www.bandab.com.br Open in urlscan Pro
2606:4700:20::681a:130 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.bandab.com.br/
Effective URL:
https://www.bandab.com.br/
Submission: On June 17 via manual (June 17th 2023, 2:13:56 am UTC) from BR — Scanned from DE

Summary HTTP 367 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 81 IPs in 11 countries across 67 domains to perform 367 HTTP transactions. The main IP is 2606:4700:20::681a:130, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.bandab.com.br. The Cisco Umbrella rank of the primary domain is 653515.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 12th 2023. Valid for: a year.

This is the only time www.bandab.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::681a:30	13335 (CLOUDFLAR...) (CLOUDFLARENET)
71	2606:4700:20:... 2606:4700:20::681a:130	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
14	2606:4700::68... 2606:4700::6810:cf3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:4700:20:... 2606:4700:20::681a:e79	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
8	2606:4700::68... 2606:4700::6812:170e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0a::9d	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1 3	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2606:4700::68... 2606:4700::6812:d63b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10 26	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	95.101.148.198 95.101.148.198	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6814:e280	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
4 15	185.89.211.132 185.89.211.132	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	185.86.139.116 185.86.139.116	201081 (SMARTADSE...) (SMARTADSERVER)
2	147.75.84.158 147.75.84.158	54825 (PACKET) (PACKET)
4	162.55.101.208 162.55.101.208	24940 (HETZNER-AS) (HETZNER-AS)
3	34.149.50.64 34.149.50.64	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
2 3	52.213.96.27 52.213.96.27	16509 (AMAZON-02) (AMAZON-02)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.194.103.231 18.194.103.231	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	185.184.10.30 185.184.10.30	203690 (RTB-HOUSE...) (RTB-HOUSE-ASH)
2	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
33	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
6 10	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
23	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
2 2	3.127.111.154 3.127.111.154	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	18.184.126.130 18.184.126.130	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5 6	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 3	185.86.138.155 185.86.138.155	201081 (SMARTADSE...) (SMARTADSERVER)
4	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	134.122.57.34 134.122.57.34	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a05:d018:d29... 2a05:d018:d29:3601:77de:ca3a:987:60cd	16509 (AMAZON-02) (AMAZON-02)
2 3	216.52.2.6 216.52.2.6	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 6	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
4	23.201.255.110 23.201.255.110	16625 (AKAMAI-AS) (AKAMAI-AS)
7	172.67.10.198 172.67.10.198	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	168.119.72.236 168.119.72.236	24940 (HETZNER-AS) (HETZNER-AS)
4 4	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
2 3	67.220.224.144 67.220.224.144	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4 4	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1 1	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
2 2	96.46.183.20 96.46.183.20	7979 (SERVERS-COM) (SERVERS-COM)
2	8.2.110.114 8.2.110.114	46636 (NATCOWEB) (NATCOWEB)
1	37.157.5.132 37.157.5.132	198622 (ADFORM) (ADFORM)
1 1	95.101.54.234 95.101.54.234	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	35.156.175.114 35.156.175.114	16509 (AMAZON-02) (AMAZON-02)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
6	104.18.133.145 104.18.133.145	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
3	35.201.123.184 35.201.123.184	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.32.99.105 13.32.99.105	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223c:b200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	34.102.185.99 34.102.185.99	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	95.101.148.20 95.101.148.20	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2 2	35.186.194.101 35.186.194.101	15169 (GOOGLE) (GOOGLE)
2 2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1 1	99.80.64.147 99.80.64.147	16509 (AMAZON-02) (AMAZON-02)
1	72.246.169.24 72.246.169.24	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a04:4e42:400... 2a04:4e42:400::300	54113 (FASTLY) (FASTLY)
1	3.251.27.65 3.251.27.65	16509 (AMAZON-02) (AMAZON-02)
2 2	52.18.203.230 52.18.203.230	16509 (AMAZON-02) (AMAZON-02)
1 1	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	185.86.138.153 185.86.138.153	201081 (SMARTADSE...) (SMARTADSERVER)
367	81

1 2606:4700:20::681a:30 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.bandab.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

71 2606:4700:20::681a:130 (United States)

ASN13335 (CLOUDFLARENET, US)

www.bandab.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6810:cf3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync2.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:e79 (United States)

ASN13335 (CLOUDFLARENET, US)

tags.premiumads.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:170e (United States)

ASN13335 (CLOUDFLARENET, US)

tags.denakop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 142.250.186.34 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.148.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-198.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:e280 (United States)

ASN13335 (CLOUDFLARENET, US)

id.navegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 185.89.211.132 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.86.139.116 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.55.101.208 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.208.101.55.162.clients.your-server.de

shb.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.149.50.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.50.149.34.bc.googleusercontent.com

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.213.96.27 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-96-27.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.103.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-103-231.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net

prebid-us.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

cpm.denakop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.80.39.216 (Canada) 6 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.111.154 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-111-154.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.126.130 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-126-130.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.173.144.139 (Frankfurt am Main, Germany) 5 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.138.155 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.122.57.34 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:77de:ca3a:987:60cd (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.52.2.6 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.67.10.198 (United States)

ASN13335 (CLOUDFLARENET, US)

csync.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 168.119.72.236 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.236.72.119.168.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.155.104 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.220.224.144 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.228.174.117 (United Kingdom) 4 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.46.183.20 (United States) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.2.110.114 (United States)

ASN46636 (NATCOWEB, US)

us.ck-ie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.132 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.54.234 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-234.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.175.114 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-175-114.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.133.145 (None, )

ASN13335 (CLOUDFLARENET, US)

t.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com

tags.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-105.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:b200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com

b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tt-12765-5.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.194.101 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 101.194.186.35.bc.googleusercontent.com

ad.sxp.smartclip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.64.147 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-64-147.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.246.169.24 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.251.27.65 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-251-27-65.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.18.203.230 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-203-230.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.153 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.153 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
72	bandab.com.br 1 redirects www.bandab.com.br — Cisco Umbrella Rank: 653515	1 MB
50	googlesyndication.com b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 133 tpc.googlesyndication.com — Cisco Umbrella Rank: 155 ade.googlesyndication.com — Cisco Umbrella Rank: 321	279 KB
42	doubleclick.net 10 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219 stats.g.doubleclick.net — Cisco Umbrella Rank: 124 cm.g.doubleclick.net — Cisco Umbrella Rank: 244 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 static.doubleclick.net — Cisco Umbrella Rank: 349 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 359	276 KB
23	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 338	665 KB
19	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 249 acdn.adnxs.com — Cisco Umbrella Rank: 611 secure.adnxs.com — Cisco Umbrella Rank: 476	67 KB
17	rubiconproject.com 9 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 543 pixel.rubiconproject.com — Cisco Umbrella Rank: 381 eus.rubiconproject.com — Cisco Umbrella Rank: 639 token.rubiconproject.com — Cisco Umbrella Rank: 656	28 KB
14	navdmp.com tag.navdmp.com — Cisco Umbrella Rank: 30435 usr.navdmp.com — Cisco Umbrella Rank: 37976 cdn.navdmp.com — Cisco Umbrella Rank: 7568 sync2.navdmp.com — Cisco Umbrella Rank: 62405 sync.navdmp.com — Cisco Umbrella Rank: 12619	8 KB
11	smartadserver.com 2 redirects prg.smartadserver.com — Cisco Umbrella Rank: 1488 ssbsync.smartadserver.com — Cisco Umbrella Rank: 867 sync.smartadserver.com — Cisco Umbrella Rank: 1588	3 KB
10	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 621	7 KB
10	denakop.com tags.denakop.com — Cisco Umbrella Rank: 210147 cpm.denakop.com — Cisco Umbrella Rank: 228867	125 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 97	2 MB
9	seedtag.com s.seedtag.com — Cisco Umbrella Rank: 4443 t.seedtag.com — Cisco Umbrella Rank: 12483	146 KB
9	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 742 dis.criteo.com — Cisco Umbrella Rank: 601 gum.criteo.com — Cisco Umbrella Rank: 407 mug.criteo.com — Cisco Umbrella Rank: 2114	9 KB
8	google.com www.google.com — Cisco Umbrella Rank: 3 adservice.google.com — Cisco Umbrella Rank: 107	16 KB
7	tailtarget.com tags.t.tailtarget.com — Cisco Umbrella Rank: 70940 d.tailtarget.com — Cisco Umbrella Rank: 82769 b.t.tailtarget.com — Cisco Umbrella Rank: 50198 tt-12765-5.seg.t.tailtarget.com — Cisco Umbrella Rank: 214675 t.tailtarget.com — Cisco Umbrella Rank: 8461	24 KB
7	smilewanted.com prebid.smilewanted.com Failed csync.smilewanted.com — Cisco Umbrella Rank: 3226 static.smilewanted.com — Cisco Umbrella Rank: 12179	16 KB
7	richaudience.com 1 redirects shb.richaudience.com — Cisco Umbrella Rank: 3599 sync.richaudience.com — Cisco Umbrella Rank: 2090	2 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	102 KB
6	amazon-adsystem.com 4 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 337 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1032	4 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80 jnn-pa.googleapis.com — Cisco Umbrella Rank: 279 ajax.googleapis.com — Cisco Umbrella Rank: 422	38 KB
5	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3657 onesignal.com — Cisco Umbrella Rank: 1235 img.onesignal.com — Cisco Umbrella Rank: 6961	91 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60 region1.google-analytics.com — Cisco Umbrella Rank: 1832	21 KB
4	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 874	729 B
4	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1303 ups.analytics.yahoo.com — Cisco Umbrella Rank: 340 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468	2 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 618	2 KB
3	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 772	1 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 375	793 B
3	creativecdn.com 2 redirects prebid-us.creativecdn.com — Cisco Umbrella Rank: 30377 creativecdn.com — Cisco Umbrella Rank: 498	908 B
3	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 662 match.360yield.com — Cisco Umbrella Rank: 2458	980 B
3	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 101	446 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	177 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 218	2 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 778	611 B
2	smartclip.net 2 redirects ad.sxp.smartclip.net — Cisco Umbrella Rank: 4419	700 B
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1215 pixel.quantserve.com — Cisco Umbrella Rank: 977	10 KB
2	ck-ie.com us.ck-ie.com — Cisco Umbrella Rank: 3354
2	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1846	1 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 583	59 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 361	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1012	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	112 KB
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 638 eb2.3lift.com — Cisco Umbrella Rank: 421	733 B
2	media.net prebid.media.net — Cisco Umbrella Rank: 1574 contextual.media.net — Cisco Umbrella Rank: 645	9 KB
2	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1026	172 B
2	google.de www.google.de — Cisco Umbrella Rank: 4835	515 B
2	premiumads.com.br tags.premiumads.com.br — Cisco Umbrella Rank: 411324	139 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 176	114 KB
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 637	338 B
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 650	409 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 653	218 B
1	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 948	204 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1141	1 KB
1	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 160	301 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 572
1	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 617	591 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1254	106 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1281	481 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1039	434 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 408	650 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2846	550 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 976	711 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1651	582 B
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 252	3 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 123	46 KB
1	navegg.com id.navegg.com — Cisco Umbrella Rank: 473330	303 B
1	mathtag.com pixel.mathtag.com — Cisco Umbrella Rank: 1145	418 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1123	7 KB
367	67

	Domain	Requested by
72	www.bandab.com.br	1 redirects www.bandab.com.br static.cloudflareinsights.com
33	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
25	cm.g.doubleclick.net	10 redirects googleads.g.doubleclick.net b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
23	s0.2mdn.net	www.bandab.com.br s0.2mdn.net
15	ib.adnxs.com	4 redirects tags.premiumads.com.br tags.denakop.com googleads.g.doubleclick.net acdn.adnxs.com
13	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com www.bandab.com.br s0.2mdn.net
10	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
9	www.youtube.com	www.bandab.com.br www.youtube.com
8	tags.denakop.com	www.bandab.com.br
6	sync.navdmp.com
6	t.seedtag.com	tags.premiumads.com.br t.seedtag.com
6	csync.smilewanted.com	tags.denakop.com csync.smilewanted.com
6	gum.criteo.com	1 redirects static.criteo.net tags.denakop.com tags.premiumads.com.br
6	pixel.rubiconproject.com	5 redirects
6	prg.smartadserver.com	tags.premiumads.com.br tags.denakop.com
6	www.google.com	www.bandab.com.br www.youtube.com tpc.googlesyndication.com b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
5	googleads.g.doubleclick.net	www.youtube.com b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com pagead2.googlesyndication.com
5	securepubads.g.doubleclick.net	www.bandab.com.br securepubads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
4	token.rubiconproject.com	4 redirects
4	eus.rubiconproject.com	tags.denakop.com eus.rubiconproject.com tags.premiumads.com.br
4	googleads4.g.doubleclick.net	www.bandab.com.br
4	jnn-pa.googleapis.com	www.youtube.com
4	onetag-sys.com	tags.premiumads.com.br tags.denakop.com
4	shb.richaudience.com	tags.premiumads.com.br
3	sync.1rx.io	3 redirects
3	aax-eu.amazon-adsystem.com	2 redirects
3	s.amazon-adsystem.com	2 redirects
3	sync.richaudience.com	1 redirects csync.smilewanted.com tags.premiumads.com.br
3	acdn.adnxs.com	tags.denakop.com tags.premiumads.com.br
3	ap.lijit.com	2 redirects csync.smilewanted.com
3	match.adsrvr.org	b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
3	ssbsync.smartadserver.com	1 redirects b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
3	onesignal.com	cdn.onesignal.com
3	b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	s.seedtag.com	tags.premiumads.com.br t.seedtag.com
3	fastlane.rubiconproject.com	tags.premiumads.com.br tags.denakop.com
3	www.facebook.com	1 redirects www.bandab.com.br
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	tag.navdmp.com	www.bandab.com.br tag.navdmp.com
3	www.googletagmanager.com	www.bandab.com.br www.googletagmanager.com tags.denakop.com
2	sync.smartadserver.com	1 redirects
2	dpm.demdex.net	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	ad.sxp.smartclip.net	2 redirects
2	b.t.tailtarget.com	d.tailtarget.com
2	d.tailtarget.com	www.bandab.com.br d.tailtarget.com
2	creativecdn.com	2 redirects
2	us.ck-ie.com	csync.smilewanted.com
2	ads.betweendigital.com	2 redirects
2	static.criteo.net	tags.premiumads.com.br static.criteo.net
2	pr-bh.ybp.yahoo.com	b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
2	match.360yield.com	2 redirects
2	x.bidswitch.net	2 redirects
2	pm.w55c.net	2 redirects
2	www.googletagservices.com	b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	cpm.denakop.com	tags.denakop.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	prebid.a-mo.net	tags.premiumads.com.br
2	cdn.navdmp.com	tag.navdmp.com
2	usr.navdmp.com	tag.navdmp.com
2	www.google.de	www.bandab.com.br
2	stats.g.doubleclick.net	www.google-analytics.com
2	region1.google-analytics.com	www.googletagmanager.com
2	tags.premiumads.com.br	www.googletagmanager.com tags.premiumads.com.br
2	connect.facebook.net	www.bandab.com.br connect.facebook.net
1	t.tailtarget.com
1	tt-12765-5.seg.t.tailtarget.com	d.tailtarget.com
1	secure.adnxs.com	1 redirects
1	beacon.krxd.net	tag.navdmp.com
1	trc.taboola.com	tag.navdmp.com
1	tags.bluekai.com	tag.navdmp.com
1	sync.crwdcntrl.net	1 redirects
1	eb2.3lift.com	tags.premiumads.com.br
1	contextual.media.net	tags.premiumads.com.br
1	ade.googlesyndication.com
1	pixel.quantserve.com	www.bandab.com.br
1	rules.quantcount.com	secure.quantserve.com
1	sb.scorecardresearch.com
1	tags.t.tailtarget.com	t.seedtag.com
1	secure.quantserve.com	t.seedtag.com
1	match.sharethrough.com	csync.smilewanted.com
1	ads.stickyadstv.com	1 redirects
1	cm.adform.net	csync.smilewanted.com
1	sync.targeting.unrulymedia.com	1 redirects
1	ad.turn.com	1 redirects
1	px.ads.linkedin.com
1	static.smilewanted.com	csync.smilewanted.com
1	mug.criteo.com
1	ajax.googleapis.com	s0.2mdn.net
1	match.adsby.bidtheatre.com	1 redirects
1	um.simpli.fi	1 redirects
1	dis.criteo.com	b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
1	dsp.adfarm1.adition.com	1 redirects
1	img.onesignal.com
1	prebid-us.creativecdn.com	tags.denakop.com
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	tlx.3lift.com	tags.premiumads.com.br
1	prebid.media.net	tags.premiumads.com.br
1	ad.360yield.com	tags.premiumads.com.br
1	bidder.criteo.com	tags.premiumads.com.br
1	id.navegg.com	tags.premiumads.com.br
1	ups.analytics.yahoo.com	www.bandab.com.br
1	cms.analytics.yahoo.com	1 redirects
1	pixel.mathtag.com	www.bandab.com.br
1	sync2.navdmp.com	www.bandab.com.br
1	cdn.onesignal.com	www.bandab.com.br
1	static.cloudflareinsights.com	www.bandab.com.br
1	fonts.googleapis.com	www.bandab.com.br
0	prebid.smilewanted.com Failed	tags.denakop.com
367	113

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
twitter.com
www.linkedin.com
www.youtube.com
t.me
www.aroldomura.com.br
classificados.bandab.com.br
socialradio.com.br
hml.bandab.com.br
bandab.com.br
www.metropoles.com
www.portaldotransito.com.br
creativehut.com.br

