEsmMiQhATKWX0qdsMUDQeem1ABsdlKXTMyTTLjeS-ypQb63xs5rhQC_SEC1P9LD3CK24bJxCfAV3SB6DEekOo5Gr9HzbVnEstANISTuX_lGLOPeqn5ma6Y7Zp3ZB6wSSlsZl38ijUVqtHQn-lrE4ZFmjdGHtO7q9muu7g66XDAWSaAk_HfMRIH8CM1mjTKG8upQfvCu9Pvn0QkF4rp3x8OOEXTgq1dwUZi2Z0GictaN7DbZv6yvSCrIbyz93-sCxOFqcF-4Ay0IZbT8l1XsyNU2mmyLPbn1T_RzZMvSc6ZdiG6WVlBPXWNFGcwAlch_LnDkU6-Q9RmMC6t036krzgFAJcs_5nqwhdMGgeHN5L-FcB32lCVD3FTHBZfniHmjkM7M31TtncGT8fVogxKyuT2JlQK7AiH-tpzbW-z_GcGObssmoxmt4ohn3eM-36AWDxAN6eLFEhoKkGOKHivXtKyvJXSdxTKBNaIXXnEPv0MWhDfM51jZZrAsSfd3gGiOuTeL06ewzqLU-544T1yTgqhO1AOK74yxMdJgDj6FLhay6X2kPndedeR141xIbDNRGmFE_uXoM5EWJRz1SZKzZy1h-91aNqhsFX1n6q-4ckcPlKOTWydT3POj18F2_nds90121n_viWyBFguhaVmlAXJXxJXapKE7JXmTCqx2GyoVdknfBpsZhWf9YafrqzV3-bWhk6sqUTKfhaZ3HX0jMnfQ60Ty7NzoAjGZh90TcxAR2-HfUMyK35EY04sUN2tSC90f38kLALcxttj-nGMfZHfQ&sai=AMfl-YRFWWXJXTVK3-x8KdLAtYdK7FAZrWVjNpXuuuiaw5w77AcWMpv0-MU8LjOcSkymLkzyWpRWauzJLwjoR4Do-9Km8jo9gaxKtavzbKKCSBfVAd4y7YdeVCKKA7FMROyd7fVZiDYSznQyFEozv3acwLw9Y8IfaoRRIMERVtGYfzxp7RZRIhov8BKpcTsetmsir6S8uYgNAigcs42Il6HPz985iFoqqOucFetDMyKN01DwS0Wcg7XZSEnxIE_TvQoFEm7EqbA&sig=Cg0ArKJSzKw35NDhXqafEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=78&cbvp=1&cstd=75&cisv=r20230227.61044&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.kanui.com.br
URL: https://www.kanui.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Mar 2023 08:08:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 08:08:31 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame ED66 22 KB
8 KB 23ms
22ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 48532
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 18:39:39 GMT
expires: Thu, 29 Feb 2024 18:39:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 i.match
a.tribalfusion.com/ Frame FD65 43 B
447 B 164ms
162ms Image
image/gif 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEP0_0_9pZ3iZnTXVgogR0fs&google_cver=1&google_push=Aa02lx9xe1x_KLHShohiJa2AGIOK9CjZ5U_HEfPRhKdRr3D57Pze6K5quZcU0wuhs-y9mPKuGz6k3DGIT3iNb85WM5JhjK8hRFnS8Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9xe1x_KLHShohiJa2AGIOK9CjZ5U_HEfPRhKdRr3D57Pze6K5quZcU0wuhs-y9mPKuGz6k3DGIT3iNb85WM5JhjK8hRFnS8Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a1826fa4cf73a5e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FD65
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WkFCWmZnQUFCZHh5WEFCaA==&google_gid=CAESELwALyANoC8O6-iBkT7K12U&google_cver=1&google_push=Aa02lx8nXdM_7OQxpc2OQUwIv7UhSZ2jAc...

170 B
188 B

47ms
47ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WkFCWmZnQUFCZHh5WEFCaA==&google_gid=CAESELwALyANoC8O6-iBkT7K12U&google_cver=1&google_push=Aa02lx8nXdM_7OQxpc2OQUwIv7UhSZ2jAcLetYJDo8CSmqtcDoLxPgTfIA-kPaPT1zlnfLhKX9o-Nei-XK6qdUfTd9QXj82kGy5fZw

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220071-HHN
pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1677744511.085406,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WkFCWmZnQUFCZHh5WEFCaA==&google_gid=CAESELwALyANoC8O6-iBkT7K12U&google_cver=1&google_push=Aa02lx8nXdM_7OQxpc2OQUwIv7UhSZ2jAcLetYJDo8CSmqtcDoLxPgTfIA-kPaPT1zlnfLhKX9o-Nei-XK6qdUfTd9QXj82kGy5fZw
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FD65
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJfLcmFWkowDAxE74bZzIKE&google_cver=1&google_push=Aa02lx83NI1DHigS-q0Nhst1edokgWzkCISjEOIgV74YJwN47hU5O-xQpDjiabTI1apkrHyTOvHz1OEFnhmLjqrWdkyjyuD...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx83NI1DHigS-q0Nhst1edokgWzkCISjEOIgV74YJwN47hU5O-xQpDjiabTI1apkrHyTOvHz1OEFnhmLjqrWdkyjyuDfOGFqBg&google_hm=eS1rWXZ0aTNaRTJwRkts...

170 B
188 B

47ms
46ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx83NI1DHigS-q0Nhst1edokgWzkCISjEOIgV74YJwN47hU5O-xQpDjiabTI1apkrHyTOvHz1OEFnhmLjqrWdkyjyuDfOGFqBg&google_hm=eS1rWXZ0aTNaRTJwRktsTGhQR1RIeHZTbWsuYWMxRjMzOX5B

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Mar 2023 08:08:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx83NI1DHigS-q0Nhst1edokgWzkCISjEOIgV74YJwN47hU5O-xQpDjiabTI1apkrHyTOvHz1OEFnhmLjqrWdkyjyuDfOGFqBg&google_hm=eS1rWXZ0aTNaRTJwRktsTGhQR1RIeHZTbWsuYWMxRjMzOX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FD65
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMCs1XTEidWjxYPLqImpmyU&google_cver=1&google_push=Aa02lx_vo2Gj9N4XhC6_Ey-poGhoyuhxboV6JjQQNBiJz1GCL46Wr-Td7xi737DSDg87a4FX87fOvKU-...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzYxMzcxNTc0MDQyMTc3OTQ5MA&google_push=Aa02lx_vo2Gj9N4XhC6_Ey-poGhoyuhxboV6JjQQNBiJz1GCL46Wr-Td7xi737DSDg87a4FX87fOvK...

170 B
188 B

46ms
46ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzYxMzcxNTc0MDQyMTc3OTQ5MA&google_push=Aa02lx_vo2Gj9N4XhC6_Ey-poGhoyuhxboV6JjQQNBiJz1GCL46Wr-Td7xi737DSDg87a4FX87fOvKU-3ZF-_Cf9nN7Rbx5HReXO7g

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzYxMzcxNTc0MDQyMTc3OTQ5MA&google_push=Aa02lx_vo2Gj9N4XhC6_Ey-poGhoyuhxboV6JjQQNBiJz1GCL46Wr-Td7xi737DSDg87a4FX87fOvKU-3ZF-_Cf9nN7Rbx5HReXO7g
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FD65
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIaTNYY_bFXq09Ga4-EnrVE&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIaTNYY_bFXq09Ga4-EnrVE&google_hm=ZABZfRnE7DVKtaD5T6KZGAAAFJEAAAAB&google_nid=index&google_push=Aa02lx-hl45AWuY96NlM8tdr2R3EbWwdCPW-_...

170 B
188 B

47ms
47ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIaTNYY_bFXq09Ga4-EnrVE&google_hm=ZABZfRnE7DVKtaD5T6KZGAAAFJEAAAAB&google_nid=index&google_push=Aa02lx-hl45AWuY96NlM8tdr2R3EbWwdCPW-_Lq1mW2aFAH7VkI6CytvsoG2mZ-WwyFQN34eikihG2fS2LdpjFZBSEGItfpfLfFc

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 08:08:31 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIaTNYY_bFXq09Ga4-EnrVE&google_hm=ZABZfRnE7DVKtaD5T6KZGAAAFJEAAAAB&google_nid=index&google_push=Aa02lx-hl45AWuY96NlM8tdr2R3EbWwdCPW-_Lq1mW2aFAH7VkI6CytvsoG2mZ-WwyFQN34eikihG2fS2LdpjFZBSEGItfpfLfFc
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FD65
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBXRAGyAcwr-wX6Pf6OiM7U&google_cver=1&google_push=Aa02lx8nHDVVvuVCSU7RKo9PEGmr3ikWXYa_iOm8RFVzfMozb1DDN4kvTCBCX4LFBshNjB7xk_ILdCldCY-M...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8nHDVVvuVCSU7RKo9PEGmr3ikWXYa_iOm8RFVzfMozb1DDN4kvTCBCX4LFBshNjB7xk_ILdCldCY-M_9bPOWBEjPwRyIk7kQ

170 B
188 B

47ms
45ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8nHDVVvuVCSU7RKo9PEGmr3ikWXYa_iOm8RFVzfMozb1DDN4kvTCBCX4LFBshNjB7xk_ILdCldCY-M_9bPOWBEjPwRyIk7kQ

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8nHDVVvuVCSU7RKo9PEGmr3ikWXYa_iOm8RFVzfMozb1DDN4kvTCBCX4LFBshNjB7xk_ILdCldCY-M_9bPOWBEjPwRyIk7kQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame FD65
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFemk3s7q1v90qwMqzeiUvY&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx_1Ftcy7PN2hsgpz-OaujM-aNLlvbD5TxZmbnT-3h99BazLazFTPY7xNN_xWSTcARmJzEem-I3VSAPMhSHOLW6p2hZU20bM8TY
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

63ms
63ms

Image
image/gif

23.203.125.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 23.203.125.36 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-36.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Thu, 02 Mar 2023 08:08:31 GMT
pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame FD65 0
12 B 45ms
43ms Image
text/html 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LBQKzJo-z7rDsyfN-FT4RzMJVJfGrlWN3i7Ph-X5YFZ_qTueLW31CqmNUQ22buugFhxUDpBg

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame CE54 170 KB
59 KB 26ms
26ms Script
text/javascript 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.kanui.com.br
URL: https://www.kanui.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Origin: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 05:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8000
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 05:55:11 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/ Frame CE54 8 KB
3 KB 22ms
22ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhGzScjwVby7c1i7PIJsFL51BX2tz1DM4O0Iy8s6A5IaWEu5YnrQOU2qnaQL2Knf2Gab-NRaocWOA3_mMKd4u2PLOrzk1mW0BlbqZcAxxHvJ5_SC4&cry=1&dbm_d=AKAmf-BG1ijQYfVz06sv-I0Ki4x4oiJrzy3bhR-tVugaYxQozNqygnM_f-E5rPUXjw77Kcbe58BHJjmispdO0ACWIbLzD3Yfh7yL1Rmsz5_l_ctNxIvJG_uvQEfMprFhRGGpPjF2gqMwhxj-1dGKOgq0-R1mzLkeM5CLUQ9A607EvuZPTM4TEzdSm95As6BGGjIRfdjeY1iLDLhrsyRQJrWRh0MCsDyBl2EfkuTg35ECY7yewn0R0Y4jBvmnCjPJYZjO1C8hiOAje7R_MT0sN_lNlrVnZga52Oe32aOf2NlZQqryb0C93v9SIWKGUpKzx74VymaQjy9DNOqUfSxRhOzRm5hcK9dSHuh-a8ZknxEzqsTFxdxaDsXKtD06DOyO9h3DYHdWBngdV5J3R4Ih_FuGry4k4At2o9Br3olmU-8coBCBVPX14KuaJ3grVIehE_OrV-M64rcvop_S6Mik3LAnoyCdBO_1RB4lIWsUVe9VaCAt0ppl2w4EP_twVv2cNdB70PwvVMEO7EnXzTLF7d8YqgmpxKBIZj_lD-JDIu8zR-bbis2jFnmC-EdatQhWOOmOTqMUO8qmt6e0mRefYvrDRAW0swD_2Er5LqHWWyH9kdrX-lpulDq0O6w12zhOPSkDrGu8I3INQf6pemQ-_5Q6UhIzvPnieqZMwYuhcvsfEmWLEm0aEOqCjqqHC3s1fCGDzqRyYOnZgK12ngI8ArWKKjaN4KaFVpEakWw3oST7HvL5amrcVwvAzrTUC-rbmERLRHnIB0cqt2rnGswoUKEWw11Pjm6A1rEmeTaZtLAKVgTMxRJEAl24TGwBcHJhYWO4zACulxVVH57L--RN2eP-EghoHoi3wLeF8lMcpoKQPIFvQDRZrX4KB4mgYCqGEGHQvCYUbmRnwsUmmRV99Gk5AiT2Sw62MNdF7HmRG7zQrcu75Pcj9qUQLbDgGg5tJi5x5FJLdMpgfbjh4XmO2nlzT-cNl-5AEeLTP3iyu7iKizCXIXymHusGR5QEuynrm_y9t-uKUvNJxEU0D6pYvjVQXEo4e71bAB7I5tN5vcRDTcauc6f9nmgOk7Y4Mbf4AKBSZgfb_FFbgI6R-w5njGYKF_XOJU-_Yj0y4IkyUh5ieafllS8zXjW3hJIb5geBL9vF-RE1XlhCbKTTgUdTK-4nhlYLlABPM0A5u260RfDQHUmGUTZAvShRKgdsicK-tzb1CAfgFyZyKQemwOcog2eXgXqIS8K3s_D6JU3x5a08nAGm3VqdRtPdDwoU5tmGXPwOwzCyveQppchH2kgrLRytIBwepvtTmcFMTPYU_BEx96IKCHxyIdFMFXCMFsOXnMX4aeOJmhelvjt-HeotsuwKvQEH7SEkR2cGLW2dTKCPiNy3vipNX4yTyMTzDAVYFHSKPuhZ1_TaAwKlpJgHcTo4HSbg0QasJXpIoqNhSJHuFi9aImaNAsR2lCuOBo-rO9wvX5tI72aPxss8XpbZjEuFVzWppjD7B4FfeJoX1U4LnHwDgAG_btn7aeQk1GbZJz8_a7uIxBEbdqcyosrpFtTPdZBKvdsnaiQHxIR3BqvVbmONwoQft2qMutrETIYNIaaOI8j5s85j-zrkkZ71yyvUrCknurl4NeMbXvrIE4CVIlRbP2Sw9fqWswRd_K6KGwAhcRMykaNLgIuWTO4wz0pVoQlGPVuzDQ4gl5moPH_r-4K6yTZvcaWDK9iro7FXurk73EL6ZGErRSeVo24PhfwuDva6iVQZ02Y3PfD6WX1BeP-NNx3wlS6VPnziquwkKsOwUnncqdTFrbVwWd0by7blaMGNFBBNGTiJfZNDblWFXgTxzTyxU9X3-eWaQfYxkjIbjAk_K9YhLnDMeWgqiobzkrngZ6rx3-KLZDNPy5yYk-80-lJhgbhWmeND5UZxXnjAwnOxm5dRqO_h5MTWtf1QpaItOkTyZjMwyCQ7bvmoY5PidmgZwbfn6eUAeU_r7oqWzrixP_8EwQgiCSZ4LylN8lSxeHH8xIYl8liMALeSrK_6BFPJ7ajvdrtK43UzxEIrS_VlxJ8gZlakMcnX-CEWXTAI5vTYP6hKSeSINKSO8x95wxJ6oQugIEqdZfXuZbgG4-Ul_P_BrUVQiLLZVJz26O2UY7HCQCWGhnLsjaSLEi9KeBOuDywtwPXiPWs5aILrZipK9k08n1Fck9dPIodPaZNBEZcHo2rLcByFcNDslu43Hd9S0cUcusipM-zh0ec8Fr352UaPtBs7MGKSdAREhFz5CTUgFcRXsY9B7_nOLiywADny7-HfbEQy6Qp8Y9FPXME-1tnUxtnctMkqWBK2FvuPnPCijClxD0I14vF2iHZ8q9khuIh-rRaqIP6yRLEm5cMgakRZFloqnTIBgC80tsBWNmrTcFqeu9MFdd60ZgsWWxntEPUIi-0DBlwsLQMv1YzDBbxyrYP8lgQ6iDpMB1gb19DLJ1woc7uFFB2frQdJqcBAKJppqaRSwqfnzcoasSNFiOrGBFTD513nCT1SC2YhjHc2oKFAmObrw-9ovD3giLfTYDoVgeHYmqIdT8piUs_QdVevQERZERBqpjL2nw2B7HTrpMQqvUqr6Z8B29KLphuFP-5q0RXRhiwuHyBgJpD5-qmRRHFmfsUQZNVepGaP3aFd0z3n7RHTJv9Xvuc3ZxkeQ4xUyfSIdEQ2pFfWaXeh_IoPKZIj3f16XJiaNLijWplK4q-Z9oh9_aUG12axyBw4Mh_ZWKRANVDRzKeaFook3EgdCqmV-YTtvlZ0pj0VwjDCZdzA-z4KWxbTI2VYKjycS8AvYN8jhb9rK4EdgYUv5qrOb5oIHZa0MKwSsgfvJVn4ND2n8dq-Zg6aZRCuNPQOpPzyovnRyPNIdhSheJ-ButlBIE9ysTVLQ1UJ0mQfoT3H8FrNm-4hISqA8rO_6juBgL6BK5vd5mTSbEgFCNqC7P5FfUsTGE3fofCs6UFRh6-vM11aQbZeN2oFO_kz7E2qKoOVGZZ_38CgfZctSds5loIL3pOW3GVFgq0HbeaxZ2RCKUaHgwJu7oBZ5Bz9wBfIAXH-O1hMvwutgWmSxjCx9Di3uebheRvmV5uShN5_Vrxipi0erXMZOnHQu08iiT2Z0YIyTCgcH97ldJp1SB1D54t7k6o_y2qiQ3fuCm7IvX3QLd2I8h2JHtsL9PYYn1KDP-MsfhpZRKzvQkV5aMO2gjr4W9IWo06VPVKztRY8sQsyGeapkyiiIg4qIUJJjGwk7GJST-7mAyMZMAhA7tTMDSLcmCEn08m38o3lLU1hREyXK4uwuebP2VvjkyGZwO6jUP8u1OMmZd2ypbZGyeF5UDOL&cid=CAQSPADUE5ymHxG3aWsRI3swdICf9UWs5GAY-zKkuaQLYpNbnx43Y0uC4Hricm77PJddaqbicjyvy6kRHmt7ZxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=17453470618543036000&adk=943508955&rc=1&idt=226&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:39:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48532
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3023
x-xss-protection: 0
server: cafe
etag: 4221495933888618527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:39:39 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame CE54 29 KB
11 KB 23ms
22ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

555cb911a280dae2e7ab778b5403e27a81533f7b53cfac255d67e175a96c6e86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:39:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48532
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11134
x-xss-protection: 0
server: cafe
etag: 11889138295710991679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:39:39 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame FD84 43 B
145 B 13ms
7ms Image
image/gif 35.157.135.232
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-3tEdWlcmXfC6bn1jvdKWSs9fOv3iFq34VpAxBg&expires=30
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.135.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-135-232.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame FD84
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-_guoBFcmXfC6bn1jvdKWSs9fOv0oOb4cAKbTUA&google_cm&google_hm=ay1fZ3VvQkZjbVhmQzZibjFqdmRLV1NzOWZPdjBvT2I0Y...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-_guoBFcmXfC6bn1jvdKWSs9fOv0oOb4cAKbTUA&google_gid=CAESEIt2YUmZyI_bA4mzD3Z9tjY&google_cver=1&google_ula=913071,0

43 B
370 B

462ms
133ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-_guoBFcmXfC6bn1jvdKWSs9fOv0oOb4cAKbTUA&google_gid=CAESEIt2YUmZyI_bA4mzD3Z9tjY&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 734923
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-_guoBFcmXfC6bn1jvdKWSs9fOv0oOb4cAKbTUA&google_gid=CAESEIt2YUmZyI_bA4mzD3Z9tjY&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame FD84
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5041752041464797059

43 B
370 B

504ms
134ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5041752041464797059

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1279210
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Thu, 02 Mar 2023 08:08:31 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 70ea1121-48ce-49d3-a4c0-5ff3b0c555ea
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5041752041464797059
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK setuid
secure.adnxs.com/ Frame FD84 43 B
1 KB 11ms
7ms Image
image/gif 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=52&code=k-p4bacVcmXfC6bn1jvdKWSs9fOv0loM3UunLEOw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 08:08:31 GMT
AN-X-Request-Uuid: fc385cb1-4ccb-475b-a553-f9488d46590c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame FD84 237 B
978 B 176ms
94ms Image
image/gif 92.123.38.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-AS-FElcmXfC6bn1jvdKWSs9fOv3LYONc7aWD-g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

92.123.38.97 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-38-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 02 Mar 2023 08:08:31 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 237
x-mnet-hl2: E
expires: Thu, 02 Mar 2023 08:08:31 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame FD84 0
239 B 80ms
10ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-SxrZq1cmXfC6bn1jvdKWSs9fOv0kvBwX8PpK-A&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame FD84 0
35 B 109ms
8ms Image
text/plain 3.122.75.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-yrlosVcmXfC6bn1jvdKWSs9fOv2MfIvIUNtFlQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.75.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-75-125.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:31 GMT

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame FD84 43 B
113 B 33ms
29ms Image
image/gif 185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-hfOTjVcmXfC6bn1jvdKWSs9fOv3m4LSNbUVjpQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:31 GMT
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame FD84 0
99 B 404ms
17ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-Ugw2OVcmXfC6bn1jvdKWSs9fOv0Z8gNX3EEfQw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:31 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12417

GET
H2 200 um
criteo-sync.teads.tv/ Frame FD84 23 B
172 B 82ms
64ms Image
image/gif 23.203.125.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-N4UQN1cmXfC6bn1jvdKWSs9fOv1HZa6RPOe_ag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.125.36 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-36.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Thu, 02 Mar 2023 08:08:31 GMT
pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame FD84 37 B
140 B 41ms
8ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-QZFetFcmXfC6bn1jvdKWSs9fOv0ydFonYTiKIw&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame FD84 0
322 B 15ms
11ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-3hp_dlcmXfC6bn1jvdKWSs9fOv3sC8VBVnf4DA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:31 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame FD84 43 B
162 B 81ms
16ms Image
image/gif 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-5-v97VcmXfC6bn1jvdKWSs9fOv3cGQFIaJcI7g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:31 GMT
last-modified: Mon, 04 Oct 2021 14:04:49 GMT
server: nginx
accept-ranges: bytes
etag: "615b0a01-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame FD84 49 B
235 B 90ms
21ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-DwMngVcmXfC6bn1jvdKWSs9fOv3oNdEU7zn8DQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:30 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 5
content-length: 49
expires: 0

GET
H2 200 rum
r.casalemedia.com/ Frame FD84 43 B
778 B 83ms
26ms Image
image/gif 104.18.25.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ztqYZFcmXfC6bn1jvdKWSs9fOv2L13yhT8uJeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ok9jsPJr6g68OIBSvibugyQlG8OzvhuVUy4bHnmpdwoVbhvbf53LqxAq6l1BPtfIa%2BWd2qdWNgQj9oswzomPEvP3uqm2FdT0yA%2F9wCqS7lSyoCUQpUVDK%2BqXaJ4FFkYExMOR"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7a1826fb0a153807-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame FD84
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=aclCV7hTn3LzENLrp_rSqGLOWTOLOuMz
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=aclCV7hTn3LzENLrp_rSqGLOWTOLOuMz

42 B
942 B

187ms
187ms

Image
image/gif

34.246.68.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=aclCV7hTn3LzENLrp_rSqGLOWTOLOuMz

Protocol

HTTP/1.1

Server

34.246.68.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-246-68-114.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v046-03617f131.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: YokU7snvTlA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v046-055e9ae9c.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: urlxv4zvSF4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=aclCV7hTn3LzENLrp_rSqGLOWTOLOuMz
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 match
ad.360yield.com/ Frame FD84 43 B
445 B 23ms
10ms Image
image/gif 18.193.152.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-17IKd1cmXfC6bn1jvdKWSs9fOv1FgYt_ps15-w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.152.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-152-7.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 02 Mar 2023 08:08:31 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame FD84 42 B
274 B 498ms
176ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-X_TpOVcmXfC6bn1jvdKWSs9fOv1ZHdEL3NkAwA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:31 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame FD84 0
883 B 40ms
9ms Image
text/html 52.58.222.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-8kpkwVcmXfC6bn1jvdKWSs9fOv3xxUPKkG1r1Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.222.68 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-222-68.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:31 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame FD84 0
145 B 544ms
115ms Image
text/plain 20.13.96.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Gfv9KVcmXfC6bn1jvdKWSs9fOv3w62jnuxCi-g&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.13.96.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 08:08:31 GMT
Cache-Control: no-cache
X-TraceId: b51696e814f87b0b5e2e849a2f776b90
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame FD84 42 B
580 B 135ms
18ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-K9r4XFcmXfC6bn1jvdKWSs9fOv1gqIr-bKT-MQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 02 Mar 2023 08:08:31 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame FD84 43 B
183 B 385ms
89ms Image
image/gif 2600:1f18:612b:4280:cba:636a:40f6:2f6
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-4HF3wlcmXfC6bn1jvdKWSs9fOv0B3DVQ_4MjYQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4280:cba:636a:40f6:2f6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Thu, 02 Mar 2023 08:08:31 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame FD84 43 B
153 B 637ms
198ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-Ddmgk1cmXfC6bn1jvdKWSs9fOv0whXrKOuk5mA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 02 Mar 2023 08:08:31 GMT
server: Apache
x-powered-by: PHP/7.3.29
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame FD84 0
525 B 152ms
50ms Image
text/plain 104.96.129.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-08pULlcmXfC6bn1jvdKWSs9fOv25oGiwtTD6MQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.96.129.75 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-129-75.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 08:08:31 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Wed, 01 Mar 2023 08:08:31 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame FD84 0
38 B 258ms
29ms Image
text/plain 34.242.33.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-oGukSFcmXfC6bn1jvdKWSs9fOv3mO-eGlgkKpQ&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.242.33.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-242-33-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:31 GMT
content-length: 0