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-12` - `2024-06-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-26` - `2023-06-24`	3 months	crt.sh
premiumads.com.br Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
denakop.com Cloudflare Inc ECC CA-3	`2023-02-17` - `2024-02-16`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.a-mo.net R3	`2023-06-12` - `2023-09-10`	3 months	crt.sh
*.richaudience.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-02-27` - `2024-02-26`	a year	crt.sh
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-29` - `2024-04-15`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-05-09` - `2023-08-07`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
ck-ie.com Go Daddy Secure Certificate Authority - G2	`2022-11-12` - `2023-12-14`	a year	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-10` - `2023-07-10`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
quantserve.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh

This page contains 43 frames:

Primary Page: https://www.bandab.com.br/
Frame ID: 738A09756F49154D81129274C82F1CC7
Requests: 215 HTTP requests in this frame

Frame: https://www.youtube.com/embed/TI_hmHbg22M?feature=oembed
Frame ID: FD7E73FD33C126E7D213841190FEEE65
Requests: 21 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 1759F5304AB61ED2E08D11E9EF73A3D4
Requests: 1 HTTP requests in this frame

Frame: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 393EE9D2C22EE773AA9273E6F29E4316
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ACB5B8D8AD910622A2A6A8D5EF269361
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0A0640B3EF91AD800899044FB96EA77B
Requests: 2 HTTP requests in this frame

Frame: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4BC7943701F572039B7C687CE028E8CF
Requests: 20 HTTP requests in this frame

Frame: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0AE107B0280F91F27EDAC9CF3FD9A750
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARiC1bLlATAB&v=APEucNWipVHFrf_gWHYYecnHFUCkVCVIGyH4oMUoCwSA7CfIG2xHeRIDFe6BHefiKy_4LFQtkdSCg79y0KAXORwhHt8epLLD3kk0RTyQV4YpFuMqyuDxHoEfzK8nm58IKFGMgHaIwT_N3WNoRX104lwFhEIfu8jdvxqjy5glSgD47dTQLuni7gCnBkx8ZfvebisO0i8n-69xHiBnIdu8w0aXCUtqY9CqjQ
Frame ID: 2413346818A21C70E49B5ADE569C3312
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYwNLjwAEwAQ&v=APEucNU2UCMPcTiD4IHn9QPiEFRUs9KDRWUet81oiMEot1rT50mJMRA4ZwTZzveq-dbibHS1pkzQdWOyju7V_SqyoAhKS1q27KsjQ-8yOZmeeqE4xx4DtKW0uhepnDFHZFSJGHRGJcGtioEX3hrEDgC3n1FEd5ALwo3aQX9LOdRAeOFF-7WuCIKPUOb8tnfiZVYqXICrAPWG_DUXwAs7aAjKBP_RR7QS6A
Frame ID: 3891CE4F1544CC00C7A608A85E4C1FF3
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CA98A2B7AAA1124FC8DEEB238A3DEF70
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BD13A83634DAE5FE080F51F80E3F27CD
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B48334808D4F1527468AA7CB0150F420
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=n2yZ5GpD5Y&t=1&renderingType=2&ev=01_250
Frame ID: 1B16950F30A7C70E6719DA27DF93B696
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14392016886954669725/index.html?e=69&leftOffset=0&topOffset=0&c=IoGRvgwMUd&t=1&renderingType=2&ev=01_250
Frame ID: B6137F72F97025659CE67C37FC8FC8FA
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8D8BBBA3F3D29AD00FD379469E98128A
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
Frame ID: A9F866C3BC6D0F353F341C04F1E8393E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
Frame ID: F5400601E0F6563888886177D972E9E2
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bandab.com.br
Frame ID: B30C8679238EF9A691EE2973A70B0659
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2586E5A394AB324920F40D026746BF45
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1686968029004
Frame ID: 3F688C4DE0A5E32D05896EBEE1686FD0
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4321D5A8EDEBE87A9A31519B0E17F437
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: D4A59471F0CB4A0D701E1A63067C6C36
Requests: 10 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 0AEED99A25E1BD15C593F057DA8A5565
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 5A08545AB973B6B9C5A3249F2764F52E
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 06C0E5E3BB1C31768DA8B7EF3622638B
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Frame ID: 5C108D7E9F1AF2A6C6EEB8DBEEDAA266
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-e7f5dde6-8157-41df-a69e-e391d577dd25-003
Frame ID: 9900BBB6139055D6226EE72B040B8006
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/09388c13-2fba-53a8-bd9a-cbd9d917dd39
Frame ID: 10C90D099FF846E9AAD7520A4DF74E61
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: 00569D47DA1D10F9B67460C68884FDE5
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Frame ID: ABAA6165784FB75902888CCA35EEA532
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/f8d7be9efe2bf61d8086a551cbabf30?gdpr_consent=&gdpr=0
Frame ID: 454E86390D683B8D1074311B22C1890F
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 24C5F12B72EC9BAE5906860969F546F3
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 4E8DA397BBC1DF1D269D04DBEE46F84C
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/B7k0KbY4tEeL3e0kO7w7?pi=smilewanted&tc=1
Frame ID: AA6C69066DE9C01AD9295ED1002C9BFD
Requests: 1 HTTP requests in this frame

Frame: https://secure.quantserve.com/quant.js
Frame ID: EB7A7C7D4737A545CF14D181C8D95042
Requests: 3 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 83EEA45123B05D9D5976AA722CBD6BDC
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1686968028353
Frame ID: A249BCA339E38281242A9183BD9771AB
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F58C8C9AF9CB9A6E2A224A261D6C42A3
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 356819F9BC537D01357D7C1C3670AC20
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 35766316B139FAA4D90EAF52C381BFF8
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 9B49B0C068E706C34486EC442403C695
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=3829777626
Frame ID: D229116C242ECBAE24C08CE343996D5F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Últimas Notícias de Curitiba, Brasil e Mundo estão aqui - Portal Banda B

Page URL History Show full URLs

http://www.bandab.com.br/ HTTP 301
https://www.bandab.com.br/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

<(?:iframe|img)[^>]+adnxs\.(?:net|com)
adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

tag\.navdmp\.com

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

367
Requests

90 %
HTTPS

42 %
IPv6

67
Domains

113
Subdomains

81
IPs

11
Countries

6380 kB
Transfer

13090 kB
Size

83
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/PortalBandaB

Search URL Search Domain Scan URL

URL: https://www.instagram.com/portalbandab

Search URL Search Domain Scan URL

URL: https://twitter.com/portalbandab

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/portalbandab

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCX22VQocVOGj0t5P7SC5g0Q

Search URL Search Domain Scan URL

URL: https://t.me/portalbandab

Search URL Search Domain Scan URL

URL: http://www.aroldomura.com.br/
Title: Aroldo Murá

Search URL Search Domain Scan URL

URL: https://classificados.bandab.com.br/
Title: Classificados

Search URL Search Domain Scan URL

URL: https://socialradio.com.br/radio/bandab
Title: 79.3 FM Ao Vivo

Search URL Search Domain Scan URL

URL: https://hml.bandab.com.br/ultimas-noticias
Title: Veja

Search URL Search Domain Scan URL

URL: https://bandab.com.br/ultimas-variedades
Title: Variedades

Search URL Search Domain Scan URL

URL: https://bandab.com.br/ultimas-cultura/
Title: Cultura

Search URL Search Domain Scan URL

URL: https://bandab.com.br/noticias/categoria/nacional
Title: brasil

Search URL Search Domain Scan URL

URL: https://bandab.com.br/noticias/categoria/fica-a-dica/

Search URL Search Domain Scan URL

URL: https://bandab.com.br/noticias/categoria/fique-sabendo/

Search URL Search Domain Scan URL

URL: https://www.metropoles.com/
Title: <img alt="Metrópoles" src="https://www.bandab.com.br/wp-content/themes/bandab/assets/img/logo-metropoles.svg" data-eio="l">

Search URL Search Domain Scan URL

URL: https://www.portaldotransito.com.br/
Title: <img alt="Portal do Trânsito & Mobilidade" src="https://www.bandab.com.br/wp-content/themes/bandab/assets/img/logo-portal-transito.svg" data-eio="l">

Search URL Search Domain Scan URL

URL: http://creativehut.com.br/
Title: Creative Hut

Search URL Search Domain Scan URL

URL: https://bandab.com.br/politica-de-privacidade
Title: Política de Privacidade.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.bandab.com.br/ HTTP 301
https://www.bandab.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85

https://www.facebook.com/tr/?id=172047844822838&ev=PageView&dl=https%3A%2F%2Fwww.bandab.com.br%2F&rl=&if=false&ts=1686968027821&sw=1600&sh=1200&v=2.9.107&r=stable&ec=0&o=30&fbp=fb.2.1686968027820.120793871&it=1686968027612&coo=false&exp=c0&rqm=GET HTTP 302
https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fwww.bandab.com.br%2F&ec=0&ev=PageView&exp=c0&fbp=fb.2.1686968027820.120793871&id=172047844822838&if=false&it=1686968027612&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1686968027821&v=2.9.107

Request Chain 104

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=81032302610 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm=&id=81032302610&google_tc= HTTP 302
https://sync2.navdmp.com/sync?prtid=2&id=81032302610&google_gid=CAESEKvUHlS31UCzwjiP77LznP8&google_cver=1

Request Chain 106

https://cms.analytics.yahoo.com/cms?partner_id=NAVEG HTTP 302
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

Request Chain 217

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJNfERZGNUyYz7ZIk__JfZA&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJNfERZGNUyYz7ZIk__JfZA&google_cver=1&C=1

Request Chain 218

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZI0W3Qwe-D9aQdR5SGnf8AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJNfERZGNUyYz7ZIk__JfZA&google_cver=1

Request Chain 219

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECfcd3w-b__MRDhwG7Pg4lM&google_cver=1

Request Chain 220

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAzNjk0MjE1MDc5NTEzMDQyMw%3D%3D

Request Chain 221

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJNfERZGNUyYz7ZIk__JfZA&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJNfERZGNUyYz7ZIk__JfZA&google_cver=1&C=1

Request Chain 222

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZI0W3Qwe-D9aQdR5SGnf8QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJNfERZGNUyYz7ZIk__JfZA&google_cver=1

Request Chain 223

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECfcd3w-b__MRDhwG7Pg4lM&google_cver=1

Request Chain 224

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAzNjk0MjE1MDc5NTEzMDQyMw%3D%3D

Request Chain 244

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMmplIVdDtcUXZrY5n8DFpI&google_cver=1&google_push=ATf1kGPl9CjMoH-VAv2T3pW_5xkrubdaBN094nZcmaANP-_dzY_ooJhKGvdSB1q1hFTmPFBMtNfkwylSIvFAQbEtQrqQDAc-U-s HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMmplIVdDtcUXZrY5n8DFpI&google_cver=1&google_push=ATf1kGPl9CjMoH-VAv2T3pW_5xkrubdaBN094nZcmaANP-_dzY_ooJhKGvdSB1q1hFTmPFBMtNfkwylSIvFAQbEtQrqQDAc-U-s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=T1p6bGNtT0gxUWFsckw1&google_gid=CAESEMmplIVdDtcUXZrY5n8DFpI&google_cver=1&google_push=ATf1kGPl9CjMoH-VAv2T3pW_5xkrubdaBN094nZcmaANP-_dzY_ooJhKGvdSB1q1hFTmPFBMtNfkwylSIvFAQbEtQrqQDAc-U-s

Request Chain 245

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFu0rwIUXu5HaY4TIV6LCxw&google_cver=1&google_push=ATf1kGNdB3P0-_atHvTujEYCKSN3B9BWNcO-17GVIyvMKXAyduFgItZ6IjZNNHIIMOiK2VADZPNkhky3tjO3vEUgNLLbBqDOMQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0NTQ3MjUxMzk2ODMwNjMyNA%3D%3D&google_push=ATf1kGNdB3P0-_atHvTujEYCKSN3B9BWNcO-17GVIyvMKXAyduFgItZ6IjZNNHIIMOiK2VADZPNkhky3tjO3vEUgNLLbBqDOMQ

Request Chain 246

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEM_FT-obTixKsnCocsY6GE0&google_cver=1&google_push=ATf1kGORa4U92cI1s8htPKHOxolSP675gJ-PbOIAm0jfXPCSxVjASUIzwrBDgfoQir1Yj7gJZUzTjsu22ldOrUm10TwoJ-anzg HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEM_FT-obTixKsnCocsY6GE0&google_cver=1&google_push=ATf1kGORa4U92cI1s8htPKHOxolSP675gJ-PbOIAm0jfXPCSxVjASUIzwrBDgfoQir1Yj7gJZUzTjsu22ldOrUm10TwoJ-anzg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGORa4U92cI1s8htPKHOxolSP675gJ-PbOIAm0jfXPCSxVjASUIzwrBDgfoQir1Yj7gJZUzTjsu22ldOrUm10TwoJ-anzg&google_hm=rnpvXqiaTua_Afa3B1TJVg==

Request Chain 248

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF2nn4XfUH6FHNQX-FDxQRk&google_cver=1&google_push=ATf1kGNZ6NNHldO7y6qoEoN1OH2VaraHCTbsvfo_y42jOIyYEEtX2SOKKRQSMIOrIUOsKqHBDgpcmUwAqU3G7pNPxAoMwhXJI8w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElaRDdIQzMtOC0xNTYw&google_push=ATf1kGNZ6NNHldO7y6qoEoN1OH2VaraHCTbsvfo_y42jOIyYEEtX2SOKKRQSMIOrIUOsKqHBDgpcmUwAqU3G7pNPxAoMwhXJI8w

Request Chain 249

https://match.360yield.com/match/ebda?google_gid=CAESEKuAhuwi9reerknxFmnwj8w&google_cver=1&google_push=ATf1kGPvTHhSpUnYWbFJEQq9dqNMSx6BsYZ0bPz16uPYpRVLQFs3kqRe85V1PdJSLks329EnI-kbkWbRoIEhdimw1cpOl6WlqU4 HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEKuAhuwi9reerknxFmnwj8w&google_cver=1&google_push=ATf1kGPvTHhSpUnYWbFJEQq9dqNMSx6BsYZ0bPz16uPYpRVLQFs3kqRe85V1PdJSLks329EnI-kbkWbRoIEhdimw1cpOl6WlqU4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TI9SytY2QjGmxmDCaIB9hg&google_push=ATf1kGPvTHhSpUnYWbFJEQq9dqNMSx6BsYZ0bPz16uPYpRVLQFs3kqRe85V1PdJSLks329EnI-kbkWbRoIEhdimw1cpOl6WlqU4

Request Chain 256

https://um.simpli.fi/gp_match?google_gid=CAESECVvDKY7xZHUpgLBJX3vCfs&google_cver=1&google_push=ATf1kGPJX3bZzq0wftiSbSbpByNoDS2lI-gUHkLzao6s9GcBacsnKeqB_Am6mjeDlr352SqRk2sbfPJeqXwWUL3GVlsmszeQaxM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=82E7927C2D7341B5B075EC7D67931B8A&google_push=ATf1kGPJX3bZzq0wftiSbSbpByNoDS2lI-gUHkLzao6s9GcBacsnKeqB_Am6mjeDlr352SqRk2sbfPJeqXwWUL3GVlsmszeQaxM

Request Chain 258

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEBF6JASGDKbm_w7tAKJPUhk&google_cver=1&google_push=ATf1kGO8hhh6pIfGcdGnWYLUuWXr_OcvW0mEmQ1Hp_YGsLUJfrPaP0kCf5ffuBg1VeU6jaLI5NDduZSv9TWh8vXbXaDYC6HKpEZZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ATf1kGO8hhh6pIfGcdGnWYLUuWXr_OcvW0mEmQ1Hp_YGsLUJfrPaP0kCf5ffuBg1VeU6jaLI5NDduZSv9TWh8vXbXaDYC6HKpEZZ

Request Chain 260

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF2nn4XfUH6FHNQX-FDxQRk&google_cver=1&google_push=ATf1kGPvGVKenFtAo6d1HfdHnYFJmwyc37ZldoGZU-pOvbfrPzsEZB4-YBASexRjROD1XjIVTKKzukc3DXueSJPlDRl4U-2x_jpp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElaRDdIQzMtOC0xNTYw&google_push=ATf1kGPvGVKenFtAo6d1HfdHnYFJmwyc37ZldoGZU-pOvbfrPzsEZB4-YBASexRjROD1XjIVTKKzukc3DXueSJPlDRl4U-2x_jpp

Request Chain 261

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMw6v6mSb1x7MM3BfnNjCSk&google_cver=1&google_push=ATf1kGPVvtTE5sJkPWhCLCJeZbNJ4rlzRuvBaEoJ84T_txEIhx0LRLxkrj7KbdOBomyTFslx84hiPb8TVU74LZxZ1SKiXtf980Qg HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMw6v6mSb1x7MM3BfnNjCSk&google_cver=1&google_push=ATf1kGPVvtTE5sJkPWhCLCJeZbNJ4rlzRuvBaEoJ84T_txEIhx0LRLxkrj7KbdOBomyTFslx84hiPb8TVU74LZxZ1SKiXtf980Qg&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPVvtTE5sJkPWhCLCJeZbNJ4rlzRuvBaEoJ84T_txEIhx0LRLxkrj7KbdOBomyTFslx84hiPb8TVU74LZxZ1SKiXtf980Qg&google_hm=G1BlqGZHha3Zf_UESrGNcYGX

Request Chain 307

https://gum.criteo.com/sid/json?origin=publishertag&domain=bandab.com.br&sn=ChromeSyncframe&so=0&topUrl=www.bandab.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=jH71c3xFeWJwY3BkaGthdzdOYW80YWZ4aTZjNGFRcU5od2VRS1ZLYU5udTI2ZmVxZDhtbjhHVHI2RnBaSmVrWi9uQStQZUhqeWNLYlVZUHVIVnFqOXdzRlRPc1NtczBuSTFacVA5ZmRrRlE4dEJRWXFDZWY0Sk1MT21RdS9NVktBSE93M0Nqb0s1MDNEZXdrVURmWUtZZTVSVHJQUTE4dm5DVEJiaFlKNnV6ODRmOW5wb1pET2NTY2ppajgvY2lHRHBTRUkrcFJBcjF6RXZqbmd0N29ZMWlNWGZQU1dEM2d4aFNHL1dOY2k3QXJ6WFg0bS92UEM2TkVFY05ySlJsL3gvelI0aEU5YUJqcVNVZUtzSDNVUi9kMDBuWG1EeFVwUytrc0J1alBObnAwSGRnWT18&cppv=2