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 12E3 170 KB
59 KB 29ms
29ms Script
text/javascript 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.kanui.com.br
URL: https://www.kanui.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Origin: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 05:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8000
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 05:55:11 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/ Frame 12E3 8 KB
3 KB 22ms
22ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CaQowwu7JVP8IsXhBVOTFyZcWNPQfd6H_IF2P_iMW3KnoaYj8yR9y4dlUAfKHtNobhsk_t73Hl_6essdZwAh00Quw4yptJNjsndCYRWfDodiNiRZo&cry=1&dbm_d=AKAmf-C8muIGy2T0uK_UioZrrB8z6hNeGqbzDzulpRMYP4k7Dm-iR2Gp_GvfD1wIuSTZMoLoDDCpXmczZCsR0fgUMOPhpV9GDtJe2104yIqAw5Vh7yZ8KKWHzABxPtW0akErKYkTcvO4_IqI5muNKkrxSSkaX3No-JDzJg9yS-36Dj98OkYGTxnsjblIeolXaLBx29SkrLGSmvUhfvd7QXXKc2KpzmNUoEoqyYb6vrOk1Mkw2BHMqlaoqQI174KS4nQXGVPHoK-05JwtECPxZVIZXLQ32_qOc3PbILvZSn9rE75w5cjGxJNKD9Hx_HBgyaYeOLYEJ9WvJZdd9kteuC3zoThypkD-21Y4GFhjax2OZQWU_TBc2OpJIMlllUT3bPH6NQ8oabXwuftPbsiRJ_ph48LhUt0LB_Bob1hr9yJ_A-unRsgRYJsC8VStMtDhWd1x1w0Xt-k4jzb7ufdV9xdBQN15VnWNEqufHmxxDre6kQnA7sFKYtG_Y1Oa-AepBji31zWvrh81uLP2A2--jUKdqdXvznNnb2E7unCE0SQclon2XVZkTJsyAVY1FaqRCq0CyHkObirWXHhWaRzrGylALmuunJaSaODk4PVgbSCMjRoaeKU5Lx8cMPmnoLe-B_EgKEAIVm73CMS6bWFSWSk9_bpt046siNgb4XOoxL31jzqPE-OD0e9DQCJqgir5eS7Y_ui0s0apto2cJhNeXtoDv8HXkE8OmIsi7IHr_oIW_XTjTyM1N1GiIYcjsZp0IPAKPZpCQPWmykCFyjucN--HNthPjbt5ZxxjtQ1_FeXTVlgzvG0QlfNUHRTSzP1R4-0ZtCrCcJAZ128rUioLFmb-2dWpZWdwaLjkoYBb6mskQwYgjKaltQ2VxwZhzEELfXYsXNq1b-yxkBTpzFGLUJnULeaA3UzQhTOzJ6Zc9ewUTHk6QzROdgZ1LXHWTYHO7gc2JomlLTM67pbpLZ8Z7mGsizOBl9Jq45zaN1-BLwHnMmbuFc-ZonVADUJDdVqP7BYyP7SEs2CWuNLaOWF1FJVsP5-d-_FvJNpQBzYbauni4DQ1BcnBNkjqSoBAgwHdRr0FkeckktCioqu1P3tAuYcpI7mdW2jPSMBmMeX_A6OKvtr0F1QWJUi44gC-HlqpFOSSI-XhuVN-9EGw2DawDsTv_W3jeEYifWavrlz15V89TeKS5iAtFdqwxvDLUTe5pOlRRjC9XZgRLbPrjNCeYto1MlXvL5T4wOoKF2g0TUYCWvMzxcBK6JngeyEFIyqtZ4hJz06-5ApnhlnR6q2zxGLGnL-0GijzSZ4xTiZ9o0u8ILowC9bgZFHte1AAGzCCfC1GsDZfX3sWdJsYH4ZnZ1LSzZyQO2hcE9gugdJriTdhdCR-9hTpu3TZOTBnb-ce9-XvjKjaG0phRFp6Frygm2q1JActvXmqm1R7FK3jOrcfz-2iE0K4eA0PVPjSTHBW8IxDoNpvuEFyxKxoZK7TWCQe5pyCUtOALSBpngdYZF3OGEONfRM0EAQPL7Ft27mO4JBobjlSBvTSWmy_sGOF0PtoytodPiZn6srfsRMoNV7I12ngp3K7jKlRz7hlG-7Bo6fsya-DitVsD8w4yzMVsg03Q4M1eamp2ck0eL7EHzScxn2xOqGS9TW3GIfaBC5t8zddkEo18tdrUR5KwY_teX7f9BU8bzZuSDspF7slCSYNN8LrtQsbEslskFRFaCi0-xe4W19CGj1xzHcD2AZIoK8PB43PfWoeaCaYswaONdRIV4KI_8F-uBEsjmvMW2mbDFG6Gk9aef05wFUd42cm42uZGAjdFmESSuyYBDN3vFLTAvzIpj7m1UDqbWOYQvUg1Q_W2YDtOnTDCcNKiSOyuuRPc7AWtInnbpyL3UR0jHEilxt3nLDqq_0Av24NsRcXX7xR9S_RPbRpOpJTt8cKV5qwkur-X176Ni0WfO0zDSfsfS3gN2MXITHHQCM5tQ9QDBPzEq-ezNlf000QyPj7ntEhdKgkH6gjZiSKXKwv8kq9Zf7bCa4r7b0hyTJnQ_wSte2UPZFpJz9PJc1JOh-2GuDHMtQIZHAke9Bz-wHkJXEbebyi_gZCSn_aUcZBjmdeMT5KidH2tXeo8GjJH1M1G1pil0LHfYlW4pcmemrpMg6zzSXTXyw9bfuPLTDJtyvCAZvCV48dl5TduDr3rVBM59VKB7QQaNVySzC2zKrBb7AJBsm_6o7IBNOWV1ygi7M0_BwqymIh_3epuA5hNdwiJcbfJnibZJn1itMeERVS7M_kzJXDfubUe-0yEC_3i_Ct5Ia99fkC2gocmpUtkQCZLsNuv2jdfpH7L1WvVjw-PeeUNlVxWjSUR51GEabgmOZw9OjBltyGLhICsPJ5xxp527AhH5yjG9f7SUjK3mAePKWM01-8PqO3EsYAMGEv7UWmcqprzkYQ40QO1Q_K5gWOY0DtPQcxrTecqDRW3AXm8v93-2ADI7IG3PwrRGBAEmBBUxikd7B_xpOTzBEMm4gkodpVzNAf86K9Lir3v9Nk5WDGaAU7wmxay-Y8s18qaefd_404_eG5H5FB9ClAXov3e5ojMJmpn7jnSzITND2TqC8EVcHBzJmEDP4rkr1icjlfdlXfiXBDQZh9pN5c2aIu0PIrH_w8qLTQgMg4mSG65YY6BJdeQ0rzLeonBbcSjwKhenbXzjy5KzCWpJQIG29n1aZIyQeXYb6q0z8dyQ4I67TAsF9ZOvw0YbSVu8IgUb-gQHnLi9KKGfnw5CSYcgBcCCjnklUobnTK-7XcQImjrJKjQjb6fH9CVoE94rHDrM4kKq6eMSh7iCoa0b9YgeYYC8mrh9dubK5GlpykqP12ODya12X1mh1X69UXY0X8ExPzpdW2bcDZVKm2VKc1kMTaPLmbHUkaTAEsE_cLx85q5dtk7w4VyDBsW0OGNoB7WVncUQQOkuCmVUBz5Hbql3Bw_VQF7TdYwBz2cJ4rjoJTQW90j9GRaZbZof-OY80RhQ3s1pSwJ6WISAgb1gbFUyp1GBlUBiRRB8bn490gN7MDhkwWRF9_VQWcds9qGiDcDJDn2vOW030NVrZa6X5GuVmjTsZfe9xkcE0qhzmstnavoM1gIf1wZmxH1JKOzayoVZGM02Hrs7CuKfC-85IDRT_7HZpEdSIxNQ4VYbFLznhzUCw6mypudABYmojpUMPY1NAlotS_2631c13cpOSgvhIp-FOWHL81OPQ3gVMFEWD_x7dv3tw5TWwU9iR4hIonMv_fUotnTd2tzaYeWjphvltnDP8iy2xVEu9pkU5XX5C8SnI6POkGa6AtqVG_Mz3tiqiD9giJfrLOAKkKizENJ4SUUbfMg_n5e-ZTQ1xLZTK0vSJKFIT1sUmCLJI&cid=CAQSPADUE5ymHxG3aWsRI3swdICf9UWs5GAY-zKkuaQLYpNbnx43Y0uC4Hricm77PJddaqbicjyvy6kRHmt7ZxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=9640784952009607000&adk=3690638929&rc=1&idt=222&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:39:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48532
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3023
x-xss-protection: 0
server: cafe
etag: 4221495933888618527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:39:39 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame 12E3 29 KB
11 KB 23ms
22ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

555cb911a280dae2e7ab778b5403e27a81533f7b53cfac255d67e175a96c6e86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:39:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48532
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11134
x-xss-protection: 0
server: cafe
etag: 11889138295710991679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:39:39 GMT

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 3791 170 KB
59 KB 31ms
31ms Script
text/javascript 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.kanui.com.br
URL: https://www.kanui.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Origin: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 05:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8000
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 05:55:11 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/ Frame 3791 8 KB
3 KB 22ms
22ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DcBdJ_hbxBP7DPTES1JaMLPwEtTZqs_h5x5v78cQOWpczzg9CsriOQ4lC9DpFhSzVVPR0CWVsRCMfZ43YmFx_4lDXAqX0h19V6smaRP_c7cwYq-l0&cry=1&dbm_d=AKAmf-BvxkGMQh85-7FycqlbjTeyaw1OAKhBCu-0kTwAx4GLhhy3NY2Bpv2c-2on15H1uGBIdJFK34e8byerVcaR2nmJAfO1BpHl2fcrpTvL0uwCVGBdjfEvC73dJwPpDoDcXj2bPX1lxHcTIY8g3TNHEYXePNp6G9-2gkARCRbhIGXrBGgITDW9E6NV1fiCnFVJ7mXiT0ywDZSnokSSvKYrVW51Zr6i9Yd9JqbmdHG9z98CbzLozvZ3SjW34wKitNYBTiCfnWKHZj1w6MizdfOClgQdIxbbOjcuY_MyOUSrJl-02ElElrcayH3aoTIb7bEv8FBJ3FABkfGcvpxDQh8FBFDt2u37t3hYk9HckJVYjSnu6CwDDjCEcIZZSMxdi8SZz6olO1s7jbNlnOzBoBpJYA9fpCPff2TI6-fJ9JUz6ds1LnJx4TlB2YVSAyWR3XGB3KJf6SutcAYEF1fPnBVImBEPDbWSnRHSj6Itc3rTzVq4Ui0BYdDtT80dMHaAsjbSgR-pKE4K1bqxv39SqCedgGs4NWyDs-M65zm26ocpjtgEsrly9_KSLwd-ldZPud6ScG7St04gPhVRYwZbcIln9gaKxp94ZnbWbZV0XxtoKhs-nk_uu_XKW4BAT6pbmzDX-6oiVA9tyEtIsw7FBzymB6SmmrB0s3psUvbpkNFTWAiIQlrROvBxoChICDe9y4E6whHH21G2OMDpYM-qMFIWtAS80Sh4YsJNUlFE8kLpEhOhvy4MPD99UBPm8JR538X6xdOz_k5QJ-GSEjJNXfHalDgVq07bMKocvo22zYQADKqJ64Eai2vmeq82thcDMjEzz3ckVQU9th1xxXhcCWABZ_906yrEOcrh77OIrSz5X9-XmwMjveqCBBhheiHrNHa5UsMGCTRrofkcPn2giW_RYLymTEWjFO4CPyMr_0BNNf4zTD7WBuywWgC-V1OI63WYk52DNl6cZNhHrU3GTWEleOSKMv1MsTdfszOGkUTFnU3sQDwMqBaSI-I7wL_ffbamxhKqDIx14Xgob9JEYot2RAVc2o9XdKTUhB2VJz4W_ZRCo8iMi_F3Ze5BSl4SIuhnDoavMNsoU523dwZTq0jWLYhAyPh01Q6I_wKrkFLZ7Tp8mLd6E7IjP6eAKjxuP0ewyRgZEUAtKnBsbXOeQP0t_DThtGZf_QhsDiqw5we-thmZFQWl4MwxzvtCHYpIKiqrixrIYJoeRRsxCqGMqdbEYBrh6SYbzuXUZC2XevFDlZpc7DVnaNYCHXJVVMK9NAe2qtqUnIix8V_5C_s7eWflXlaToVxf55G9KCd9pvKiF5AbZXu5cnURRiLPfWTWqLAVcl9kgTH2is-wI_FVd9YJLWWnRisMKK2xss7xEJ1s8quVYVNGCzNXYsOo2F4MHf033vXefFkVfiL5N-E8_z5ArLVmz_HqmAzUCf9VtrlNqcBH_DBubf05hIsz6jcQEfwbkHZrPQdHU_vT2d87MEzVKSpXjR4LeRKaW4TIG5wxKcGd94DB9BeMaxhgfyNCBx1mamRgNNFLTaya6NfVOiTgM0OUu6PfOIKLlTrRW6sfEUDRasrf2cBG3ptazCq3dZ4CDCn19rD6mU65X2fXtNr3E8Dn_E_4CbNa0smupPdEgwy9-Q2DGzQB17Pe1_bmju6pP7eSPDfAgjcPC_F3WQP9q6jCDRlw_ZFV6zj5gJfCPPc_run12MNI8rok4k5NJWuOqgslVXBpOJ7A-W0svQtACYbJFvlX20lFjnGj95nAwZ_OwNmUdZKAe6HwNbGyLf_53rwyuQZCDXsF5VkpF49My-kDqAXHsPNV0b8DIP-3yr_owc4CtSir7_PY7-WIVLrZJqerdfNrpFXOnf6UepbO3mmB_tJnKgrK9wISWGXD2OkvO-OLUs8RqRg9zXH67Kj0gUU8gcNwU7eZ65yChKoXXGMX25wE34j_mSwAkZOlAanMvOKUdHuQxjxmmGNo-EVQltRGmQN3HS_Stb2xSEmWs_ALB_8c4K07tv0Og_dyDGYQ0x9t0EpPlaFmNRdl6h5fKuoppykg9MMLIzr9IXSkRq_zUHHOKCSgGvCZ2oTOEzrSHr5e68MGHJ1jxYgmqdDtpUl72RkDZfnaS--zUPvw_OLx6U5GQ0Yn4BJU5FcUaGhYC4Uz9vjEtbIH3DVdJDSf0PBdU6tADEXelURRVmXpJ5MKTACN7SaUKrdhJTpOHmzhUyeJizVwot8wAEUFIsQ8kKVmhV9UQhWAsK0jh0KTEf5RIrPot8EBrKqE6KLcV30D7ry2Vgy5f3NB2PbtQzqBgtwIiLpi3FSymfBaDksDOlgiku-nCEZc-19RGH74rIEqvqc8V-732fzPUeKFKcYzv2QgvmThIi8uN8XUc4FJSSs_A3tnLw9HiXhD8QWANr204m1lsGQ8adIxQc6oow1gQ7SHobp8Cw5qE7moEm7IKzKfL__7VxqTMgsB-igU7suEK6k7TgfOsP_b0TFFocOouVqiOv58Z5njXu2tze8QGr95qPYNjkKZUgDJVGSVi_Jj75OWIhVviH7cpXMvW9AmHBtH5Tx_cwRf1tXQ-jOtjqTDvdbwIPyFWtsnQpDIrKmO387M_Wh-9DZ11o1COgu091XjpxXmgJuXIogS18pkU6oZl9v-Wt2rdE8_0ahsqRR0Po-Z7XqzdnttafV92abPS-cB7pmR6i__KqhWxfEmRpvW-j8LXnBXnWxpWiS9DSEjfG7Z-K1YFLFUl0VWe-TUn0-kuFJ7b068sqTq-q2HotVhX3DVytXP4o3upKfz_heoa-BRXUovPBvYi9cZi7hEcVzFZNXC6VaFzkOlMV-T76_N3Jdg0giL4VZWpDTpAFH1ikHBR6VfOYzqM8w0wPcJePsVjc2Xf2aKSaG2H_3uqY0XQxrg3A_bWJqATW6cdeOCCy5IlfvV3Kw4eUcetaQ1m30LXOopoNW-V_WHlovzhkIm5FvE5ZQNveN8vTXDQiFzhL1Hc7LSw46Nrm_QhBP08ug9lqNTCPjSlh2I7rHUleGEaTnjQcXHBZFrUiBOKP6mutVYCHwcGXsjt-a4SkbfKMwBJcKArw_pu6YnhUGzpDANfUOsTPXBUdLYU3SluSH-rzKZfkPNFNsyJ-6iAIr6Ku23z1y-IzLgXnJLT-3Xeyhd8HlJT7YzlFNbXT-Sz_BwzVlWhkH9ydagvMn8bIBH53y0801fjeWO1QhQDhFazKkLJU5sx4_XPAs_gMZBUpBF1J30NT5_AyiUr3egR7OsG-i9-MjY&cid=CAQSPADUE5ymHxG3aWsRI3swdICf9UWs5GAY-zKkuaQLYpNbnx43Y0uC4Hricm77PJddaqbicjyvy6kRHmt7ZxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kanui.com.br%2F&ds=l&xdt=1&iif=1&cor=6440936307390847000&adk=1033480531&rc=1&idt=220&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:39:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48532
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3023
x-xss-protection: 0
server: cafe
etag: 4221495933888618527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:39:39 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame 3791 29 KB
11 KB 22ms
22ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

555cb911a280dae2e7ab778b5403e27a81533f7b53cfac255d67e175a96c6e86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:39:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48532
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11134
x-xss-protection: 0
server: cafe
etag: 11889138295710991679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:39:39 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 1581 118 KB
40 KB 23ms
23ms Script
text/javascript 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=sxmYLT0KD1&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=sxmYLT0KD1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 05:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8000
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 05:55:11 GMT

GET
H3 200 H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js Show response
pagead2.googlesyndication.com/bg/ Frame ED66 36 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f618aeae3ef8800f20ca9e7b2313104b64c81e24aad04f306665e66555f6b09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:39:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48559
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14309
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 18:39:12 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame CE54 41 KB
15 KB 24ms
24ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:40:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48502
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 18:40:09 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 62DF 1 KB
643 B 23ms
23ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73578
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 11:42:13 GMT
etag: 48472445140208031
expires: Thu, 02 Mar 2023 11:42:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CE54 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7cb9172cd1701ee38c8e9867eb130d38722972fd0a9466292a5a029d50cd907

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 12E3 41 KB
15 KB 23ms
22ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:40:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48502
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 18:40:09 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D964 1 KB
643 B 22ms
22ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73578
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 11:42:13 GMT
etag: 48472445140208031
expires: Thu, 02 Mar 2023 11:42:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 12E3 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd1dc322205ce57a20378375dbbc27015282ee5c3d12c42bf06dcc7e9a26c16a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/ Frame 2F18 13 KB
3 KB 56ms
56ms Document
text/html 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=KsF69dJw7x&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae3a0957fc5669d282e41e4d6107d528898f07b480ec550cb34ba6797a384b8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3256
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 08:08:31 GMT
expires: Fri, 01 Mar 2024 08:08:31 GMT
last-modified: Fri, 23 Dec 2022 09:31:26 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame CE54 0
0 63ms
62ms Fetch
image/gif 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuxJCp7uT9VYf58YoOPTb95X7HdVc3d1uE1ykzY8ZaecKbT7w9IZUUhG3wq6yXbYSjbsuSDqnDbEMkNedzq6xLhNyGf56WJbeQK7Vl4HimT_Tav2pKYvlOvwCiuhr2dfwLezgavtr_ZfDhJg8Xbt3eTWvtbmzHQkiOmR0R4puUGWyzgv0fmsdGokTE_cYTpQ9_wrYpbiPd4_CCA63UKy9Bz_wLtAkVhJbCz_G7ywAteNCoLcFFYMXiu2pAAsuHqQ-5WBed2GCP_8J2R8B0qzl010YFtrPvraz3wRJgwmzvxav5rf4KcLCZp54J90z8NBscW5OqM_zs6YRVMcU2et0aNbLL6JGW8A_EDahIDspMgZkD_-FRy-5FCjKuuT5LLnzH0-aDbynf4xnCcHz-YW-QSo5H5waUAb5kPDHqK9Lpcd1Mu-bDv9_QyGIhfWgg3Op9HRLFK8eaFPWhTlynnyWUJR6NLxBTuhkGn3E939ahurlJu-wxuyMtKAYWAVuqOSTLjZ83TmT7iI32MMnz9Oe_Ftx-Y6_iA-fj2W-pH0g_BdZi5-_Y5K2ffzeQwmvEeN9m049DPZz929HYk8uFLZ7iRE5b--wNEqYkrK-YOCwrt28-QNh-hPmvT60HhDq5v45RVt-rAzq5AsLbv9gWz_vnI0amXpK6wwvBeRR5toAr_cAb0j-dr4fkLWeMn3HMjWtewwOvYHbwr2LaMjW0Sz0ffuZh3-3hW7U0JbI3puxdPE_Qirc6hL82pmiv6dtbpgk5GPYwnzA9G-7r1SgQZ3lJTaEVYuSfXS3ssXL0sZ0K2aov_imZ5x_VSTBOEQsu7dyyiHBt0WlT4qaxmR9Vrgcbn5CV3pZuF3fH-LAAKjeJMIazNAYkFN9z1UyKv-o5gv4YA3CPYhbQKmqyNye9Uc9ihRRB8Xu3VeH029XjrZHCawgEM2paJUZDdhDc8E8BQPlF-LaxOIbaCRPtI-Z6ZSkcvEA--Ao3EdeOWNJ_gqBa6-gVcJoswiNlngnfyJf4eFAcvm2WArRkK3r2eBm--7GrW8T5GgEby2coe4RL6q-XAAh_2yvyL_sztaLU8P5DWXgte0ikNChoSOou9v0DOCFC2moMV-CtVBlv0Ct4F8yjKomhNx-M8zc8qdxDPST4EgTJOAaYA-XT2vcnlf5SIyk5GhdybBt4wDYwK8Rf6pIiEh6SLmG_Kh7ztpJe9m_i-5ZfD9oeqAwtOddnl8pax1_RLGZBPU58bDJ1eRBk7eh-EdM5_ogUzOt8C74QCJCdp&sai=AMfl-YS8QRsgfB-K94E3GyWpZMQ-Y3NtvfrWxzKzb7n59BhApvBTXGNhmxtK66ixGQIxkqpCYJCWMNwVktI01D6DXS0afk-8lhAmDGD4b3e5lBWUZFRyJViaJetFeBWCkYC6CdowobIhwoGLVAd1WPBW3ZcmCQ1IEmm1T0uaUHcbHe0md-QNe7GDs0k9Hx56SmVQnWZvCaKDYJcVq-NKyYWUGV7i16e8lPWKIeNa9AlVU6E09dCsr2pqnlzRI0R1L2Q9BCfuoMiiT25ueuV4ss6NGIrvzOlCIoETDw&sig=Cg0ArKJSzIKq6ke3ntuFEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=164&cbvp=1&cstd=126&cisv=r20230227.81774&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.kanui.com.br
URL: https://www.kanui.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Mar 2023 08:08:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 08:08:31 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3791 41 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:40:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48502
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 18:40:09 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 72CA 1 KB
643 B 22ms
22ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73578
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 11:42:13 GMT
etag: 48472445140208031
expires: Thu, 02 Mar 2023 11:42:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3791 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e51a8fc0c08575b402259c852cc7aa58cd5f743319322010facf862d98f5b58

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7024728442041512453/ Frame A6A1 115 KB
25 KB 66ms
65ms Document
text/html 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=pJzTncXvUy&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7733207cffdf30a54d5243350f4d55e696721a83a3022df349ce7ee17cbd3c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 08:08:31 GMT
expires: Fri, 01 Mar 2024 08:08:31 GMT
last-modified: Thu, 23 Jun 2022 10:58:01 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 12E3 0
0 63ms
63ms Fetch
image/gif 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvzoayqtVXE9nlLNP4Ffo0To_p59SLVtGSdX5_1_etmbI-Hm-mSqrvVR2GU3zhRC9kAUuSKY0qY9vH2Dq7ZuYo2xZztjEXqtHhhV2SFNVBAesHcf6X_qC9XtpqbaD8p1s7kigLVLG01mqpUe5rvzTBYTffHMSczoVpC_V_hX8Ch4sKfaLxcKH6rWw74qA-ry8jcQG51mTv5LrvDJe-o4-X_ZDbwRbqnWcLSyB84JyN1fYMX-jya5QHwJ2WzG7V3Ur-xbaweAD0iuFh0hgZTrzq2N-EGfnSK3iPyMK8ZplxqY8Em9ZolTpPEcYFTc-z9SFKndJwr81EndjO_MUUWd9UwsEixwoYe9DmUdlspBeOB8Uu6XPjI3uL9_pjhG0twaWQ5ya8CBAjjQLXsBWjM1zshkoqkGnSh55JrSCMu5INxBOl01za5jMxzn7bMFMWTEeMCokWTNRNC4ZN454l7X215HO9lbz9V8DY_Qf2njUQfETEsXvvYGO9w22HOh5Rx2RsQhBi3SYPr92dHsq_xPMTJ-HoQB1D3DN7jI1rlmZqtb5xc_5DVcdRvTXaJ7Giq2h9LMg_cS0uvy2PiVOfSUQctVAsH1tw0EDfVzlm2yvBghz_csMEq0zcg9GeS-p9ACXxO53It0vlQh2hpIHDKvJPGhLNTH7BM8C2A2l2KxA6_pin3ax-IIERYEoHVkNc2weoPsxLgVxrxaf0bQ-ka0OfnVThlXyCu4o9DO2LvhIWcq2Hnoek1fLrEhzfGo7AKjohzzW-4r92rIn48nsSs5wdvwVzWvpNV5pjJnUKwkJJBGEF3s4xz9N7fakE4BsnSx7bh9Oh5lzTuzzyQVxQu8GcbM94uOR9uXa9mjuC5vjnNx_F-44lbOTzt0GGwQ1dzVqrp-mDQ13Z_q6os8WMO4qmP8vrJGBFYUYWCrwmBHrogAtQgbLFe3Q6zsufimnyRSVioobmlrOv-zqxKBQFVtPi--9Y8W-XiPzclEQ4oHj5lZkrfxbvSb0_oQdk_34ws0j3UyHTZoT1AXd7Ts0s7NibHnh7qhtHx-IM5KnW4s1H0x2hfvJeV3ZUvxY0oGw3Hbsm7sXBd1zJlUY8x711qmmu5mJ8S_ZkGvaFQCVZ6QiCRuT7MMOBkaY2IR6St6DVSTyKlRF71lPu14SFQLZZdqwaiTwD0OR2d3xgk_3KgarQf7i_4K-RL_9mLK3oLCaBGsIjNSjf3LQ1T_XmPgyMchYbf-ndSdWMgRyRalbRmKdm7pW-Z6TTIRd_DnMhSOW1D3VZ2IBY&sai=AMfl-YRomPUXLh8ZLifGnjsmJqwB1LHgMPXrIsOum9ZMoWgafrZLRb4D7P7rzQ_g-V-V4mSLL_oUkIOZlwg0X-BqF_rmMYjNODTec0S-k404Jna4eSa8f_yGiB2YvWhWd_F-7QUjr_F1botSMVZkmbF_VvvDFmHUFXMuGwhD6ZA5WuZ7lKv9ohAaAebKchK7uGZiHI6pJoXDsiZ5BjFbQ8zLTcTlxqpDjeKgkYkptStZTp9NiWaWZ197ggzt0m2r5_QjiMMwPVw&sig=Cg0ArKJSzCmNBwlbqrMSEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=206&cbvp=1&cstd=202&cisv=r20230227.84063&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.kanui.com.br
URL: https://www.kanui.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Mar 2023 08:08:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 08:08:31 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7024728442041512453/ Frame AD0F 115 KB
25 KB 55ms
55ms Document
text/html 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=kNUwJd80MJ&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7733207cffdf30a54d5243350f4d55e696721a83a3022df349ce7ee17cbd3c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 08:08:31 GMT
expires: Fri, 01 Mar 2024 08:08:31 GMT
last-modified: Thu, 23 Jun 2022 10:58:01 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3791 0
0 65ms
65ms Fetch
image/gif 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvnAqPe43RwydlGI8LdZ704Y-KAETsffbAZAQetMW-j-se2uXm7amCjSdFN1tl7voFLp9EYo9flBbXXcAc-UTV3N0IqRjBHCc-Xo9MCbZTRR-oMwVKIpzO0uFKZTRP0jMxw18m8fqyghZWfkWm7stHrgDUQvMtU-FjLWD1l29PijzMS5kiqqMYMJOrnN3Qs6hZ8n8dFdzUfjwxcXJLcGwfu0RJp-52dy9CUDWFl80Q-7s-sYlB147KpDGXM2M1Nx6eO8iTmp2qsb_KdAxBYrXwrNtinnFs3H1HaJqjJBGUJWwbcN9JEm00lmUEFOoWzZj7SvZVof3F9ocznfSPvQjfAw5RC7PaysrM-pAlyGp6SekRo7OmtKMdFgeVvNRqXeHOzGwZ23fkBS_ZvHPX0gt7vlx-ht-riDEVVgQ2sNEnrX484pZZCFw8U1_UsULryHvxZQXTZLWfVrichI-XPaW_tl93z-QQEd6DDjKLnalgyqWVULnYvHGlNfUJMk6QPKv2fDORj5nVVzWsl9dfSklof1r4JlliQdXLO_B8kpsRhalon_Cxl2PVEde9EqroHUA31a45JHbdWhvOEOMgPnQClqgUBPq7-uAx-FW1wbOSBZvddqpyh8RxuV85WPcCd1C7mDytSwfpqZBP-u9ManxnXXBumbMOmBLDSIEXSfrAUzTbduin6NCmwBfn0nEvLIDyvzoDSaEHhbyyvM5KUdKnLbnFzI9o41iJVXqrRBWAsgDYFJ3lgMe9sTrt7k8kZVtq1Yji02f5743M6YhQFd6e0hRMiCEITgrzsa0MvqmqWHhBj5wO1lDLsr4Ylb4QGXm4dRdUsV8Geo7oXt3QF0n-qTpD6PLL-V3R9bL1Z2oKCMYIwUpkA7OdFZfVS0dsQ-TZ-f4wSyZbDP4A8OT2mwayc6lTI80WvVwu7WKHrrtOlpHXIy_xUqZDZjSuoOwXVKo8AET7ABJnxBBZooETidq-n2PYXLX_Qn4Mit61_S8WVncKoayYWL-UN1HdqYZFqLXUoS7TemKVx1V1_zvlxUXoyx_TZepvttjyfcQOsJw-eXFUx-bb5mC2gVZv_RWMYdrX40fEcjDgfn1HQhH9eOACcNWR2Ege6rIekkzvGMsTFNPl1vGuLXOAwRA58rd3zK39kkl-ocbtkNa0WkGMIoRgX_CuM32BBISR-HNKDX0v_dz1GqXi3193r1k1o7l5uCVXmX_powDDK6kOqaULnDSKqeJWFzyOXAesPSsbYFfwulz1ckCUq9PdbFTPiZAnCkZqEQDw&sai=AMfl-YSRQyzw5pbB3imHwrwxQR9adzQ1aa1SJzAlwNRkXdiJlq3i8AshliZfTvk5x3g6ameasfwAH_XCf9XY4pxYUrr9VigVMsaXsvdpRMFNKLA13aaqu_MpKhxG3W_s_IYNYVIB3iambPSQ_2EKI9fPNRrhC-SiBS5XaGm3-ZN1iq7GGeK0xyQ66ZO8dUuzPfJCdgcHNFhgf-_UydsiSxsSUXcuJ0u2Zv6k6znUpIb_K63GJKkMhVV6AdtuDDYWAALM7i5G2Gw&sig=Cg0ArKJSzHF1Rg3yieXjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=211&cbvp=1&cstd=207&cisv=r20230227.03105&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.kanui.com.br
URL: https://www.kanui.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Mar 2023 08:08:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 08:08:31 GMT