Request Chain 327

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F

Request Chain 328

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEI7O7bX9E1dSB951mzeNoD4&google_cver=1

Request Chain 329

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGRiM2UyYTc2ODBiZTU1Y2Q5NGZlOGJmNjc5ZDA0OWM4OWNiNWU3Ng

Request Chain 330

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TElaRDdIQzMtOC0xNTYw HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF2nn4XfUH6FHNQX-FDxQRk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElaRDdIQzMtOC0xNTYw&google_push=

Request Chain 332

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Unob08zVQ-eQ-bS1nnqRLw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Unob08zVQ-eQ-bS1nnqRLw

Request Chain 333

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/rsGQcKNetCg1nPczmb026Q?csrc=

Request Chain 334

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=XR3E_22mTDGbCIylTs685w&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=XR3E_22mTDGbCIylTs685w

Request Chain 335

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIZD7HC3-8-1560

Request Chain 336

https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1686968032462 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=1795323831 HTTP 302
https://sync.1rx.io/usersync/turn/7394864875619356405?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-e7f5dde6-8157-41df-a69e-e391d577dd25-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-e7f5dde6-8157-41df-a69e-e391d577dd25-003 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-e7f5dde6-8157-41df-a69e-e391d577dd25-003

Request Chain 337

https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/betweenx/09388c13-2fba-53a8-bd9a-cbd9d917dd39

Request Chain 340

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/freewheel/f8d7be9efe2bf61d8086a551cbabf30?gdpr_consent=&gdpr=0

Request Chain 344

https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/B7k0KbY4tEeL3e0kO7w7?pi=smilewanted&tc=1

Request Chain 379

https://ad.sxp.smartclip.net/sync?type=red&dsp=75 HTTP 302
https://ad.sxp.smartclip.net/sync?type=red&dsp=75&ang_testid=1 HTTP 302
https://sync.navdmp.com/sync?prtid=25&sclid=302c9f91-e116-8d64-2f1f-f72a28edd1fc

Request Chain 380

https://sync-tm.everesttech.net/upi/pid/DuqQKWX7/?redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D17%26tubid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/DuqQKWX7/?redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D17%26tubid%3D%24%7BTM_USER_ID%7D&_test=ZI0W4QAFKXnKbwBR HTTP 302
https://sync.navdmp.com/sync?prtid=17&tubid=ZI0W4QAFKXnKbwBR&_test=ZI0W4QAFKXnKbwBR

Request Chain 381

https://ssbsync.smartadserver.com/api/sync?callerId=95&redirectUri=https%3A//sync.navdmp.com/sync%3Fprtid%3D21%26dynid%3D%5Bssb_sync_pid%5D&gdpr=0 HTTP 302
https://sync.navdmp.com/sync?prtid=21&dynid=2049730652370167098

Request Chain 382

https://sync.crwdcntrl.net/map/c=15478/tp=NVEG/tpid=81032302610?https%3A//sync.navdmp.com/sync%3Fprtid%3D38%26lotid%3D%24%7Bprofile_id%7D HTTP 302
https://sync.navdmp.com/sync?prtid=38&lotid=

Request Chain 386

https://dpm.demdex.net/ibs:dpid=822&dpuuid=81032302610&redir=https%3A//sync.navdmp.com/sync%3Fid%3D81032302610%26adID%3D%24%7BDD_UUID%7D%26img%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=822&dpuuid=81032302610&redir=https%3A//sync.navdmp.com/sync%3Fid%3D81032302610%26adID%3D%24%7BDD_UUID%7D%26img%3D1 HTTP 302
https://sync.navdmp.com/sync?id=81032302610&adID=50699078910245802700210840406621894479&img=1

Request Chain 387

https://secure.adnxs.com/getuid?https://sync.navdmp.com/sync?appNx=$UID&img=1 HTTP 302
https://sync.navdmp.com/sync?appNx=7036942150795130423&img=1

Request Chain 389

https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fsync.navdmp.com%2Fsync%3Fprtid%3D36%26uid%3D%5Bsas_uid%5D HTTP 302
https://sync.smartadserver.com/getuid?gdpr=0&url=https://sync.navdmp.com/sync?prtid=36&uid=[sas_uid]&cklb=1

367 HTTP transactions
28 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.bandab.com.br/
Redirect Chain

http://www.bandab.com.br/
https://www.bandab.com.br/

422 KB
53 KB

805ms
785ms

Document
text/html

2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a13660434ddf34be302a707c939c85dc4898721bb56a659fe68cc7b75995f22

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d87c675dde23606-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 17 Jun 2023 02:13:47 GMT
last-modified: Sat, 17 Jun 2023 01:08:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ceC6MnSKtqa7zKpp4uhMqInsgAr47RioE4A3I%2Fs9dyJh29JvzexQK7TWJRGeuG6FMIPVVxHuGQ8JpGfPuhOIjFJOM6KxmO5MzX7mCW2PQ4hLuEbLKjGJUVC4K0cw78%2BBwZqZWB9zAulxvZamX3pG"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Accept-Encoding
x-cache-fetch: HIT
x-cache-store: BYPASS

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7d87c6732fcc9265-FRA
Connection: keep-alive
Content-Type: text/html
Date: Sat, 17 Jun 2023 02:13:46 GMT
Location: https://www.bandab.com.br/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JcqbYqxCxbnmchFSRTmil%2F2wPdYh8%2BpByt6bRWUmROdif9b0A2nJX9b6gexKU4gAP0lbRJC%2ByvLtVRxgnGsmmQLguB2bUxpIIVkj5WB8AMf9PIGeYD29YvrX4zY4eKO8rc5HmerlBhJBI7brfsdZ"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
852 B 43ms
17ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=DM+Sans%3Awght%40400%3B500%3B700&ver=6.2.2&display=swap

Requested by

Host: www.bandab.com.br
URL: https://www.bandab.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fef22e8988f6b72c99b05397a4b16c9dbf269e990c976b5f38d59c1384e78ebe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Jun 2023 02:13:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Jun 2023 02:13:47 GMT

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 style.min.css
www.bandab.com.br/wp-includes/css/dist/block-library/ 95 KB
13 KB 21ms
19ms Stylesheet
text/css 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 12:00:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1857269
etag: W/"642579dd-17ced"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wS09L1sbQiLrov90nyVHGF1sMXjcHz4rj67fRTJEJQ6Ck6vRm98rCPJZSRYJrFGJm73A1hl3NFJAawrO6%2B%2FlnpbxwnGF9lsdwy0HKbZWakBqd64nJJ7npQ4um5LPQyZLdU9up8W3VZSNqunORvO0"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7d87c67af9013606-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 25 Jun 2023 13:50:07 GMT

GET
H2 200 classic-themes.min.css
www.bandab.com.br/wp-includes/css/ 291 B
582 B 29ms
27ms Stylesheet
text/css 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 12:00:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1857269
etag: W/"642579dd-123"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fMqinMcW90nkXvtRa1JZfxnK1n5jQ0GMzduQg4%2B%2BGa2mHnfhU4eMhnFvWm%2Fg1XkpVLYsKKs6htENb83JWSrkFHkd5IJSwLlUjZdObemhg3t9KixDVpOfIafHqlb0Ww1S48VL8a9k0sKKGOTbP2Km"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7d87c67af9023606-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 25 Jun 2023 13:50:06 GMT

GET
H2 200 1321937-layout.css
www.bandab.com.br/wp-content/uploads/bb-plugin/cache/ 39 KB
6 KB 20ms
18ms Stylesheet
text/css 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/uploads/bb-plugin/cache/1321937-layout.css?ver=55541c9190ce9d0eaf829e3876850f38
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fab7bd5fd1fe1318c9e83b0bcf40d702fd09e39995a15b63e803d57af86981b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1279238
cf-polished: origSize=41538
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 02 Jun 2023 01:02:48 GMT
server: cloudflare
etag: W/"64793fb8-a242"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CvF8tc8edIDCx9%2FFjqNwjiIkuMnndrYoxUxr8sL0Nme%2BKeKaPQ47VphbG7lizQu%2FvrwbCVHeX9fGjS1pdSyqRyanzGeJ7SWcdGuI5V%2Bvy4PHs1ZdISAZlNswivvGaCvStHBj0fX4G4LhJLGeInJD"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7d87c67af9033606-FRA
expires: Sun, 02 Jul 2023 01:03:04 GMT

GET
H2 200 cookieNSCconsent.min.css
www.bandab.com.br/wp-content/plugins/beautiful-and-responsive-cookie-consent/public/ 7 KB
2 KB 19ms
17ms Stylesheet
text/css 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/plugins/beautiful-and-responsive-cookie-consent/public/cookieNSCconsent.min.css?ver=2.13.2
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a483b14f8537b64b4852456f7729f23509e470dd04df5f02cb8cdf69192fff4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Jun 2023 01:00:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 88268
etag: W/"648bb448-1a6b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2BVNrOhF6tWdEKNk3KPzPgM%2FHzqL2VSQzPw9X3NL25jNJvT3tW9%2Bc9P%2BjAmAJTj0i28F46%2BgRsrXL8%2FdBRsS%2FY16iFDjeot2YaCLYEhPL%2FiUEd7Y4yI%2FPa%2Fabcj04T2PWJEU3nXzQYP23mn6CHMR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7d87c67af9043606-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 16 Jul 2023 01:01:19 GMT

GET
H2 200 foundation.min.css
www.bandab.com.br/wp-content/themes/bandab/assets/css/ 154 KB
20 KB 23ms
21ms Stylesheet
text/css 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/themes/bandab/assets/css/foundation.min.css?ver=6.7.5
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69a3098b4f2ea14abc65f3eadc5d75c02cdcbcfbbd3b5382a5388ceac514fadb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 May 2023 15:38:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1857269
etag: W/"645bba93-268dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BBsHf2jXUS632SCuT5OhwZsCWFvUx8CNul4qsgbXSMsK%2Foc3OusAhbwZ2tpvlMuj6fevQwuitHqZk%2B9gv6LrWPeAhQ26efEzir%2BPhGBfl8JctuHgFrOEhVgNMl2sOXtvo5yRdH4%2FNj0UeB5FjDsz"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7d87c67af9063606-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 25 Jun 2023 13:50:06 GMT

GET
H2 200 brands.min.css
www.bandab.com.br/wp-content/cache/min/1/wp-content/themes/bandab/assets/fonts/fontawesome/ 18 KB
5 KB 115ms
113ms Stylesheet
text/css 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/cache/min/1/wp-content/themes/bandab/assets/fonts/fontawesome/brands.min.css?ver=1686964084
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e4dc0684c8ca2a166a86fae1f8c29bcd537b18233f2c378bf2e3dae166cb123

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 17 Jun 2023 01:08:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"648d0774-4927"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dNWxh%2F8jd0RD3OBrNVl2%2F9YqIemKSfcQnz3LF%2FKK9FplVgv66jrb%2FkXjWVV4JuzsdIXF3CAm%2FNIyB5Z%2FO4SsEs2t77osSjZ2YYg%2FOE6ExfBxYuao%2BLmqBrHyGx24LUR2bRYNDoDsfXdGCp8%2B6t8g"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7d87c67af9073606-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Jul 2023 01:08:06 GMT

GET
H2 200 regular.min.css
www.bandab.com.br/wp-content/cache/min/1/wp-content/themes/bandab/assets/fonts/fontawesome/ 641 B
602 B 113ms
111ms Stylesheet
text/css 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/cache/min/1/wp-content/themes/bandab/assets/fonts/fontawesome/regular.min.css?ver=1686964084
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 734edc8d08462e2ca9b09f1d9bfd85f68450030d556a8d613410aa22a2dc170d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 17 Jun 2023 01:08:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"648d0774-281"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GBqV49ZzFONNX3uSYsCuYpqzFmKAvb4hYN1PGPZltBubhe2%2FDiXBihL2HyIOpLWPGtvn7Fpc%2FjRgSZxBWxC0G%2FVFBpG1kcw6uc4KlFzY5QXXq3qstXfuaoMt6M6bmXDvsxJv2QiVi9VumvZYG%2BPC"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7d87c67af9093606-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Jul 2023 01:08:06 GMT

GET
H2 200 fontawesome.min.css
www.bandab.com.br/wp-content/themes/bandab/assets/fonts/fontawesome/ 161 KB
37 KB 23ms
22ms Stylesheet
text/css 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/themes/bandab/assets/fonts/fontawesome/fontawesome.min.css?ver=6.4.0
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8b1756a3cf17e337c77c2a0786fa23c662bea5ebaef5f55a389ee7022044a7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 May 2023 15:38:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1857269
etag: W/"645bba93-28458"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A03KlYuuq9Lt32fq2fRQS6tUFDsrunbWTmkIoigo5Nv9WF220SSxyUY7vatx3cQU2D9DfHwByKPWT08csUZfgNqmPOH0jbNkAGZSFgr4LAL3ymRLSxJKeOwWra94U4dxzfJIeonPyEYky9bW57S3"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7d87c67af90a3606-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 25 Jun 2023 13:50:06 GMT

GET
H2 200 style.css
www.bandab.com.br/wp-content/cache/min/1/wp-content/themes/bandab/ 53 KB
11 KB 28ms
27ms Stylesheet
text/css 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/cache/min/1/wp-content/themes/bandab/style.css?ver=1686964084
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85e18a77509ff9b312abfbccfcc853303729739ae896a32fb4205fa92f6cd3eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3149
cf-polished: origSize=54490
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 17 Jun 2023 01:08:04 GMT
server: cloudflare
etag: W/"648d0774-d4da"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2FatpWGykQLWB9TSd0vII4LarKTksIIKpo%2FLgqr6C2knfTEI13HIo6i20sB1lxCIvXquasD2onBctoQxxS416%2Bd9LSoUO2NF0tOCNW%2B3cgPNAdHcs88L%2FlPQM5rYF3BGLPCVGBLJ%2BLc2lOtQU3nX"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7d87c67af90b3606-FRA
expires: Mon, 17 Jul 2023 01:08:06 GMT

GET
H2 200 facets-styles.css
www.bandab.com.br/wp-content/cache/min/1/wp-content/plugins/elasticpress/dist/css/ 4 KB
1 KB 115ms
114ms Stylesheet
text/css 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/cache/min/1/wp-content/plugins/elasticpress/dist/css/facets-styles.css?ver=1686964084
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 205e9f18edd429e8891ed5e3518978e1c1859ad9f9a2a5627bd3478e546c577f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3958
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 17 Jun 2023 01:08:04 GMT
server: cloudflare
etag: W/"648d0774-f76"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ibr2dIxk2wXlCqUnhrT51aLA5FBRzDoMQy%2F1wnqKhMGDCafDxxsdw9%2F%2BfCxbT4CPbF1VwwTtrRtbYFyRGQ%2Fd%2BK2MY1JnGmuwtuIMOExtrRsyykt6NgfiJhgjC813Wk%2F3IdqmlqKOkYt0W7jSPh%2F0"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7d87c67af90c3606-FRA
expires: Mon, 17 Jul 2023 01:08:06 GMT

GET
H2 200 tabelafacil.min.css
www.bandab.com.br/wp-content/themes/bandab/assets/css/ 9 KB
2 KB 29ms
28ms Stylesheet
text/css 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/themes/bandab/assets/css/tabelafacil.min.css?ver=1.3
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef9fc1f4b699a481c648e110c7cc1c134ba7d30b87552e4265a594f8c8787680

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 May 2023 14:38:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1857269
etag: W/"646243e5-232e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2FwrgITM7Djp8OM9G6QjOKJhLbgmTvzgBb9TVemf8ZTDZc3o8RIFT9SrYfT6yNtPeqfJ2zWwfhDDFc4IQ2Rj9bwBUjTScj9zi2ShN6VAdQlLy61xJAHiNrZ%2F5qL46aqMckN2HX07Aw2bE4Ei6%2BZV"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7d87c67af9113606-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 25 Jun 2023 13:50:06 GMT

GET
H3 200 jquery.min.js Show response
www.bandab.com.br/wp-includes/js/jquery/ 88 KB
32 KB 20ms
20ms Script
application/javascript 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 12:00:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1832344
etag: W/"642579dd-15ed7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uej2c%2Be1sdFGrwsBOFuQqikDx5awwEDfPqBvl7Jl3%2FaMncvQ0bXIwK9Wt9NshLLRcWNup0fK6Lf2cOs%2FBa0XTlbPOU2ce8D1vr%2F5FrFamakzHpgwPVuHMY8tCNOXx2k0l6R11hRSoI9Bx2Jc%2BZY2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7d87c67bafcc2bd6-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 25 Jun 2023 13:50:07 GMT

GET
H3 200 jquery-migrate.min.js Show response
www.bandab.com.br/wp-includes/js/jquery/ 13 KB
5 KB 27ms
26ms Script
application/javascript 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 12:00:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1841465
etag: W/"642579dd-3470"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U2fj%2BvXoVmsLlOxXfryZcMl8Zi4FA5O0P6Y4pb%2F3GIc%2BTw0DRy1VcMJ1sp%2FTR7684VCgBpP32N7ZPbsFR5BjLjvzDx43VGUBwbRKiypt%2Bhe2QMijupDdGHGxNeTK2Mkgf7Y0p2YLi158DLpGNqis"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7d87c67bafce2bd6-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 25 Jun 2023 13:50:07 GMT