GET
H3 200 btn_cta_arrow.svg
s0.2mdn.net/sadbundle/7314573151872791710/ Frame 1581 366 B
298 B 23ms
23ms Image
image/svg+xml 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7314573151872791710/btn_cta_arrow.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=sxmYLT0KD1&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65ecaacea233cbd58cd42e885e80df77cbc92fc6cfd6e85f1d0e9d2852e1e7ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=sxmYLT0KD1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:44:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 563067
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 269
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 10:58:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Feb 2024 19:44:04 GMT

GET
H3 200 kia.woff
s0.2mdn.net/sadbundle/7314573151872791710/ Frame 1581 23 KB
23 KB 24ms
24ms Font
font/woff 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7314573151872791710/kia.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=sxmYLT0KD1&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4974622fff31e0fe9dcc6c31c33e3f74dfb665d2678bd876ab807506e3bab60c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=sxmYLT0KD1&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 21:37:52 GMT
x-content-type-options: nosniff
age: 556239
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23072
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 10:58:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Feb 2024 21:37:52 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D4A1 22 KB
8 KB 38ms
22ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 48532
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 18:39:39 GMT
expires: Thu, 29 Feb 2024 18:39:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adlib.css
s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/ Frame 2F18 6 KB
2 KB 24ms
23ms Stylesheet
text/css 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/adlib.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=KsF69dJw7x&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c821ac5b54d6356aa81644902d5fad10603c9a415679c081d7760dde7f7bdbd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=KsF69dJw7x&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:24:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 564223
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1924
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 09:31:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Feb 2024 19:24:48 GMT

GET
H3 200 adStyle.css
s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/ Frame 2F18 3 KB
767 B 27ms
25ms Stylesheet
text/css 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/adStyle.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=KsF69dJw7x&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be5de26b4c662c492dc47273afe90d3c778ec25998dd2a3a6f7f291c26ca5803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=KsF69dJw7x&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 10:51:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 595029
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 09:31:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Feb 2024 10:51:22 GMT

GET
H3 200 CanvaSansDisplayBold.woff
s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/ Frame 2F18 37 KB
37 KB 33ms
32ms Font
font/woff 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/CanvaSansDisplayBold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=KsF69dJw7x&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79630aa66a2fd742af143103e8114c9ea35d4308fd3523bd101a89d8b908923a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=KsF69dJw7x&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:47:12 GMT
x-content-type-options: nosniff
age: 562879
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37712
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 09:31:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Feb 2024 19:47:12 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 2F18 118 KB
40 KB 25ms
24ms Script
text/javascript 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=KsF69dJw7x&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=KsF69dJw7x&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 05:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8000
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 05:55:11 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 2F18 57 KB
23 KB 61ms
59ms Script
text/javascript 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=KsF69dJw7x&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=KsF69dJw7x&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 08:08:31 GMT

GET
H3 200 textFit.js Show response
s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/ Frame 2F18 8 KB
3 KB 29ms
27ms Script
application/x-javascript 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/textFit.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=KsF69dJw7x&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8e48ea465007a8f3473fecfbcfe2e31e0d807e98f8ab65f8b0e655779ae2b72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=KsF69dJw7x&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:29:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 563967
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2875
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 09:31:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Feb 2024 19:29:04 GMT

GET
H3 200 adlibUtils-v3.js Show response
s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/ Frame 2F18 25 KB
11 KB 32ms
30ms Script
application/x-javascript 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/adlibUtils-v3.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=KsF69dJw7x&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aefdb07258782fc3aa84dc518ab2052e5b1dad3405867fb1f9d65f816b03c12a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=KsF69dJw7x&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 02:09:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107951
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10802
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 09:31:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Feb 2024 02:09:20 GMT

GET
H3 200 animation.js Show response
s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/ Frame 2F18 3 KB
1 KB 31ms
30ms Script
application/x-javascript 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/animation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=KsF69dJw7x&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d473d1cb26421c33200e6a1e036a17e738f4ca3dce4f404b708e9f8ab4f75c82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=KsF69dJw7x&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 01:52:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108949
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1014
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 09:31:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Feb 2024 01:52:42 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 62DF 0
103 B 13ms
12ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESELiJaarRKDpxDXzrmmsX5xM&google_cver=1&google_push=Aa02lx-hi4zGL_n4ZCheHv6xUuGpkCwYq1m1dWCThb6vTmRhDP_N8fO8-lQmI7SgJvN8gbOmuM7z0yUVYDnaUQpwBH5jXTNRlEI
Requested by: Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3 200 i.match
a.tribalfusion.com/ Frame 62DF 43 B
612 B 176ms
174ms Image
image/gif 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEP0_0_9pZ3iZnTXVgogR0fs&google_cver=1&google_push=Aa02lx_U4NcZKkk_JaqkcPPMT1lJ_xtRSJUvM2f7zRikP5I-Wp2-d1z_SIluIbL2Qd3bx4DrC-cGo39jCwGxMGnTUXI398zAYVp2&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_U4NcZKkk_JaqkcPPMT1lJ_xtRSJUvM2f7zRikP5I-Wp2-d1z_SIluIbL2Qd3bx4DrC-cGo39jCwGxMGnTUXI398zAYVp2%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a1826fc3ebb9ba4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 62DF
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEKXroLI2_ISJbrY5I5tjU50&google_cver=1&google_push=Aa02lx-RXo67Inh-6CC0MLL-jmGiorSAc5eOzGI8K3IWn_MCA-y_R-0PtKjv6YaM12xjKKlC2YZAvcFg0duxW6UMjuTiIh7PYCOV
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D07EFC8E7C9D4515AC7EDD71E52A1E1F&google_push=Aa02lx-RXo67Inh-6CC0MLL-jmGiorSAc5eOzGI8K3IWn_MCA-y_R-0PtKjv6YaM12xjKKlC2YZAvcFg0duxW6U...

170 B
188 B

45ms
45ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D07EFC8E7C9D4515AC7EDD71E52A1E1F&google_push=Aa02lx-RXo67Inh-6CC0MLL-jmGiorSAc5eOzGI8K3IWn_MCA-y_R-0PtKjv6YaM12xjKKlC2YZAvcFg0duxW6UMjuTiIh7PYCOV

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Mar 2023 08:08:31 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D07EFC8E7C9D4515AC7EDD71E52A1E1F&google_push=Aa02lx-RXo67Inh-6CC0MLL-jmGiorSAc5eOzGI8K3IWn_MCA-y_R-0PtKjv6YaM12xjKKlC2YZAvcFg0duxW6UMjuTiIh7PYCOV
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 01 Mar 2023 08:08:31 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 62DF 70 B
265 B 159ms
33ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESECstUIo5krAoKrmhXR_Mspo&google_cver=1&google_push=Aa02lx_kCvhaz-6SFlXlaFscOUV4BQGqHCDFgmxZfES1RFxFE9PM4QmJBQreIXkOJOZv3ATsWKSBbqOZGlCJtaHSNlQOjJK9eT0
Requested by: Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 62DF
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEFGPTpqiUfrrzVnFGd6UZck&google_cver=1&google_push=Aa02lx9I0pGDfXUtYsKfAG34tAjt_GxsJT4lrkoYDBCLWOF1LwEVtstn2cF-rpXbX9-newdWk3b3mBzDAHOeOH0quS82LpL...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx9I0pGDfXUtYsKfAG34tAjt_GxsJT4lrkoYDBCLWOF1LwEVtstn2cF-rpXbX9-newdWk3b3mBzDAHOeOH0quS82LpLbDSB9

170 B
188 B

46ms
45ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx9I0pGDfXUtYsKfAG34tAjt_GxsJT4lrkoYDBCLWOF1LwEVtstn2cF-rpXbX9-newdWk3b3mBzDAHOeOH0quS82LpLbDSB9

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx9I0pGDfXUtYsKfAG34tAjt_GxsJT4lrkoYDBCLWOF1LwEVtstn2cF-rpXbX9-newdWk3b3mBzDAHOeOH0quS82LpLbDSB9
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 62DF
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEHKDxmVpLh1EduWYsco7jp4&google_cver=1&google_push=Aa02lx9l3GbmtauGu2OxXNOw_VoC_CpRt636zx13m8fflOn8a9t3FUuWLZldu34ksLpVWVdCiAdfZ5CSQ1eETLXi...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9l3GbmtauGu2OxXNOw_VoC_CpRt636zx13m8fflOn8a9t3FUuWLZldu34ksLpVWVdCiAdfZ5CSQ1eETLXi7affzCD-8SG9

170 B
188 B

45ms
45ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9l3GbmtauGu2OxXNOw_VoC_CpRt636zx13m8fflOn8a9t3FUuWLZldu34ksLpVWVdCiAdfZ5CSQ1eETLXi7affzCD-8SG9

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Mar 2023 08:08:31 GMT
via: 1.1 8cfc2a35d3218c50ced5f2d05f5dcbd0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: VIE50-C2
x-cache: GeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9l3GbmtauGu2OxXNOw_VoC_CpRt636zx13m8fflOn8a9t3FUuWLZldu34ksLpVWVdCiAdfZ5CSQ1eETLXi7affzCD-8SG9
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: RlJ8PDxobhYCQR7XVx8VIkzPLWq-izHApDmtkVbmID_7VHg8Eb8lBg==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 62DF
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEACJ_UjZo8z-KCZTEameRa4&google_cver=1&google_push=Aa02lx_Dl4TCDGpj8...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTA0MTc1MjA0MTQ2NDc5NzA1OQ%3D%3D&google_gid=CAESEACJ_UjZo8z-KCZTEameRa4&google_cver=1&google_push=Aa02lx_Dl4TCDGpj8b02KDbkaBnw3y8g1m...

170 B
188 B

47ms
47ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTA0MTc1MjA0MTQ2NDc5NzA1OQ%3D%3D&google_gid=CAESEACJ_UjZo8z-KCZTEameRa4&google_cver=1&google_push=Aa02lx_Dl4TCDGpj8b02KDbkaBnw3y8g1mdvAMjcAwKAq4a_9eny28Xg7QGoECRb0ePkDeczI5iRF3b8x6TXvSTz4HsWjFtOmzQDiw

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 02 Mar 2023 08:08:31 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f52c2344-8bea-4100-8a01-54aba942f6f3
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTA0MTc1MjA0MTQ2NDc5NzA1OQ%3D%3D&google_gid=CAESEACJ_UjZo8z-KCZTEameRa4&google_cver=1&google_push=Aa02lx_Dl4TCDGpj8b02KDbkaBnw3y8g1mdvAMjcAwKAq4a_9eny28Xg7QGoECRb0ePkDeczI5iRF3b8x6TXvSTz4HsWjFtOmzQDiw
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 62DF 0
12 B 44ms
43ms Image
text/html 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LQllzMriJjAwB60zHew99VDUnLNQMas0DQdp-ZOwilx5OEtaUZIPNMwhoFZm7Y0EPJv6awSw

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6E0A 0
0 58ms
57ms Fetch
image/gif 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstzjOyNFbLvxsClVL-LsIkQrV-znDuGH0l4Osgn-M20A1S5Cwe-JmBFSG7VLKKOrpwNX8432BihoZoK9e_5yqyYVOd_P-m_9gEbFGdKm8Uo1jcmnrK9PEFjX1ODjjVKlmj78sQLYsDw2EwTQc9z4fmolXccvi35D8d8rtR3nPykU0xG10Sgn7eM8UaHF_sLGhB85RMYb06oGEfM5JVm8NYj1j6GerG-7S2chYB02Rx3GJmAVT6X_LsWKLcr5J715SgM4oAO15P14PIwuHs26L5eRTf2XcwRGbwYgGFEhorkYAgl42l5IK3CfmFdDRMiaejaTpZK76NrqgQBqxxSJS3xQD-u-tQFjSOfZt-nHJfRGmEcagZt8xW2bvZUlbEpTz0b2snpp3-sC0q4iTRw8HtqFVEW_f1eY_yHeqp4Ui3XbGv8XTZXlX05pVXQLmgj40wbAHVZYv6YMwKyaAQ27L5RGv1mEeGSEsmMiQhATKWX0qdsMUDQeem1ABsdlKXTMyTTLjeS-ypQb63xs5rhQC_SEC1P9LD3CK24bJxCfAV3SB6DEekOo5Gr9HzbVnEstANISTuX_lGLOPeqn5ma6Y7Zp3ZB6wSSlsZl38ijUVqtHQn-lrE4ZFmjdGHtO7q9muu7g66XDAWSaAk_HfMRIH8CM1mjTKG8upQfvCu9Pvn0QkF4rp3x8OOEXTgq1dwUZi2Z0GictaN7DbZv6yvSCrIbyz93-sCxOFqcF-4Ay0IZbT8l1XsyNU2mmyLPbn1T_RzZMvSc6ZdiG6WVlBPXWNFGcwAlch_LnDkU6-Q9RmMC6t036krzgFAJcs_5nqwhdMGgeHN5L-FcB32lCVD3FTHBZfniHmjkM7M31TtncGT8fVogxKyuT2JlQK7AiH-tpzbW-z_GcGObssmoxmt4ohn3eM-36AWDxAN6eLFEhoKkGOKHivXtKyvJXSdxTKBNaIXXnEPv0MWhDfM51jZZrAsSfd3gGiOuTeL06ewzqLU-544T1yTgqhO1AOK74yxMdJgDj6FLhay6X2kPndedeR141xIbDNRGmFE_uXoM5EWJRz1SZKzZy1h-91aNqhsFX1n6q-4ckcPlKOTWydT3POj18F2_nds90121n_viWyBFguhaVmlAXJXxJXapKE7JXmTCqx2GyoVdknfBpsZhWf9YafrqzV3-bWhk6sqUTKfhaZ3HX0jMnfQ60Ty7NzoAjGZh90TcxAR2-HfUMyK35EY04sUN2tSC90f38kLALcxttj-nGMfZHfQ&sai=AMfl-YRFWWXJXTVK3-x8KdLAtYdK7FAZrWVjNpXuuuiaw5w77AcWMpv0-MU8LjOcSkymLkzyWpRWauzJLwjoR4Do-9Km8jo9gaxKtavzbKKCSBfVAd4y7YdeVCKKA7FMROyd7fVZiDYSznQyFEozv3acwLw9Y8IfaoRRIMERVtGYfzxp7RZRIhov8BKpcTsetmsir6S8uYgNAigcs42Il6HPz985iFoqqOucFetDMyKN01DwS0Wcg7XZSEnxIE_TvQoFEm7EqbA&sig=Cg0ArKJSzKw35NDhXqafEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=413&vt=11&dtpt=335&dett=3&cstd=75&cisv=r20230227.61044&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.kanui.com.br
URL: https://www.kanui.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 08:08:31 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3F68 22 KB
8 KB 31ms
22ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 48532
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 18:39:39 GMT
expires: Thu, 29 Feb 2024 18:39:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame D964
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESED-J2Tgq8No33CVvExwUyE8&google_cver=1&google_push=Aa02lx9Slh6oa7DC3HojVInSRyB2frgkzNCF1nkPUWEhhbtyM_0MuGqshJvb2qNm7raa4ecmTtAnscWTGNPM59ZssmmVeItIARis
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzU1MzYzNTU0NTM4NjU3ODQxNQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED-J2Tgq8No33CVvExwUyE8&google_cver=1

43 B
398 B

67ms
14ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED-J2Tgq8No33CVvExwUyE8&google_cver=1
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED-J2Tgq8No33CVvExwUyE8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D964
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMO-IXjkwGipxXgQANM7j7A&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=N1hoWkhiUXgxUHhEWms1&google_gid=CAESEMO-IXjkwGipxXgQANM7j7A&google_cver=1&google_push=Aa02lx_QBT_jVGZqm-7_aeOoEIcsZPujTF3SfKpIwp9y4yB...

170 B
188 B

46ms
46ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=N1hoWkhiUXgxUHhEWms1&google_gid=CAESEMO-IXjkwGipxXgQANM7j7A&google_cver=1&google_push=Aa02lx_QBT_jVGZqm-7_aeOoEIcsZPujTF3SfKpIwp9y4yBazrglPTQzHm27l6HoHcj1xCk0_sZ-Yc97YSGTKVRJnOcSy92qQ6gT

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 08:08:30 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-769-g9857bbc#rel-ec2-master i-0f1140a1efbb82097@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=N1hoWkhiUXgxUHhEWms1&google_gid=CAESEMO-IXjkwGipxXgQANM7j7A&google_cver=1&google_push=Aa02lx_QBT_jVGZqm-7_aeOoEIcsZPujTF3SfKpIwp9y4yBazrglPTQzHm27l6HoHcj1xCk0_sZ-Yc97YSGTKVRJnOcSy92qQ6gT
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D964
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEO8llZSdtmEclcsUMixYK4E&google_cver=1&google_push=Aa02lx_a3PqKMpMGvYq0IrNaoYdfFx8SVkqEGSodlScZYXrT25A6gVxipfteY2Vj_afh00-c9DE1x3uZjjiaLiHv...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=K3lkAFl9QwCI-azl3-cDWQ&google_push=Aa02lx_a3PqKMpMGvYq0IrNaoYdfFx8SVkqEGSodlScZYXrT25A6gVxipfteY2Vj_afh00-c9DE1x3uZjjiaLiHvA8lNns8l...

170 B
188 B

48ms
48ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=K3lkAFl9QwCI-azl3-cDWQ&google_push=Aa02lx_a3PqKMpMGvYq0IrNaoYdfFx8SVkqEGSodlScZYXrT25A6gVxipfteY2Vj_afh00-c9DE1x3uZjjiaLiHvA8lNns8lscrrlQ

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 02 Mar 2023 08:08:31 GMT
Server: MT3 530 4e92630 master cdg-pixel-x7 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=K3lkAFl9QwCI-azl3-cDWQ&google_push=Aa02lx_a3PqKMpMGvYq0IrNaoYdfFx8SVkqEGSodlScZYXrT25A6gVxipfteY2Vj_afh00-c9DE1x3uZjjiaLiHvA8lNns8lscrrlQ
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 02 Mar 2023 08:08:30 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D964
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJzJuvG5qzo3_Nxf00r4HXU&google_cver=1&google_push=Aa02lx9JCgPrQTKIZlz4mgCbkp0_wjC2ioJ1hDm5IxFvua79mg_TSh3hCejEL1DfCaeQiJD03fVWo7V1wBTYgbh0...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=QEieu5XnQ-GPEZ24hJPLNg2&google_push=Aa02lx9JCgPrQTKIZlz4mgCbkp0_wjC2ioJ1hDm5IxFvua79mg_TSh3hCejEL1DfCaeQiJD03fVWo7V1wBTYgbh0S-8weIpKLGI

170 B
188 B

45ms
45ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=QEieu5XnQ-GPEZ24hJPLNg2&google_push=Aa02lx9JCgPrQTKIZlz4mgCbkp0_wjC2ioJ1hDm5IxFvua79mg_TSh3hCejEL1DfCaeQiJD03fVWo7V1wBTYgbh0S-8weIpKLGI

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Mar 2023 08:08:31 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=QEieu5XnQ-GPEZ24hJPLNg2&google_push=Aa02lx9JCgPrQTKIZlz4mgCbkp0_wjC2ioJ1hDm5IxFvua79mg_TSh3hCejEL1DfCaeQiJD03fVWo7V1wBTYgbh0S-8weIpKLGI
x-host: tde-deliveryengine-production-cdcfc8b9-hl8df
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D964
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELh589EYG88AtK-Qhnnvquk&google_cver=1&google_push=Aa02lx8V_Zzc7imtB-oD3MxlqiN9bqU_s-V__CRBN9le8Off3qrhgk6x7LPwkhq3_XHLDTHioN9vRabO-TXGgXm_Jr6o...
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=ee53945c-f417-4adf-b091-40a270010799&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx8V_Zzc7imtB-oD3MxlqiN9bqU_s-V__CRBN9le8Off3qrhgk6x7LPwkhq3_XHLDTHioN9vRabO-TXGgXm_Jr6osZeaLGwiFQ&google_hm=KY5fBjkyQ6W1hHDFyrAAjA==

170 B
188 B

53ms
53ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx8V_Zzc7imtB-oD3MxlqiN9bqU_s-V__CRBN9le8Off3qrhgk6x7LPwkhq3_XHLDTHioN9vRabO-TXGgXm_Jr6osZeaLGwiFQ&google_hm=KY5fBjkyQ6W1hHDFyrAAjA==

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx8V_Zzc7imtB-oD3MxlqiN9bqU_s-V__CRBN9le8Off3qrhgk6x7LPwkhq3_XHLDTHioN9vRabO-TXGgXm_Jr6osZeaLGwiFQ&google_hm=KY5fBjkyQ6W1hHDFyrAAjA==
date: Thu, 02 Mar 2023 08:08:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D964
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEFGPTpqiUfrrzVnFGd6UZck&google_cver=1&google_push=Aa02lx_QxyuQ3ReAKB1y7iYSDaz-NMIBU6hjzp71Lk94M_lnVOD6c9i1xSHmjKc0aEiByyAn1VZzWt6VL5I4GIECNMu-_9i...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_QxyuQ3ReAKB1y7iYSDaz-NMIBU6hjzp71Lk94M_lnVOD6c9i1xSHmjKc0aEiByyAn1VZzWt6VL5I4GIECNMu-_9i9J1XJ-w

170 B
188 B

46ms
45ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_QxyuQ3ReAKB1y7iYSDaz-NMIBU6hjzp71Lk94M_lnVOD6c9i1xSHmjKc0aEiByyAn1VZzWt6VL5I4GIECNMu-_9i9J1XJ-w

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_QxyuQ3ReAKB1y7iYSDaz-NMIBU6hjzp71Lk94M_lnVOD6c9i1xSHmjKc0aEiByyAn1VZzWt6VL5I4GIECNMu-_9i9J1XJ-w
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D964
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEH...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx9vA8kaF79569Hooo2VVC58nabQRiCuydl-zyF_si5YgBGpjar2TtrBvYc4d7WRk43077Ik4MXbThV5aMc6iQkch53g8RcFLQ&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-fc20f249-46c5-4559-a823-125401196f30-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx9vA8kaF79569Hooo2VV...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx9vA8kaF79569Hooo2VVC58nabQRiCuydl-zyF_si5YgBGpjar2TtrBvYc4d7WRk43077Ik4MXbThV5aMc6iQkch53g8RcFLQ&google_hm=A_wg8klGxUVZqCMSVAEZbzA

170 B
188 B

48ms
48ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx9vA8kaF79569Hooo2VVC58nabQRiCuydl-zyF_si5YgBGpjar2TtrBvYc4d7WRk43077Ik4MXbThV5aMc6iQkch53g8RcFLQ&google_hm=A_wg8klGxUVZqCMSVAEZbzA

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx9vA8kaF79569Hooo2VVC58nabQRiCuydl-zyF_si5YgBGpjar2TtrBvYc4d7WRk43077Ik4MXbThV5aMc6iQkch53g8RcFLQ&google_hm=A_wg8klGxUVZqCMSVAEZbzA
date: Thu, 02 Mar 2023 08:08:31 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXfc20f24946c54559a823125401196f30003
content-type: text/html

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D964 0
12 B 51ms
46ms Image
text/html 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JII8kHCxhWQUJyB4QEqS9gmfL_8SR5pEpyba388YH_p8m-qBrDRjOD_kuo2YRJZXL8Flsf

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2574 22 KB
8 KB 32ms
25ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 48532
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 18:39:39 GMT
expires: Thu, 29 Feb 2024 18:39:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 i.match
a.tribalfusion.com/ Frame 72CA 43 B
574 B 184ms
184ms Image
image/gif 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEP0_0_9pZ3iZnTXVgogR0fs&google_cver=1&google_push=Aa02lx-c0Kc2_4biKA-YL_WRWzXxPp50brCY9ZacU5jMVvZQC1b_34wMFCpVfDdxssuUeicuSG0wyvlwOks56hfhU07LBTYvzK0h&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-c0Kc2_4biKA-YL_WRWzXxPp50brCY9ZacU5jMVvZQC1b_34wMFCpVfDdxssuUeicuSG0wyvlwOks56hfhU07LBTYvzK0h%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a1826fc6f079ba4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 72CA
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOn0GPzZp0f_E7M-h-2_3v8&google_cver=1&google_push=Aa02lx95dvyQeX1VEN0F_V8IqxDGPuNUYjeBxhdn9VsXgEveL-5kaTbX5yXnnYYXd6mt8Co1pKpFih52VM2JU6...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwNTg1NzgxMDA5NjcxNTkxOQ%3D%3D&google_push=Aa02lx95dvyQeX1VEN0F_V8IqxDGPuNUYjeBxhdn9VsXgEveL-5kaTbX5yXnnYYXd6mt8Co1pKpFih52VM2JU6SwXE...

170 B
188 B

46ms
45ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwNTg1NzgxMDA5NjcxNTkxOQ%3D%3D&google_push=Aa02lx95dvyQeX1VEN0F_V8IqxDGPuNUYjeBxhdn9VsXgEveL-5kaTbX5yXnnYYXd6mt8Co1pKpFih52VM2JU6SwXEJG4E8Wwvdw

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwNTg1NzgxMDA5NjcxNTkxOQ%3D%3D&google_push=Aa02lx95dvyQeX1VEN0F_V8IqxDGPuNUYjeBxhdn9VsXgEveL-5kaTbX5yXnnYYXd6mt8Co1pKpFih52VM2JU6SwXEJG4E8Wwvdw
Date: Thu, 02 Mar 2023 08:08:32 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 dds
rtb.openx.net/sync/ Frame 72CA 43 B
351 B 106ms
16ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEP3wfwv_CGfe7G5brVEtPGk&google_cver=1&google_push=Aa02lx9b89kHPUJhxWDym5Tn-4Sh_mcniMYh7t0HxG_uZBDdiyUPe3paL4PLbFzQRuiSj_-R8H0U9xkqQN-gzJCjZCt8SPcYx-Q
Requested by: Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: fapbvn6iv96ej2msffrnsh6bils0jgtp

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 72CA
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEK1DtALz0RqLw3Z1nFZjM8o&google_cver=1&google_push=Aa02lx-lhZa8jc5jNYQtZ956QNP2ieFKCuKi_Zhk56Pbzi8A4T1IFqjfSGUBj6PuE-eqbb3Sa7kBjQp1_q5W1vkKw...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-lhZa8jc5jNYQtZ956QNP2ieFKCuKi_Zhk56Pbzi8A4T1IFqjfSGUBj6PuE-eqbb3Sa7kBjQp1_q5W1vkKwwobLXAwqoVR&google_hm=GPfosGZHN9Nl8nW5Rda9EyYp

170 B
188 B

47ms
46ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-lhZa8jc5jNYQtZ956QNP2ieFKCuKi_Zhk56Pbzi8A4T1IFqjfSGUBj6PuE-eqbb3Sa7kBjQp1_q5W1vkKwwobLXAwqoVR&google_hm=GPfosGZHN9Nl8nW5Rda9EyYp

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 02 Mar 2023 08:08:31 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-lhZa8jc5jNYQtZ956QNP2ieFKCuKi_Zhk56Pbzi8A4T1IFqjfSGUBj6PuE-eqbb3Sa7kBjQp1_q5W1vkKwwobLXAwqoVR&google_hm=GPfosGZHN9Nl8nW5Rda9EyYp
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 72CA
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBXRAGyAcwr-wX6Pf6OiM7U&google_cver=1&google_push=Aa02lx_py6j_9c1LzAoD6zBjDEx_vtVLi7ICNj1j-XpD9UH98yBYF_EwgO1plW_UFztKQ_9QQbjVlcRuQ4H...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_py6j_9c1LzAoD6zBjDEx_vtVLi7ICNj1j-XpD9UH98yBYF_EwgO1plW_UFztKQ_9QQbjVlcRuQ4H9PkcN0-8pdkDJiHU4sQ
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

7ms
7ms

Image
text/plain

51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 72CA
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEACJ_UjZo8z-KCZTEameRa4&google_cver=1&google_push=Aa02lx9V97EJlV3sR...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTA0MTc1MjA0MTQ2NDc5NzA1OQ%3D%3D&google_gid=CAESEACJ_UjZo8z-KCZTEameRa4&google_cver=1&google_push=Aa02lx9V97EJlV3sRSjElWLIHwr4xgsMx1...

170 B
188 B

49ms
48ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTA0MTc1MjA0MTQ2NDc5NzA1OQ%3D%3D&google_gid=CAESEACJ_UjZo8z-KCZTEameRa4&google_cver=1&google_push=Aa02lx9V97EJlV3sRSjElWLIHwr4xgsMx1NhJ1xq94Pg696Czv9rJrRXr0MSxf2Qe11yN0Byd-V1TTRJit6IGCgX8le3gzPdMKXTaA

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 02 Mar 2023 08:08:31 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 769efe62-dca4-40e7-81b8-99124bb310c2
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTA0MTc1MjA0MTQ2NDc5NzA1OQ%3D%3D&google_gid=CAESEACJ_UjZo8z-KCZTEameRa4&google_cver=1&google_push=Aa02lx9V97EJlV3sRSjElWLIHwr4xgsMx1NhJ1xq94Pg696Czv9rJrRXr0MSxf2Qe11yN0Byd-V1TTRJit6IGCgX8le3gzPdMKXTaA
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 72CA
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEMgi6X-WE...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=298e5f06-3932-43a5-b584-70c5cab0008c&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

48ms
47ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=298e5f06-3932-43a5-b584-70c5cab0008c&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=298e5f06-3932-43a5-b584-70c5cab0008c&%%GOOGLE_PUSH_PAIR%%
date: Thu, 02 Mar 2023 08:08:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 72CA 0
12 B 45ms
43ms Image
text/html 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L9QMjyVZbcFNt6Z9A8j3AjM5u1xMIUJlJmntpMnawy9Y6UXGHUt1xkULV1ap485f1HH_caArMR

Requested by

Host: 01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
URL: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1581 8 KB
6 KB 98ms
97ms XHR
application/json 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d88a665187f06439b6438701ee783485b564d1265fb60ceef89e92c0682d876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5818
x-xss-protection: 0

GET
H3 200 logo_kia.svg
s0.2mdn.net/sadbundle/7314573151872791710/ Frame 1581 1 KB
712 B 26ms
25ms Image
image/svg+xml 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7314573151872791710/logo_kia.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4caec19fb48c8b123d8f1dd3443f2bd70863adf6408db3ea83b1ee46df65c454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=sxmYLT0KD1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 17:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 572441
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 10:58:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Feb 2024 17:07:50 GMT

GET
H3 200 23717839_20220615075643717_bg_01.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame 1581 19 KB
19 KB 38ms
36ms Image
image/jpeg 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20220615075643717_bg_01.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f328071d6119835e6025e48e22203eed87b54067813981831f5e469bb523c780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=sxmYLT0KD1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 13:37:50 GMT
x-content-type-options: nosniff
age: 66641
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19595
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 14:56:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 13:37:50 GMT

GET
H3 200 23717839_20220615081116271_bg_02.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame 1581 34 KB
34 KB 29ms
27ms Image
image/jpeg 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20220615081116271_bg_02.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

544cb2e368882bf4e1341a43477f13142aec71f89b6bf64ad3ce0b613c113b91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=sxmYLT0KD1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 08:52:51 GMT
x-content-type-options: nosniff
age: 83740
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35267
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 15:11:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 08:52:51 GMT

GET
H3 200 23717839_20220615075637588_bg_03.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame 1581 23 KB
23 KB 28ms
27ms Image
image/jpeg 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20220615075637588_bg_03.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f60030e5c7232161f76d372cd4220166d1a7bcec41ffb61782ebb515833f131

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=sxmYLT0KD1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 09:31:13 GMT
x-content-type-options: nosniff
age: 81438
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23255
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 14:56:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 09:31:13 GMT

GET
H3 200 23717839_20220615075640725_bg_04.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame 1581 23 KB
23 KB 37ms
35ms Image
image/jpeg 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20220615075640725_bg_04.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c1eb37479aeddf24f24c9f7d4cbfed1fe743837026d80cf2b7fb39da59abd9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=sxmYLT0KD1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 09:31:13 GMT
x-content-type-options: nosniff
age: 81438
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23055
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 14:56:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 09:31:13 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame A6A1 118 KB
40 KB 26ms
24ms Script
text/javascript 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=pJzTncXvUy&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=pJzTncXvUy&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 05:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8000
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 05:55:11 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame AD0F 118 KB
40 KB 23ms
23ms Script
text/javascript 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=kNUwJd80MJ&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=kNUwJd80MJ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 05:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8000
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 05:55:11 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1581 17 KB
6 KB 98ms
98ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 08:08:31 GMT

GET
H3 200 btn_cta_arrow.svg
s0.2mdn.net/sadbundle/7024728442041512453/ Frame A6A1 363 B
307 B 23ms
23ms Image
image/svg+xml 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7024728442041512453/btn_cta_arrow.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=pJzTncXvUy&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47a278025cea905349e975bf082b6d027e22a536a4b3d370afeb04d8fc5b2ca4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=pJzTncXvUy&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127879
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 265
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 10:58:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Feb 2024 20:37:12 GMT

GET
H3 200 kia.woff
s0.2mdn.net/sadbundle/7024728442041512453/ Frame A6A1 23 KB
23 KB 23ms
23ms Font
font/woff 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7024728442041512453/kia.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=pJzTncXvUy&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4974622fff31e0fe9dcc6c31c33e3f74dfb665d2678bd876ab807506e3bab60c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=pJzTncXvUy&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:50:24 GMT
x-content-type-options: nosniff
age: 55087
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23072
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 10:58:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Feb 2024 16:50:24 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame CE54 0
0 58ms
57ms Fetch
image/gif 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuxJCp7uT9VYf58YoOPTb95X7HdVc3d1uE1ykzY8ZaecKbT7w9IZUUhG3wq6yXbYSjbsuSDqnDbEMkNedzq6xLhNyGf56WJbeQK7Vl4HimT_Tav2pKYvlOvwCiuhr2dfwLezgavtr_ZfDhJg8Xbt3eTWvtbmzHQkiOmR0R4puUGWyzgv0fmsdGokTE_cYTpQ9_wrYpbiPd4_CCA63UKy9Bz_wLtAkVhJbCz_G7ywAteNCoLcFFYMXiu2pAAsuHqQ-5WBed2GCP_8J2R8B0qzl010YFtrPvraz3wRJgwmzvxav5rf4KcLCZp54J90z8NBscW5OqM_zs6YRVMcU2et0aNbLL6JGW8A_EDahIDspMgZkD_-FRy-5FCjKuuT5LLnzH0-aDbynf4xnCcHz-YW-QSo5H5waUAb5kPDHqK9Lpcd1Mu-bDv9_QyGIhfWgg3Op9HRLFK8eaFPWhTlynnyWUJR6NLxBTuhkGn3E939ahurlJu-wxuyMtKAYWAVuqOSTLjZ83TmT7iI32MMnz9Oe_Ftx-Y6_iA-fj2W-pH0g_BdZi5-_Y5K2ffzeQwmvEeN9m049DPZz929HYk8uFLZ7iRE5b--wNEqYkrK-YOCwrt28-QNh-hPmvT60HhDq5v45RVt-rAzq5AsLbv9gWz_vnI0amXpK6wwvBeRR5toAr_cAb0j-dr4fkLWeMn3HMjWtewwOvYHbwr2LaMjW0Sz0ffuZh3-3hW7U0JbI3puxdPE_Qirc6hL82pmiv6dtbpgk5GPYwnzA9G-7r1SgQZ3lJTaEVYuSfXS3ssXL0sZ0K2aov_imZ5x_VSTBOEQsu7dyyiHBt0WlT4qaxmR9Vrgcbn5CV3pZuF3fH-LAAKjeJMIazNAYkFN9z1UyKv-o5gv4YA3CPYhbQKmqyNye9Uc9ihRRB8Xu3VeH029XjrZHCawgEM2paJUZDdhDc8E8BQPlF-LaxOIbaCRPtI-Z6ZSkcvEA--Ao3EdeOWNJ_gqBa6-gVcJoswiNlngnfyJf4eFAcvm2WArRkK3r2eBm--7GrW8T5GgEby2coe4RL6q-XAAh_2yvyL_sztaLU8P5DWXgte0ikNChoSOou9v0DOCFC2moMV-CtVBlv0Ct4F8yjKomhNx-M8zc8qdxDPST4EgTJOAaYA-XT2vcnlf5SIyk5GhdybBt4wDYwK8Rf6pIiEh6SLmG_Kh7ztpJe9m_i-5ZfD9oeqAwtOddnl8pax1_RLGZBPU58bDJ1eRBk7eh-EdM5_ogUzOt8C74QCJCdp&sai=AMfl-YS8QRsgfB-K94E3GyWpZMQ-Y3NtvfrWxzKzb7n59BhApvBTXGNhmxtK66ixGQIxkqpCYJCWMNwVktI01D6DXS0afk-8lhAmDGD4b3e5lBWUZFRyJViaJetFeBWCkYC6CdowobIhwoGLVAd1WPBW3ZcmCQ1IEmm1T0uaUHcbHe0md-QNe7GDs0k9Hx56SmVQnWZvCaKDYJcVq-NKyYWUGV7i16e8lPWKIeNa9AlVU6E09dCsr2pqnlzRI0R1L2Q9BCfuoMiiT25ueuV4ss6NGIrvzOlCIoETDw&sig=Cg0ArKJSzIKq6ke3ntuFEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=529&vt=11&dtpt=365&dett=3&cstd=126&cisv=r20230227.81774&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.kanui.com.br
URL: https://www.kanui.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 08:08:31 GMT

GET
H3 200 H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js Show response
pagead2.googlesyndication.com/bg/ Frame D4A1 36 KB
14 KB 23ms
23ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f618aeae3ef8800f20ca9e7b2313104b64c81e24aad04f306665e66555f6b09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:39:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48559
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14309
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 18:39:12 GMT

GET
H3 200 H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js Show response
pagead2.googlesyndication.com/bg/ Frame 3F68 36 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f618aeae3ef8800f20ca9e7b2313104b64c81e24aad04f306665e66555f6b09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:39:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48559
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14309
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 18:39:12 GMT

GET
H3 200 H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js Show response
pagead2.googlesyndication.com/bg/ Frame 2574 36 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f618aeae3ef8800f20ca9e7b2313104b64c81e24aad04f306665e66555f6b09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:39:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48559
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14309
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 18:39:12 GMT

GET
H3 200 btn_cta_arrow.svg
s0.2mdn.net/sadbundle/7024728442041512453/ Frame AD0F 363 B
307 B 25ms
23ms Image
image/svg+xml 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7024728442041512453/btn_cta_arrow.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=kNUwJd80MJ&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47a278025cea905349e975bf082b6d027e22a536a4b3d370afeb04d8fc5b2ca4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=kNUwJd80MJ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127879
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 265
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 10:58:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Feb 2024 20:37:12 GMT

GET
H3 200 kia.woff
s0.2mdn.net/sadbundle/7024728442041512453/ Frame AD0F 23 KB
23 KB 25ms
23ms Font
font/woff 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7024728442041512453/kia.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=kNUwJd80MJ&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4974622fff31e0fe9dcc6c31c33e3f74dfb665d2678bd876ab807506e3bab60c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=kNUwJd80MJ&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:50:24 GMT
x-content-type-options: nosniff
age: 55087
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23072
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 10:58:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Feb 2024 16:50:24 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 12E3 0
0 57ms
57ms Fetch
image/gif 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvzoayqtVXE9nlLNP4Ffo0To_p59SLVtGSdX5_1_etmbI-Hm-mSqrvVR2GU3zhRC9kAUuSKY0qY9vH2Dq7ZuYo2xZztjEXqtHhhV2SFNVBAesHcf6X_qC9XtpqbaD8p1s7kigLVLG01mqpUe5rvzTBYTffHMSczoVpC_V_hX8Ch4sKfaLxcKH6rWw74qA-ry8jcQG51mTv5LrvDJe-o4-X_ZDbwRbqnWcLSyB84JyN1fYMX-jya5QHwJ2WzG7V3Ur-xbaweAD0iuFh0hgZTrzq2N-EGfnSK3iPyMK8ZplxqY8Em9ZolTpPEcYFTc-z9SFKndJwr81EndjO_MUUWd9UwsEixwoYe9DmUdlspBeOB8Uu6XPjI3uL9_pjhG0twaWQ5ya8CBAjjQLXsBWjM1zshkoqkGnSh55JrSCMu5INxBOl01za5jMxzn7bMFMWTEeMCokWTNRNC4ZN454l7X215HO9lbz9V8DY_Qf2njUQfETEsXvvYGO9w22HOh5Rx2RsQhBi3SYPr92dHsq_xPMTJ-HoQB1D3DN7jI1rlmZqtb5xc_5DVcdRvTXaJ7Giq2h9LMg_cS0uvy2PiVOfSUQctVAsH1tw0EDfVzlm2yvBghz_csMEq0zcg9GeS-p9ACXxO53It0vlQh2hpIHDKvJPGhLNTH7BM8C2A2l2KxA6_pin3ax-IIERYEoHVkNc2weoPsxLgVxrxaf0bQ-ka0OfnVThlXyCu4o9DO2LvhIWcq2Hnoek1fLrEhzfGo7AKjohzzW-4r92rIn48nsSs5wdvwVzWvpNV5pjJnUKwkJJBGEF3s4xz9N7fakE4BsnSx7bh9Oh5lzTuzzyQVxQu8GcbM94uOR9uXa9mjuC5vjnNx_F-44lbOTzt0GGwQ1dzVqrp-mDQ13Z_q6os8WMO4qmP8vrJGBFYUYWCrwmBHrogAtQgbLFe3Q6zsufimnyRSVioobmlrOv-zqxKBQFVtPi--9Y8W-XiPzclEQ4oHj5lZkrfxbvSb0_oQdk_34ws0j3UyHTZoT1AXd7Ts0s7NibHnh7qhtHx-IM5KnW4s1H0x2hfvJeV3ZUvxY0oGw3Hbsm7sXBd1zJlUY8x711qmmu5mJ8S_ZkGvaFQCVZ6QiCRuT7MMOBkaY2IR6St6DVSTyKlRF71lPu14SFQLZZdqwaiTwD0OR2d3xgk_3KgarQf7i_4K-RL_9mLK3oLCaBGsIjNSjf3LQ1T_XmPgyMchYbf-ndSdWMgRyRalbRmKdm7pW-Z6TTIRd_DnMhSOW1D3VZ2IBY&sai=AMfl-YRomPUXLh8ZLifGnjsmJqwB1LHgMPXrIsOum9ZMoWgafrZLRb4D7P7rzQ_g-V-V4mSLL_oUkIOZlwg0X-BqF_rmMYjNODTec0S-k404Jna4eSa8f_yGiB2YvWhWd_F-7QUjr_F1botSMVZkmbF_VvvDFmHUFXMuGwhD6ZA5WuZ7lKv9ohAaAebKchK7uGZiHI6pJoXDsiZ5BjFbQ8zLTcTlxqpDjeKgkYkptStZTp9NiWaWZ197ggzt0m2r5_QjiMMwPVw&sig=Cg0ArKJSzCmNBwlbqrMSEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=547&vt=11&dtpt=341&dett=3&cstd=202&cisv=r20230227.84063&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.kanui.com.br
URL: https://www.kanui.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 08:08:31 GMT

GET
H/1.1 200
OK nmg_tag.json Show response
colrep.sitelabweb.com/ 89 B
513 B 8ms
7ms Script
application/json 3.122.81.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://colrep.sitelabweb.com/nmg_tag.json
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.81.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-81-162.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c1ceb0ef6a7b11e3a5b95f55e4149d85084d00a5d5d6b64123d9227336478790

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 08:08:31 GMT
Server: nginx
etag: 694-1677744511.679-81482803034fc59af1ab02915512d599-533
Access-Control-Allow-Methods: POST,GET,OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
cache-control: max-age=31536000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With,Content-Type
Content-Length: 89

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A6A1 7 KB
6 KB 67ms
67ms XHR
application/json 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f1eb4ae0338391d6751512bceb10890f9d885c8f8f8f377fa3c6ef083df61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5644
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame AD0F 7 KB
5 KB 67ms
67ms XHR
application/json 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db48d78d653ab790be2ecec5f5370bb3330f156dcede55baa6e662df7ae35654

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5608
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3791 0
0 58ms
58ms Fetch
image/gif 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvnAqPe43RwydlGI8LdZ704Y-KAETsffbAZAQetMW-j-se2uXm7amCjSdFN1tl7voFLp9EYo9flBbXXcAc-UTV3N0IqRjBHCc-Xo9MCbZTRR-oMwVKIpzO0uFKZTRP0jMxw18m8fqyghZWfkWm7stHrgDUQvMtU-FjLWD1l29PijzMS5kiqqMYMJOrnN3Qs6hZ8n8dFdzUfjwxcXJLcGwfu0RJp-52dy9CUDWFl80Q-7s-sYlB147KpDGXM2M1Nx6eO8iTmp2qsb_KdAxBYrXwrNtinnFs3H1HaJqjJBGUJWwbcN9JEm00lmUEFOoWzZj7SvZVof3F9ocznfSPvQjfAw5RC7PaysrM-pAlyGp6SekRo7OmtKMdFgeVvNRqXeHOzGwZ23fkBS_ZvHPX0gt7vlx-ht-riDEVVgQ2sNEnrX484pZZCFw8U1_UsULryHvxZQXTZLWfVrichI-XPaW_tl93z-QQEd6DDjKLnalgyqWVULnYvHGlNfUJMk6QPKv2fDORj5nVVzWsl9dfSklof1r4JlliQdXLO_B8kpsRhalon_Cxl2PVEde9EqroHUA31a45JHbdWhvOEOMgPnQClqgUBPq7-uAx-FW1wbOSBZvddqpyh8RxuV85WPcCd1C7mDytSwfpqZBP-u9ManxnXXBumbMOmBLDSIEXSfrAUzTbduin6NCmwBfn0nEvLIDyvzoDSaEHhbyyvM5KUdKnLbnFzI9o41iJVXqrRBWAsgDYFJ3lgMe9sTrt7k8kZVtq1Yji02f5743M6YhQFd6e0hRMiCEITgrzsa0MvqmqWHhBj5wO1lDLsr4Ylb4QGXm4dRdUsV8Geo7oXt3QF0n-qTpD6PLL-V3R9bL1Z2oKCMYIwUpkA7OdFZfVS0dsQ-TZ-f4wSyZbDP4A8OT2mwayc6lTI80WvVwu7WKHrrtOlpHXIy_xUqZDZjSuoOwXVKo8AET7ABJnxBBZooETidq-n2PYXLX_Qn4Mit61_S8WVncKoayYWL-UN1HdqYZFqLXUoS7TemKVx1V1_zvlxUXoyx_TZepvttjyfcQOsJw-eXFUx-bb5mC2gVZv_RWMYdrX40fEcjDgfn1HQhH9eOACcNWR2Ege6rIekkzvGMsTFNPl1vGuLXOAwRA58rd3zK39kkl-ocbtkNa0WkGMIoRgX_CuM32BBISR-HNKDX0v_dz1GqXi3193r1k1o7l5uCVXmX_powDDK6kOqaULnDSKqeJWFzyOXAesPSsbYFfwulz1ckCUq9PdbFTPiZAnCkZqEQDw&sai=AMfl-YSRQyzw5pbB3imHwrwxQR9adzQ1aa1SJzAlwNRkXdiJlq3i8AshliZfTvk5x3g6ameasfwAH_XCf9XY4pxYUrr9VigVMsaXsvdpRMFNKLA13aaqu_MpKhxG3W_s_IYNYVIB3iambPSQ_2EKI9fPNRrhC-SiBS5XaGm3-ZN1iq7GGeK0xyQ66ZO8dUuzPfJCdgcHNFhgf-_UydsiSxsSUXcuJ0u2Zv6k6znUpIb_K63GJKkMhVV6AdtuDDYWAALM7i5G2Gw&sig=Cg0ArKJSzHF1Rg3yieXjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=604&vt=11&dtpt=393&dett=3&cstd=207&cisv=r20230227.03105&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.kanui.com.br
URL: https://www.kanui.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 08:08:31 GMT

GET
H3 200 motif.svg
s0.2mdn.net/sadbundle/7024728442041512453/ Frame A6A1 451 B
352 B 23ms
23ms Image
image/svg+xml 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7024728442041512453/motif.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

524c55c8d2300cce448d346b995650dc7fcd703ab0c3734c057147b5c69d3773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=pJzTncXvUy&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:41:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 538033
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 10:58:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 24 Feb 2024 02:41:18 GMT

GET
H3 200 logo_kia.svg
s0.2mdn.net/sadbundle/7024728442041512453/ Frame A6A1 1 KB
713 B 28ms
27ms Image
image/svg+xml 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7024728442041512453/logo_kia.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4caec19fb48c8b123d8f1dd3443f2bd70863adf6408db3ea83b1ee46df65c454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=pJzTncXvUy&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23040
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 10:58:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Mar 2024 01:44:31 GMT

GET
H3 200 23717839_20211026020519412_bg_01.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame A6A1 29 KB
29 KB 25ms
24ms Image
image/jpeg 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20211026020519412_bg_01.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fd323d8762bfe107930a69fab5d99df2b9eb7fcf1e266bfc801113a0d4d9620

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=pJzTncXvUy&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:30:15 GMT
x-content-type-options: nosniff
age: 56296
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29911
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 09:05:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 16:30:15 GMT

GET
H3 200 23717839_20211026033458094_bg_02.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame A6A1 30 KB
30 KB 26ms
25ms Image
image/jpeg 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20211026033458094_bg_02.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7993d2d8d1e84feef5eaa4d8c9dcbc44367875122baa1b6760d9150711f4577

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=pJzTncXvUy&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 08:38:02 GMT
x-content-type-options: nosniff
age: 84629
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30908
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 10:34:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 08:38:02 GMT

GET
H3 200 23717839_20211026020525850_bg_03.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame A6A1 29 KB
29 KB 29ms
28ms Image
image/jpeg 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20211026020525850_bg_03.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3435b89855d83510f5b3dcc3d0bfe4d8b7848a76c218d939fa4cbcc43d004f02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=pJzTncXvUy&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 08:38:02 GMT
x-content-type-options: nosniff
age: 84629
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29523
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 09:05:25 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 08:38:02 GMT

GET
H3 200 23717839_20211026033502008_bg_04.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame A6A1 33 KB
33 KB 28ms
27ms Image
image/jpeg 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20211026033502008_bg_04.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f144c4faf434bfe66e01058d20974e19961adab4808beaaf9735871e930d4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=pJzTncXvUy&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:30:15 GMT
x-content-type-options: nosniff
age: 56296
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33944
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 10:35:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 16:30:15 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2F18 7 KB
6 KB 65ms
65ms XHR
application/json 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c36b6b0b823bcc30af2e567196f94ac5e981d3c429e9cc7377b701abedb286e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5715
x-xss-protection: 0

GET
H3 200 H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js Show response
pagead2.googlesyndication.com/bg/ Frame 68E2 36 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f618aeae3ef8800f20ca9e7b2313104b64c81e24aad04f306665e66555f6b09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:39:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48559
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14309
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 18:39:12 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ED66 0
20 B 58ms
57ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHlgVflkAZIvcN6KKjuwP08CqiAwAAAAAOAHgBAI&bg=!KyilKHzNAAbK-VRH6vk7ADkAdvg8WnXXIOSujivr4yUEke_yxOEDoegy4EWHzIew00FGiI3DCcI34WGMW_SlzoKg8qbK9DsTvHwCAAABS1IAAAACaAEHCgBu2_JqnfE8oxDf1Mtnq5f27RWa1nWV3RKIu5ObWM6E6FTVAAsaxqeWNS1xH-McZI3Xo27oENHEeBBpVog1eeGxu_dLZAm9S0HXSR6U-b9ajbNNRNkVXqdPgcnhyneUAHcHMMiF7lA-p7MybvFCF6eZAvdCE7r3Cu3pstW2jPJJmaZBx0zGKVJOcR_p6zM9GS8ANySNqpVSXJZBUUfQVk7KnTn_GiTatPGaCMnenLnjTroGKVbzEQEshG5qQ1zcihBSL2TuvSrUvGJfroRQthSYlsXigskLtdUmfgT5vUHgU2GZrWYj5Ys4t_bWlqXUk70ES__Kz-71zl0quE2mx5j97m1KmC62jylVrr4wNHNotUAawz9hq_1Re8-jCDrLgi27AYowWTen17BBTgAyaYH5FKISgEiiMVIKLQ609tlPtHKG8SoQ2eM_LANTHWxSGIPl-vCWLUsXLILUXhm1XkVrYKIf65bDNBheZxsDARXrn5UXaNyqmcvSGm9iFPRgqkIslN89PbJqr-GFO0q5YlP2m7D3ET-W_KuzSLjv-8IMSdPHHpfaVcnsY3e4hWQR1A5VKkdHa4Efc2liLZegPNNX3G6o2sc0YGvBz1yP-Ga8XHhb3_se4Oispsfvt4kryn7Q8__G1N8XuF7U93_ESFiKph_va572NVjtYoOxOp-5EnROP4xn8PVojqLBZNsnlcVlW_vhuMgIFl9MhuA7nxJDx3stlwdZLSUI9Ew_piPuLjWNrqykGk_W4sfkfRTiam7AJ06unkDZonVsduCRle0-NuQjh7Y6Reh7JFBts9txKP1JMJBjkb1urQDuJhl01hKIB-9crS-8FlB8V_uV2NMAKl6OSpEPXxw4fB7sIusrG4apo9Yqv3cnsxshUfI4ZSSADaxtv6iasQigZkkajxG2V_llNyVFWLSGRVlWuL3y3mmabFogHoLzOjSDVBfBn2a9t-RGNjh87i6GNahImZJYYVkTNbsIDWSRyYouTDgho7y6s5me11VyQHJ4Rj44u_WQzSyaTphXPfZIXP-FE6i4Giw625hhz-5oLJJPW3zjJeR7m_QdnYSW27tqqRL2yZaWoPaGZwHOM4t3WmzDy9kbizslYii37siDgEbcQ8-R6Oj7MjqeEyIde9hG0f07HxG99Th2ODnAmbM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sid Show response
session.sitelabweb.com/ 197 B
366 B 36ms
36ms XHR
application/json 52.209.246.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://session.sitelabweb.com/sid?userId=694-1677744511.679-81482803034fc59af1ab02915512d599-533&clientTag=DADJEF833
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.246.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-246-127.eu-west-1.compute.amazonaws.com
Software: nginx / Express
Resource Hash: 6c615f263afbf4834a3dbd15d78c3d53eb712cfa513ada4aae983739a71e76cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 02 Mar 2023 08:08:31 GMT
server: nginx
x-powered-by: Express
content-length: 197
etag: W/"c5-xEjYYUygU7rlL6L+9ladCbVIvHo"
content-type: application/json; charset=utf-8

GET
H3 200 motif.svg
s0.2mdn.net/sadbundle/7024728442041512453/ Frame AD0F 451 B
352 B 23ms
23ms Image
image/svg+xml 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7024728442041512453/motif.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=kNUwJd80MJ&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

524c55c8d2300cce448d346b995650dc7fcd703ab0c3734c057147b5c69d3773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=kNUwJd80MJ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:41:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 538033
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 10:58:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 24 Feb 2024 02:41:18 GMT

GET
H3 200 logo_kia.svg
s0.2mdn.net/sadbundle/7024728442041512453/ Frame AD0F 1 KB
713 B 24ms
23ms Image
image/svg+xml 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7024728442041512453/logo_kia.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=kNUwJd80MJ&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4caec19fb48c8b123d8f1dd3443f2bd70863adf6408db3ea83b1ee46df65c454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=kNUwJd80MJ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23040
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 10:58:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Mar 2024 01:44:31 GMT

GET
H3 200 23717839_20211026020519412_bg_01.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame AD0F 29 KB
29 KB 25ms
24ms Image
image/jpeg 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20211026020519412_bg_01.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=kNUwJd80MJ&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fd323d8762bfe107930a69fab5d99df2b9eb7fcf1e266bfc801113a0d4d9620

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=kNUwJd80MJ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:30:15 GMT
x-content-type-options: nosniff
age: 56296
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29911
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 09:05:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 16:30:15 GMT

GET
H3 200 23717839_20211026033458094_bg_02.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame AD0F 30 KB
30 KB 26ms
25ms Image
image/jpeg 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20211026033458094_bg_02.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=kNUwJd80MJ&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7993d2d8d1e84feef5eaa4d8c9dcbc44367875122baa1b6760d9150711f4577

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=kNUwJd80MJ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 08:38:02 GMT
x-content-type-options: nosniff
age: 84629
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30908
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 10:34:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 08:38:02 GMT

GET
H3 200 23717839_20211026020525850_bg_03.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame AD0F 29 KB
29 KB 28ms
27ms Image
image/jpeg 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20211026020525850_bg_03.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=kNUwJd80MJ&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3435b89855d83510f5b3dcc3d0bfe4d8b7848a76c218d939fa4cbcc43d004f02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=kNUwJd80MJ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 08:38:02 GMT
x-content-type-options: nosniff
age: 84629
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29523
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 09:05:25 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 08:38:02 GMT