GET
H3 200 foundation.min.js Show response
www.bandab.com.br/wp-content/themes/bandab/assets/js/lib/ 525 KB
91 KB 30ms
30ms Script
application/javascript 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/themes/bandab/assets/js/lib/foundation.min.js?ver=6.7.5
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84bbdcfbd7f11f5aa5d19fad48e7be67333e2c0b147091a5a9513614b94646cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 May 2023 15:38:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1832344
etag: W/"645bba93-832aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zDYJwoFiPjy1WNbGFeJQDL%2Fa4Jry8kX8lWvmQcsc%2FOIQ8Ou7BGlRm4708D6GIiMf17Kro0k67GOqUHl7tqXiLX7h2e%2FLJxLzlqn%2FBIkr2OGcRwUMO2dAticRCUT5mSE%2BbysAoiDYGUGfRpbJMKhA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7d87c67bafd32bd6-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 25 Jun 2023 13:50:07 GMT

GET
H3 200 jquery.ias.min.js Show response
www.bandab.com.br/wp-content/themes/bandab/assets/js/lib/ 17 KB
6 KB 37ms
36ms Script
application/javascript 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/themes/bandab/assets/js/lib/jquery.ias.min.js?ver=2.2.2
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d280e96cac799ad05e2cd457ebb738497d56f5a708798326b64ea4e85e0d69a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 25 Feb 2021 14:29:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 62918
etag: W/"6037b455-449e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=85oloor2v3SL4I%2BP6KPLfEe%2BocTyIuNiO6hrEy059ZgpdZIBZ%2B8YlxrcwUT4s6pGr4OgIinv0jjTDzF1gt7duYkWGQQUD9wIfNT%2B%2FbLPlM7STUwzzRakQL3kr%2BJUR3onUMvp1DDMY1dv1zhIbh3e"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7d87c67bafd42bd6-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 25 Jun 2023 13:50:07 GMT

GET
H3 200 simplebar.min.js Show response
www.bandab.com.br/wp-content/themes/bandab/assets/js/lib/ 58 KB
19 KB 39ms
39ms Script
application/javascript 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/themes/bandab/assets/js/lib/simplebar.min.js?ver=0.8.7
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82a1fa6858fd9a84b39638acc8c7211c82c9652c7809c4dd1ba01b4df5c90a61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Apr 2022 18:12:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1835532
etag: W/"6255c11d-e696"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=flD5FCiw%2BaTS75qcgEd0dft5sGQJ5VxUEpUnJu1veWEMebZd5yY0F2opIBjyWDfz1nOqLCxNnd8LMwbUi7RmPbEd5h6a19s34A89s9C2jPFS31ChaXDn9nzvqH%2Fx9HvWfPAgWTQM6X9r6UYZC7sW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7d87c67bafd72bd6-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 25 Jun 2023 13:50:07 GMT

GET
H3 200 jquery.tabela-facil.min.js Show response
www.bandab.com.br/wp-content/themes/bandab/assets/js/ 401 B
709 B 40ms
39ms Script
application/javascript 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/themes/bandab/assets/js/jquery.tabela-facil.min.js?ver=2.1
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 241aa2f0b5684a2efd870943e4d8ec87e869db57b93a77b8f5903cc37804a6af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Apr 2022 18:38:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1841465
etag: W/"62571895-191"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hn9k%2FHpUgztm46u84XW9kszQjJs7u42QK0eFDtLXUIpV5WvIjb86CeWULE7PSEo44pLTN%2BxLmYRqKRgsac7%2Fp8RFQoDUczG2DbGc9TP%2F49kYxVM2FpY54b%2BcKNjD4o%2BJD%2BiqFGSZEzfSuyJpwMad"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7d87c67bafd82bd6-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 25 Jun 2023 13:50:07 GMT

GET
H3 200 gpt.js Show response
www.bandab.com.br/wp-content/cache/min/1/tag/js/ 80 KB
28 KB 221ms
220ms Script
application/javascript 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/cache/min/1/tag/js/gpt.js?ver=1686964085
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd7d550fb93f0519c6680756cc42fe96bcbb425a25781c4e2a22b3d9c3a341cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 17 Jun 2023 01:08:05 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"648d0775-13ff9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yONVDY3Ktsy9Oce5zZ%2BV38MHNXoj0SNoLQ%2FOebHRF557hek7kgkHL%2BQ265AFRjZMdpfZQ41vKRulhxc%2BB3W5n4Aw29v%2BW7ZFZilE%2Bymsg1gTY0ziYC%2BSzyS4lJFOq7Av6edNwRV14oTd8bQCx%2FSC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7d87c67bafd92bd6-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Jul 2023 01:08:07 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 132 KB
50 KB 42ms
21ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W8LD2LZ

Requested by

Host: www.bandab.com.br
URL: https://www.bandab.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5c04bf6e52e69c8a5973b1cc711447959e3e5d2b7a805065ccaad77b39fbdd66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51260
x-xss-protection: 0
last-modified: Sat, 17 Jun 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 17 Jun 2023 02:13:47 GMT

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ 14 KB
5 KB 55ms
21ms Script
application/javascript 2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 05 Apr 2023 20:59:24 GMT
server: cloudflare
age: 2651
etag: W/"642de12c-36d1"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7d87c67bed625b74-FRA
expires: Sat, 17 Jun 2023 02:29:36 GMT

GET
H3 200 fa-regular-400.woff2
www.bandab.com.br/wp-content/themes/bandab/assets/fonts/fontawesome/ 388 KB
388 KB 110ms
109ms Font
font/woff2 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/themes/bandab/assets/fonts/fontawesome/fa-regular-400.woff2
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/wp-content/cache/min/1/wp-content/themes/bandab/assets/fonts/fontawesome/regular.min.css?ver=1686964084
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b7265fb8e98286a6e61d73e4278df35c0e911db1e8a94c82836d0b21088125b

Request headers

Referer: https://www.bandab.com.br/wp-content/cache/min/1/wp-content/themes/bandab/assets/fonts/fontawesome/regular.min.css?ver=1686964084
Origin: https://www.bandab.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
cf-cache-status: HIT
last-modified: Wed, 10 May 2023 15:38:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "645bba93-60f8c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WU6MumIyXx%2BFNhUUy%2FOJFjUtR27QsuAaavAZIvCN08MAAkuBXacVDK3hgTpy1y%2Fr2AQagNfAym5Gzckr9zsGyj0VbNLO%2FwjN5BcBH%2Bb7Ko4DQqw46xjcCN842k2H5%2F6HXv%2B9IGXdcgqi2pniQW2s"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
accept-ranges: bytes
cf-ray: 7d87c67bcfe52bd6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 397196

GET
H2 200 rP2Cp2ywxg089UriAWCrCBimCw.woff2
fonts.gstatic.com/s/dmsans/v11/ 18 KB
18 KB 34ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriAWCrCBimCw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans%3Awght%40400%3B500%3B700&ver=6.2.2&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6997f451bbf8012dea5fb3b9f2e974a2f86861364126915097d81096392c800

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bandab.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 20:39:40 GMT
x-content-type-options: nosniff
age: 279247
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18240
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:54:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jun 2024 20:39:40 GMT

GET
H3 200 fa-brands-400.woff2
www.bandab.com.br/wp-content/themes/bandab/assets/fonts/fontawesome/ 106 KB
107 KB 116ms
115ms Font
font/woff2 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/themes/bandab/assets/fonts/fontawesome/fa-brands-400.woff2
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/wp-content/cache/min/1/wp-content/themes/bandab/assets/fonts/fontawesome/brands.min.css?ver=1686964084
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 465040d118a831a548cd8106d00d9e61d203cb74b7de6d9ad41d09cf6319f084

Request headers

Referer: https://www.bandab.com.br/wp-content/cache/min/1/wp-content/themes/bandab/assets/fonts/fontawesome/brands.min.css?ver=1686964084
Origin: https://www.bandab.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
cf-cache-status: HIT
last-modified: Wed, 10 May 2023 15:38:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "645bba93-1a968"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WwxXqFILjGt4Z4nPUssWdXm7qyAzrMWJgo5VOvp93%2FypaGKIuPcU%2B%2F4NdQErwOVHGo4H1BQrAmoC%2Fdxonj3khSpxwMwRjxiZTRCSRMfcJEbq%2Bp5RVWgTSZbeNEtCnNAg8AtYAjvKypGLpP3va1wv"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
accept-ranges: bytes
cf-ray: 7d87c67bcfe62bd6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 108904

GET
H2 200 rP2Hp2ywxg089UriCZOIHQ.woff2
fonts.gstatic.com/s/dmsans/v11/ 18 KB
18 KB 40ms
14ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans%3Awght%40400%3B500%3B700&ver=6.2.2&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bandab.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 09:07:40 GMT
x-content-type-options: nosniff
age: 61567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18096
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:54:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Jun 2024 09:07:40 GMT

GET
H2 200 rP2Cp2ywxg089UriASitCBimCw.woff2
fonts.gstatic.com/s/dmsans/v11/ 18 KB
18 KB 35ms
8ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans%3Awght%40400%3B500%3B700&ver=6.2.2&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3c0fa2cd71bb91d0e3acf5d77b93c49a184e9ad941532ca8c07c82eb0bd6a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bandab.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 16:16:42 GMT
x-content-type-options: nosniff
age: 554225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18212
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:54:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 16:16:42 GMT

GET
H3 200 1321932-layout-partial.css
www.bandab.com.br/wp-content/uploads/bb-plugin/cache/ 47 KB
7 KB 112ms
111ms Stylesheet
text/css 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/uploads/bb-plugin/cache/1321932-layout-partial.css?ver=9490c2f4a7c6e04a584695f905137925
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5617472d9c11a8acf268a85162507d7a41a2cf48dd8e9b7dc179822c8f4f191

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=50840
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 17 Jun 2023 01:08:33 GMT
server: cloudflare
etag: W/"648d0791-c698"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FIHEcFCQ4KTT8fCIFulqASbsDb%2B%2F9QlSjSq3ccGcJPT9RK91IJgRRRRC88MQvencGcxJMYI9Pz0vSbYNON7D4SigOlMKruHgOjtjpUDuadw05esazoVaVXH0MTFYNgIWwOtBZga1YwhX9uCmz5%2BG"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7d87c67bf80a2bd6-FRA
expires: Mon, 17 Jul 2023 01:08:40 GMT

GET
H3 200 1321930-layout-partial.css
www.bandab.com.br/wp-content/uploads/bb-plugin/cache/ 55 KB
8 KB 17ms
17ms Stylesheet
text/css 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/uploads/bb-plugin/cache/1321930-layout-partial.css?ver=72022202700d8c5f2f17a3174d4109de
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8268383a211e60117497ef6108493e8fa8440e3094372b4c00c641dbc72bfe5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71643
cf-polished: origSize=59215
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 15 Jun 2023 19:28:23 GMT
server: cloudflare
etag: W/"648b6657-e74f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B5xj9RzPC8D6GQZm7NiZKJ3IHFVekpfGqluTzqdHosyX8sxksaiKyQhXUvYyqKKACp5zxIJuZy3fH7xB7M%2BpN3OIsS%2BlkDcCF7xqzbLfszDNMHUQxei4gwyYYpieMewLhXJpK4jXh0zxAUczJPmg"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7d87c67bf80b2bd6-FRA
expires: Sat, 15 Jul 2023 19:28:26 GMT

GET
H3 200 1321929-layout-partial.css
www.bandab.com.br/wp-content/uploads/bb-plugin/cache/ 40 KB
6 KB 124ms
120ms Stylesheet
text/css 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/uploads/bb-plugin/cache/1321929-layout-partial.css?ver=fe5ae826ea9f1f2454a73dcf0c1f61ff
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a69bd7b7df3b5146c1777f4d4636e02c2050695bcf8081c2121074f4fc843498

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=42854
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Jun 2023 22:52:54 GMT
server: cloudflare
etag: W/"648ce7c6-a766"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nuBWTEIBFJ09bRK%2BAPZX3WQ0Cc7MXDgXC8KCom0ny5ArS9%2BiZUg%2BzfEFc5bVZcP9acgi5pAxGX6PAhflG1r0yZqherDQ50EbsIkMKStRrDWRWu5hgmh9YHPu2UH1TYCAz7sbg1co6zS0ppCEohLg"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7d87c67c18222bd6-FRA
expires: Sun, 16 Jul 2023 22:52:58 GMT

GET
H3 200 1321934-layout-partial.css
www.bandab.com.br/wp-content/uploads/bb-plugin/cache/ 54 KB
8 KB 154ms
150ms Stylesheet
text/css 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/uploads/bb-plugin/cache/1321934-layout-partial.css?ver=30b51f8ab3276f95d08de195fa6eb172
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2db06210f95912488f3bd5ec6165162589ee3914b5987248ddd912f90e96d36d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=58143
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Jun 2023 21:34:10 GMT
server: cloudflare
etag: W/"648cd552-e31f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1AjXTWZcg9zBw8pVLjHW2iWnC5Xy4c9T4yx6fwO%2BNHSoCVCMpC5FW6W2abP7Ug1fecg%2FfJVN4IQ2Dv2Bdze6b0ZjWXCS%2F6Mfdlq4SO9wO4LaTYftE37t%2FIF9XHXwTOHhfiXsXCc9XtNmsU8cBvdf"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7d87c67c28262bd6-FRA
expires: Sun, 16 Jul 2023 21:35:49 GMT

GET
H3 200 1321931-layout-partial.css
www.bandab.com.br/wp-content/uploads/bb-plugin/cache/ 43 KB
6 KB 119ms
115ms Stylesheet
text/css 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/uploads/bb-plugin/cache/1321931-layout-partial.css?ver=f3a61f1cdf764791b3d50ee165fcebae
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4101153094d24e1af5253f1524cd2eebed9b6af9316ca493afcdadb7f8ccf19a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=46514
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Jun 2023 23:18:16 GMT
server: cloudflare
etag: W/"648cedb8-b5b2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Y%2Fls4od1pl%2B1BkRam2rCVa7EQ6ft6wF1pc9xmmNL6TUPjbDw6wIQCOZTrbkkfUJ6CtZAR%2BAtraO3DapWlTrc3eCqAQc2UTTQUUvVXnMv8a1Scts1zmWbtFhnaf%2BB3bJI63cc5Eh9hLZaLuHRrya"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7d87c67c28282bd6-FRA
expires: Sun, 16 Jul 2023 23:18:19 GMT

GET
H3 200 1321933-layout-partial.css
www.bandab.com.br/wp-content/uploads/bb-plugin/cache/ 31 KB
5 KB 23ms
19ms Stylesheet
text/css 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/uploads/bb-plugin/cache/1321933-layout-partial.css?ver=68b821d6f4548e03d2957f7165b58a74
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be04961f1faad2a7d4c06aff433efc799e67728ac1f662cdbc5514937db8b41f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 61496
cf-polished: origSize=32942
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 07 Jun 2023 19:54:40 GMT
server: cloudflare
etag: W/"6480e080-80ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZaFNNgUZedh7wjc43kPW5w49Fpibv3DqdGbaQ%2FUV7Emp5YetRVfkpnKPlKf7xJgjRAHfm261trHOBJdNHZIqWb5w38AXkJ9aRyvtwG2r1crB5jrHMKum0pZ3Ee%2B2VnnWRUo9vZxPyweTnfvDDhdB"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7d87c67c28292bd6-FRA
expires: Fri, 07 Jul 2023 19:54:42 GMT

GET
H3 200 1321935-layout-partial.css
www.bandab.com.br/wp-content/uploads/bb-plugin/cache/ 25 KB
4 KB 26ms
22ms Stylesheet
text/css 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/uploads/bb-plugin/cache/1321935-layout-partial.css?ver=3d1c331647bd9d7e0ca645692bdf5b0f
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b67fa4976f24310604c5572a3e5db8f851ee0bd0bf31e706c55c68fe7cf7c1b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 218128
cf-polished: origSize=27027
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 07 Jun 2023 19:54:01 GMT
server: cloudflare
etag: W/"6480e059-6993"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PbncVO5b5VnIiILoaCo58ITj6JTUSABVVrdSt852UlKbUlOCQWcf%2Fa1jAxeOzKBGTyzVAVV1gl3NVVTyLLwsexoEzxLv8mHYyKSrckWR0p43trvStRZS9AtS36dxcjjgII0w%2BWoib1TZsZEi86TB"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7d87c67c282a2bd6-FRA
expires: Fri, 07 Jul 2023 19:54:04 GMT

GET
H3 200 1321936-layout-partial.css
www.bandab.com.br/wp-content/uploads/bb-plugin/cache/ 23 KB
4 KB 29ms
24ms Stylesheet
text/css 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/uploads/bb-plugin/cache/1321936-layout-partial.css?ver=b07bd47ff60703b3257e297db00cde0a
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c9d8656624fda1211befd790b5751f302b6b6d43e4d1401aeb361d155a321c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1492385
cf-polished: origSize=24411
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 26 May 2023 13:48:13 GMT
server: cloudflare
etag: W/"6470b89d-5f5b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N2imZYXjkIIc9J9zST6%2FiZr%2FI6GoFzsWY8SqBe74HnuD4VNgbJ4mwfZji9FmpsTuvfK1JYwrRSCQyYnuOiYevZLHoom%2Fv89Md80illHEp5u81D8k4wY8pNMl3YV3Y4tQNL7YQM5laun27RsT8yxY"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7d87c67c282b2bd6-FRA
expires: Sun, 25 Jun 2023 13:50:10 GMT

GET
H3 200 lazysizes.min.js Show response
www.bandab.com.br/wp-content/plugins/ewww-image-optimizer/includes/ 14 KB
6 KB 25ms
21ms Script
application/javascript 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js?ver=702
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c05a1108c176130e9dff2f6a5ebdb60be1c3e17b5a8f83de35b29f44fb109434