GET
H3 200 23717839_20211026033502008_bg_04.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame AD0F 33 KB
33 KB 31ms
30ms Image
image/jpeg 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20211026033502008_bg_04.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=kNUwJd80MJ&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f144c4faf434bfe66e01058d20974e19961adab4808beaaf9735871e930d4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=kNUwJd80MJ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:30:15 GMT
x-content-type-options: nosniff
age: 56296
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33944
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 10:35:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 16:30:15 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A6A1 17 KB
6 KB 73ms
73ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 08:08:31 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame AD0F 17 KB
6 KB 161ms
161ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 08:08:31 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2F18 17 KB
6 KB 150ms
149ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 08:08:31 GMT

GET
H3 200 frame1Background.png_1676955712614_frame1Background.png
s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v2/partners/633cdb43c2dff55335fd416b/assets/concepts/634e1187c2dff56bd63c1f5d/templates/639824379069882f4d3c71b0/content/ Frame 2F18 195 KB
195 KB 29ms
26ms Image
image/png 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v2/partners/633cdb43c2dff55335fd416b/assets/concepts/634e1187c2dff56bd63c1f5d/templates/639824379069882f4d3c71b0/content/frame1Background.png_1676955712614_frame1Background.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f088c64037818e781f6357d237de7dfb8b1800b2d27a222b79e08aff9b6c96ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=KsF69dJw7x&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 06:40:25 GMT
x-content-type-options: nosniff
age: 178086
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 199187
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 05:02:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Feb 2024 06:40:25 GMT

GET
H3 200 blank.png_1676955712614_blank.png
s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v3/partners/633cdb43c2dff55335fd416b/assets/singleFiles/639c18e3011c42c5dbc2f996/original/ Frame 2F18 927 B
956 B 30ms
27ms Image
image/png 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v3/partners/633cdb43c2dff55335fd416b/assets/singleFiles/639c18e3011c42c5dbc2f996/original/blank.png_1676955712614_blank.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c45dbdb7b09412d6e8d0a108245bf284d53a80fe178119869ca65654c0621a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=KsF69dJw7x&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 06:35:40 GMT
x-content-type-options: nosniff
age: 178371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 927
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 05:02:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Feb 2024 06:35:40 GMT

GET
H3 200 logo2.png_1676955712614_logo2.png
s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v2/partners/633cdb43c2dff55335fd416b/assets/concepts/634e1187c2dff56bd63c1f5d/templates/639824379069882f4d3c71b0/content/ Frame 2F18 3 KB
3 KB 31ms
28ms Image
image/png 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c3e404f048288e67b6048f88e121f4c5f3927377058000a01e057b1ff218839

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=KsF69dJw7x&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 06:40:25 GMT
x-content-type-options: nosniff
age: 178086
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3138
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 05:02:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Feb 2024 06:40:25 GMT

GET
H3 200 logo3.png_1676955712614_logo3.png
s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v2/partners/633cdb43c2dff55335fd416b/assets/concepts/634e1187c2dff56bd63c1f5d/templates/639824379069882f4d3c71b0/content/ Frame 2F18 3 KB
3 KB 37ms
34ms Image
image/png 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0bdc4694a5f3bdd17a15d5dfc5375fe32ca435f5d81cff6c3bda066e18ebb2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=KsF69dJw7x&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 06:40:25 GMT
x-content-type-options: nosniff
age: 178086
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2974
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 05:02:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Feb 2024 06:40:25 GMT

GET
H3 200 spritesheet.png_1671714812913_spritesheet.png
s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v3/partners/633cdb43c2dff55335fd416b/assets/singleFiles/63a3fc1b0349706994dac3a8/original/ Frame 2F18 628 KB
629 KB 32ms
29ms Image
image/png 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v3/partners/633cdb43c2dff55335fd416b/assets/singleFiles/63a3fc1b0349706994dac3a8/original/spritesheet.png_1671714812913_spritesheet.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2decfcea631dc6e5a39e44aa0bf4be206b10870490d78d75996c896b5a6825df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=KsF69dJw7x&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:44:33 GMT
x-content-type-options: nosniff
age: 127438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 643531
x-xss-protection: 0
last-modified: Thu, 22 Dec 2022 13:13:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Feb 2024 20:44:33 GMT

GET
H3 200 frame1Image2.png_1676955712614_frame1Image2.png
s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v2/partners/633cdb43c2dff55335fd416b/assets/concepts/634e1187c2dff56bd63c1f5d/templates/639824379069882f4d3c71b0/content/ Frame 2F18 27 KB
27 KB 35ms
32ms Image
image/png 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aa12d2d3f125294a2bb3ef90ef5cc4d99e2e26f2b05f1fd44eba25fe1674823

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=KsF69dJw7x&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 06:40:25 GMT
x-content-type-options: nosniff
age: 178086
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28114
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 05:02:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Feb 2024 06:40:25 GMT

GET
H3 200 blank.png_1676955712614_blank.png
s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v2/partners/633cdb43c2dff55335fd416b/assets/concepts/634e1187c2dff56bd63c1f5d/templates/639824379069882f4d3c71b0/content/ Frame 2F18 927 B
956 B 36ms
34ms Image
image/png 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c45dbdb7b09412d6e8d0a108245bf284d53a80fe178119869ca65654c0621a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=KsF69dJw7x&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 06:40:25 GMT
x-content-type-options: nosniff
age: 178086
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 927
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 05:02:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Feb 2024 06:40:25 GMT

GET
H3 200 frame1Image4.png_1676955712614_frame1Image4.png
s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v2/partners/633cdb43c2dff55335fd416b/assets/concepts/634e1187c2dff56bd63c1f5d/templates/639824379069882f4d3c71b0/content/ Frame 2F18 31 KB
31 KB 32ms
30ms Image
image/png 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b0254fd8f86e2ca0c495ad707da3cf3003df8bd6be01c70a5afbc68f8234b80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=KsF69dJw7x&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 06:40:25 GMT
x-content-type-options: nosniff
age: 178086
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31984
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 05:02:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Feb 2024 06:40:25 GMT

GET
H3 200 logo.png_1676955712614_logo.png
s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v2/partners/633cdb43c2dff55335fd416b/assets/concepts/634e1187c2dff56bd63c1f5d/templates/639824379069882f4d3c71b0/content/ Frame 2F18 12 KB
12 KB 35ms
33ms Image
image/png 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61eb4bd63b7ad05757982fcfd7badeeb3d592fa56e6999698e9f65b7ffeadf38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17822369404113911808/300x250-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=KsF69dJw7x&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 06:40:25 GMT
x-content-type-options: nosniff
age: 178086
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12375
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 05:02:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Feb 2024 06:40:25 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F68 0
20 B 57ms
56ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BNzscf1kAZKGBArOrrASehpoYAAAAADgB4AQC&bg=!mZqlms7NAAbK-VRH6vk7ADkAdvg8WtqbjCAszkTWJqlGQJIYeWC6LpgOLjHhKR5WG7b65GcaQSAi1k1GVQYk6hsmW5DKYpjMJxQCAAABElIAAAADaAEHmQLwC-n3llfgMDBeGinEukOw_wzUoSz0x1mysfWfZqSLaIrG3fErjsPqXc7mypunsgEJv0C4ldPt-_GEYzD_Sp5ObGh31Z8z32JTkyJ8LVaElhxrYfigkisnyhMf0Ta4UjF8WDwPBMqNQvZxSpdCUws7FeOnzTwlXhPscaP-54GNP5Z3_KjaC23iA-aPEuKDtfQRFxECbWaBGmsn73jP3xRaiuWF4RzPty8yg_BAoQNUSN-xeeB1S_e-_o9TcJ0yaBckg0lL-tNbzEZ6gZZXfxCNJg7V9emJYfg-8go4KG0Z2HPXSJd-gXJB8DTr8bNwbzuAAsJu_tgB7cj_rlBjiuVy3_XnOlQKEUi5NDJCWavWWrhdGYD3_7AwZPlA64DPY0teH900PFyjkH7C0TjmXND4VSG4ATYEtaPfYcXkoHptopn8pID0B_mEcbaD9DTPJIlch6gDucsQ1qlz9N4M5IdMUlptRYdnzFmG15dCXsyEH--f9rQzQi9HzShUDbtfM1AiTI0BdJQk1mgU2Uu0yH2lF2aqfAQqPELH2C051-8N0NkL5NegK-LtlCKpRcmFFxCDRe44NBtfsOlt9GxYvTzHxOT_y7nOb9E6dH_8gNJVGajv5U-3E4zry0XjxxOi-ZR9mfVO5RS9Qioy43TZPy_-BeA6h6tSrgJunEkzekzRuvQlO9MZy1CugcqrddmwY4Qr_kt7kRDwPAUKwn8mBg2gllfqHjQeoMPnUce6Y_Y1GE-TMHaMY9X1R2Q9zbdcdWZzPoLE_AS_c2EhYnCV_ZuzhdZbfriDXs4tpLjwrDzvD7DQ0Q1wJkffCxbdFAYMxWMDNN7wcXRTkJGRaIDV_wxj89LIwcsOJVzSb03O9IUopxtbGcpDqe_WED65i5Jzak_ipdDkbBiFVEwBOShBphhYW-MEsEGtexkQa03RA_dRr64WqUtgTTAojU8Iv7mmo9Wy1cxm4ZiTkxUAOMYbDkt8eFXNg_BXjjFHxaMWHEEfTo0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2574 0
20 B 57ms
57ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXEMGf1kAZL2cAreX9u8P5MOriAcAAAAAOAHgBAI&bg=!cHOlcyfNAAbK-VRH6vk7ADkAdvg8WlE-EipDkTCSDSH4gMqsRyPZxckR396MHcIpqXVBf1fe_6xLZvr_KXevfXaYg94DIFJU7dwCAAAA9VIAAAADaAEHmQL0Bm4DsyfuisGYZV41R1lUqyodD93iyj6B9oGM0d_g-FuyZngkN2ApV-wvwONp_jjTHIXV16KHSPMu204T-g9fL2L2fAudbJgI0CcITaP_FnIRU6WXyQVzjuGFvBP9kZW8Hyx0x6Z2LRqTUjFlesbl7A2LzLEn15pjfXxtRD14d0WM3HeD-jEtbAM1SCjXaee2n53cP0pf-2f1jjCkxGsueVt1zX5s3yvHcrOzaIL17EpYoOyIkFkKNF5c2RTj9dRXCblkryvxPqBWZg5ErvgoHjMQDelwHCkgenvJk0JlrbLlbKwI3_tlgHeh_8_Ihu0ABFx1jZKBM53zXhkRTQJ1BtQkbhgewIxAaXuaKwPj9iSY7IdoIZitoojVMGWh6L53-vOjzDk-BY_-uMxmaWSKN0URctoEz1qj0mUNTbLLt6LrcdCwx04sD3dI2EU4H2gXFDT9jtxEl0T8BfIakV9Ouklxuk6MKEsEsieQMQoAz3atkVmAnFllSd1CA2JSbj_0afQ8eZkORjBsWSWS1qcCTN-SkbBCw-kH8Mv5qKHB-FU3_lA19qr3jLxFDEgDkEuMdvrJpZyQQBevfV-ChvD7zdstt5MUa7MYHBKJlls_IP4_hozrSRQRhRN70Uga3GVcw6s2wXYMkFG2Gh04E56S6ZPCNXOcNz8pqmv1EqmiUUmYbOaMf8pn5flerz42IXFXKWQNwJOv5jgALdd275H-TVdxd9EdHJpnxzTcBTpgbZeSVTvalp9NvJtRd0wbFz2O3s07yFMyj9Ae-ORVx9-5fRJVGT6OvUeFDLZuHdWma7HRHrc9yl4qaccEryDSCPTJvdHEkuzx-5qhuQTRw5YYUW9dCXfyiYUR9sjMUBdPoYhBHLm3JwfeyWmTCIbWahI3RQM9KW2303uo37AJnNUVE3zK0W2V6He538eu37ORZ62TJwnH72uqwwRmNqwpBsMVUUUqWFFmnHJXveQZ2PnS-YOVMErzw7WuCBLCRgnF033LaUvD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D4A1 0
20 B 58ms
57ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BEs8Lf1kAZO3OAdGs9u8Pl7-1sAkAAAAAOAHgBAI&bg=!wcKlwpbNAAbK-VRH6vk7ADkAdvg8WpBnv-SmZqvuDAUO0CGQ2_cA1UIz0Na9rer3nx8PyJkKVeZwZEQM3KrzJPunLNMOqVpb1lwCAAABJVIAAAACaAEHmQL13vqhaanNZtOus55JRvgBu3t7dsAgAqSeWTpwcVSS3Iw77TgcbOuZLSk6TrLYYa_yWeVNLEIHIav_3CcoRlB64IzZyFny0CLOWPbGYiJxpzHY_AEp89Oji9jr7b321pBsguiLe47KV3pWQzJXiVS2rKTbXoezUTp-SAy_Mvb5jQFnwaZZxo5eJWYWwhtXGgepyI_6Dt_8sgfjZwhMcxu5cpZtEk6HIlsM8nCInuRKkkBHEqeiGl4URfKDEgzZI29EcAh8SY3lXEj1BnKtjQFptPEzh4O-AvkBP6BCWmo2SgukrhTHkcyFYisgis-KkbdrnwLLMnjTyFMRFIHufoZGxnrKkAhqCI7ZcYpaxZG7VmkG67PDd20RWyfqvT3yNzESDLqlsGoBmu-ds8DSXlMMx17gtbDxF_iP5NrQYoVMxERaU_TIwLRfQoZZtJY7pCg9I1tf9cYhIZsc9GU1Jdgz0Eu_Nohb1gNAuRQW-RsVkkUFLY3NjLP2VQDs952YSiXfRDRfl4KIybCCKXUDEEiqq4nPv1YVwJL6Dv0rTETTz7oAkSrFVav3T6AbNy4n96ZjaaDKiWA4EjyDKNZcV6vu7kngofsCjydNpqBVD0rcPvvkd6OxWvxkLSj1NNeotmrHqOeCjYZZTIzgoogrTjxO3pGMdhryMQa_AcPFjk19PveeKrPP8CgNgcqYH896QLRI6KMyGcyVhnZl6tadz2GUHLGVY4yyKb-dkaFsXhabzc8Igg8YI_322Muu7y4VVoaKLDyYZCM5nkKQwm-2kY9uXEDyKyJLyfHAN68sv-uL_D6_Z2h8v4zCkI1wxVTy4fR9_hlPEo2_LbXos1E52k5atZFuJieB3gCMrzgNiTgQ0q5AEkZ4TN_FhsAQshugdHaAPafaOQGy6SlDj1yHUJt_GNkjExcBkCFNI0cC9Qs8bnpTLpN-ErV_ZvziJhKmwJSn-7bl060FQNkJoqcNmnI3K2pGB6AW0bD6gZtoQ5fxzsLKw20VvQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 18ms
18ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: dafitistatic.dafiti.com.br
URL: https://dafitistatic.dafiti.com.br/prebid/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Mar 2023 08:08:32 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame FD84
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=WpTJgW331uahQmjC_FK7QXeNJfJhUnHH

0
338 B

156ms
32ms

Image
text/plain

34.255.170.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=WpTJgW331uahQmjC_FK7QXeNJfJhUnHH
Protocol: H2
Server: 34.255.170.214 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-170-214.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-served-by: beacon-n011-dub-prod.krxd.net
date: Thu, 02 Mar 2023 08:08:32 GMT
cache-control: private, no-cache, no-store
x-request-time: D=31 t=1677744512
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=WpTJgW331uahQmjC_FK7QXeNJfJhUnHH
date: Thu, 02 Mar 2023 08:08:31 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1009089
content-length: 0

GET
H3 200 H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js Show response
pagead2.googlesyndication.com/bg/ Frame AC10 36 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f618aeae3ef8800f20ca9e7b2313104b64c81e24aad04f306665e66555f6b09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:39:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14309
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 18:39:12 GMT

GET
H3 200 H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js Show response
pagead2.googlesyndication.com/bg/ Frame 9D32 36 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f618aeae3ef8800f20ca9e7b2313104b64c81e24aad04f306665e66555f6b09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:39:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14309
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 18:39:12 GMT

GET
H3 200 H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js Show response
pagead2.googlesyndication.com/bg/ Frame 5FF7 36 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f618aeae3ef8800f20ca9e7b2313104b64c81e24aad04f306665e66555f6b09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:39:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14309
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 18:39:12 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 296B 15 KB
6 KB 17ms
16ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.kanui.com.br

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

97d67f8c2575e19d30ae28a32bad7610849e0e56c81ca66e51178124a5c5eed2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.kanui.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 08:08:31 GMT
server: Kestrel
server-processing-duration-in-ticks: 1378406
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 52ms
26ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Mar 2023 08:08:32 GMT

GET
H2

200

cs
s.thebrighttag.com/ Frame FD84
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=HTtdU_8IgKGiooLeoFSJx18JgtiHp8_e

35 B
268 B

471ms
110ms

Image
image/gif

3.14.121.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=HTtdU_8IgKGiooLeoFSJx18JgtiHp8_e
Protocol: H2
Server: 3.14.121.110 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-14-121-110.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:32 GMT
x-bt-requestid: 6c9cbb80-b8d1-11ed-93ba-0000ac170158
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=HTtdU_8IgKGiooLeoFSJx18JgtiHp8_e
date: Thu, 02 Mar 2023 08:08:32 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 947513
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E0A 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8417798887904&version=m202301230201&ct=76&x=1&cor=7122693300833545000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 296B
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=kanui.com.br&sn=ChromeSyncframe&so=3&topUrl=www.kanui.com.br&bundle=Mo7RnF9idiUyQlV5YXNuclJEVCUyRkI2RDdFVGdrbTJKQTVod3J1aDN5Z256QXJUdDBURj...
https://mug.criteo.com/sid?cpp=kbj7JnxxUVE1V3pNRFc0c1BHR1FNNFlyejlOUmFtTmpHYWxBOWJ4OEhiTmtUMm9BMnRaemExbnpNQzd2ZTZ6MitSc3Z0V2ZrOEkyOVJVR0VtUDRwMTVQdk5XZ0d3T3N6Y1pBekd1dDF0OUhxbWdGUkdQUUV3d29OMVhCVk...

428 B
654 B

137ms
137ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=kbj7JnxxUVE1V3pNRFc0c1BHR1FNNFlyejlOUmFtTmpHYWxBOWJ4OEhiTmtUMm9BMnRaemExbnpNQzd2ZTZ6MitSc3Z0V2ZrOEkyOVJVR0VtUDRwMTVQdk5XZ0d3T3N6Y1pBekd1dDF0OUhxbWdGUkdQUUV3d29OMVhCVkk4YUJIakVhcVFUQ3pqTlh6Wm1GWEZ6ZlZOMHU1MlM0Q0NFOFNBTUxQSzk2NUlHLzJxbGNRMG5zVzNvTHAxMFdLU2ZsOU5ad2lxb3ZkWXJBeXc2WlBvMUR3aXo0Z05iRlNSSWpmbFpVYytOOXdTZ1VvcTA1bEdzd1U5TWtjVG1iN0gwcTVJRExlTXh4bm01UEl5QUh4NWhSSVJiYm1XeVN1M3NodFByZXBnSEpNQ1QwdE03VT18&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

091eeae74901d7a8bc042ab3a6e4135a361598581c1a92315784057dce90b3a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:31 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1846157
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:32 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=kbj7JnxxUVE1V3pNRFc0c1BHR1FNNFlyejlOUmFtTmpHYWxBOWJ4OEhiTmtUMm9BMnRaemExbnpNQzd2ZTZ6MitSc3Z0V2ZrOEkyOVJVR0VtUDRwMTVQdk5XZ0d3T3N6Y1pBekd1dDF0OUhxbWdGUkdQUUV3d29OMVhCVkk4YUJIakVhcVFUQ3pqTlh6Wm1GWEZ6ZlZOMHU1MlM0Q0NFOFNBTUxQSzk2NUlHLzJxbGNRMG5zVzNvTHAxMFdLU2ZsOU5ad2lxb3ZkWXJBeXc2WlBvMUR3aXo0Z05iRlNSSWpmbFpVYytOOXdTZ1VvcTA1bEdzd1U5TWtjVG1iN0gwcTVJRExlTXh4bm01UEl5QUh4NWhSSVJiYm1XeVN1M3NodFByZXBnSEpNQ1QwdE03VT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 427343
content-length: 0
expires: 0

POST
H3 200 /
eum-orange-saas.instana.io/ 0
13 B 110ms
110ms Ping
text/plain 34.120.4.21
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://eum-orange-saas.instana.io/
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.4.21 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 21.4.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kanui.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 02 Mar 2023 08:08:32 GMT
cache-control: no-cache, no-store
via: 1.1 google
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CE54 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3619918817291&version=m202301230201&ct=76&x=1&cor=17453470618543036000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 12E3 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=472118276150&version=m202301230201&ct=76&x=1&cor=9640784952009607000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads.js Show response
cdn.480app.com/ 21 B
135 B 7ms
6ms Script
application/x-javascript 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.480app.com/ads.js?r=7131452127292022

Requested by

Host: www.kanui.com.br
URL: https://www.kanui.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 varnish
date: Thu, 02 Mar 2023 08:08:32 GMT
age: 2816
x-cache: HIT
content-length: 41
x-served-by: cache-hhn-etou8220042-HHN
last-modified: Tue, 23 Jun 2015 06:50:40 GMT
x-timer: S1677744513.700571,VS0,VE0
etag: "8a68886c66c8ca4dccac563705f5891c"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 2897

GET
H/1.1 200
OK /
colrep.sitelabweb.com/chpdata/ 42 B
271 B 7ms
7ms Image
image/gif 3.122.81.162
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://colrep.sitelabweb.com/chpdata/?d=pqSeLkGIU_2uOdXTvRH1JuGYFaPvjOFNLjTfcJ200E0IIczTIcji95iQWXjKjJ14wT30VcTeYNfimI0QdnG-Rb2uwNX1Su3YwZVrQNSZNnHqObEjy8LN4uDJ_Ofqy2XNFoDfgNDGvSKl7rWNgZD6sIBZNmWHgYmK9GnF_iknnOfiz2XZEnjfbNin4ClZ2sjJUOf1x2WNB_TtiNEK3CmQNcDzZOvmmNFEddWomamesN-UIhjmQMeqy5xh-lWkPbKLz80IGjliHMAXx5x4PUT0sJj-wKblEdjiHMTel5TBZYj3UJj-wF4BGsGn2ZyfLKGQEXkBhMEKuBXY5cjTKST2UCDwEXk-QM~usQ3t5_TaSRVrjKn8IUTxaQJPyRb15_TbnMvaw4TANYT3kMinxCXc5cjU~YyvhMWkEXkBhMEKuBXY6rGYVRz20IF5SlWoZPjtmUqVNrWigOyq57yFFiz0QNjO3CmEPeDTUMii56nJAijGhY17xB3U6uXnLZfOiHThCjmCNOX-xCml2cTrDOv527yUWZWBlY10mBKEJeCrVaym97CNDjmxbN1B2NKQQdDz_MQbj5CUYiTKdMXGhNHMPdjzIZznhImVSjXyzZUj2B0MDcTqaNQz06yUPZSjbMj7tCmN6c2mSNffl5iJBiTqNNm3yCXF1cDebNvqyHCREi2-YNj3z8KVMoWw~ZzjzKF9NcW3pN~xzA0EOdzvaNfm15ykNXTtgLj7zOHN5cDiUZviyHWEPij8OM~KxN0AJeDmZMDa0IFNCWT7dMH8BGnpahjzVMQa26icYYD3hMUSzCHc6tHqgMuvoMWVF_WLgdYuz80NX_TbnJvfGNodYWmXMb2CpAKNFsSOEc9qyASZVjWHcPnOmQ4NesmrHYWnlIy1Vnn8QJ1XzMbNFuWOYcE59LXVLmCCOYjx9G_EHbjeQMvX35iIXZDKcL~x2CXcPdDiZMf5mHnER_UHrMinzAHUHcDicMfa06B4QYjGjNE70C0AR_mYGYDIvHntEnjfaJ1ykScRRsGnEbiWjKnVR_TpRbY39TqJNpSrUcQOmHFxSjSCOc~jlC_I5cjbUMAXy5SURXi7dQj7lBIM5cjbUMAXy5hURXi7dQj7lC_Q6snb_PvXmK-VRmzggc2Cl8LN5sVSGYznh8FFnYnuQVYLLT_Zsg0ODUEb1K~Fsjj4BaYLKTokNbTwbZQvU5idClT7lZkkJNcZZuCKFNgf6MDlzoD8uUELZVLMHuUJSYzvEETZrX2TWNkSxSIZRj0rFQWjqK~FPlTP9Vn4aNI0IsXaZcBEH9ldud3TYd2PSOLhptz2uNhnt6yd3pDC8Q-TNTnVOumrOUA~XDzV3oHHdMWPaSnpslEO4UB55KTdkoHkWcVePHahSsXf6ZTEqMUlrjG_hZ20aI0hAjDbuSVr3LGJsjDC8MIuOT1kJpjryZWrUFTVth0aYNmyFCnFswljDUDjzMDxzinTVbKXNHKVRtE~KUT6XNiVBqkTmY-kJMW1Cr3YucwI4MzgVnjq8QIXKIcpPsn~OWzvqKoFrY14XcXsCA0RAhkYrTWA3KEFghzLxcX0aNaVhcmbyZQjrCU9roUPhZn4ZJqVAlnj~NWjVNmpYjz0WQ~GNO4NJuFUYUjfUHh1wZWCVM~K4QXBpd0~yeBS5NGgQeHy8ZVeNMaBPs2SicfnUAVJrdmakZ24jJqVAl124YVAo60JKjz0WT-sNT1lNpXf4Uv~HGiJwjH-aMXx1T1lswkrxTWftNmF~fD8uTmsZMaV8tDwyeB~EEyNsoUuYZjGrOHRpcHYvSVWs4FFwlD4VQELNO0JApWb6YQ~XKlVrZWyVMWTnUHRSdDruOgn3IXhsdn7cdYuOCpVQcF2zZvjXAiNtejCYZjGFJ0VtsGK6Oiv65-JobUHuc0uPIXVMpUK4azv6OyVsc28kcWO0UHRSn0nwOjuwIiZnln8uZDkNCpJDbTb0MgvXCUl1enTjZm4rN4ZpszUudiaxMVlKmz48Q-aKQnEGtVUGNArYKyJAi0Xhd1yRCmRAn0OtTWuyIXNClXCuaEGNMaBNtWSFMffUEllsZEglZEGBNcV_pzn6dh1xMWFklD0BNU4NDqoNpUK0ZWrUI0Bsh3BhbITVT0MGh12zOxvGKWNGi38mW~LOCp4JtU2yevjU5mJrjXyYd-yZRcVouHjFdivtMnFHpEayMVaKIXJYokKrdEfUIzxDaWndbK00N_pEi0Ytaff2NDwWdTPUbEySSpoGcGYGdfvXOTdAezy~dmGaJmQJsHY6STjt4FFZoUH7TE8ZIcYRrnrmYznqIoprh0_dcU0JUHV_l06tZzuyIXNClXCuaEGNHcZDbTwmdfvVE~lrdmamZX4VN4V_r0YuSUXwMEgVnz4VUIyOT0UGpkKiaWftAiJujGylNmyVQntEglw6aj~zNXhzeTLZZULQM_xDdHb1cB9z7z5udk8bd2K5IHdcn36EdivzMmpwl0XYSE8kC_VAuEYjSBbYM0V3c00ULmsoO1dDjzfwQEA4ITZLdX88dXkPMcYItk20evrXCVN1lHkYZmGFNcdZuGSDTTOm6ydLjjC8XHaaFIV9pUK6UjvtI0Btc2tgcmsNS_ZSc0SveEu0IGNgeT4BYE0OCpkM_nbHciWyNy0FnmOpMDGwOLQVdjq5&c=468
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.81.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-81-162.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 08:08:32 GMT
Last-Modified: Tue, 13 Jul 2021 10:02:51 GMT
Server: nginx
ETag: "60ed64cb-2a"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3791 0
20 B 55ms
54ms Ping
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9537610787179&version=m202301230201&ct=76&x=1&cor=6440936307390847000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 08:08:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
colrep.sitelabweb.com/chpdata/ 42 B
271 B 7ms
7ms Image
image/gif 3.122.81.162
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://colrep.sitelabweb.com/chpdata/?d=aLpf8ivBp32vadA_vxv1tqXctJai5F8x_3TydZA30te0uf0UxMYezIbdiCWbqJN6yeeNKbTpOJHdyGM9hCWQlJN6yeeNKbTpOJHdyK8VnH2QmbhAlhvIue0QxNqdl3pJnDX1qaQzuyCN2wWHCJHdy0ZN-0S8wR6I3mOU5iyf8MbmhG2Um0i8qQMI3luU5enZxctipJ85nzTypJNBBeedLbTU8csqzK8ljGn14bzJuzOU5eif9QH_l46Q_104cMeAlhvJsvmL9cmpy3oUn4S8wQcIyhzNuv3Z-bsRz0ZImzT12JNSCeeI5v2g9cs5vJtN1G39ld6IyhuU6iTQxNqll3qM_0jzgbgNltFRurFZxctipJ85nzTypJNBBeedLbTU8aLiJJsZ_C35cZ8lpyFQuejUxMq_l4_IkzT95JNSEeeJMbTU8cs1vKNBdGmIXZRW0uh56tWL4cmpy3oUn4S8wQcIyhyFBqXZCUsamGaBmFW1cRRW0pEV6v2x5bbiMIcNqzTypJNBBeeVLeCfDR0py72Um0mMmbgJ5mih9m2g9cs5vJtNAFX1tJN6yeeNKbTgOM0p18IUm4y8pMhBoxFB9qXVzRL10B8VnH2QmbhBMwiN9bTU8JHiB0ZV00C8uR6Iyl8U5emguYLmlK6VuIF1cczBpxE56lGx9d0py3oUn4S8uQd~lifQuekYxMYe3IbtdCn9yRRW0pEV6v2x5bbiMIcNqzTypJNBBeeVLeCfDR0py72Um0nrpaQBlyEN2wXcRe5mTGcNnFWplcwlpyFQuejUxMq_l4_IkzT95JN7DeeI5v2t5c5XlKqVuIF1cczBpxE56lGx9d0py3oUn4S8uQd~lifQuekYxMYejGb5qGHQ6eBFTuiN6tWL4cqHpK9Q_0jycMw2lifI3bTgQJHzE0Zd2zTI5JNSEey50r3ctZnNE7_R85UCxMtAmzyV5hTQDLY000sJi3TyxO72mtEIIeTjFNny04JUk2D8yN6N1te1Wu3--b4Hh0ZJ41SknJN6wfRdyumc5dthl3pBC9C8pM72wgvAue0UxMYXXIb4s1C8qQcIyhTgBfCwxMYXBKNBgDVIcYehpzOU5jjf9NmQz4oUm0CMCS9FNoOU5iyf8M4HpI8U_0jr8ZQBrx8kuejNPa5evJbU_0kCoMN~uhO4AfDs7LY_342Um0F1ZZg3ywdU5jjf9NmQz4oZcCX16eBFlxzNyu2GLM0u4LcVdDDgyZNZ4hhZse2fDO1y03Zcu0DynYtZ3tyFrfzguZ1_xGYZrIWQbPQ7ijSNvrmUGYY_05bIl1muyONM4ieUErjxuYatyFZMuzn1gZ7q5hERvqjQEZHuiGJgq2DCqMQAxiedqgDY6Zaai33cs2CDcdA3nqiNuvkxwPHtx320l1jHwNtE0ieAEdjQ7N0M038YnDTqtMgIzhyJqeGUDYnd33bEk0zLuNN7hiSVsqyCDMnhmGcRWD11cczBpxE5SrDCEMHht3ZYt1zHtN7Iwjd44eTb3N1im38Uk1DzcMt7iteBrfWY8Nnah3JMu1T8pYNFltEM0fTY9R2aE9qV42D0qMNM3i9c9fDf6OHh242ZkIjgoJgWyuhYItHcCc5hl36E_0kCcMeN3zFc1t2R4dK4uF89h-mzpJN7GezRur3ULe0upK6liDm9adAJkkiR5wWfyabifF89rGn5peNruzhx-bmZtMHNH7ZEi0ykoM7RzhvYDgDU4MHt343cq1D8nOMNjteIIj0Q7LYhu4ZEk1DPnMNE1gvEBfzoFN1l13JkaHmP0MMNwuzQIejsl&c=468
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.81.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-81-162.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 08:08:33 GMT
Last-Modified: Tue, 13 Jul 2021 10:02:51 GMT
Server: nginx
ETag: "60ed64cb-2a"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42

GET
BLOB 200
OK d92d555a-e53b-4abb-ad4f-3496a4e7896b
https://www.kanui.com.br/ 12 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.kanui.com.br/d92d555a-e53b-4abb-ad4f-3496a4e7896b
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef9f72dd5a5212e7ecd228e4ae27bfad77fa8e6b162817fad97db8a7acb2d842

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Length: 12728
Content-Type: application/javascript

POST
H3 200 /
eum-orange-saas.instana.io/ 0
13 B 118ms
118ms Ping
text/plain 34.120.4.21
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://eum-orange-saas.instana.io/
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.4.21 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 21.4.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kanui.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 02 Mar 2023 08:08:34 GMT
cache-control: no-cache, no-store
via: 1.1 google
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H/1.1 200
OK /
colrep.sitelabweb.com/chpdata/ Frame 40C5 0
0 29ms
7ms XHR
application/octet-stream 3.122.81.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://colrep.sitelabweb.com/chpdata/
Requested by: Host: www.kanui.com.br
URL: https://www.kanui.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.81.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-81-162.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 02 Mar 2023 08:08:35 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H/1.1 200
OK /
colrep.sitelabweb.com/chpdata/ 42 B
271 B 9ms
8ms Image
image/gif 3.122.81.162
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://colrep.sitelabweb.com/chpdata/?d=SEhWte7lbpA2lrdO-vQV1UlGNzamKj9dN~oTqnJIR0XiEk8D7ucPb9AkQYUjkCJa8w8d0HbTEoMjYmgXQzOGsubvRwMk1cl3NeZsGQ8qZ0sH-VbU8yR1NZPDX3MLb5CDZUgnYPN1Om6BJxo2_fP0gpjWUaNmYvdOVnDFRhZExVRYSzs4ZAoX6wMzbuWTQaJmaHMrw4ADZEfj8BNYO3t5Q8cT~rNzs0R1VWAUY1eu-sQ1EGUkfHLYxlsrAwk2_fZmH3kCUm7EbbJaYwAEAPUCbDQXFysNdxrjMnJzVCRiIkQD28K_jyA-FRkG3-VsGiyAl8ZT71NzU3TzMs4To2KM7IJ-1sRTRTJH3w6OlzoSIjMkllfItj5S~4MMcoRY9OgSbCRY-xsK42ajInOjMuUict4To2UAVmMIJKRTRWNH73rrMAZmWTcXc4lWViO2G1brGw7ZhYlWt~PHXluag3omAkZzb4VDQl8zB2MrRjCEdDfWQJNK4ksaFtZnJoa0Y9f0IuJ23uYrxiAEQbfjMIYHW5trg9cT_YO0RigzJW7zBucA-kDEkUgGgyMHKltuJsdDErNEUxfDEr82kCM5RmMHIUVzfKJaG02ddcs2JjS0Y9VzEn6TkAN5s3B~QYUDs8MH-0raQ5ojBXMjYygiMmJmk2YrkjAVcSfTIDO1F1suE8oWBVLzbzUCZ_PGlvUAkzRplQjkt~PHJxs403cjRqNUY0ViAv6jk3NKG0ApYUgTIGMaFzsuJpbG6oYUQ3UlEk7zB9NaZhB1VEfy8HMn8EwbRSgUMrMUUxVzct8zw8NaQ5AkY_RnJIPH-m5PJtojr_dnZwkCUnBS~4RqjyFZd_lyD5YKs15_5rr2qfYIQlU~YaPG-vcrH47YlU_WD0ZK803dQHtH7oZygqkH9YN3-0dPZ5DH5YjG20Ys-xvbdJbSukLEMwVDMm8jBCMqKxBVc_VzYGNHx5puNpbjr2QzMuUC4r7Tg8OaQxB~UPUTfJNnO0tLU2dSNTZmRsjINfKXoHMKohN2NXmW3-Yaiv2AttsjqhJH3zXmRmPW~ucvb9NYFNk2b0bb42vaAuqGJjbU90k1V_4nttbcPkMIRCXWg5e3a4s9JvkmzIdUZhmVVr9GlWeckXAW1qiXIHYa84xuZbtn3VRm~5ViFJQkKxRcZjSXRcbmDkUsC67vFgklRiTlowlUle9VKXT4HrP14SbWHLNbXj5cdydG3hL-xVkjlPFmw4TsA1IIRnl3xfdK8tzaZ_uUlFdGRNlzcqEkYWRBkELkFtlWl7T1PK6NY4jl-BUT9wg1FJC3t-YeZkP09PWFthNqsF-ux_ojStU-padmBMOkxVddc1BohEiVc7b4KN8uM3jWrMRmHqeC1C9XB5NrVRTFp~llVdOI43zs1dfmNGY1xlYDRnEEONaM-rF0lsgmV6UIXBydw4hn_MalbzaiBJPUGNbeLKI1t_bTNRTs8DsaFZdGzsN~xkjVleCFCSUPRDHVFpbXgUNHCL8O9DcU_1cYxHfGdKRnCxVAcsJo9~k0-ddKOztO5VvkNFeGRLYjt7Hme3ctPURnhqlWVJT2es6tZadVF8QzZsf0NqFGlaMaRNNYhQaXMLc3KTucR_omSrU080blJe7TxXZc31BGhETUgje_4VAuh-njJ5SGHUkGtCPW75NOLNUWZOakVzeLS05PFdi3EjSIxiWjxt7npwetPXIWZwb3Z2YY0r0O9erj3MO1Jo_TZBQl--NcgaI2cUbTZoXsGUwu5WuGAhS0DogUZiBVGpUBb5MYNlb2HjdswOwAs5hGvVeGgqk0JCB278Y5VRKZB1j2HqOL86yd5RtlJteFpjn~NfGDlWRdOyAEhuWXpKSJTBAslMhkJKdIJtfI5YHGteMagZI09M_GD6ZrKq7tNSqXVhYEZkn1Qm7jhaeO65BY5MmUpjd_aO8rM5jmvCWmVUj1lC9XB9NNxnS-pkaVZeOK86~d5Vk3-edEcPmV9h8VfOZb-ETYJtbHkBUH0KxdRbhT_7d0H6ViBPMFfPd8-VUZhcg2V6U58ryu9YtXAoNFkwlUpeDVfWdvbwIVFlbmR4NHPP8Mw8cVWCMktqakJBPmtEUvVaF1R~_m3qOJwoyO5JtUhFdGtObWdvJ2bcYdkTLkVtbGpVOJXSx85cgG38dHH4b~lYHmxEergOSGpaV0pZcqKu79pYjGSeZ1RKZ1BeJXtsadB3HEB-lk9iOJCS3edDkkrWWIc5gmZNQFk3S9s1NXkTiFJoaaes~bpgg3J2MIRjWj1s7nl~dsPXQFh5b3IAYnCR3eB-r3SVV0Ht_TZ3PEScSuxNHohcbEtVUKC68rBWdSqnN080lUpeDVfWdvbwIVFhfVH7dsiNub1QdVW0c~t5jVlBFGs2U5VBIYRkUXtcdL7ztrFruUd-O-RPaC1cJ3lSTebySqZ5mWULNIPa3NZQblWXUXHsf~xuFGe4UvRjCFx_UnNKdZiYttRsj3SeZX9NgmBhN38rVdPtG~dpVUgjSaXK~OtDo0_KUHV6j1BB9Wt~NagFSFZ~_m-_aJX55Mk2jVzfc_JjiVVvEkB2acxuAWF3njp2ZZh1xvNMnU_Te0Zs_TdFMV3fTtxaIolcgTYLTtC61BBWj2BdN0DJlUZIQlxSUPRCHVFFiFHjcYyiw998hVSGd~tpWkVFE38DUb3oI2NOUjt_dK85sthSdUNFeGZkZUNtJzhcUAcpAEFxlWl6NKwN5MlyvkhUaIIwfzRuEVfbcrRKSHhi_XNWbr_yubdVo2zdU~tKbJBMP3KsedgqGGlNg0gje_CK~PBKij34UZHtfmlXMGC3SNPKPXlPk1JqUrXs3dRKfn-2VH3iYIRdDz2DctxXPFpDiUg6UIXJxuNztn-8O0Zr_IFCPVffc9xhIpJYfWZhYLCHseBVdWBdNzZFiUleRk8tRPgsNW1u_nUCZ5yNudN~cjFCaktrUjdBKmN4TrVJIo9~l0g_dLXDsthRtV_edXHaaJdvFUCcVOtTAEBtYWp6T54S6AFadVF8Z1l5ckhJF2t0fr-jP19NVWDZa2Ww8tVSjGl-TENJbJJLKTlsaNPzH-d-lUt3OJGR~41won79RGHUkGh8PWtDTeVWSXkUYVZofbTK2A1cj2BaMzNRlW9v8Xl8aNnzRnp5nmpAZL00yBM4qXvTa-lo_XFCM1B4acZZIntYfzZ2RswX2d1StWBsMGpKWjZIQlxiQ8c6Nn10bXcXSbaiwtU2i23zakgUm-R8FHhKTrVJIqB2ZjZqe306y98DsUNFeGZKbTR3EjlSacPURVBtlWl6NKsJ5Mk2tkS9e0-sbjl8E2feYeRKSHNbUlpdNqKU9tRaj2lpanRSY-9IOjhSddgEAXhplVHYU_4azBdDjUWGVmlUl1BBBW8~NdLKQ0lPUlpoUqwzzrFRj1zFdXgaYH9nET3caM-rAFdtgm3LYnGO~PVfs2vMdEZrU-h7PU3bMuxKI1tbgjZqQbyXAvhpf0SdS1Nsikh5NUKrQ5gwNqFR_3RmSbyh-dh1hFzdclxHdjdBKmO~Ub3NFYNLk2HxeKT5zuFKuVWIc-JYTmQrK3lcRucqRZBtb1x6NKsK5OFQckSUaIJwg0MqCmtycvROIptNVWHca2Xq9tRVoXSsU~pVcWdH7T8ZOOP5BIEYgFtmOIPN3ut~jW30RHVqkHhXMDxyS5oSP0V1f1c_U4e5zrFSqVzFcEJkiiRtDV8cdb-pCGVxbGH6UIaNxuNys3FURmow_V9uN03betgKI2Bif03WTLByseBVfWSdN0DKlkZM7llsVOBqMkJNZVHjcYyK8dhKblW4d-pukGZNGGxxYubxFqNncm9za3GxzN98qFNeMF-hn~9nJ0SdUOPXFZJDiGV6NKsJ5MlzbUS8ZH3rgiVCF3-fa5ghT0VYZzlhMJaHubdVomhdU0NFZ0NeO3htadBsH2JujFsCb2PN3ut~jm3CRHVrl1BB9WtDNaRVSFlKWVcgTtOz-bhcj2BeZ03imW9g8WbRaM~wSWdtgm3Ua1GC~PN-qXWTelxsVl57MEGzMbtNNYwRiTcSR_wU7rBStWWzNzJVlj1v9VxVabc1NpRyYnVXVLyNudN~cTF1a-cXfHVPE38DVcxVIpNPk3JzVJFxzeFWqEzIN~lNg0tgFWlNRucqRqJCmG36St0W59Z-hl3UUZ30glNPC3tPQvcaT~h_aHNdZJXHyshpvmWfZ~pVbINd7ThZTAP5BIFyjFwDf_XjxPR2omAoO1cI_15PPGfDNdHVSW1zWVZcaLS05PFdi3EjSIxiWW9v8WYcLbLDCGRxlXlLUIXJ-99bsj-5d0pCU-hZ9E3betgiPHhXfzJkUs8psaFZtGzsN1JKgVp5Fk3SUO73KFx0dmHncswjzA9DcUd9aYszkHJWF1G0TrZNJ09~ZTJ_daP5stlOfkNFeGRZi1gkMHkDT9PURVBqlWZUM_TJ8c9Qjl7MT_l5bjhJGG8bdvRNEHdNVWD_b3Xusthgj0zkTENJbH9IP03iQ9PzHEZ-iEt5MIPN3uxDnzJ9UncYkI5PPjxzMtxJSFZ~Ump_U4e53aRSiX~jfHDhYH9iDUO~ac3HIW13nmR3ZHCKxBRPjmzMakV3_GtuN1GeMbtNNYtNbUxcRa8q7A9puWWsTHNCmkhLOVhfLef1NqF-ZmV4cbyN~9p~cWv5amNIV~dXMnh2Zub0FYNLknJdUsestd9VqE_beGZOaJdvFUCcVOtTAEdxWGHLNL-13NledUS8ZH-sblF3Cmtyc9tZT-MSak-lcIKU9tJZvmWoYEZSY-9IOnbZRPQwHWsbkUgje_CK~OxMij34U_cI_15PPGfDNdHVSW1~UUlcZsws~blShnBfdUZZmUdn7lCRdboUAYh5iWpDZs8VxuNztn-8O0Z5_lFCOlfffskaIFNMajNZUrwU88ZStWBsSYHSkHVhHllrQ5x1MWx5_nR7dtXi5PR-hUgiclxIkGlXMVGyYAcGIIRnlnJcOK8std9VqE_bfFghcXBvMD-KVBZXPIl2cm2HTIeV5MlyukS8e0lsbjl8Cn3QfvRiF1hRaDfGa2Xq9sdWuXBdU~xNZ0NeOjlVOOP5BH1-lk9iOJwR3edDjUkoQIVXUmBB9Wt~NagFP-lLnmtqUGo55LRsfnB~MzJNWW9v9Thcdb-uBYJEY3l6UIXJxuM2rj35d0ZEU-h7PVCebckkEphUgm9kUs8psaFZuHF_Tk3OiUZIRmKSUO75Nnx0cHUDMYyZ-eBShUSGd~tpWkVFE38DUbB4I2ATcmHye2P1yLZ_o1_INFpZn~dcJjxCSBZtHZZ3mDp4T50G3thehkJ5Um-5azF8MVfbcrRaP~RcaXRlcrwH~tFqqG6hazcCZ-9IOjhSddxCAXhplVgnT_Ta~9lEoTEsTYHUkzB8PXGNMtxKCFZ~mlZcdZ4s~blRgmAhbIJObINg8WbScckXPFdqbG-LTY0O399bsj-GV1JzaUtKPUYeacZKI1tbajN_aJwU7rBsqTFqS-lVljld9V-ZUOPsIFptZmV4ctCixOg2hFzrbXgUm-R8FHhKY8BGHIQTUXJcQKPstd5StVNJMGNkcWxeJzp~RcPURVBqlWpSM_TJ8cg4jkNUUT9tfDV0B3t-SuBiT2RK_1H_arKtysZgj0hjYZVkZXJ5DnbpQ8osBH5piEt5MIPN3uxzoTJ9U_cYiDRWQF-9R5tSAGpnWUlcZaes~dFNgmBbc_JlilxgEHpWbN~yQ-dtgm-6Ua0RxuNztn-8O0UwVjdJPUGxOckRHqcUcUpkUs8t3dxquGzdN0DJiUkkPk8VZuBRNYR0ZHRTMHyNuO9DdT-Gd~tuV0JYB38~Ub-JFYMRjjN_dKCEsthRtVWIb-ckYIhnKmYcUAcpAEFxmHZ2T2iO5MZbvmd5Um-5gGxKGHs5MrRZJIBq_UlkdIXpucVZi3SsU~3WbXMmGnlqeMHoHFsYjlpXdryaw893n0l1QIUyV1lNGXhySeVGQXlnckg_U4e5zrFSqVzFcEJaiTRwEXpdc9PHIXFDiGQAaHGCxt9bsj-5d0pCU-h7PV3fTtxaIolcgTYLTrwU7rBStX_0MGpkYjZh7kKrQuYxP~RNZWgmcsoP5Oh-hX34Mlcql-hDF2OCUsBFMHV~VTpddKv1yd5~oVJeRlZZbW8qEkSWSegGPEFCmG~LNrTO39Z-ulB9a1kyf~xFI2xMRaoNI09LVVpkLJGUzcVVfyr_YFtNd0ReCWwucukwQqJXXSgCaHn0&c=468
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.81.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-81-162.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kanui.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 08:08:36 GMT
Last-Modified: Tue, 13 Jul 2021 10:02:51 GMT
Server: nginx
ETag: "60ed64cb-2a"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: analytics-stamp.confi.com.vc
URL: https://analytics-stamp.confi.com.vc/api/v1/stamp/102462

Domain: s.tribalfusion.com
URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEP0_0_9pZ3iZnTXVgogR0fs&google_cver=1&google_push=Aa02lx93f2uZo5YhWwSuzQZbYbN0bdjYOXNoN8i49cv1iOzGq7N9SQyY1hEhWk2Tl2TR3yD_sCW6i0Flk17sk1yrceM0HQcb-xYn&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx93f2uZo5YhWwSuzQZbYbN0bdjYOXNoN8i49cv1iOzGq7N9SQyY1hEhWk2Tl2TR3yD_sCW6i0Flk17sk1yrceM0HQcb-xYn%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/bg/H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js

Domain: googleads4.g.doubleclick.net
URL: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstqzPo9YNCZiExMrzn-L5NTSWf9gozYVy1CKci2N-5o07p4TSwfejrgXJOEaJ61f1-5y57rkt9SBKHa9xn7r1I3PBNIEZ-th16jMxESBIBZH6Qrb3zuaAovoT8zh0zt0FTLvh3gRLc6kGi_pV5QXFHdCNj_BQxPC5RP8Xhuow2yzRX6zCndwtFygl3r9PwRaHCCxBqCW7xWHPkaM7SD3pv90VP8EzO019quY0AihdOBIxFuDvje2_FZonA0unbXTmpVFUayaZ7TeuxCRtmr2unZcq_wc2bnm-bS0wNi9ujxvld48xTtyLNnLXcj8tEtWMJV3lDVLhs3IJ-MxnqisxMNq0WEGPIwAI1sOaaMGiqqEatiNVHff5x_Or_p7fijG2MufxH_LuWtXmPxuCovtf623G4rAwcLNKFJnADrLrzMpIHQA8bcrwz_wnZOY2B4m28EgLTLF58wt7K-FHs3KgSaeuFgTsIwEJwA6KlWtwrw84qu1SYXWrlV5R-tNSJBS6YYR60c9Uzdydgay_FyuxmY5z_cLOwlyLkr8GMQ_2RrqXrxbo-lid2SLvC0FvPl02CgiDLBTG_BjAEoGhJPuF32BP6zAnkzrdww_NQWYlBgEdvzU4KT0ZyI80pG5cNV21_xML4EnB3f_slLjLT0K_F0_6PUTvsYNZzTz8m8Vhp92ECPW0jL-4IoBTGj8PSy0cVf2sS3wcEhoRjgOlMy3Uo8uA2o6izeZ_YvV6g-zu9lav5wGEu07paXvQh-48QsiDpeW-e72U4Nzy62f3TnqDWniAOs2x2Pl4ptaBkT-KpLd6832Hys7LWySu3TXW0HcsS277V7514RY_motvv7JFOlxRo1DndYaCXb7D57Xcy1WfGbTrj2MiXM6hRdQAHdM6bpxBFnlgsQnXb6YCLV7HOMW6rVW_a7aVPQGBmz5AdzTje0RXubNrZS7SCUuYJlC3S-S_CqbfSm8wuufILmPTX3pJY8Vl4-R2ORkitUDaXEgWv3WHAv3ZWbBCorAo6XHwFueP6PrflEgAIzINkAmY-iwh7DBb2HMY51dVycBi0OY6axeVZk4ak2QTNjCQpIgIBTE_b77uvpdED0zwvp_RjBALZYA8toWmSDEKnPWruaxeHllSF9fO8BV8XXc05NAnA4wYCMxsk3h61TPCReGJaoiiraZsW8rGdhFHg9NGldkziIH7QnShJ1jZ84RjfYtOSfjNkWtpvdvaMAehtWxSEI9UyHfHaKe1C2MEVv6R91jS16H8Tqx0WYuk-3hj0P6CH7&sai=AMfl-YQlNJsRw7P0TmZIrSpMmtro8weK3LPuH0hsYkzZoTiXYTnhFELI8AwmNfwCfnIXsfaYLWM0mwH71CeFjtt1MsM7dFdzo4xH9NHMxVXNbBeFUE9GsfTcMsJbHRz5faehjAncLZWu7rA8koyRp2VcLWKRgl3ZgqEDV8qMFkVssNIRwW5bBmCsuzQOHql62OQR_mhJv-hNn2tAtoqDuHioWN05PgMeMGYCrc9etNkTiEW_gsGGym4f8r-2--xSzvEOpTbMRiM&sig=Cg0ArKJSzF27Do1Nflo_EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=746&vt=11&dtpt=334&dett=3&cstd=409&cisv=r20230227.03112&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/btn_cta_arrow.svg

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/kia.woff

Domain: googleads4.g.doubleclick.net
URL: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsugwOsWhEV8CGNjVGy1nSp91BqPU-8IiBUCAufP8LUX_enRg33Nm3WzIDJMmcTN-x2s1NfV9CNtZCGPRBpgrCGmwLJ49QJMQuDNJcgSGmAK0_yOKj-iMNZflT-Ws6qzUG4LpFnn81Bnj85BbzXvbgFqlTHD4fwMcvCmFPWG9LZj6crbCVePPdYXXI3Di8DKMl95-Ts-0qFZfAQxD53-LDv8VRVXCqc3zowUiZeRwiM-i4RQpJRpGsK7bO87jruabQioXxz8y_vO3goSKW8iLNJGkKEprhn6wlpAF4tO0wgdPeBAbtTRISdslNjD68RbX7wF0_5fo47y2skqBApniWzw-KYHXYmrzYTlM9QQGKfjc0PlkRqS34adRpAg30dss61cYL0y_DOO12xw2RW621JPvd1GFhPSMnFKLTzEnSHhhfhWzhqTlR87inJ1xgJzA3JYifh1z5iRLAS54fFCOrSC1EEi-kwUOXQZ1f3Ang7-jstfFG8wYEUYK0JW0c03_NCoYEG1OA2xuMlewr55IITYeEBYHlI1_Xe94zTy7ejnDAm5XejaxmeAu8R9lVkmBhkSeBiX9LbKpftcNUqzKeNu0B1UOnQVhyeU72UEzdDTw9wReJHXpOmvlXhwx33JPd0LDareKbPV1hlq5HZB0UxMQu7dulRsUPxgEIJkAle6UbztmOGqQ0SG2tReQshEdKXdRtLgDihGfQxzQMdq_apTe2NS442DdfgKKR_Jdm2pn9nOh_sNNv7WYeKbL8o00H0hp5E5rnstqsK6trJWYtc8hfmU81Zp5Dlr4tYx-2N4jB6HsbyZjZfUVoZCGqtdrC7nqZltOOVqo8OMy60L-Qw94pB3JGLudOCAhrhvofLtprEb86eIYGjO7HosTiavgAYMuAOR6WurYVsK5lG-jFug6gyfm8KYYBRG-_8sadFWIkwoVA-RBhBQL2qOf8VdbksKfpA2A62veqQl1k9zo3rLblpNTP5qSC0uCrhs8xNuRQsns5bkFkzH9NP5tyy2CuJ5Gz0dhrj7wCPSc5jpPAsNOMLkVnhAt1oDncRww83NRnQnf8mkZaZdjubaP_IFFb4oS1adyE2nIycvAVTT3U9bvX9V5ZGH24tvLrno1GlPsTCmAnmi7ibUPbuKFLJYRFOPBQ8Ps6Nk64GVctl5TY6TXbVL_tlpzkNsBos4Fz_QqySkDS_xvX8gx26tu2wn06KtKUPk-8UvqvSvTYfjdjbRTmssgfauzk5fQGc8Pb_pygQDbyHE&sai=AMfl-YRlU6sfNzsL0Yg0HUEsva_f0sc_W2ZsFhToCl3ZNhdYeIs0IjUP-SrPXpS92wf7TlrAI2gtuD5K9aMXNDVaVGI0m6J0EI3KhmWLsbZRsx-3M9BymLwGxv3XjDne9b6mJtRu9slB8K2oe15Qz1cbdNqudA-5InDD36c0d2tSfsOMyCRA6cdmACAWotOCLru86TUt43qD8RYdSPPT8Rd6R2QFdqxR8BklLJRl0H8y2YJJESV90tbOrZbjluXW9dZ4tCd8hpM&sig=Cg0ArKJSzNdgWGSqv7Z1EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=926&vt=11&dtpt=409&dett=4&cstd=509&cisv=r20230227.07995&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvzAjTesPnb5CNsWY63U_Zu5aYuEZx-JUKJGi7ZDA_0DVjkgLcWoDUL1J1ZA6aHxrjLlQZmK3oH_oUOiiBc1-HdbGACuvs_pcfdn-JnHAVUFA7Sjo65ZpfEN4q3DKBlsfMiGX_HNA&sai=AMfl-YQ-XSt7s7kL--905QcIoS44x2w6yMC5veDQQYPH5IVKrZSChh2aMW6AOg5hKZfTrC22b-ICoB8Klnad_7IgBo70g_FA_lnHGakTVURulB-Y8Y2KjSrCmEr2jf1n&sig=Cg0ArKJSzDwTlljlAoYPEAE&cid=CAQSPADUE5ymsMAy_zhM_NGWgj_3GWnNOpgjtme8_bG0sX8UnODYH4q2jPiDsFYbH6zXwa4v_-k5sDVrIEtlXBgB&id=lidartos&mcvt=0&p=3704,436,3794,1164&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=20&adk=3254371550&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=3&r=b&rst=1677744509493&rpt=320&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Domain: ade.googlesyndication.com
URL: https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIvpaXrOW8_QIVhYP9Bx2noAYlEAAYACCdh_JKQhMIsoH3q-W8_QIVVoeDBx1lyQ8B;met=1;&timestamp=1677744510673;eid1=871060;ecn1=1;etm1=0;