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Jun 2023 01:00:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 862843
etag: W/"647fd6c2-3860"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bGns3CqrgbtsapLSkty6n8zuGSDvPIj3D4lrQu4bdUFozDVLCCPU3jEOGhLGSRvOkmCFwCoHfqCEnxAMFfyTDd5EJxXXtU0HslaYJRUGuKEwxYAWwC3vNMIXAhM%2BDjfMOpr68dNY%2Bnh83xEw4tfj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7d87c67c282c2bd6-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 07 Jul 2023 01:01:01 GMT

GET
H3 200 1321937-layout.js Show response
www.bandab.com.br/wp-content/cache/min/1/wp-content/uploads/bb-plugin/cache/ 31 KB
9 KB 128ms
124ms Script
application/javascript 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/cache/min/1/wp-content/uploads/bb-plugin/cache/1321937-layout.js?ver=1686964118
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 643f1043f926c67c1e6247ea8095ab3795db6b457ebb92a314dda66642b2f262

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 17 Jun 2023 01:08:38 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"648d0796-7de8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PeuazW%2BLYUxDk%2BVj%2B2GWJ7RSdZ6esgz%2BjfFBhaneWUn7%2B8r9szM0vV4K17Q0I9Yv%2BrKHgMNZ5aU%2FDJOpkeIilvRa1f8FZae4omJejlZwQXilQzSGZ27NTbJ9GdPHLkZINvWwz7pPeJdg0tBu5MN%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7d87c67c282e2bd6-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Jul 2023 01:08:40 GMT

GET
H3 200 cookieNSCconsent.min.js Show response
www.bandab.com.br/wp-content/plugins/beautiful-and-responsive-cookie-consent/public/ 28 KB
9 KB 27ms
23ms Script
application/javascript 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/plugins/beautiful-and-responsive-cookie-consent/public/cookieNSCconsent.min.js?ver=2.13.2
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bfcc82105db0a3e46dfa9fdec69642930fd9907115ca32a50b006bc183a57c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Jun 2023 01:00:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 71643
etag: W/"648bb449-70b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Os3%2BXYQa%2BUe5qT9X4T6CjWNXa3RDMazEzCKSBENEfwbXYkOqKJFL5dVi0zMkDzMmfnmY1A45Xfm6hf%2FvMEC6b%2FdAY89yr1xSWLCxSfgiWtdbuSNUUR36JLnrS8%2BGBQ7avm6FMSCm%2BeqQYfC4ZTd2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7d87c67c282f2bd6-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 16 Jul 2023 01:01:19 GMT

GET
H3 200 jquery.init.min.js Show response
www.bandab.com.br/wp-content/themes/bandab/assets/js/ 2 KB
1 KB 24ms
20ms Script
application/javascript 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/themes/bandab/assets/js/jquery.init.min.js?ver=10.05.15.38.59
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a7a16a4941425410ded5fb23fef1c6bd132561d07b23f9a1f4fe63d9e0e9fa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 May 2023 15:38:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1841464
etag: W/"645bba93-77a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4NisIXQtUnbtjWbBmAU9ei7lcgGIo961dvIYldw2%2FKV34g42GVNYKUMolhBYl0%2Br%2Br0Tk4TCbFTLh5Otc3BZSDOm2Qa%2BE6z78xE6iTGX5pwA%2BemakbLNXTcIKgG%2FA3h1JV36bTIqgv%2Bh9o52667J"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7d87c67c28302bd6-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 25 Jun 2023 13:50:07 GMT

GET
H3 200 OneSignalSDK.js Show response
www.bandab.com.br/wp-content/cache/min/1/sdks/ 9 KB
3 KB 116ms
112ms Script
application/javascript 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/cache/min/1/sdks/OneSignalSDK.js?ver=1686964085
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96ad9596a5b8b30e9fa9c71033fca6b05b7b654d553211b27b925580dd5e5a3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 17 Jun 2023 01:08:05 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"648d0775-23ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jnTfJF%2BQMpavvQ7IQKFtDe9pDb1XtpF5PqXmOhfHv%2BRJs7WAe9m6DZDmKweK6TGrYkJbcM1d8dA3gbxeJ6h029T%2Fdmjc9hK1Ldy%2FgTzgrfYH804Oia8qBRRt4652T52pJYLMRbBGiaPB74Yw8AgS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7d87c67c28312bd6-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Jul 2023 01:08:07 GMT

GET
H3 200 imagesloaded.min.js Show response
www.bandab.com.br/wp-includes/js/ 5 KB
2 KB 30ms
26ms Script
application/javascript 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-includes/js/imagesloaded.min.js?ver=6.2.2
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Aug 2020 12:00:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1283211
etag: W/"5f33d9d2-15fd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nHse%2BIEYJnnhelaYt86S8A81z%2FzyC8eUB8iXjXOsrpBp5n3U%2B1a7HepmvTlmD53kLZ6VRGIHuei5Mib8CFys53c%2BEqsaYiHPDUk9otdD2CU09K6tybC88prE5dJUmOXd0xmIeWjIufIvGtm8THXi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7d87c67c28332bd6-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 25 Jun 2023 13:50:11 GMT

GET
H3 200 jquery.fitvids.min.js Show response
www.bandab.com.br/wp-content/plugins/bb-plugin/js/ 2 KB
1 KB 27ms
23ms Script
application/javascript 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/plugins/bb-plugin/js/jquery.fitvids.min.js?ver=1.2
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcd9ffb64cfd974227451be5fc6ec851c51bb635d8485fd5e48e8717bac902cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 21 Apr 2023 01:00:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 61496
etag: W/"6441e025-6f6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zH2VhlFyZZgoaE4W4VHwAVMvzGbKfdE4tnvSt3ZEIHHqDxw4fn5TwWNWfaOE0AlFd8OZirNAniQLDo%2BHmjBlVp7u6XyglB2H3u%2Fq88yZJCpv%2BNOz08P1n7CtuQBd0g0s%2BvtadGUydFCu%2B%2FiaZ%2Bzv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7d87c67c28352bd6-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 25 Jun 2023 13:50:11 GMT

GET
H3 200 1321932-layout-partial.js Show response
www.bandab.com.br/wp-content/cache/min/1/wp-content/uploads/bb-plugin/cache/ 23 KB
6 KB 116ms
112ms Script
application/javascript 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/cache/min/1/wp-content/uploads/bb-plugin/cache/1321932-layout-partial.js?ver=1686964118
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d60186aee6acd84b2bde59d7fd40be4799686622c48a94c543e96dc3934bc23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 17 Jun 2023 01:08:38 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"648d0796-5bf9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xl8YWvGYBNhQSVYNOfEiVRL21KK6iOPA0mx%2BK1boHoymwFJo8iZSvjK3mbLiqaReoCfQMYlDi3ipq8kExK%2F0wFYjRaDZqJhmg0qOtc5JL5dFuhtexIxAG63Aeyp0RHwlxM8sleSE4o4BGq1mTrKj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7d87c67c28372bd6-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Jul 2023 01:08:40 GMT

GET
H3 200 1321930-layout-partial.js Show response
www.bandab.com.br/wp-content/cache/min/1/wp-content/uploads/bb-plugin/cache/ 28 KB
7 KB 131ms
127ms Script
application/javascript 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/cache/min/1/wp-content/uploads/bb-plugin/cache/1321930-layout-partial.js?ver=1686964118
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8db1a4015552114dc34a9ec6edcc6af055e954e46a88315549bcac9f2996836d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 17 Jun 2023 01:08:38 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"648d0796-6fa2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=84Op0qeqj%2BSF3dZCcXTkXVlZJucLhL1FJbnxp4GlKS37EIXBA2e6PQ3dCBKp1x784%2BUJ9oRWTIUoJ1EHBBGVxbke%2BEzvw6YC8Lnx6syByMNja1F%2FOGZf4Knt9HXhmTy%2B0IEZicV7PVA3rwqOOH5E"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7d87c67c28382bd6-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Jul 2023 01:08:40 GMT

GET
H3 200 1321929-layout-partial.js Show response
www.bandab.com.br/wp-content/cache/min/1/wp-content/uploads/bb-plugin/cache/ 27 KB
7 KB 119ms
115ms Script
application/javascript 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/cache/min/1/wp-content/uploads/bb-plugin/cache/1321929-layout-partial.js?ver=1686964118
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe7feae8fdfd7306e99986c0d35b0396975783a682b1deb330c0260bd21179a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 17 Jun 2023 01:08:38 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"648d0796-6d20"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FbEaAeQ9fxg55qXLjno8U0CQF4%2B2TDYPCUO9L45DcNf115Q1%2FIpXlD5g11GGEH72vpIF43%2BN5hWz9yWah4ZjeesRrvBkvEgIylKHc9KNMw%2BRejULf7ss7HHvHzr1qjezjWaOt4t4Kr5mZ%2BHyCiSb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7d87c67c283a2bd6-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Jul 2023 01:08:40 GMT

GET
H3 200 jquery.easytabs.min.js Show response
www.bandab.com.br/wp-content/themes/bandab/assets/js/lib/ 9 KB
3 KB 28ms
25ms Script
application/javascript 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/themes/bandab/assets/js/lib/jquery.easytabs.min.js?ver=3.2.0
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 731c982fe2f526eb1cfc47130b9d84b74c1a1038a4a518bcaf70f83ddac162a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 25 Feb 2021 14:29:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1835531
etag: W/"6037b455-24a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=39%2FdPLx2JcZb2upIhhIFsAKNV9sPo0A5Jks0m0uNANJ6ybAHQ3Agkc2O2IBsL0WquqWYF28khzklzLKRRFAgPLhZNsWebGvSS9b4AOjZJWJ17MCxnGBSLrufcZ4wpBaGs%2Bz0aTuUGRjSqXr6x6Il"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7d87c67c283b2bd6-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 25 Jun 2023 13:50:07 GMT

GET
H3 200 jquery.mThumbnailScroller.min.js Show response
www.bandab.com.br/wp-content/themes/bandab/assets/js/lib/ 28 KB
10 KB 29ms
25ms Script
application/javascript 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/themes/bandab/assets/js/lib/jquery.mThumbnailScroller.min.js?ver=2.0.3
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83bc3d65d6d0f786000aacd0a546df882c135fcdcc5721833150bd385bc681fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 25 Feb 2021 14:29:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1832538
etag: W/"6037b455-6f33"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xTRuez%2BmVhFntVV5DRBM7TdCiRlQaewCKL5B%2Fc7KIprxh26BPY9wwGiL4p%2FU61WUURQGDxqpaHVRfs1v4euNdG%2BgRa6bY2aUblmBdRZlLhtaUYyHpwHS6VGkYN4tdmCNx5g0gxNtTH9tzS5HS7Cs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7d87c67c283c2bd6-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 25 Jun 2023 13:50:07 GMT

GET
H3 200 jquery.widget.tabs.min.js Show response
www.bandab.com.br/wp-content/themes/bandab/assets/js/ 189 B
624 B 27ms
24ms Script
application/javascript 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/themes/bandab/assets/js/jquery.widget.tabs.min.js?ver=2.0
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9335e023ccff38aa988f6302c5b2d06188cead60e2439f5b224d056f5a0687f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Apr 2022 18:12:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1841464
etag: W/"6255c11d-bd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SsSMrgV4r2WoDcPAaBfuz0wvfzHPv4TzsIjEwTMqO%2BSGOm7tBRRURXI0QuANATd04GvIHi2PIh77zryDJxO%2BX2s7Kzgto8zvh0OTctCyWj0VCCmFS2YZsspy8w%2BnFGs4bMnTDaWZobtZ7Vez3xyX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7d87c67c283d2bd6-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 25 Jun 2023 13:50:07 GMT

GET
H3 200 1321934-layout-partial.js Show response
www.bandab.com.br/wp-content/cache/min/1/wp-content/uploads/bb-plugin/cache/ 27 KB
7 KB 125ms
121ms Script
application/javascript 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/cache/min/1/wp-content/uploads/bb-plugin/cache/1321934-layout-partial.js?ver=1686964118
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b75f7f6af67dd84cd8b1cc04c1d82f3ca80691cd2d68fbf3a3d8d573a91a627a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 17 Jun 2023 01:08:38 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"648d0796-6d20"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0JhQ%2FOGotKDtVj8xqfALBV4t9lP5LUc0Y50eWvIjOHmQGM6GbI3TbNeBDWpH7Jigv06N6yl03vCg%2Ffi%2FAa0WYyxMSq0Ysb%2BZ%2FkQucIox28SW1JSJMPx0pZZtT1tdjscvxT%2FWSKD73eOXRQqAd6ZY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7d87c67c283f2bd6-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Jul 2023 01:08:40 GMT

GET
H3 200 1321931-layout-partial.js Show response
www.bandab.com.br/wp-content/cache/min/1/wp-content/uploads/bb-plugin/cache/ 17 KB
5 KB 294ms
291ms Script
application/javascript 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/cache/min/1/wp-content/uploads/bb-plugin/cache/1321931-layout-partial.js?ver=1686964118
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17a0799f5d5a0dfdca691f98629af6f4be6cfef0c16bdc8b40343e9dfd1bf04e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 17 Jun 2023 01:08:38 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"648d0796-44d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nNE6dCjqIuKtin3DfEaJ2c1lF6Fi14Od4DpZQPoqGtyI5SYZHWlsAEj7ZIs2o%2F04V3tZgwRxkMV8X8N1wW8o3QbdrnoVil13xmfcLoSAb6syoHfijk9M9kL9ynffkkDGDKKvn9Z2dwT3l7SRi%2Fw4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7d87c67c28402bd6-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Jul 2023 01:08:40 GMT

GET
H3 200 1321933-layout-partial.js Show response
www.bandab.com.br/wp-content/cache/min/1/wp-content/uploads/bb-plugin/cache/ 16 KB
5 KB 128ms
125ms Script
application/javascript 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/cache/min/1/wp-content/uploads/bb-plugin/cache/1321933-layout-partial.js?ver=1686964118
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4980b3bed6afc00b05b82c8e119c3ee2f67ae107671f8064ed15d433a994b126

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 17 Jun 2023 01:08:38 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"648d0796-3e1d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KwPCBN%2FomSg1n8KwvWsN3pttwcV6KhrCms5MKa8Pj3h%2F8SXqg554stmk7BALLDR1E0TiwdgkcWqwkzic2JDTopQkjEcjhMYCZIVZhXW4tfzVyFmkrlNNIJ6vAtubqjl%2BYej5Qw8x66HNdKkTqxaF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7d87c67c28412bd6-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Jul 2023 01:08:40 GMT

GET
H3 200 1321935-layout-partial.js Show response
www.bandab.com.br/wp-content/cache/min/1/wp-content/uploads/bb-plugin/cache/ 10 KB
3 KB 118ms
115ms Script
application/javascript 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/cache/min/1/wp-content/uploads/bb-plugin/cache/1321935-layout-partial.js?ver=1686964118
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b56813b889331c48063a45f22cfc9bb197196766d73dc11b1fa281a98a5e27a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 17 Jun 2023 01:08:38 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"648d0796-28f2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8p4YuhCZMklPdN%2BKBezrPMoxT9AOqOvlTp7pIfQsxtEWITMGzlTXAjIheWuQyRbDB4bbPe2cZE%2FNqG42sTWI1xm1zrVYWNfxpcSK9KnEhB%2FgBqSj27sbViFvxGF%2FLKtAFJl2mVyH83L9rYKYuqWc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7d87c67c28422bd6-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Jul 2023 01:08:40 GMT

GET
H3 200 1321936-layout-partial.js Show response
www.bandab.com.br/wp-content/cache/min/1/wp-content/uploads/bb-plugin/cache/ 10 KB
3 KB 116ms
113ms Script
application/javascript 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bandab.com.br/wp-content/cache/min/1/wp-content/uploads/bb-plugin/cache/1321936-layout-partial.js?ver=1686964118
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc592d9207115998fe09ced1591902d708275c2c14934b110bd5350b353ac26f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 17 Jun 2023 01:08:38 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"648d0796-2819"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BRPrOdlFd7kpOrdg1yatGkU0zzVCs%2BiqyfTNdlZPeU3a3m67%2FTai5MAbOcQhMYegCcxuzuEUjnSR4CAMR%2FDcsDP6IIRuYkVNUUUcFLDaBUAf2ZQagGlMn9leeuXs7MYFALpUxGAy5Fj7OuI%2BT3eV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7d87c67c28432bd6-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Jul 2023 01:08:40 GMT

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 61ms
41ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer: https://www.bandab.com.br/
Origin: https://www.bandab.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7d87c67c3b2f3803-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8LD2LZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 17 Jun 2023 00:35:22 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 5905
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Sat, 17 Jun 2023 02:35:22 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 108 KB
28 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.bandab.com.br
URL: https://www.bandab.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

64816ef42196992f1120608cafa36df8e03c81064551abb6f23bc00f69bf6727

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 17 Jun 2023 02:13:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27810
x-xss-protection: 0
pragma: public
x-fb-debug: vSA+8E5X6Ln7DQBYQ+VYehg+tExIWB4MS18bV61ha8DrE1r4ZZeKOoYPq1j61doS7F9InjnJi7uWl6VaIlLkxw==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 f326cb3e-4302-4f7b-ac75-0b31153d0c59 Show response
tags.premiumads.com.br/dfp/ 64 KB
22 KB 267ms
14ms Script
text/javascript 2606:4700:20::681a:e79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.premiumads.com.br/dfp/f326cb3e-4302-4f7b-ac75-0b31153d0c59

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8LD2LZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

c484f010baddf63b46ca78b2b64e01734a55d69d23a51716a6fd6856d443ba20

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
strict-transport-security: max-age=2592000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 196241
x-powered-by: ASP.NET
request-context: appId=cid-v1:7814785e-b65d-4def-8f8d-ccf729ea4107
cf-bgj: minify
last-modified: Wed, 14 Jun 2023 19:43:06 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1l%2BIlrl1ni%2FVk%2BaY1Dr80uMudhsTIruiIhmrOgaPOdYJIui61E7xcb7d22VLlpe8Ykq%2BGKArT41A98reRURdtEShKXf0im5TAPP%2FE2sOsvUJ0KE59dHqcHIf1f2oZ%2F2xIF6cTJshY0ahiYS6upSg%2BmFNCaI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=3600
cf-ray: 7d87c67dde6d1cbd-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
26 KB 48ms
23ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.bandab.com.br
URL: https://www.bandab.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cace9c1af6a8632645e48faf9c2b2da116c5daebd34975667f828a3a6fa10ec6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26461
x-xss-protection: 0
server: cafe
etag: 471 / 19525 / m202306130101 / config-hash: 4553594699066521459
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 02:13:47 GMT

GET
H2 200 prebid.js Show response
tags.denakop.com/ 272 KB
84 KB 52ms
25ms Script
application/javascript 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.denakop.com/prebid.js
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee888bc3e7a166fe422eb4ba38421559ac0d86114235822d5ee02d8c5bdd7d63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 17 Apr 2023 14:43:23 GMT
server: cloudflare
age: 140
cf-polished: origSize=279167
etag: W/"643d5b0b-4427f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, must-revalidate, max-age=3600
timing-allow-origin: *
cf-ray: 7d87c67c69ca1e64-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 bandab.com.br.js Show response
tags.denakop.com/10617/ 229 KB
39 KB 405ms
378ms Script
application/javascript 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.denakop.com/10617/bandab.com.br.js
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d70c72beb547d4c4e78b49a89ee7dbdb813359f0943d82f85b69de3a08f2da3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Fri, 16 Jun 2023 15:07:29 GMT
server: cloudflare
etag: W/"648c7ab1-3932d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, must-revalidate, max-age=3600
timing-allow-origin: *
cf-ray: 7d87c67c69cb1e64-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 254 KB
87 KB 32ms
24ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T0B40GWGJG&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8LD2LZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4476402a7c7df1046d5ef404d5e5b60cc899fd5a489c1b7e65a43e14aaafd01e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88585
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 17 Jun 2023 02:13:47 GMT

GET
H2 200 40507 Show response
tag.navdmp.com/u/ 511 B
510 B 147ms
141ms Script
application/javascript 2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/u/40507
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e74639e37bb8ca0e6ba3a05c3f0c0e0efecd7988e867f79434b955ac5190b5c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 07 Sep 2021 18:44:59 GMT
server: cloudflare
etag: W/"6137b32b-1ff"
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7d87c67c4d8e5b74-FRA
expires: Sat, 17 Jun 2023 03:13:47 GMT

GET
H2 200 172047844822838 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 75ms
74ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/172047844822838?v=2.9.107&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8083294c1040ddf5c53431374259890b6fc5128c1cc53fb28270c605d2a7f496

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 17 Jun 2023 02:13:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: H3749tK5Bvug0KmrjD+o7g4vvqWW2ayImEqWj5B2c8HinfrWj9M9DDi5K8/d/LxWXVJbW52kCwtjHKXKeMjK1g==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 16ms
15ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=435435006&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bandab.com.br%2F&ul=en-us&de=UTF-8&dt=%C3%9Altimas%20Not%C3%ADcias%20de%20Curitiba%2C%20Brasil%20e%20Mundo%20est%C3%A3o%20aqui%20-%20Portal%20Banda%20B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=746212892&gjid=201903731&cid=1421759946.1686968028&tid=UA-12854420-1&_gid=865091495.1686968028&_r=1&_slc=1&gtm=45He36e0n81W8LD2LZ&z=119479191

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bandab.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
69 B 16ms
15ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=435435006&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bandab.com.br%2F&ul=en-us&de=UTF-8&dt=%C3%9Altimas%20Not%C3%ADcias%20de%20Curitiba%2C%20Brasil%20e%20Mundo%20est%C3%A3o%20aqui%20-%20Portal%20Banda%20B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=1284175693&gjid=1410243778&cid=1421759946.1686968028&tid=UA-66850008-1&_gid=865091495.1686968028&_r=1&_slc=1&gtm=45He36e0n81W8LD2LZ&z=1184588226

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bandab.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 38ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-T0B40GWGJG&gtm=45je36e0&_p=435435006&cid=1421759946.1686968028&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1686968027&sct=1&seg=0&dl=https%3A%2F%2Fwww.bandab.com.br%2F&dt=%C3%9Altimas%20Not%C3%ADcias%20de%20Curitiba%2C%20Brasil%20e%20Mundo%20est%C3%A3o%20aqui%20-%20Portal%20Banda%20B&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T0B40GWGJG&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bandab.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
351 B 52ms
16ms XHR
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-66850008-1&cid=1421759946.1686968028&jid=1284175693&gjid=1410243778&_gid=865091495.1686968028&_u=YEDAAEABAAAAACAAI~&z=731775846

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 17 Jun 2023 02:13:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bandab.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/ 408 KB
126 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e190fdf47cb7389e127605fc34bfb1bfc74281d5264501b79f2779008a2ae73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 19:53:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22806
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128933
x-xss-protection: 0
server: cafe
etag: 1396361306703029922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 15 Jun 2024 19:53:41 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 2 KB
684 B 31ms
15ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bandab.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6238ca7d14bde75b4b16a2cd7d011f835a33498f2f733a83157ffa359a5c72e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 659
x-xss-protection: 0
expires: Sat, 17 Jun 2023 02:13:47 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 40ms
17ms XHR
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-12854420-1&cid=1421759946.1686968028&jid=746212892&gjid=201903731&_gid=865091495.1686968028&_u=YEBAAEAAAAAAACAAI~&z=331952743

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 17 Jun 2023 02:13:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bandab.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 149 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3ac76e656d40006eb90fdf8c17a03b53fe8840a3f386c1ee16dedadf9cb94a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 97 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e78cf489f5de1111c5e3913430da26c8f502f729272e906ed4e6185ffd32a0cc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e49c3a5d7082aaf24caff51ecd5e4ffb973b739b786bbcc5e5da15dee0b256d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 foto-agressoes-confusao-PM-colegio-RMC-150x150.jpg.webp
www.bandab.com.br/wp-content/uploads/2023/06/ 2 KB
2 KB 103ms
103ms Image
image/webp 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bandab.com.br/wp-content/uploads/2023/06/foto-agressoes-confusao-PM-colegio-RMC-150x150.jpg.webp
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b06424c12538425a9e76630569ec4a63c33eac6d05344d404618d5b80133a6de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
cf-cache-status: HIT
last-modified: Fri, 16 Jun 2023 19:41:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "648cbae0-74c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QdiPpBxXiJhhv%2Fz0Ae7a0k7BHZufHIRdns9hgKxAVqDHgWkqkrokejHFiSxFEn6gKMaA%2BgaPwpLFiAex0D6XKq%2F9%2FTbF0lfRzLpjoCyyQCexPot4LG1z7KuWAT%2ByHeNtqTmq3d0ahKpXuqwXWL4D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 7d87c67d79152bd6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1868

GET
H3 200 pattern.png
www.bandab.com.br/wp-content/themes/bandab/assets/img/ 44 B
602 B 18ms
17ms Image
image/webp 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bandab.com.br/wp-content/themes/bandab/assets/img/pattern.png
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/wp-content/cache/min/1/wp-content/themes/bandab/style.css?ver=1686964084
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78ef8b1bdcfa609810428c5919f9e2b93b1814e72cef4bfde24203c216c5b6d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/wp-content/cache/min/1/wp-content/themes/bandab/style.css?ver=1686964084
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1852737
cf-polished: origFmt=png, origSize=2818
content-disposition: inline; filename="pattern.webp"
alt-svc: h3=":443"; ma=86400
content-length: 44
cf-bgj: imgq:85,h2pri
last-modified: Thu, 25 Feb 2021 14:29:41 GMT
server: cloudflare
etag: "6037b455-b02"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l8V1IYqF4Qhdthcei39cGVxyMSRbPSobGbNvS3qtbR69IO0S3PvD8ZztizF3pVJQspP7fIGCD0a%2BsKEEPqq%2FO%2FTXDulDxIUQIFh4gBJck21xpwRzSsZ9JAuiSrRtYZtYi0QJ2iZOkYN%2FFJvtBV4K"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7d87c67d79182bd6-FRA
expires: Sun, 25 Jun 2023 13:50:07 GMT

GET
DATA 200
OK truncated
/ 206 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 323babff610bb7478f9418ec6484a134d4f9588fde5604879efb388141fd017a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 124 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e252b4df1d5a97158d386a14875a780fd8a750fb2c0912721c8de569e04dfa1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 134 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59c2b7554348a8c70a072f8b164b72123efb005052d551911d535f652818c059

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 169 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a5c7ae7ce422d6c2fb74fdc0dd719db42d96ed2a0d930849624d31bd6ed574d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 199 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b874864be42e77b3d08f0a521c41dfda69386886572de492d5dc201f2426773

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 302 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9cda203cc3b7a9dc54cc96e785db2a7995bc2d64d918ccdcb5f216d39bcddd4e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 43ms
19ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-66850008-1&cid=1421759946.1686968028&jid=1284175693&_u=YEDAAEABAAAAACAAI~&z=506243267

Requested by

Host: www.bandab.com.br
URL: https://www.bandab.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 44ms
20ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-66850008-1&cid=1421759946.1686968028&jid=1284175693&_u=YEDAAEABAAAAACAAI~&z=506243267

Requested by

Host: www.bandab.com.br
URL: https://www.bandab.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 42ms
18ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-12854420-1&cid=1421759946.1686968028&jid=746212892&_u=YEBAAEAAAAAAACAAI~&z=2045265099

Requested by

Host: www.bandab.com.br
URL: https://www.bandab.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 44ms
21ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-12854420-1&cid=1421759946.1686968028&jid=746212892&_u=YEBAAEAAAAAAACAAI~&z=2045265099

Requested by

Host: www.bandab.com.br
URL: https://www.bandab.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.facebook.com/tr/
Redirect Chain

https://www.facebook.com/tr/?id=172047844822838&ev=PageView&dl=https%3A%2F%2Fwww.bandab.com.br%2F&rl=&if=false&ts=1686968027821&sw=1600&sh=1200&v=2.9.107&r=stable&ec=0&o=30&fbp=fb.2.1686968027820.1...
https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fwww.bandab.com.br%2F&ec=0&ev=PageView&exp=c0&fbp=fb.2.1686968027820.120793871&id=172047844822838&if=false&it=1686968027612&o=30&r=stable&redi...

0
58 B

7ms
7ms

Image
text/plain

2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fwww.bandab.com.br%2F&ec=0&ev=PageView&exp=c0&fbp=fb.2.1686968027820.120793871&id=172047844822838&if=false&it=1686968027612&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1686968027821&v=2.9.107

Requested by

Host: www.bandab.com.br
URL: https://www.bandab.com.br/

Protocol

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 17 Jun 2023 02:13:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
content-type: text/plain
location: /tr/?coo=false&dl=https%3A%2F%2Fwww.bandab.com.br%2F&ec=0&ev=PageView&exp=c0&fbp=fb.2.1686968027820.120793871&id=172047844822838&if=false&it=1686968027612&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1686968027821&v=2.9.107
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 usr Show response
usr.navdmp.com/ 359 B
429 B 165ms
150ms Script
application/javascript 2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=9&acc=40507&u=1&new=1&wst=0
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fa75f0199bfb788fe8daf5746e7fc0fab18c706c090c058043294f3c0ad602a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: public
date: Sat, 17 Jun 2023 02:13:47 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
cf-ray: 7d87c67e0e525b74-FRA
expires: Sat, 17 Jun 2023 03:13:47 GMT

GET
DATA 200
OK truncated
/ 169 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c643acd4299182ed20b5db80b1dda15288df04797b18c7944dfb4e517274816

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 146 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f6fdac4667234f6868428d5f4a90ef737e438c85b4a0e8273154e076df17db4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 92 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 569c0a006583baaf968e791b7ce0b2de297661e6fc15c111164f805f7e344147

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 202 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97ecbbc7be4c95a923bc54c3815de8f3e45665be57a2270d1e27c6fb0882ff68

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 144 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4884a8466a68c6ee26c9f528952cc3da92480da90394ab42b99638bd115225fe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 168 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ae57bcd90d045217b7103d8325f8c9b8f5e26f100818ca25dbaf283de83fc51

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 123 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7fd607f7b5289dcd8c660c69e0275c9371420e20f1b20100f060f21da12885a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 127 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90d0f24b3f8187d397a6a0af65f4fb5c516de6047cc3ee828bacf73a9e3fc75e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 188 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e5a925a5d70f3745b6fe5d0f5c048993269c9a2f467cb658c6ba4a5b83e8f91

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pbjs-min.js Show response
tags.premiumads.com.br/scripts/ 369 KB
117 KB 24ms
24ms Script
text/javascript 2606:4700:20::681a:e79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/f326cb3e-4302-4f7b-ac75-0b31153d0c59

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

c32751ea91f13114fc5c05dac758bc339c4c6b45f96b3fe4f4a22913b155ad79

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:48 GMT
strict-transport-security: max-age=2592000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 199378
x-powered-by: ASP.NET
request-context: appId=cid-v1:7814785e-b65d-4def-8f8d-ccf729ea4107
last-modified: Wed, 14 Jun 2023 14:39:46 GMT
server: cloudflare
etag: W/"1d99ece106fa0a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4oHn78kXtD5pcA%2B3mBagZUwsyXpJHv4PzpcLoU%2BYXDJc%2Bjn3zKtAS9nv9VYysoSEQ9EAh1F7oXaFAjQ3A4%2BvyYBj8%2BZE6HklJxMaynP%2B1R1qKWR9DaGfYkunfpOymkumJX8WFJp0eTHbmUjSHh6SxNqBKIQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=31536000
cf-ray: 7d87c67f0f1e1cbd-FRA

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25a5de68d390f7c0ee9384f03a6f087c66bc3b6eb37c37f7351735770183017f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 124 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f76b82a2bbb605098bc654b7235725cb3fc06acb7d88f85c02152b3641232efa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 127 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8da2257ec784d5c8427955e9c279ed0713c8e27bf34f6a6c8f6b5cd5d62b4a18

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 194 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0ccb145a41a2c3a41b3a6fe76921b1d59f2aee58e32e8ac25e4e2fc5ec23c9b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 43ms
26ms Script
application/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151602

Requested by

Host: www.bandab.com.br
URL: https://www.bandab.com.br/wp-content/cache/min/1/sdks/OneSignalSDK.js?ver=1686964085

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ed7f43d675c0d203d845162c122fd2a7ec79093655370e9ce24e9408c80227a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:48 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 720
etag: W/"153f1c4acb6a72d6e5def93aaa717bee"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7d87c6803ca1927f-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Tue, 20 Jun 2023 02:13:48 GMT

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
100 B 158ms
142ms Script
application/x-javascript 2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=9&id=12dde6d012357e2c3c69e884a010%7C0&acc=40507&tit=%25DAltimas%2520Not%25EDcias%2520de%2520Curitiba%252C%2520Brasil%2520e%2520Mundo%2520est%25E3o%2520aqui%2520-%2520Portal%2520Banda%2520B&url=https%253A%2F%2Fwww.bandab.com.br%2F&upd=1&new=1&h1=Corpo%2520de%2520menino%2520Thiago%2520n%25E3o%2520tem%2520sinais%2520de%2520viol%25EAncia%252C%2520apontam%2520primeiros%2520exames
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7d87c6803f1f5b74-FRA
content-length: 6
content-type: application/x-javascript

GET
H2

200

sync Show response
sync2.navdmp.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=81032302610
https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm=&id=81032302610&google_tc=
https://sync2.navdmp.com/sync?prtid=2&id=81032302610&google_gid=CAESEKvUHlS31UCzwjiP77LznP8&google_cver=1

6 B
57 B

165ms
149ms

Script
application/javascript

2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync2.navdmp.com/sync?prtid=2&id=81032302610&google_gid=CAESEKvUHlS31UCzwjiP77LznP8&google_cver=1
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H2
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7d87c681ffb35b74-FRA
content-length: 6
content-type: application/javascript

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync2.navdmp.com/sync?prtid=2&id=81032302610&google_gid=CAESEKvUHlS31UCzwjiP77LznP8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/sync/ 43 B
418 B 54ms
18ms Image
image/gif 95.101.148.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-198.deploy.static.akamaitechnologies.com
Software: MT3 1031 59fd23a master cdg cdg-pixel-x15 config_version:"1438" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 02:13:48 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x15 config_version:"1438"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Sat, 17 Jun 2023 02:13:47 GMT

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58727/
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

0
125 B

83ms
7ms

Image
text/plain

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

Requested by

Host: www.bandab.com.br
URL: https://www.bandab.com.br/

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:48 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date: Sat, 17 Jun 2023 02:13:48 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0108.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
content-language: en
location: https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
content-type: text/html
cache-control: no-store
content-length: 344

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 103 KB
40 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=undefined

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/10617/bandab.com.br.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

15d846aa3b5eb35c374e93f1b1c51a76876f8259713259bc6c97d485e46d6ca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41329
x-xss-protection: 0
last-modified: Sat, 17 Jun 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 17 Jun 2023 02:13:48 GMT

GET
H2 200 api.gif
tags.denakop.com/ 0
312 B 117ms
116ms Image
image/gif 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10617&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=p&p=https%3A%2F%2Fwww.bandab.com.br%2F&t=1686968028186&cb=0.3182907841585503

Requested by

Host: www.bandab.com.br
URL: https://www.bandab.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:48 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 7d87c6803cae1e64-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 / Show response
id.navegg.com/uid/ 16 B
303 B 666ms
620ms XHR
application/json 2606:4700:10::6814:e280
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.navegg.com/uid/

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:e280 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