Domain: googleads4.g.doubleclick.net
URL: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssmFRnpIpw12qMlTAXHQ1DuEpZIK3vjjIUSOSilyh-h-imaAWshPJ1Krim2Ng9KJvEdo4_LPJrSvZpg17wY1gAKa4dhno18C8HEfQt_4DcF-Gu_0V18Grlz8MZvl5ziyNRAxquWaVANIO8Z5c5Wz_Mibig8XAvrpFxBUZSFcP3aXcfFtjjG3ugo2R0ScW0ZBfSd_RZQdWYDznDiX7BHEXHAQAzvN-AJdPmtLurIGlGr-d5H8LYChllXbFjNIqEfRzDnRwhlGFe6rAMEzOMKfIc9RSGMa3S2iY9hZ1Jvr4p3a079e1g4IB9pw2bQQibGL-Zc9M2xKCWagJo0slzc5u7G7FKbCjAeEk_JwHbH6_GG4LyxBa2XKmdHUXrjb5_uVEqvI6UveVX9TclDpcvzFG5GwhAk4ihnwwD7DkURnH2oEUgNj4dwGbvtvc3MlSWLy92wVwIm0SASuIWk3HQhagkpSSjCKBUY0E-haOm1tDEV0k9foO3LOhq6-MwV3q6CRB2BnX0-daJhpE541b5goCqrKEkZuB8lKhWxTtYb_xVXrFVOYalPNAd0iR7MKYzIRyl4-HWeaTs7cgOcvbyvP9fkRJ7BtuGMQxbovPfreJVM5oalTMSA3XrZUqddkgrBiPa32GuRp-58CFJcVV_2fn8tkfqlLv-Lo8w0Q7faH-U5pkNMGyUO7ZpIUJAgWW5zAqpAFZrzHYQ-k5Snk2h44xJMPyLz1GP1Z060ZB3jyzsSyJ-AEIjQ3fTeFSsJOsBbhkjlWq3dB760lM1syHMxrUgFiVWmopAIc8gpPa3bw4Jc9ans8itAvUImAvLvPMcwojFcbawMARQTJvL0lddKQBjbzBTaMvSF_5dvFP7bl6STmtO0oL7jcyR2YSXU0lrBVev1UCopkrKVJ-_GafudcB4YxJGT-KM_92O2chbV6qaNwUrP3NLvTR6lOuAaQY4B2XuYND-HzG0wWgdKILgEWqjhfvwE3dVsrv0J2CK5HppJBIq4vmUmR8W9sFoxTa3xqIdrcQ4ve-IA4hkI2cndIbfT4f6ZQvim3G7CUyVYeyQOAKNHhqtaywWoD_TPtvkrq_vbS6kEWtHOTb4q24omsHJ_LsAyCYKyE4etD-WMcHhY45rDf4-pF8-_93RLAoc8SKdzvEgJ7iEYssjOlWXAk-jxBMI2lcQVQ55DGZ4wwu5mXlwJCkz_ur5d65S86JZij5r91ht1MjOnDmtoOHQHCEu5UMHfkOqnUBoigcF33JRt1RTIghdto-SbmEfrxC88AwLq&sai=AMfl-YS0A2AKRidAHkjXH60DIlmu9qyMlphcz7dcF5LuDWABLwLbgnf9VIIozxOnDspX-YjVblFIB9IgwGyMYhacEzVZ6oSGZagyieQgWvsiL1MtVTDDkkuPrZ-KwkEmo-T6PJi1WffpJretRj2ZwRk9GNMZxfF4aZvfwMTGvLPUeRMWYVdBTb5ggThBmaHe5WAerg2nCudR8T0YC-lR3gyvCTJRToWOdFp8eo7LuIh1geHFxn1NcUn6-bsP_Vk9EE5PQ6gJ0tM&sig=Cg0ArKJSzFaW6WzYjDfNEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=801&vt=11&dtpt=353&dett=4&cstd=444&cisv=r20230227.61389&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_oGEX0B7pB22Saicm3GZvzlhnHP0_C19qZXSxvUz9qKufGaerGIyXSg2npnm96E3D8gPxXoAovZRJFHwPoaxkVu00QsUQj_bKkMA8ZD1hIiRDJAV-2x6zeFd5TTyizFk7ZJ3nvw&sai=AMfl-YTEX7-CoEfaWEbTMw34EMzdviI2_GiNcqoI7HmV89B7ZPB6fMuc0ZrgXaJHGB8rtYRIY1SgM9QhAEBDFuMc9EgCbd--8C6YAalx21lsKZLYKaWKj1X08XK3Ugsj&sig=Cg0ArKJSzDwhwbtTieAiEAE&cid=CAQSPADUE5ymsMAy_zhM_NGWgj_3GWnNOpgjtme8_bG0sX8UnODYH4q2jPiDsFYbH6zXwa4v_-k5sDVrIEtlXBgB&id=lidartos&mcvt=0&p=3399,330,3649,630&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=20&adk=2490721833&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=3&r=b&rst=1677744509497&rpt=692&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Domain: ade.googlesyndication.com
URL: https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIjuKcrOW8_QIVb5L9Bx0Raw60EAAYACDmztVKQhMIs4H3q-W8_QIVVoeDBx1lyQ8B;met=1;&timestamp=1677744510683;eid1=871060;ecn1=1;etm1=0;

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssnmNj9dw0x7SXW2KjWClaNjMeirizIgci_T2f-e6SzpPsCMuEutcLJlc8z8hb6qQ7UhvH-zWQq5JKoWmufmcFZyBP3QoQVmLR2I8bOUHfUBw8S7gqkpH8afbneL0eunS7ChPafCQ&sai=AMfl-YQMYiR09hayQwrbndPGz9gf0Qfg1Fjmes3X0SWegfnH-rnqdvMt-q_PkqRsj6sJcqmz6uGkil88zDZ4IcXOMlkXyO5qPzEHnZLAeXUkQqpW_Xu3AEzLHVZi1j29&sig=Cg0ArKJSzN5YQ4t4QSSnEAE&cid=CAQSPADUE5ymsMAy_zhM_NGWgj_3GWnNOpgjtme8_bG0sX8UnODYH4q2jPiDsFYbH6zXwa4v_-k5sDVrIEtlXBgB&id=lidartos&mcvt=0&p=3399,650,3649,950&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=20&adk=2490721832&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=3&r=b&rst=1677744509500&rpt=505&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Domain: ade.googlesyndication.com
URL: https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI75ubrOW8_QIVTuu7CB063wN_EAAYACDmztVKQhMItIH3q-W8_QIVVoeDBx1lyQ8B;met=1;&timestamp=1677744510690;eid1=871060;ecn1=1;etm1=0;

Domain: googleads4.g.doubleclick.net
URL: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv3qVr7tnMkOCa95ElNKVJ_cdUGbpVuTJ-CSqpcm0uAZyUXTVRMjwS74Q9yjWNJ21_znV7iReMt7cjzu1mXvKSvkt9Y9b6adg63St4DNSugXxTzBkpQDlaC2MrP8lMamsvbydenBucK-YqLbw87dYKTOTqZIBFX2NGpCpFvAX9AuMRrImrCYZGcyRcbV_RQr2Lg5hH9KFg_af6Hsc6UiIdWJN72MVTK1pMnHmDMfHrGuMOojLyAmbvSKBhMnBYYHDo92iWxOgDsYC4BP2xkmAWLR1Q9fuXieWqJpX2oyms1yaRwwTsIRBqjTzBwGAFJaw35389ew2YKm51MBQ61nOTayg67s4GC4VWfAATkV1TD1lBl4keRY2r47LSDSdKBOc5eQUaKwi7nC0h4YG_kpHZUU1CkW-oCF92QGnJsMVaW5bq5SfgQxmovzWkjuBrozrCGlHI7s32peG8MfhskAv7li2Qr3JF3oH29NhAxQsVaRPtvNVQe-Y-z7nFZe_l39c4QMDHPfRLx4BuyfsVZ4B7rO_7zFUH-7HjtsyqYWG1hFUWhmR3PKucHlfS_bMUuLUyTIkgf_bIqLcI3sHo8xPquS-88lkJdUBzSm3AJTo0_Vm-Mu8oBOTbfB6ScRbUGt6vCl2mmYGVvqyZ1iNrRZJ8g89TBF3eV3NhdH9iAHH2iJ-F06ZvxCtjUYA2PZtXISxuEoTr0hIjjGGxJtvuayhO-SSmVnUQbvQCNAVX1W2WwAShiiSRt0yNtzwjXS44GH-XKavkNc1LnokHgy-VaL7sneXEYDxqAq-CfsBRrFet-ghssxVJYR1KaehptxPRBr-lpoq-inbsPyKvMk15fsfvKR1G5fRGogn5Q3fV_3kJgsUobwIj723xLRNUl0PvyOeBKTWoL7m-t3luDR-7_pWCat8HG9odeRoJP03fhIrVS5T2hsxAQx_uRPfl5i1ApQ2eaqvqAqcRidWJ8Jb2hcGGd2am7_ksugFqR0A14IaYeJJocuhAfYeB7dbq4Zbnu-mVB-5zAq6q9ZVYE3-cytJJBbKprm99C4nTwL7kp1-URAyTq7P-s2wBiWmfkoedhXIWR5jXL04ZU1xkodMl26MCvJ5pA2rY5BKfXFbHsCF0HueZXLMCVAW7VIj8VdfskKykBWMtR1XxHGjAUL0e0V3Qki5e6wrM9T2_sLignj2xcP2mb2kbe0NwlESYuipEiNVgA4qsPlBorlZRMw4b6-LQ5Th-ljG0fbLJFnEsu4ByghQgRwP_vLfZpKoo1QJdGYwnW&sai=AMfl-YSjeFaOFiY5HlIZGAsPrCry6OS8RwFZso1WmnjIWujhksRBtDMqdOjeP4hle7OZUdKjfbqUXMX8wkHgAV9M44-5Z3IgHpbt7EcrtfZFr-KCdXjOfpYWzBIB_huPgQxWALOyd3q8hbpYp9GShumPWR07GpMye_Fl5riza6odhWLUKa_LqubqsYUp8ySBpC347mmo8UlRSq0YG97zAa0lsFBsTjbyDAg1C6NhdoB_P81zRTIGCBEFN6ugU-ahr1WcIIJH60Q&sig=Cg0ArKJSzDIHJqYFDumqEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=831&vt=11&dtpt=390&dett=4&cstd=437&cisv=r20230227.43414&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuMgwiO_30plqYcKA6mJtA890yYLhreCmJc6mu2L-G2j6Scoy0-kFWgl0PxrMi02UPGIgL5HEufPjXXIL2BQV0pgqPDi2LFTVozD9_afG9xK3-e1nYN2dP3g90fVC8SegFwWarD7w&sai=AMfl-YSopR1BV9sxPlJRffC2voeNgPMTSZkYdiQCR1qR_jYafpuD2-QYiCO-FLYjb6_BKvB3D5D3DFRH3Y9KG8Z434MoREYGf4qMZvHRZB3WNygppfQNIV5UzjUnZwLU&sig=Cg0ArKJSzB2tmWZKWMvHEAE&cid=CAQSPADUE5ymsMAy_zhM_NGWgj_3GWnNOpgjtme8_bG0sX8UnODYH4q2jPiDsFYbH6zXwa4v_-k5sDVrIEtlXBgB&id=lidartos&mcvt=0&p=3399,970,3649,1270&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=20&adk=2490721835&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=3&r=b&rst=1677744509504&rpt=535&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Domain: ade.googlesyndication.com
URL: https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI7sSbrOW8_QIViP-7CB1nfATWEAAYACDmztVKQhMItYH3q-W8_QIVVoeDBx1lyQ8B;met=1;&timestamp=1677744510696;eid1=871060;ecn1=1;etm1=0;

Verdicts & Comments Add Verdict or Comment

370 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

108 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.kanui.com.br/	1970-01-20 10:45:36	Name: _dy_ses_load_seq Value: 24874%3A1677744506816
.kanui.com.br/	1969-12-31 23:59:59	Name: _dy_csc_ses Value: t
.kanui.com.br/	1970-01-20 10:45:36	Name: _dy_c_exps Value:
.kanui.com.br/	1970-01-20 10:02:26	Name: mbox Value: check#true#1677744567\|session#1677744506837-640033#1677746367
www.kanui.com.br/	1970-01-20 10:16:48	Name: seal_refresh Value: false
.dynamicyield.com/	1970-01-20 18:49:26	Name: DYID Value: 7066148057540221306
.dynamicyield.com/	1969-12-31 23:59:59	Name: DYSES Value: 338bbc56b3f9f0c5588d18a8ce64b17c
.kanui.com.br/	1970-01-20 10:45:36	Name: _dycnst Value: dg
.kanui.com.br/	1970-01-20 10:45:36	Name: _dyid Value: 7066148057540221306
.kanui.com.br/	1969-12-31 23:59:59	Name: _dyfs Value: 1677744507276
.kanui.com.br/	1969-12-31 23:59:59	Name: _dyjsession Value: 338bbc56b3f9f0c5588d18a8ce64b17c
.kanui.com.br/	1969-12-31 23:59:59	Name: dy_fs_page Value: www.kanui.com.br
.kanui.com.br/	1969-12-31 23:59:59	Name: _dy_lu_ses Value: 338bbc56b3f9f0c5588d18a8ce64b17c%3A1677744507276
.kanui.com.br/	1970-01-20 10:45:36	Name: _dycst Value: dk.w.c.ws.
.kanui.com.br/	1970-01-20 10:45:36	Name: _dy_geo Value: DE.EU.DE_HE.DE_HE_Frankfurt%20am%20Main
.kanui.com.br/	1970-01-20 10:45:36	Name: _dy_df_geo Value: Germany..Frankfurt%20am%20Main
.kanui.com.br/	1970-01-20 10:45:36	Name: _dy_toffset Value: -1
.kanui.com.br/	1970-01-20 10:45:36	Name: dftab-debit3ds Value: 1
www.kanui.com.br/	1970-01-20 10:12:29	Name: lgpd Value: 0
.kanui.com.br/	1970-01-20 18:48:00	Name: _dy_soct Value: 150522.212506.1677744506191271.278510.1677744507243010.364382.1677744507369588.615667.1677744507466965.845050.1677744507
.kanui.com.br/	1970-01-20 10:45:36	Name: dftab-freightversion Value: 0
.kanui.com.br/	1970-01-20 12:12:00	Name: _gcl_au Value: 1.1.358296808.1677744508
.kanui.com.br/	1970-01-20 10:45:36	Name: Zanpid Value:
.kanui.com.br/	1970-01-20 10:03:50	Name: _gid Value: GA1.3.107326882.1677744509
.kanui.com.br/	1970-01-20 10:02:24	Name: _gat_ga_kanui Value: 1
.kanui.com.br/	1970-01-20 10:03:50	Name: _uetsid Value: 6a1cb860b8d111edaf1223fa59c3c631
.kanui.com.br/	1970-01-20 19:24:00	Name: _uetvid Value: 6a1ce640b8d111ed9909e5efc848a579
.kanui.com.br/	1970-01-20 10:02:24	Name: _gat_UA-86950572-1 Value: 1
.bing.com/	1970-01-20 19:24:00	Name: MUID Value: 07DBD72BABC46A39044BC5E3AA4F6BC9
.kanui.com.br/	1970-01-20 19:38:24	Name: _ga_44NBXM9HZG Value: GS1.1.1677744508.1.0.1677744508.60.0.0
.tiktok.com/	1970-01-20 19:24:00	Name: _ttp Value: 2MRy5mUMkokbAYYvcb8J7I3IK1Q
.kanui.com.br/	1970-01-20 18:48:00	Name: _hjSessionUser_1196013 Value: eyJpZCI6IjJjYWU1MDEzLTM4MDItNWRhMi04NzcxLTQ1ZGM2YTM2NzZlMyIsImNyZWF0ZWQiOjE2Nzc3NDQ1MDg5NzEsImV4aXN0aW5nIjpmYWxzZX0=
.kanui.com.br/	1970-01-20 10:02:26	Name: _hjFirstSeen Value: 1
.kanui.com.br/	1970-01-20 10:02:24	Name: _hjIncludedInSessionSample_1196013 Value: 0
.kanui.com.br/	1970-01-20 10:02:26	Name: _hjSession_1196013 Value: eyJpZCI6ImU5YzZkMmRiLWJmZWEtNGY5My05NTZmLTljZTU1MGNhOWYwOSIsImNyZWF0ZWQiOjE2Nzc3NDQ1MDg5NzksImluU2FtcGxlIjpmYWxzZX0=
.kanui.com.br/	1970-01-20 10:02:26	Name: _hjAbsoluteSessionInProgress Value: 1
.creativecdn.com/	1970-01-20 18:48:00	Name: ts Value: 1677744508
.creativecdn.com/	1970-01-20 18:48:00	Name: u Value: pBx2Rh5v81QnQ50yKtj2
.kanui.com.br/	1970-01-20 19:38:24	Name: __utma Value: 227738178.510490145.1677744509.1677744509.1677744509.1
.kanui.com.br/	1969-12-31 23:59:59	Name: __utmc Value: 227738178
.kanui.com.br/	1970-01-20 14:25:12	Name: __utmz Value: 227738178.1677744509.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.kanui.com.br/	1970-01-20 10:02:25	Name: __utmt Value: 1
.kanui.com.br/	1970-01-20 10:02:26	Name: __utmb Value: 227738178.1.10.1677744509
.criteo.com/	1970-01-20 19:24:00	Name: uid Value: 3a69da4a-4a0d-4200-804e-ba16f9c045fe
.kanui.com.br/	1970-01-20 19:24:00	Name: _tt_enable_cookie Value: 1
.kanui.com.br/	1970-01-20 19:24:00	Name: _ttp Value: lck6Dy3UXcuQU-XLKMezMKxg_Nv
.doubleclick.net/	1970-01-20 19:24:00	Name: IDE Value: AHWqTUlfucQiYrP4mmzPmvqe_-q0QnpPBGNIL6nyzGo8-41nHju7BsJvpDQrcuElVZM
.kanui.com.br/	1970-01-20 19:24:00	Name: __gads Value: ID=e6b5782cdeb757af:T=1677744509:S=ALNI_Mbfc2lp1yvec_UwtlYkXo54sECZmg
.kanui.com.br/	1970-01-20 19:24:00	Name: __gpi Value: UID=00000bbd8f160470:T=1677744509:RT=1677744509:S=ALNI_MZSMLfbSsdHXUF7aAiPTkuzYcoLBw
.adnxs.com/	1970-01-20 12:12:00	Name: uuid2 Value: 5041752041464797059
.casalemedia.com/	1970-01-20 18:48:00	Name: CMID Value: ZABZfRnE7DVKtaD5T6KZGAAA
.casalemedia.com/	1970-01-20 12:12:00	Name: CMPS Value: 5265
.casalemedia.com/	1970-01-20 12:12:00	Name: CMPRO Value: 5265
.yahoo.com/	1970-01-20 18:48:22	Name: A3 Value: d=AQABBH1ZAGQCEKfaZH9m5mNMu5mms74wV6QFEgEBAQGqAWQKZAAAAAAA_eMAAA&S=AQAAAmvv1EI5-RZESTrHUZg0CYc
.spotxchange.com/	1970-01-20 10:42:43	Name: audience Value: 6ac8583b-b8d1-11ed-8082-14d534130106
.quantserve.com/	1970-01-20 12:12:00	Name: d Value: EAUBCQG1KIEA
.quantserve.com/	1970-01-20 19:32:38	Name: mc Value: 6400597d-ef991-1afab-5970c
.mathtag.com/	1970-01-20 19:28:19	Name: uuid Value: 2b796400-597d-4300-88f9-ace5dfe70359
.ctnsnet.com/	1970-01-20 18:48:00	Name: cid_15e406b35bc44051b6ecb489186bb3dd Value: 1
.ctnsnet.com/	1970-01-20 18:48:00	Name: gid_CAESEEsXUVsFqkGp_6krvlffYp0 Value: 1
.lijit.com/	1970-01-20 18:48:00	Name: ljt_reader Value: GPfosGZHN9Nl8nW5Rda9EyYp
.sitescout.com/	1970-01-20 18:48:00	Name: ssi Value: 4fb836aa-14c6-48ab-85be-6d920b55bc1c#1677744509995
.adform.net/	1970-01-20 10:47:02	Name: C Value: 1
.sitescout.com/	1970-01-20 10:45:36	Name: _ssuma Value: e30
.adform.net/	1970-01-20 11:28:48	Name: uid Value: 7613715740421779490
.w55c.net/	1970-01-20 19:34:05	Name: wfivefivec Value: 7XhZHbQx1PxDZk5
.de17a.com/	1970-01-20 18:40:48	Name: guid Value: 1.9082246689915100220
.360yield.com/	1970-01-20 12:12:00	Name: tuuid Value: a692a807-43e9-4434-9882-dba956ac0008
.360yield.com/	1970-01-20 12:12:00	Name: tuuid_lu Value: 1677744510
.bidswitch.net/	1970-01-20 18:48:00	Name: tuuid Value: 298e5f06-3932-43a5-b584-70c5cab0008c
.bidswitch.net/	1970-01-20 18:48:00	Name: c Value: 1677744510
.bidswitch.net/	1970-01-20 18:48:00	Name: tuuid_lu Value: 1677744510
.pubmatic.com/	1970-01-20 10:03:50	Name: KTPCACOOKIE Value: YES
.w55c.net/	1970-01-20 10:45:36	Name: matchgoogle Value: 5
.kanui.com.br/	1970-01-20 19:38:24	Name: _ga Value: GA1.3.510490145.1677744509
.kanui.com.br/	1970-01-20 10:02:24	Name: _dc_gtm_UA-24844488-1 Value: 1
.pubmatic.com/	1970-01-20 18:48:00	Name: KADUSERCOOKIE Value: B1C78224-41CF-41D1-82FD-73BA7ACF9682
.blismedia.com/	1970-01-20 18:48:04	Name: b Value: 6400597E4138B9B91FA2F8D2BLIS
.everesttech.net/	1970-01-20 18:48:00	Name: everest_g_v2 Value: g_surferid~ZABZfgAABdxyXABh
.adnxs.com/	1970-01-20 12:12:00	Name: anj Value: dTM7k!M4/QD>6NRF']wIg2In=G#!+*!A#G4.TOKKnyW<U1`VROYQM-:Hs=cc<8S<'SPQh!<r'ekYj-lFDb:-#=tXT8/X-[/6(:>la5>P9%Z_bwTNeU+/P[./T7F%kg$8rnO<ZB4w9$PmsuUOg=GrS=wUBFH9mGS=9sk@3@'s>TDhk+C
.analytics.yahoo.com/	1970-01-20 18:48:00	Name: IDSYNC Value: "18yl~2aa8:18zh~2aa8"
.360yield.com/	1970-01-20 12:12:00	Name: um Value: !38,WPbZZ0zhgDSW7Gmu9ybxQiOrjSps21taJReDheq5rti-pV92dyR.2mHsVLChnOq1PdHqtnof,1685520511
.360yield.com/	1970-01-20 12:12:00	Name: umeh Value: !38,0,1739952511,-1
exchange.mediavine.com/	1970-01-20 10:22:34	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%226ba90cb0-b8d1-11ed-a233-1b91e6fac925%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 10:22:34	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%226ba90cb0-b8d1-11ed-a233-1b91e6fac925%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 10:22:34	Name: am_tokens Value: %7B%22mv_uuid%22%3A%226ba90cb0-b8d1-11ed-a233-1b91e6fac925%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 10:22:34	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%226ba90cb0-b8d1-11ed-a233-1b91e6fac925%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 10:22:34	Name: criteo Value: %7B%22id%22%3A%22k-8kpkwVcmXfC6bn1jvdKWSs9fOv3xxUPKkG1r1Q%22%2C%22version%22%3A%22criteo%22%7D
.media.net/	1970-01-20 18:48:00	Name: visitor-id Value: 3207461110733405000V10
.media.net/	1970-01-20 10:45:36	Name: data-c-ts Value: 1677744511
.media.net/	1970-01-20 10:45:36	Name: data-c Value: k-AS-FElcmXfC6bn1jvdKWSs9fOv3LYONc7aWD-g~~3
.pubmatic.com/	1970-01-20 10:45:36	Name: KRTBCOOKIE_97 Value: 3385-uid:k-K9r4XFcmXfC6bn1jvdKWSs9fOv1gqIr-bKT-MQ&KRTB&23144-uid:k-K9r4XFcmXfC6bn1jvdKWSs9fOv1gqIr-bKT-MQ&KRTB&23286-uid:k-K9r4XFcmXfC6bn1jvdKWSs9fOv1gqIr-bKT-MQ&KRTB&23287-uid:k-K9r4XFcmXfC6bn1jvdKWSs9fOv1gqIr-bKT-MQ
.pubmatic.com/	1970-01-20 10:45:36	Name: PugT Value: 1677744511
.mathtag.com/	1970-01-20 10:45:36	Name: mt_mop Value: 4:1677744511
.simpli.fi/	1970-01-20 18:49:26	Name: suid Value: D07EFC8E7C9D4515AC7EDD71E52A1E1F
.travelaudience.com/	1970-01-20 19:34:05	Name: _tracker Value: %7B%22UUID%22%3A%2240489EBB-95E7-43E1-8F11-9DB88493CB36%22%7D
.1rx.io/	1970-01-20 18:48:00	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-fc20f249-46c5-4559-a823-125401196f30-003%22%7D
.tribalfusion.com/	1970-01-20 12:12:00	Name: ANON_ID Value: aMnsIHR3YWj7UXuRvobkmODRrwt5HZdaJtZboG2YbcV2veIl1WHdod37CX7poReZckC2NA5OSPtf5a1Y9vd7pMi5f6O
.targeting.unrulymedia.com/	1970-01-20 18:48:00	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-fc20f249-46c5-4559-a823-125401196f30-003%22%7D
.scoota.co/	1970-01-20 19:38:24	Name: tuuid Value: ee53945c-f417-4adf-b091-40a270010799
.scoota.co/	1970-01-20 19:38:24	Name: c Value: 1677744511
.scoota.co/	1970-01-20 19:38:24	Name: tuuid_lu Value: 1677744511
.turn.com/	1970-01-20 14:21:36	Name: uid Value: 3553635545386578415
.demdex.net/	1970-01-20 14:21:36	Name: demdex Value: 80367349531946043550987788793710752998
.dpm.demdex.net/	1970-01-20 14:21:36	Name: dpm Value: 80367349531946043550987788793710752998
.krxd.net/	1970-01-20 14:21:36	Name: _kuid_ Value: PaP4Fzgz
.adfarm1.adition.com/	1970-01-20 12:12:00	Name: UserID1 Value: 7205857810096715919
.kanui.com.br/	1970-01-20 19:24:00	Name: cto_bundle Value: sUS38V9idiUyQlV5YXNuclJEVCUyRkI2RDdFVGdrZ3J3THpydjRZVGxPZU5DTTJvdFh5RGFDclcxUWY1N1VQUWU2c20wY213REpuRzdZTU1RZE8zUmxkYVA1aGtRM0gwaU1JNDY1T2tpWnp6bmdDU0RXMlVmQVpiYnIlMkJBd0liZ1l6bjJwWVEzY2c3SE54RCUyQjBqd3VqUVBpTnVWbDQ2USUzRCUzRA