558ffc306fcfed53467bbf376f405a03f22c4b47a02c4a446d05a769852585dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Jun 2023 02:13:48 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
server: cloudflare
cross-origin-opener-policy: same-origin
vary: Accept
allow: OPTIONS, GET
content-type: application/json
access-control-allow-origin: *
x-frame-options: DENY
cf-ray: 7d87c680988e2bbe-FRA
access-control-allow-headers: *
content-length: 16
access-control-allow-method: GET

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 718 B
2 KB 161ms
112ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15410&site_id=96666&zone_id=522080&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!premiumads.com.br,f326cb3e-4302-4f7b-ac75-0b31153d0c59,1,,,&eid_navegg.com=12dde6d012357e2c3c69e884a010%5E1&rf=https%3A%2F%2Fwww.bandab.com.br%2F&tg_i.domain=bandab.com.br&tg_i.page=https%3A%2F%2Fwww.bandab.com.br%2F&tg_i.pbadslot=%2F75894840%2C1315984%2FBANDA_B_INFEED_01%23P_BANDA_B_INFEED_01_0%3B%2F75894840%2C1315984%2FBANDA_B_INFEED_02%23P_BANDA_B_INFEED_02_0%3B%2F75894840%2C1315984%2FBANDA_B_INFEED_03%23P_BANDA_B_INFEED_03_0%3B%2F75894840%2C1315984%2FBANDA_B_INFEED_04%23P_BANDA_B_INFEED_04_0&tk_flint=pbjs_lite_v7.45.0&x_source.tid=6056b8ae-85e7-47a3-944e-ecb1bd3de10a%3B2f10c3e7-a87e-4901-a8a7-47ab790e4945%3Be25ee22e-f534-4aa3-99ce-3ded3994de22%3Bc8581524-6218-4300-8546-da568a073ef3&l_pb_bid_id=2ef9bd8b5d622d%3B3d07467bea767d%3B4777a3c912b38b%3B544138dc63b0ae&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=6056b8ae-85e7-47a3-944e-ecb1bd3de10a%3B2f10c3e7-a87e-4901-a8a7-47ab790e4945%3Be25ee22e-f534-4aa3-99ce-3ded3994de22%3Bc8581524-6218-4300-8546-da568a073ef3&rp_hard_floor=0.0103&rp_maxbids=1&p_gpid=%2F75894840%2C1315984%2FBANDA_B_INFEED_01%23P_BANDA_B_INFEED_01_0%3B%2F75894840%2C1315984%2FBANDA_B_INFEED_02%23P_BANDA_B_INFEED_02_0%3B%2F75894840%2C1315984%2FBANDA_B_INFEED_03%23P_BANDA_B_INFEED_03_0%3B%2F75894840%2C1315984%2FBANDA_B_INFEED_04%23P_BANDA_B_INFEED_04_0&slots=4&rand=0.7909531589113208
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 76b04b1fdf599879726cd863376fee5a4cfd3eb60e9ecfa056afd7466c6fd9b4

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:48 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bandab.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
829 B 53ms
18ms XHR
application/json 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 02:13:48 GMT
AN-X-Request-Uuid: ce1f7c29-c07d-4af3-9f50-e0db6b5f72f1
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bandab.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
196 B 70ms
16ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.45.0&cb=73636962494&lsavail=1

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bandab.com.br
date: Sat, 17 Jun 2023 02:13:48 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
339 B 195ms
21ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:47 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bandab.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
339 B 196ms
22ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:47 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bandab.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
339 B 194ms
20ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:48 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bandab.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
339 B 195ms
21ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:47 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bandab.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
172 B 53ms
13ms XHR
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 8
date: Sat, 17 Jun 2023 02:13:47 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://www.bandab.com.br
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
237 B 50ms
16ms XHR
text/html 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Jun 2023 02:12:56 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.bandab.com.br
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
237 B 49ms
16ms XHR
text/html 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Jun 2023 02:12:56 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.bandab.com.br
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
237 B 71ms
38ms XHR
text/html 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Jun 2023 02:12:56 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.bandab.com.br
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
238 B 48ms
15ms XHR
text/html 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Jun 2023 02:12:56 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.bandab.com.br
access-control-allow-credentials: true

POST
H2 200 bid Show response
s.seedtag.com/c/hb/ 11 B
411 B 108ms
85ms XHR
application/json 34.149.50.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Jun 2023 02:13:48 GMT
via: 1.1 google
server: openresty
etag: W/"b-OSzRjQUfcriHUprCmY2lR0nxM48"
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bandab.com.br
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
365 B 30ms
8ms XHR
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.bandab.com.br
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 pb Show response
ad.360yield.com/1879/ 0
171 B 111ms
38ms XHR
text/plain 52.213.96.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/1879/pb
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.96.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-96-27.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bandab.com.br
date: Sat, 17 Jun 2023 02:13:48 GMT
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
1 KB 129ms
82ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUM45834
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2e742d40a975b5e95715f9480f4b8698379abc63c707a0949eea4397249af9d1

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:48 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.bandab.com.br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 17 Jun 2023 02:13:48 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
593 B 31ms
8ms XHR
application/json 18.194.103.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.45.0&referrer=https%3A%2F%2Fwww.bandab.com.br%2F&tmax=2500

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.194.103.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-103-231.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:48 GMT
accept-ch: sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width
x-auction-status: 29, 29, 29, 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bandab.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 TI_hmHbg22M Show response
www.youtube.com/embed/ Frame FD7E 74 KB
32 KB 96ms
74ms Document
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/TI_hmHbg22M?feature=oembed

Requested by

Host: www.bandab.com.br
URL: https://www.bandab.com.br/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js?ver=702

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bbf5155c2d5ffaa72f4e521696dfb1f3a2e2cff9c389714daed6c190377216cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bandab.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 02:13:48 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Thiago-Vinicius-de-2-anos-00766285-0-202306161832-ScaleDownProportional-768x432.webp
www.bandab.com.br/wp-content/uploads/2023/06/ 48 KB
48 KB 118ms
118ms Image
image/webp 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bandab.com.br/wp-content/uploads/2023/06/Thiago-Vinicius-de-2-anos-00766285-0-202306161832-ScaleDownProportional-768x432.webp
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 664e13e54da38a14bd35503e2f8b4c770c33a99ddf8599e549d33da0e3c8b1c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:48 GMT
cf-cache-status: HIT
last-modified: Fri, 16 Jun 2023 21:59:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "648cdb41-bed0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UHC4plEwK1UwaTeHGKovjB6jI7GdvPwhcqq4vBd8eVowUN5LHb%2FEGMr0RiuzUzdQrqv%2BhOVg89Sp2ifr5vw2w4uCcOgqivWXswA%2F%2BbjCXtwljsx7EoT8IuHtrdoPeyvTLi4BcW7d%2FYqJ7mHvv3%2Bs"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 7d87c6815bc22bd6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 48848

GET
H3 200 WhatsApp-Image-2023-06-16-at-20.02.19-150x150.jpeg.webp
www.bandab.com.br/wp-content/uploads/2023/06/ 4 KB
4 KB 107ms
106ms Image
image/webp 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bandab.com.br/wp-content/uploads/2023/06/WhatsApp-Image-2023-06-16-at-20.02.19-150x150.jpeg.webp
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abb5261378b3567735da40fb33fe3d3fb60dac9567b711d2fb577e1d058484f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:48 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Jun 2023 00:31:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "648cfece-f12"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b6GRYvWCIIlkCpw54BF9QNRZlco2z277PIHPswwe3VuVJhV5XkKYcD9zgrAU16FXrWZfE3Hu1qNSOqMUIMgaEs6sp7WgMa6b7ma2QbUcLe9B86xQpvgBrX1qrF1fVladl5k8C40ivrTtHsAqx4Ow"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 7d87c6815bc52bd6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3858

GET
H3 200 trote-violento-na-ufpr-capa-300x133.jpg.webp
www.bandab.com.br/wp-content/uploads/2023/05/ 10 KB
10 KB 106ms
105ms Image
image/webp 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bandab.com.br/wp-content/uploads/2023/05/trote-violento-na-ufpr-capa-300x133.jpg.webp
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47350ac5c7c812ed692edb45d98c8cd45d7a6374d55542fd6b89c74dddb0c101

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:48 GMT
cf-cache-status: HIT
last-modified: Fri, 26 May 2023 21:42:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "647127e3-2798"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ovg0OtmgUKotds2swQN0Ay1IrUXmo9sMjZClpU2t1oHwyY5YksCKfdaLvHWDMnKmD%2FQpwZhn6PsmaZXCZY0s3ZaMjTn%2Bz%2B4vCKmTa4lbefc08%2Bi4LhNZ47PaDH8WbvCNmfxHx2Cc5OSlfjqJHpjQ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 7d87c6815bc62bd6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 10136

GET
H3 200 bolsonaro-mauro-cid-3-150x150.jpg.webp
www.bandab.com.br/wp-content/uploads/2023/05/ 3 KB
4 KB 110ms
109ms Image
image/webp 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bandab.com.br/wp-content/uploads/2023/05/bolsonaro-mauro-cid-3-150x150.jpg.webp
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1784d67c5c3ad0ee8b11e6fa420eb60b405a4cdc45aaaf020569a68a12782fc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:48 GMT
cf-cache-status: HIT
last-modified: Fri, 05 May 2023 11:54:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6454ee7c-d22"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=56rKRn59Pi2vbsQr84TIkc5zhsW5hmhxS79JiWR1ARR8CXG2DTbyN2VLT9F0Gk0dmVRQqgB7BycWsPa%2Bb%2BRFjbJLQ99FXKzSpH5ohkquCKy0R%2BQ2qp%2FADjYAMpNSgktMdd6hF1nwyZscsy7lUSVL"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 7d87c6815bc72bd6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3362

GET
H3 200 ambulancia-samu-150x150.jpg.webp
www.bandab.com.br/wp-content/uploads/2023/06/ 4 KB
4 KB 110ms
110ms Image
image/webp 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bandab.com.br/wp-content/uploads/2023/06/ambulancia-samu-150x150.jpg.webp
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cbb201ac659fb77352e55f332402214bd1878340e21e75ecb70840e25f89be2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:48 GMT
cf-cache-status: HIT
last-modified: Fri, 16 Jun 2023 19:54:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "648cbe11-fa4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rLUg47m1z7U3dZaCm4CQvr%2BdP%2BLIWqe74UJnqspmyL6hnOByJvBteV2qtEJMwTYYOm3fF63s8w86uwiHk8Ajupzjsja4mRX2eplYxSZFtUUzJUjVsP%2FI8Os7MS4ESVxFx1JauAc1gBAboitv%2BLJH"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 7d87c6815bc82bd6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4004

GET
H3 200 AGF20230616041-1280x720.jpg.webp
www.bandab.com.br/wp-content/uploads/2023/06/ 65 KB
65 KB 108ms
107ms Image
image/webp 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bandab.com.br/wp-content/uploads/2023/06/AGF20230616041-1280x720.jpg.webp
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 386c40c749f23a4937e604a7a8c58aaf5e80c4b3101020187566eef4e5f4b93e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:48 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Jun 2023 00:22:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "648cfcbd-10202"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wSA6tc4wUV71tRUC%2F58DUZDEXJygyqtdJi6PRXPxRhRqy2IUEej%2Bp3pUfNvNWcV%2BkSC3pnbgquh7d%2B8Dh12%2Fw3SV1qWUiS3VK2%2BLksXIIXab%2B6n%2BIODOp%2BxcafCk%2Fg3c574AmZzpfyRvKBvMNmzr"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 7d87c6815bc92bd6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 66050

GET
H3 200 ATHLETICO-X-LIBERTAD-2023.06.06-1251-e1686940875249-1280x720.jpg.webp
www.bandab.com.br/wp-content/uploads/2023/06/ 35 KB
35 KB 115ms
114ms Image
image/webp 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bandab.com.br/wp-content/uploads/2023/06/ATHLETICO-X-LIBERTAD-2023.06.06-1251-e1686940875249-1280x720.jpg.webp
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be8f5645dccfd1aba82034b0cac3fa513503600da5f345ab732db2598b80fad8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:48 GMT
cf-cache-status: HIT
last-modified: Fri, 16 Jun 2023 18:41:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "648cacd0-8b0e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hETcWOheTtb0p8PAWULYNudeUUZZlU7XcEn%2BlI8CxyzojZiED7zhlOuYZvfEX3xFn3HuuJwRCKp6CzoUPVIj%2Fig5YA%2FlxBDh8AR5Bs%2F56glIdl7XQQ%2BAzruC6rDeI5LwdK6K8VVltM3XYP5mCGu3"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 7d87c6815bca2bd6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 35598

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 1759 0
18 B 36ms
24ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.bandab.com.br
URL: https://www.bandab.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.bandab.com.br
Referer: https://www.bandab.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.bandab.com.br
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 02:13:48 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 53ms
17ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bandab.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 97 KB
28 KB 443ms
443ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3491996457415813&correlator=2556714117657742&output=ldjh&gdfp_req=1&vrg=202306130101&ptt=17&impl=fifs&iu_parts=75894840%3A1315984%2CBANDA_B_INFEED_01%2CBANDA_B_INFEED_02%2CBANDA_B_INFEED_03%2CBANDA_B_INFEED_04&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=970x250%7C970x90%7C728x90%7C1270x250%2C970x250%7C970x90%7C728x90%7C1270x250%2C970x250%7C970x90%7C728x90%7C1270x250%2C970x250%7C970x90%7C728x90%7C1270x250&ifi=1&adks=2827724828%2C2463581722%2C3919559895%2C1491376082&didk=1852306080~1852306987~1852303986~1853216457&sfv=1-0-40&fsbs=1%2C1%2C1%2C1&prev_scp=pp_loop%3D00%26pp_pb%3D0.05%7Cpp_loop%3D00%26pp_pb%3D0.05%7Cpp_loop%3D00%26pp_pb%3D0.05%7Cpp_loop%3D00%26pp_pb%3D0.05&cust_params=url%3Dbandab.com.br%26categoria%3Dhome&sc=1&cookie_enabled=1&abxe=1&dt=1686968028483&lmt=1686964126&dlt=1686968027323&idt=662&adxs=265%2C265%2C265%2C265&adys=2629%2C3664%2C4807%2C6403&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C3%7C4&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bandab.com.br%2F&frm=20&vis=1&psz=670x250%7C670x250%7C670x250%7C1385x250&msz=1270x250%7C1270x250%7C1270x250%7C1270x250&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&ga_vid=1421759946.1686968028&ga_sid=1686968028&ga_hid=435435006&ga_fc=true&ga_cid=865091495.1686968028

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

720b9a6e5af1ddfd73183c84c56bcca7e40179e79839804dc8f7d7ee058cdae4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28399
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bandab.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 393E 6 KB
3 KB 117ms
41ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bandab.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 02:13:48 GMT
expires: Sun, 16 Jun 2024 02:13:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 web Show response
onesignal.com/api/v1/sync/69a022a7-ce44-4eb2-8e90-2e58ef1fc303/ 3 KB
2 KB 17ms
16ms Script
text/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/69a022a7-ce44-4eb2-8e90-2e58ef1fc303/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151602

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7c5b762dcf3c614109d3b091b3342e3fc708b89da58fb9b6c2863a4ca7e8876

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:48 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
age: 1718
cf-polished: origSize=3443
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 82814f69-31bc-4764-8c29-ff2129b4a079
x-runtime: 0.039188
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"21a19ceeb0e221fe239608ce497b58bc"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 7d87c6822e38927f-FRA
access-control-allow-headers: SDK-Version
expires: Sat, 17 Jun 2023 03:13:48 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/6ed0d907/ Frame FD7E 410 KB
48 KB 8ms
6ms Stylesheet
text/css 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6ed0d907/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TI_hmHbg22M?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2709731f5398ffb835d8845f6f4c78f052d7b7792c810b14d443c0f2094724

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/TI_hmHbg22M?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 01:52:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1303
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49278
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 01:47:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 16 Jun 2024 01:52:05 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/6ed0d907/www-embed-player.vflset/ Frame FD7E 308 KB
93 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6ed0d907/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TI_hmHbg22M?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b566d22c0563b579149060354f5b869a6721f5b9543c07a7509928a8e6687d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/TI_hmHbg22M?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94811
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 01:47:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 16 Jun 2024 02:13:21 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/6ed0d907/player_ias.vflset/de_DE/ Frame FD7E 2 MB
2 MB 21ms
19ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TI_hmHbg22M?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b68c6f76784b3b53d018faab33edcc0f9a82c2e76ab042f00c253d3e75e2f74d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/TI_hmHbg22M?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 01:56:24 GMT
x-content-type-options: nosniff
age: 87444
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2397724
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 01:47:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 15 Jun 2024 01:56:24 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/6ed0d907/fetch-polyfill.vflset/ Frame FD7E 9 KB
3 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6ed0d907/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TI_hmHbg22M?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/TI_hmHbg22M?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 01:00:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4408
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2625
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 01:47:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 16 Jun 2024 01:00:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FD7E 15 KB
15 KB 9ms
6ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TI_hmHbg22M?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 10:16:17 GMT
x-content-type-options: nosniff
age: 57451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Jun 2024 10:16:17 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FD7E 15 KB
15 KB 10ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TI_hmHbg22M?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 17:47:45 GMT
x-content-type-options: nosniff
age: 548763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 17:47:45 GMT

GET
H3 200 Pericia-e-IML-foram-ao-hospital-00766277-0-202306161810-ScaleDownProportional-300x200.webp
www.bandab.com.br/wp-content/uploads/2023/06/ 8 KB
8 KB 118ms
115ms Image
image/webp 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bandab.com.br/wp-content/uploads/2023/06/Pericia-e-IML-foram-ao-hospital-00766277-0-202306161810-ScaleDownProportional-300x200.webp
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd563fcefe557df049270e53e54424741ab60e24e47deabd17da0f921fbd246d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:48 GMT
cf-cache-status: HIT
last-modified: Fri, 16 Jun 2023 22:05:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "648cdca4-1f88"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJp1RIG9nssnO9Qx2MfD9Php2ytPcg3ZFe%2BmsAwGYCIr4ou26OW8nBy%2F2D7Q75fKp%2FnHkRzCFa4iZFltk7FzmZbGb%2BImR2V%2B6oe1tCsl21U9VqS2o3W4QXJJlUg1MCFU%2BmAWM0u8SnVna905QPE4"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 7d87c682ecd72bd6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 8072