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.kanui.com.br/ Message: Access to XMLHttpRequest at 'https://analytics-stamp.confi.com.vc/api/v1/stamp/102462' from origin 'https://www.kanui.com.br' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://analytics-stamp.confi.com.vc/api/v1/stamp/102462 Message: Failed to load resource: net::ERR_FAILED
worker	error	URL: blob:https://www.kanui.com.br/d92d555a-e53b-4abb-ad4f-3496a4e7896b(Line 70) Message: Mixed Content: The page at 'blob:https://www.kanui.com.br/d92d555a-e53b-4abb-ad4f-3496a4e7896b' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://mfaedmjlefifhnhpgipjjiiekchaimpk/images/search-clear.svg'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://www.kanui.com.br/d92d555a-e53b-4abb-ad4f-3496a4e7896b(Line 70) Message: Mixed Content: The page at 'blob:https://www.kanui.com.br/d92d555a-e53b-4abb-ad4f-3496a4e7896b' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://iblgdcjagdifpikcobibfpkddkphllmc/content/styles.css'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://www.kanui.com.br/d92d555a-e53b-4abb-ad4f-3496a4e7896b(Line 70) Message: Mixed Content: The page at 'blob:https://www.kanui.com.br/d92d555a-e53b-4abb-ad4f-3496a4e7896b' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eoolfmmapnkhandljfaaofncecfakljd/static/16x16-active.png'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://www.kanui.com.br/d92d555a-e53b-4abb-ad4f-3496a4e7896b(Line 70) Message: Mixed Content: The page at 'blob:https://www.kanui.com.br/d92d555a-e53b-4abb-ad4f-3496a4e7896b' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://jpdapbcmfllbpojmkefcikllfeoahglb/logo.png'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://www.kanui.com.br/d92d555a-e53b-4abb-ad4f-3496a4e7896b(Line 70) Message: Mixed Content: The page at 'blob:https://www.kanui.com.br/d92d555a-e53b-4abb-ad4f-3496a4e7896b' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://idpbkophnbfijcnlffdmmppgnncgappc/img/rakuten/icon-32.png'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://www.kanui.com.br/d92d555a-e53b-4abb-ad4f-3496a4e7896b(Line 70) Message: Mixed Content: The page at 'blob:https://www.kanui.com.br/d92d555a-e53b-4abb-ad4f-3496a4e7896b' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://gidejehfgombmkfflghejpncblgfkagj/app.css'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://www.kanui.com.br/d92d555a-e53b-4abb-ad4f-3496a4e7896b(Line 70) Message: Mixed Content: The page at 'blob:https://www.kanui.com.br/d92d555a-e53b-4abb-ad4f-3496a4e7896b' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://kegphgaihkjoophpabchkmpaknehfamb/sitescripts/sitescript.js'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://www.kanui.com.br/d92d555a-e53b-4abb-ad4f-3496a4e7896b(Line 70) Message: Mixed Content: The page at 'blob:https://www.kanui.com.br/d92d555a-e53b-4abb-ad4f-3496a4e7896b' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://logldmlncddmdfcjaaljjjkajcnacigc/toast_icon.png'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://www.kanui.com.br/d92d555a-e53b-4abb-ad4f-3496a4e7896b(Line 70) Message: Mixed Content: The page at 'blob:https://www.kanui.com.br/d92d555a-e53b-4abb-ad4f-3496a4e7896b' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://kidmffepbniamfbibhfgdakkggchipjl/images/sas-logo-mono2.png'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://www.kanui.com.br/d92d555a-e53b-4abb-ad4f-3496a4e7896b(Line 70) Message: Mixed Content: The page at 'blob:https://www.kanui.com.br/d92d555a-e53b-4abb-ad4f-3496a4e7896b' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://bmnlcjabgnpnenekpadlanbbkooimhnj/proxies/requestProxies.js'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

01f33b5ff81015b589775a29fbc5ef42.safeframe.googlesyndication.com
a.tribalfusion.com
a.twiago.com
ad.360yield.com
ad.turn.com
ad.yieldlab.net
ade.googlesyndication.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
analytics-stamp.confi.com.vc
analytics.tiktok.com
ap.lijit.com
ascpqnj-oam.global.ssl.fastly.net
async-px.dynamicyield.com
bat.bing.com
beacon.krxd.net
bidder.criteo.com
c1.adform.net
cdn.480app.com
cdn.confi.com.vc
cdn.dynamicyield.com
cdn.privacytools.com.br
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
colrep.sitelabweb.com
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
d34e3zwe3zzpan.cloudfront.net
d5p.de17a.com
dafitistatic.dafiti.com.br
dclk-match.dotomi.com
dis.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eum-orange-saas.instana.io
eum.instana.io
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
image6.pubmatic.com
kanui.com.br
kibana-mkt.dafiti.com.br
match.360yield.com
match.adsrvr.org
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pm.w55c.net
pond.datajet.io
pr-bh.ybp.yahoo.com
r.casalemedia.com
r.scoota.co
r.turn.com
region1.analytics.google.com
rtb-csync.smartadserver.com
rtb.openx.net
s.ad.smaato.net
s.thebrighttag.com
s.tribalfusion.com
s0.2mdn.net
script.hotjar.com
secure.adnxs.com
securepubads.g.doubleclick.net
selo.compreconfie.com.br
session.sitelabweb.com
simage2.pubmatic.com
ssc-cms.33across.com
ssl.google-analytics.com
sslwidget.criteo.com
ssum-sec.casalemedia.com
st.dynamicyield.com
static.criteo.net
static.dafiti.com.br
static.hotjar.com
static.kanui.com.br
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.outbrain.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.creativecdn.com
vc.hotjar.io
visitor.omnitagjs.com
widget.us.criteo.com
wkxppshj-qx.global.ssl.fastly.net
www.dwin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.kanui.com.br
x.bidswitch.net
ade.googlesyndication.com
analytics-stamp.confi.com.vc
googleads4.g.doubleclick.net
pagead2.googlesyndication.com
s.tribalfusion.com
s0.2mdn.net
104.18.25.185
104.96.129.75
13.224.189.42
13.225.78.105
13.225.78.14
13.32.110.64
141.226.228.48
142.250.180.194
142.251.39.2
151.101.129.194
151.101.194.217
151.101.2.49
151.101.65.194
178.250.0.157
178.250.0.163
178.250.1.9
18.193.152.7
18.65.40.10
185.184.10.30
185.255.84.153
185.29.134.244
185.64.190.78
185.64.190.80
185.76.11.52
185.80.39.216
185.86.139.93
185.94.180.126
2.23.97.97
20.13.96.71
20.206.128.53
2001:4860:4802:32::36
212.102.54.14
213.155.156.184
213.19.147.44
216.52.2.86
23.203.125.36
2600:1f18:612b:4280:cba:636a:40f6:2f6
2600:9000:2050:a600:a:b89d:a6c0:93a1
2600:9000:211a:8400:1b:5138:8a40:93a1
2600:9000:21f3:1a00:15:ad21:c740:93a1
2600:9000:21f3:5800:f:8ce2:fb80:93a1
2606:4700:20::681a:b5b
2606:4700::6810:cc16
2606:4700::6812:19ad
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:4f:1::44
2620:1ec:c11::200
2a00:1450:400d:803::2002
2a00:1450:400d:803::200e
2a00:1450:400d:807::2002
2a00:1450:400d:807::2006
2a00:1450:400d:808::2004
2a00:1450:400d:80a::2001
2a00:1450:400d:80a::2003
2a00:1450:400d:80a::2008
2a00:1450:400d:80c::2002
2a00:1450:400d:80d::200a
2a00:1450:400d:80e::2001
2a00:1450:400d:80e::2002
2a00:1450:400d:80e::2008
2a00:1450:4025:402::9b
2a02:2638:3::3
2a02:2638:3::c
2a02:2638::24
2a02:fa8:8806:20::2040
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:d29:3605:cbf7:2d7b:a2a1:22ee
3.122.75.125
3.122.81.162
3.14.121.110
3.75.62.37
34.117.157.22
34.120.4.21
34.242.33.143
34.246.68.114
34.255.170.214
34.96.105.8
35.157.135.232
35.157.53.153
35.186.193.173
35.186.253.211
35.190.0.66
35.204.158.49
35.244.159.8
35.71.131.137
37.157.2.234
37.157.5.142
37.252.171.149
37.252.173.215
44.199.3.212
46.228.164.11
51.89.9.253
52.0.154.209
52.209.246.127
52.209.30.249
52.58.222.68
54.77.141.150
67.202.105.21
69.173.144.138
74.119.119.150
76.223.111.18
85.114.159.93
85.215.5.31
92.123.38.97
98.98.134.241
027658e1822c7365a4a373756661a814c2a40226aa524c970087852890200020
03182da888f9caa3000a98799a29f652403e401b1e5385d7a616d0d96f9561d5
0381b72a136f013fcc946287a803f69926971505c77c94ffbd1a91cb54353a42
0406d6e3ef0f60e431f4db58c16f55208feb392491c084f7674f119104fa290d
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06a1e588118bd582160e9616f004650fb7e290847427dc0b48961996d92d1bcb
07633ec2e227d5847138980c35c177458b1118d7701cac7e7cb6151e2df2e0d3
091eeae74901d7a8bc042ab3a6e4135a361598581c1a92315784057dce90b3a6
0957a5f33d0d003416b56df67bec374ce7e043f2d9a4b43094006e16d1ed2aa9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d1011ed38488c5f0a9b8c921a6448218d4ae328a2d4b3a8db4af44eb9521358
0de86bfde00c8ca236e7176af921bdbc8db377e1a3ae56d8466a3e5a48d69542
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990
11ce26e765d589e5cda02781e1a5984398b420d0499b5ab4a551d33327c339bb
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
138e68b3dad0b5d43a778381befd300d1da61690175dc26f6ae4d50383d97bbf
141725991fd548609dc13233286c4bd66b4d15871966379929567f2e64ef0fcc
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
16ec076d7ee6db7c6ea49ec4b1f3e964c0fd0333a7d28cd330896422a6a1351e
184b30d1518c6bb7cabedaefe2922ecc99ca0aac477af10e4da550e145850945
194bff381ec3d81f6f66034f0ff9eeee31361b982ce0d050bc5d62372cf449cc
19540b1f104f27709a4566be68a8a2f231c22a1be2c32cadeaf0c34726f03045
1a473ea128fcbd96490e88e32a0cc150bcc5d116e026ebd9cb243e93cedb4e37
1a55fa64fdace75513520ac7ff9a0fcb193805ba870692498b4e9cea3bd24821
1af4b0c0e13785b45fba4c149b03f3b68c0a3a93714f73b0d13fe61e718104f9
1c36b6b0b823bcc30af2e567196f94ac5e981d3c429e9cc7377b701abedb286e
1c45dbdb7b09412d6e8d0a108245bf284d53a80fe178119869ca65654c0621a1
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d03fc00c09f917899e6c13953c91f1605e12ec308c5bdfa9df65b085e32b879
1f60030e5c7232161f76d372cd4220166d1a7bcec41ffb61782ebb515833f131
1f618aeae3ef8800f20ca9e7b2313104b64c81e24aad04f306665e66555f6b09
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
2211ff2fd5a69d2f222920ca8d1c6a14041806fdace4d702ab79c1d1e2428d91
22ec56df25744866a27efb0d3a95c71bec34cd151f986376a9f2e10f498760c9
249cfda2569911bfbf5a352e5bfeb9cc5fe78946863bf3e6c5a4934776a26b31
25da12fc31fc9fa0ff52291ab2922f620fda69977a55e1521f48f1b92990b4f9
28bad771223c4b2396e9a114d7202e3d33380242ba75368b9dee471b5549a112
29d04049dd0b9f96f193260137c10d105a0e8dfc76d42b5126ac2f6e8ff87bef
29eb18e4d01a9572f259847e4028769fadd2eb1bc0f4f3827a37e18ec60c878c
2a3f84875353e59da6e4efb3b38bddb9d4e5d54dc0e8d10e4f872abb89d13e5b
2a93e30b924d9f441fb9cf629a06b37796dc4769854b77d0c8a12e04978162de
2d45b8ed29cae3ae0eac7811d5637719bd3e4dbaa36e29ba9f5901d59c2b239d
2decfcea631dc6e5a39e44aa0bf4be206b10870490d78d75996c896b5a6825df
2f9cf38b325a6ab648141068fea1e9533cdeb1f7773b1ad13fbb2b92d25e1526
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
317d808c8d92f3485f748223ac58434addf9fca51c5e46a7c8960dedec53e96d
3181a86ed109de11d63b424a00ffa2272c5a8d88147e43e7038f6dd325be0c5e
318c21a89841cc0dfbf54b2e35099729891f33531802683cb00b44c4eca3c8a2
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
337574d8c79eaf4393e3c01f40c95865ecdfdd387b9d06e09783a77d20650e3d
34213292a4712c8f99b268cd03d6a1e8624a62e58ade88fd5edb560cf13f1de9
3435b89855d83510f5b3dcc3d0bfe4d8b7848a76c218d939fa4cbcc43d004f02
344d52234fdfd14efd6d3a3b433daa8f548ab20d8adc561eac0d4e4a8db086d8
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
360f7707ffa97c30d46cf1b7ac868405ef0082cee8188eedc9868ca7e6c9edad
370f748e48e2a50a14e44f17fc0950f082b338a1fe186c18fd62336201963ff6
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
38299603ce44a55c924225e7c33259514bfb7f3197cdc94d69cf8ae7973f450f
39f78d52618f6b636b5502d662d4485521e4ca148d5dd3b659e481f9749a325c
3aa12d2d3f125294a2bb3ef90ef5cc4d99e2e26f2b05f1fd44eba25fe1674823
3acb0aed241bf33a59d203919cdf44c343c7b3e383fad0809f5581e6981778e7
3b267a7c2fba5cdeb5f060f693ebda234ad29aeccc3e523605727b6981e8ce64
42972e6187b97f00dca7551ab8d5b9e6a500960125174592940ac023720b3426
429fe77b9e8bfbff344236e65603c9eadf8201cc37a602b9e67d6f905541c6b8
456b197900bf184cf841cc79ec46f03dcdc948a16eb877c2b1ae2fac44e8899b
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
470e846b069b5b7942f7f066f11c0f4998677f8da02788f019997347118acdc8
47a278025cea905349e975bf082b6d027e22a536a4b3d370afeb04d8fc5b2ca4
4873e89721ee7fc0df35a1886dd9464fed179aff9ee147be8f1ee567b225e25f
4884014257f03c641d632a3c9dcd683b5a07f590b27c4ea97c108a922b48ec9c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
491826940e7f69544d4ad7d9692f7a3ad70bed2796ca7efed26316fea6ed73d1
4974622fff31e0fe9dcc6c31c33e3f74dfb665d2678bd876ab807506e3bab60c
49d7201c3b4337a86357646a2db5cfcddcf79fa5a638f24b172821e560b9fb4c
4b4ce6a39401cd0174fb02fbdcd32facaf216c718fb163956fe904f200f296f9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4caec19fb48c8b123d8f1dd3443f2bd70863adf6408db3ea83b1ee46df65c454
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51dad4fedd9849d7aa5caf7fa39c918d32659f73fb52c0e6d9386e7820f74197
51edc6ff383d4aeac24084eebdcbddae44b3f85f77992c0591bdb1366a8c180d
524c55c8d2300cce448d346b995650dc7fcd703ab0c3734c057147b5c69d3773
536c1a2ba46652b76b340e48eb1a5bc6fc30fd362e7b47b44025820fad67c4d9
544cb2e368882bf4e1341a43477f13142aec71f89b6bf64ad3ce0b613c113b91
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
549f9de3c5a955391f4987c6ffbe3adec7b4874ff054a1068285d50613bfaba4
555cb911a280dae2e7ab778b5403e27a81533f7b53cfac255d67e175a96c6e86
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56a7e557715091a4a0429c162ea64459b1bd92f7ad7f6a9ba7a3d202788afbcf
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
58cbefaf0f461dc0670eaff4da9f2a2e4f1000e1dfebec0ba390f9859b7792f6
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a97bffa1ac99b422cb47985d177bae57d5e4d57caf0e209d0fa4415e17602f8
5c1d9e173f6c357d72a617dca08e5ec8fbf78c2e7bfc5eba8821568ebee85af2
5cbf277634a9ce552a315b709351783474d7fc4414878e93ddb94e4c59b73412
5cfe66ee024c0c4640ab3f01e85b885bf78a44e65ac037af6c5d1d1d5c15907e
5ec54b50a7dff777e752d15302e63c2dc3de6faf9eade95b20794f25d1aac478
5efb60430b5eff8addca6f52bfee090e9a318381e834b6401021b70838f05059
5fd323d8762bfe107930a69fab5d99df2b9eb7fcf1e266bfc801113a0d4d9620
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61eb4bd63b7ad05757982fcfd7badeeb3d592fa56e6999698e9f65b7ffeadf38
63f144c4faf434bfe66e01058d20974e19961adab4808beaaf9735871e930d4e
64efa1cac10befe798efe207f80c6fb2ef281ab05f7092b8e18637442846aa02
65ecaacea233cbd58cd42e885e80df77cbc92fc6cfd6e85f1d0e9d2852e1e7ed
697d597df5ca9a0ceff77072433a2ec5a934720509605f5fecd52b3f39ac7ff2
6c615f263afbf4834a3dbd15d78c3d53eb712cfa513ada4aae983739a71e76cf
6c902c245ddca0826e20d37ff8a07f1ce2b30477fadefee3da8b285cfe1ca31e
6cbefdd512e671e776fa034a3aee5e047e74b1f15e966b51486c8f76aed124b5
6d8f2a3d75984a2bef4ebe162c8e2db27f7fbd065c2b73f474440e409f5f6bb0
6fb8e3c15d67f697e16526eb90f609199af1ffcbae3e10f932b06223d1570ef4
73298c5946d1119054eab2d334cc97c4ecf0e77c5a2387b7249351e101fcbe37
74df85b4472f8037e7e4ea143f1443d8eca40a01591e698d900bf6b8a18b85c8
7551480907a2cf13b43a57267750cf88b619d7161f4678de3b6a8fbf0489e5a2
75ca3a72714106fdf040a115ac9e32c64a1a456e5c23a0d24e55bb748403292f
79120538c0743a2c284a4b97e91f7783f4c62303bdae3347a17a46ef1491ad1d
79630aa66a2fd742af143103e8114c9ea35d4308fd3523bd101a89d8b908923a
7a5b82771f46d2e3ec4320e55319f8c1d88219d2dbc5e643bee96f0c82592f89
7b0254fd8f86e2ca0c495ad707da3cf3003df8bd6be01c70a5afbc68f8234b80
7c3e404f048288e67b6048f88e121f4c5f3927377058000a01e057b1ff218839
7d7690bb92a5a174e21159de1e86c5b155e5fe9e418077a0a553a34856ec19e3
7d88a665187f06439b6438701ee783485b564d1265fb60ceef89e92c0682d876
7da80713891021cc2787c767bc376d8029ed7087fb9c2b70acb4faea5dbd9dde
7de00920bb0b147111be6d35c3d9f3d5cb63fbd4dc81c94f333607797ee7c48f
8121a35a4a3f74f2c76f84c38b8151f2505d451df55e1a0e7590534445741c55
821c39db06af69044aef60e3def81045e8a9f364ef2151db6d06e47f49fea380
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83453ff48c3dd90b8bd512de1413c133bb8e8174e36e2fdd945c4eaded8edfb6
83f9f6450a9f79a3c5fa90cc2fdbb1c745958d47cf8dc2def841f52efffc3751
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
87b6afca5e2d6da865253e4fdc93b97a2bf922ded9793443e5f3fd83d364d894
88a403e8dd61340c5d32379b7569a4c38e3253fc3739a8f30478699af486ff6e
8926dd42d0097bfd782a16d20a63c5868578949eba73a6d6a0bd515421d9b55d
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c1eb37479aeddf24f24c9f7d4cbfed1fe743837026d80cf2b7fb39da59abd9d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e51a8fc0c08575b402259c852cc7aa58cd5f743319322010facf862d98f5b58
908d3d9814bd9773ba374617281297c3e74d15fde0a189013e45b23cce49ad33
9289a2f488a316419058b1b7e635ffac86eadb2a780c6845dc910dc85ed4b132
9586724a8919b155316b62e47f38a6b58205d06648560034004209e2d238555d
95e80901adda93269fa97276326096f8e3537aa30d4684411dc79f4c48ff2189
9634e8d62507de8ffd2a253deca5f7bc48a274c3a7a62b5a4f85bcb8b089b32c
963682b6480c487be0f00e54a32989eddc38611839c1ba052d541d8f9d5532f1
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
96f452c979bde4478c26318d9bfaafaa28f3bd8fa295918901bf4ba6dd96933c
970e322932327436b9fbbba9bf325d576d04448a1d722b8ebb55c0cd747e18a0
974af4d36f26a2ebee2dd0d43165f5943340dd5e6d064c8627342b733abe1e0a
97d67f8c2575e19d30ae28a32bad7610849e0e56c81ca66e51178124a5c5eed2
985e58230b45baac2febe13ac675118309e93e1686f5ce83634e5353b2f6c75b
990708a370fc7f0173e951516c5ec91ce9d2e3ff35c2471e40bb3ba4ee43bc9f
992bd3ee0d5870e5bc0e068fd99d9807f1ae09f3b5a9499bbecc754811943247
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1e5b0dd9cd90fe3ef3e24aea202819ee74693d62c00bac8e3fb7c837d8adbfe
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
a21604056f2bc5a91168f26342ac42159b10d692d6332cb77e50de32f5680b9f
a3e3c127819cdeebf9f6643a051410e2bbb6e0b06a54db535205eec983de6c1d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5357c6b96f3aaf49fc84cafb47ba6f1202f755973399303b31ba9389a2aee00
a6563f1b77608e27cb823aeea1c95a4db298557918d9ed6e8e9db5160d8aabdd
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
a7993d2d8d1e84feef5eaa4d8c9dcbc44367875122baa1b6760d9150711f4577
a7cb9172cd1701ee38c8e9867eb130d38722972fd0a9466292a5a029d50cd907
a82335d7783e8ea5058196faae104f17e04800d5590d7e3f41265ada2ab83b09
a9c5e748ccf72f5ed630e6e11eef4cb90aa6897e7116cfa2f45d3573dc47480d
ab174b9b6829f343ba6e67dfab7541cdc0c5d34952a02f7ea12ec7f237845127
abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316
ac07b21b9c8016dd564bf9de88d4b0f401ac0c90b586c59b6af3f62d8cd80c2b
acff40324ef40543d8d84a31217c27188b8a3f1cee1dff3cb1b3fd8a6073cd65
ae3a0957fc5669d282e41e4d6107d528898f07b480ec550cb34ba6797a384b8d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aefdb07258782fc3aa84dc518ab2052e5b1dad3405867fb1f9d65f816b03c12a
af7c563112880ec7ebde4e8d9700a759699a1bdf84023783ec4ed81e59d87e33
b017507ce5af638a1b556b46a591b1c34ccb428522ec526da5666c8b51406166
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b52baea12d32e2e512df377c2bb4ef3ca1b633e7d5abed226dfaebb8450f8d53
b56c08d481289e5d7be0718cd15edb295b71473c1d950bc278fd016cf9dc7f63
b5c105c2b621413cb431064c0f40cf9f985e84dd293da14d93d2f102703dbf40
b612c829e284a05a3c1ad7c038a0256a8bb1b51ad5c755ec464db9d297d0231f
b6f6f1f19282945a59320cf20bbb8259da8652450b134f7d1c79969a4ca252dd
b7733207cffdf30a54d5243350f4d55e696721a83a3022df349ce7ee17cbd3c2
b9b90f5b0ab7d55d88ecc7fab5b8ac2a37ef20857cfae21327104667857bd525
b9eca60bfa621ca629f50e003001da5eccfa5172751bfa1360f26ad345dc0cfd
bac18217eff428a695ca1b18b1a989a6ed411b354f773c11949ca58b820c6057
bae8601a65f20808c0c7439df7f17d89c3f92fa625fd0b38232f0a581a0ecaec
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc348fdf3d6e98dfb1b06c53951baba12ccb2041a63a044d166ce5e4a4e61f06
bcc1afc53529416fc5780618306f4e39ed3f38af3ea776aa4282a91878062b73
bd405d3bb8370979f861ced2c97a6d823710a62c3ba8b615366777d1f9cae157
bdde167af79d5c3b96f167a19918eaebf846f16d287c44edc2b9df7d1690609f
be5de26b4c662c492dc47273afe90d3c778ec25998dd2a3a6f7f291c26ca5803
c0bdc4694a5f3bdd17a15d5dfc5375fe32ca435f5d81cff6c3bda066e18ebb2f
c1ceb0ef6a7b11e3a5b95f55e4149d85084d00a5d5d6b64123d9227336478790
c292f61f54af368905af4b9d7b54338fb2da302c15f596c694fa68b210f2daaf
c385ee06f92348f31c3e8427f9d973ca59bb531d0584ebd0239a74191b0b1e2f
c435e5f9bace6c1aa72b0a590b0a795c1abb4cf4ef11efd4c18fd4b76376800f
c4430b97b55b8103f278e137eda1a2acae554981e0baa81c8cf45313ca4865f0
c4e3a6660841a2aaefca4bc6bd707c3a83291d96e44afabc7a51a875be30e1f0
c577735e9622a8b742dac8dc5152f9db28af301e63d23dc82c2e19336d9a9b27
c6265a847e8ef645ae49eefb6efdd0659672dd17c55167c74bb067750daa399f
c6fc12970d7832adef2d4c1d569d84c66496046048ab7b916b143d23ccdb1117
c8015792fdcae6f89230c479fd95e5998bf815c6d882c64fa6a7cecdb3c724d6
c821ac5b54d6356aa81644902d5fad10603c9a415679c081d7760dde7f7bdbd4
c8e48ea465007a8f3473fecfbcfe2e31e0d807e98f8ab65f8b0e655779ae2b72
c8eab4253dfcb0a960d80bd71d5e2849a0cd77139cdf8a05412c55c3e7da0cd4
c94ac252c2a3319406032032154badff85d43db816667ea65f7c97d951a33cb7
c9d7795c4b2e5d92fe1ab5ba475728ede6a5adb840f829f3f56a753b58084163
cc5803ab4343f70b4b4993aa04e32e5bddab6f1191a2daa8f2e88c1b55e42167
ce3a57d6a9a3e5993d28efaf5fb03738b912fdfb6c7ed7a5df56bcd63e37cec2
ce6141070b094e2b86bc5576dc4b7e91ad38476dbfa30f3c8bc6871234f15c16
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1fc3d86200fd1777715fb6f15f32bfc075284dcd9c2b1e9a2cf3cb011990df4
d1ff0de8bc0eef53396c02f1c428f62b25f05306692a9eed14a09e02a77af0ea
d473d1cb26421c33200e6a1e036a17e738f4ca3dce4f404b708e9f8ab4f75c82
d539a287e1880ad8031510d4e96baecb9222de505f0d11f01c85855bba99658f
d5f1eb4ae0338391d6751512bceb10890f9d885c8f8f8f377fa3c6ef083df61f
d7971b9f10a7f8a94f87b5820ee0421e39ad41c8ad90c64fbdc7cf7b5431d8f1
d7aa5ee5fc5e760558483ae97feffb192e6eaf5f7d58cd8cb65699188b1baaa9
db48d78d653ab790be2ecec5f5370bb3330f156dcede55baa6e662df7ae35654
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
dc2bbcece24a41494bd7d15dbe450e37f167abcbb30c063772d1972bef448329
dd1dc322205ce57a20378375dbbc27015282ee5c3d12c42bf06dcc7e9a26c16a
e00317ad1b0f6f184b95faadcc899fa8852eb78644c456f5b3a4624700070480
e1034c5bd7ff5e68ae9e5746f3c2022b3bd3571cfdb3ba1a6304e8fd5f6eb1f5
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d047e7e7b02c62e3caeecb369a8d227fded92617b4742a2db890838041d34f
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5ed7c1a00eb17cf75dfb9fad7fcdbc3ae0834257b2a8b2ab1396650d0831aef
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e920df2d72369d6d348a9216cde2ba6fd1c9fe0e3d93faa55e1b3acde4addaaa
ec8c388d2bb913de2bb156a81d8420811e6c0ece26a6e4ad52ce7a60fb738f2a
ecbfd8af4ffefb5858aca70106068396e0ae614c372921550e70ff02bddfebca
ecc3da4087e1ff05f5492df1dee43224adce7750e28d3b212c1764a63559cd7f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9f72dd5a5212e7ecd228e4ae27bfad77fa8e6b162817fad97db8a7acb2d842
f088c64037818e781f6357d237de7dfb8b1800b2d27a222b79e08aff9b6c96ec
f099d9829912fe9b0af297ea3db2e61eb0a978e913ca6027da037a5f2be1da98
f16a6a31973f964f825aff8f1cfdf69310eff4d2649d5e41d47dad744d06a7f1
f328071d6119835e6025e48e22203eed87b54067813981831f5e469bb523c780
f5257c898a6c432fcd5db3d3eb15b8a9bf34680ab718caf491842311ccc1b827
f575632892d61be95912442a17eef76b765dc85b9e300618645bb8afdad91cd9
f8ef4854044d58ebc308959b05c9602c5c840aa820110ba5b679a766b2f9028f
fd83afd7d6dca40a1d4f9b0e0a5b33a93f099f7f41e7a6c0d489abe83870adf1
fed6b43a86af8a09064c7c480ce24cbe8b0d95421dda200f2e39bf09a5fec725
ff0c083a624d58fde02443e7587d9fa86bb0b192bba55065d4d4cfdf595988fe

www.kanui.com.br Open in urlscan Pro 185.76.11.52 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

618 Requests

86 %HTTPS

31 %IPv6

81 Domains

119 Subdomains

89 IPs

16 Countries

7147 kBTransfer

16090 kBSize

108 Cookies

21 Outgoing links

Page URL History

Redirected requests

618 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.kanui.com.br Open in urlscan Pro
185.76.11.52 Public Scan

Screenshot
Live screenshot

Full Image

618
Requests

86 %
HTTPS

31 %
IPv6

81
Domains

119
Subdomains

89
IPs

16
Countries

7147 kB
Transfer

16090 kB
Size

108
Cookies

618 HTTP transactions
10 data transactions