GET
H3 200 taxis-eletricos-Curitiba-3-150x150.jpeg.webp
www.bandab.com.br/wp-content/uploads/2023/06/ 5 KB
6 KB 109ms
106ms Image
image/webp 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bandab.com.br/wp-content/uploads/2023/06/taxis-eletricos-Curitiba-3-150x150.jpeg.webp
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e158b8e201b2f4a6e40aeabb33321a494f1218713ddbc5b14698625a49477bea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:48 GMT
cf-cache-status: HIT
last-modified: Fri, 16 Jun 2023 18:35:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "648cab62-14ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A1A3a%2BQwY2Hjikd%2B1kCMZvyfPIY4COl5dxlBJy7yYQrOC8wP9HXKy6rDP59imXc9b5AVHA1FlRmb2fNRsPDARqUvKNiK%2BuXcV3YmiOYA2zZes%2FpPx1ag3EulATN5zlNQHnx3c74%2F%2BRyN4S1Vmhvi"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 7d87c682ecd82bd6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5292

GET
H3 200 carro-posto-300x168.jpeg.webp
www.bandab.com.br/wp-content/uploads/2023/06/ 8 KB
8 KB 113ms
111ms Image
image/webp 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bandab.com.br/wp-content/uploads/2023/06/carro-posto-300x168.jpeg.webp
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58286c311c2d7080f4bb552d3f4091197954d01b1d22daf555093c92b945e2c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:48 GMT
cf-cache-status: HIT
last-modified: Fri, 16 Jun 2023 18:29:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "648caa26-1e9c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uc%2Bs3IBBjm4Rp2txZ5O2sVM8IoYvZ5OLpW%2B89j%2B83HqZ4mZ3skJ3D%2B%2FxcbBSNp1k1kXnGhTHdhfS9zy81hoTUR87uOMBxmQNKsGX1tZQpGtepkJRjlsymUJ3PB9ydWMIZYcLPb5ZOBgIaL4ZB2PP"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 7d87c682ecd92bd6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7836

GET
H3 200 WhatsApp-Image-2023-06-16-at-17.27.43-150x150.jpeg.webp
www.bandab.com.br/wp-content/uploads/2023/06/ 6 KB
6 KB 112ms
110ms Image
image/webp 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bandab.com.br/wp-content/uploads/2023/06/WhatsApp-Image-2023-06-16-at-17.27.43-150x150.jpeg.webp
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7398863c233bff0612d09001beea9e878662d285b7330101d1e0ca3522571dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:48 GMT
cf-cache-status: HIT
last-modified: Fri, 16 Jun 2023 21:08:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "648ccf4c-16aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wyNR487O%2FLhqsOzHnPb%2BF6p5QU0hjhMvvOE32soHK8E7c9UTF5OSF1z3k2QkjI9P1hPqtD15rzPMSAgzi1xdg1RDcXsYsThfdIo3N3tANScVzQ3eiNw5RMQQhdidX7pl4PC%2B30hvYv2DTNhX6FFX"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 7d87c682ecda2bd6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5802

GET
H3 200 WhatsApp-Image-2023-06-16-at-15.09.16-1-1024x489-1-300x143.webp
www.bandab.com.br/wp-content/uploads/2023/06/ 3 KB
4 KB 123ms
121ms Image
image/webp 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bandab.com.br/wp-content/uploads/2023/06/WhatsApp-Image-2023-06-16-at-15.09.16-1-1024x489-1-300x143.webp
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 176669a4eac385a7e83bba2ba463e3fd6c390d78841761e155a1c11af3ed2223

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:48 GMT
cf-cache-status: HIT
last-modified: Fri, 16 Jun 2023 22:09:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "648cddb1-cde"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=68YB2QmTT%2BPTZaeoZl2Zz4Sp%2BtXNXYdVFdi8CZLbmaqzW%2Fv5nT9tmFFDcIXR24Zt2NK0yM8aNZwsCwK%2F8ZJiooXC4FpeIKWGybu0cSRQoNko1g0s42jQwo6HILdp4RJFmZMKXejWdwxuWF4osHH7"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 7d87c682ecdb2bd6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3294

GET
H3 200 WhatsApp-Image-2023-06-16-at-19.18.08-1-150x150.jpeg.webp
www.bandab.com.br/wp-content/uploads/2023/06/ 4 KB
4 KB 130ms
127ms Image
image/webp 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bandab.com.br/wp-content/uploads/2023/06/WhatsApp-Image-2023-06-16-at-19.18.08-1-150x150.jpeg.webp
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a0236f462882b4b241f13bba8b52ee72e92070ef28fdd0e9230fe09f03ea5a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:48 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Jun 2023 00:59:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "648d0578-f28"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OT833%2FCiPE4IvP%2FD0lPPDLQR5jGeHhQFjfP%2BCTWl1hDW7MVW1a5YSc1bSpfO22XQ4db5%2Fu7xcWDqJshHYMvvqnzEuDS1XV5iN6ukL%2FTakyXs2VdfNcPh%2BittcUW9D%2B%2FwFJEtf%2BYiRggLSaEVFo9r"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 7d87c682ecdc2bd6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3880

GET
H3 200 vereador-lucio-ribeiro-agiotagem-piraquara-1200x720.jpg.webp
www.bandab.com.br/wp-content/uploads/2023/06/ 16 KB
17 KB 109ms
108ms Image
image/webp 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bandab.com.br/wp-content/uploads/2023/06/vereador-lucio-ribeiro-agiotagem-piraquara-1200x720.jpg.webp
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9c4b1bccd8f2a34071e06e6e9f59cc6c0f2e937c1fa08290bc6ec9deaa49eeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:48 GMT
cf-cache-status: HIT
last-modified: Fri, 16 Jun 2023 18:00:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "648ca325-409e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Puzd%2BI8vEKQWwUPXWMLMd%2B%2FAn9UdUy%2FAM27dHTxTXRKLjdZqu4hFxz0V3cT8pIUuoipkIuUeqSXirH7WTHLVIIvK3gBaYkCm29zCtBS3d%2B66xHzgICRNQ30X0z2e10J6kuLEkt9rYaCnNsv7CB37"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 7d87c682ecdd2bd6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 16542

GET
H3 200 WhatsApp-Image-2023-06-16-at-18.02.33-150x150.jpeg.webp
www.bandab.com.br/wp-content/uploads/2023/06/ 4 KB
5 KB 104ms
103ms Image
image/webp 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bandab.com.br/wp-content/uploads/2023/06/WhatsApp-Image-2023-06-16-at-18.02.33-150x150.jpeg.webp
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4ed9dc2505b80972d82f42f66df2290507797527e5b0559cf487efa607c7ba0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:48 GMT
cf-cache-status: HIT
last-modified: Fri, 16 Jun 2023 22:53:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "648ce7d1-111c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L5gpCQvktEhFxuQZPKXiHN3jdC%2FhDUDSCRgV9oCQ1hBxTfws%2FaDqUMH4h916TKKTtCVFzEtCUuFGcOYATvf%2FkwBZh1jzYwyBJAnLn1s%2FYpWkXitAeGhkOGiw8DU%2Be0ZUOtXuAZGNCG%2F0i6o9%2Bm1W"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 7d87c682ecde2bd6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4380

GET
H2 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 18ms
17ms Stylesheet
text/css 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151602

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:48 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 646
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7d87c6830ecb927f-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Jul 2023 02:13:48 GMT

GET
H2 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame FD7E 113 B
630 B 36ms
14ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63b33925b4916c789295fbf52667c49a26a398f0d30507e31feceaea160bbf9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame FD7E 29 B
495 B 49ms
6ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:06:22 GMT
x-content-type-options: nosniff
age: 446
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Jun 2023 02:21:22 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 37ms
15ms Preflight
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 17 Jun 2023 02:13:48 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame FD7E 68 KB
31 KB 24ms
23ms XHR
application/json+protobuf 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0be18e7060af4d0c5ba24eacd56f69b1cb95a8043625af4a2a43c4a336d7352b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 17 Jun 2023 02:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31708
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/6ed0d907/player_ias.vflset/de_DE/ Frame FD7E 116 KB
33 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

adfa96addd2f15c727367329b69ee97707f45f85a53ff7eef4df5deef88bbeb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/TI_hmHbg22M?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 21:19:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 104085
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33649
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 01:47:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 14 Jun 2024 21:19:03 GMT

GET
H2 200 PL4KOxJRKAJ5K5jApE3L9HXpIfC5FQxeQ0eBEvK16Jc.js Show response
www.google.com/js/th/ Frame FD7E 37 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/PL4KOxJRKAJ5K5jApE3L9HXpIfC5FQxeQ0eBEvK16Jc.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cbe0a3b12512802792b98c0a44dcbf475e921f0b9150c5e43478112f2b5e897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 11:13:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 140400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14773
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jun 2024 11:13:48 GMT

GET
H2 200 sddefault_live.jpg
i.ytimg.com/vi/TI_hmHbg22M/ Frame FD7E 45 KB
46 KB 78ms
56ms Image
image/jpeg 2a00:1450:4001:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/TI_hmHbg22M/sddefault_live.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TI_hmHbg22M?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15f341d3f16d77f621dd48a35ed672a188844606a2d07921d1baff52dafb9fa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:48 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46204
x-xss-protection: 0
server: sffe
etag: "1686764314"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 17 Jun 2023 02:18:48 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/6ed0d907/player_ias.vflset/de_DE/ Frame FD7E 28 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d36aab54aba6ebd5a1d06f251cb08e6a22c08580c7b4e6df22036f21dbe9fd73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/TI_hmHbg22M?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 13:06:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47238
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8175
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 01:47:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 15 Jun 2024 13:06:30 GMT

GET
DATA 200
OK truncated
/ Frame FD7E 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 WLyZwuDb0ZkLUs0N_YvPWJO0ZxdfhwDOcTX4qnbgh4uQs7iM52rUJd-Exp8jlvulLQPr02TadtM=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame FD7E 3 KB
3 KB 28ms
7ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/WLyZwuDb0ZkLUs0N_YvPWJO0ZxdfhwDOcTX4qnbgh4uQs7iM52rUJd-Exp8jlvulLQPr02TadtM=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TI_hmHbg22M?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0fad3782a5bc64baad382b685dbc4bc3cd7074098144dd6f6c4c58c6bb04528e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 01:56:21 GMT
x-content-type-options: nosniff
age: 1047
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3267
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 18 Jun 2023 01:56:21 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
829 B 15ms
15ms XHR
application/json 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 02:13:48 GMT
AN-X-Request-Uuid: 106d0933-7aa3-4b72-ab3f-637282d06c15
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bandab.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
364 B 10ms
10ms XHR
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.bandab.com.br
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST /
prebid.smilewanted.com/ 0
0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
274 B 76ms
74ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=401834&zone_id=2250872&size_id=8&rp_schain=1.0,1!denakop.com,10617,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.bandab.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=e0a0a1d2-7c57-4fe8-b24c-b9ea4d786a56&l_pb_bid_id=11a628321590d08&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4630320833934707
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e67327440a6462399db9b2223dbd7752db6704183348b4aa2ccb6f9f4afa3bb1

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:48 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bandab.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 240
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
294 B 75ms
73ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=401834&zone_id=2250872&size_id=2&alt_size_ids=55&rp_schain=1.0,1!denakop.com,10617,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.bandab.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=27527c0b-5c27-4f7b-b835-0a1318810731&l_pb_bid_id=127a8e551bbf306&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.42705270938878037
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 98870f5220be0d42784b19ccef3b1fa672620f738ca329a9121bdb73b0ecdd80

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:48 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bandab.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 260
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ 0
180 B 311ms
105ms XHR
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bandab.com.br
date: Sat, 17 Jun 2023 02:13:49 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 204
No Content hb Show response
cpm.denakop.com/ 0
264 B 68ms
13ms XHR
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.denakop.com/hb?zone=146448&v=1.6
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 02:13:48 GMT
Server: nginx
Age: 0
Access-Control-Allow-Origin: https://www.bandab.com.br
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 0

POST
H/1.1 204
No Content hb Show response
cpm.denakop.com/ 0
264 B 69ms
14ms XHR
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.denakop.com/hb?zone=166141&v=1.6
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 02:13:48 GMT
Server: nginx
Age: 0
Access-Control-Allow-Origin: https://www.bandab.com.br
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
829 B 22ms
15ms XHR
application/json 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 02:13:48 GMT
AN-X-Request-Uuid: 86587652-5a13-4f17-ab66-3fb54719a2d9
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bandab.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
339 B 21ms
21ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:48 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bandab.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
339 B 20ms
19ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:48 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bandab.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 18ms
15ms Preflight
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 17 Jun 2023 02:13:48 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame FD7E 90 B
134 B 18ms
17ms XHR
application/json+protobuf 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ae5bc6dca203db48dc9d699a851c3b9f226222f95cbec3e773fa841f4e35476d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 17 Jun 2023 02:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 54ms
31ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306130101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ea4ddf6061e8d80b3a7db5c64309b013aebe7e75311075faefc8e5d0ab59504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11224
x-xss-protection: 0

GET
H3 204 generate_204
www.youtube.com/ Frame FD7E 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?a_46ig
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/TI_hmHbg22M?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame FD7E 4 KB
2 KB 43ms
15ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Jun 2023 02:13:49 GMT

POST
H3 204 rum Show response
www.bandab.com.br/cdn-cgi/ 0
143 B 12ms
10ms XHR
text/plain 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bandab.com.br/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
content-type: application/json

Response headers

date: Sat, 17 Jun 2023 02:13:49 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.bandab.com.br
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7d87c685ffcd2bd6-FRA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 59ms
16ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Jun 2023 02:13:49 GMT

GET
H3 200 DUH40035-150x150.jpg.webp
www.bandab.com.br/wp-content/uploads/2023/01/ 5 KB
5 KB 108ms
108ms Image
image/webp 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bandab.com.br/wp-content/uploads/2023/01/DUH40035-150x150.jpg.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d10857b11ce0f4f229276aa04c535e092ef9fbcef3dc14ba69a49b0743a6b247

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:49 GMT
cf-cache-status: HIT
last-modified: Fri, 16 Jun 2023 17:09:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "648c9735-13d6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k4%2BeuTafNgbIFyBmDgB8nI0MdVuc462QxgF%2FhWZcjJufj6yGJ8mthBeCcdQ1KTkwSVuBPKSs0Tfh%2BE280L7YOKAqgBo23pWbRekONDA806HiTfWq8X7P4t1toPrkb7uuX870B6HUpVdXkoQ2QocG"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 7d87c6861fe92bd6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5078

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/69a022a7-ce44-4eb2-8e90-2e58ef1fc303/ 184 B
755 B 55ms
46ms Fetch
application/json 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/69a022a7-ce44-4eb2-8e90-2e58ef1fc303/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151602

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba68e6e9397514a0687ba69b6010eae9325189158aed28f5cd581580c819730e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:49 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 3ec92e8f-8892-497e-b4eb-442d7c96730d
x-runtime: 0.010447
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"ba68e6e9397514a0687ba69b6010eae9"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept, Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 7d87c6863a0a3663-FRA
access-control-allow-headers: SDK-Version

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/114/ Frame FD7E 51 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/114/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

184de53a881ec8e4e218974c548e2fc8e0da4b8ddaff2e7bdc6267c6e70a8636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 08:24:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15225
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 15:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 17 Jun 2023 08:24:17 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ACB5 13 KB
5 KB 11ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bandab.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 55939
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Jun 2023 10:41:30 GMT
expires: Sat, 15 Jun 2024 10:41:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0A06 783 B
534 B 59ms
58ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

df3ca81da2bdb8c67341a0645dc9fd03bd5a3909f073c5413b78f80430c01e01

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GPCkbPKAgF4Pb_MedAcfwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bandab.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-GPCkbPKAgF4Pb_MedAcfwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 02:13:49 GMT
expires: Sat, 17 Jun 2023 02:13:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 api.gif
tags.denakop.com/ 0
208 B 172ms
172ms Image
image/gif 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10617&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=e&p=https%3A%2F%2Fwww.bandab.com.br%2F&t=1686968029192&cb=0.49092578274962495&aa=intext&m=Auto%20placement%20container%20not%20found

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:49 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 7d87c6867e806909-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3 200 api.gif
tags.denakop.com/ 0
208 B 116ms
115ms Image
image/gif 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10617&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=a&p=https%3A%2F%2Fwww.bandab.com.br%2F&t=1686968029203&cb=0.3009420071200628&aa=side

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:49 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 7d87c6868e8c6909-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3 200 api.gif
tags.denakop.com/ 0
244 B 106ms
105ms Image
image/gif 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10617&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=a&p=https%3A%2F%2Fwww.bandab.com.br%2F&t=1686968029204&cb=0.14596713612585077&aa=under

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:49 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 7d87c6868e8d6909-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 19ms
18ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bandab.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
17 KB 326ms
321ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3491996457415813&correlator=2556714117657742&eid=676982961&output=ldjh&gdfp_req=1&vrg=202306130101&ptt=17&impl=fifs&iu_parts=21715141650%3A1315984%2Cbandab.com.br%2Cdesktop_side%2Cdesktop_under&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=120x600%7C120x450%2C970x90%7C728x90&ifi=5&adks=1372184637%2C2420775113&didk=4041758415~1502687738&sfv=1-0-40&fsbs=1%2C1&prev_scp=dk_refresh%3Dtrue%26index%3D1%26hostname%3Dwww%2Cbandab%2Ccom%2Cbr%2Cwww.bandab.com.br%26pathname%3D%252F%26placement_name%3Dside%26secom%3D1%26tier%3D1%7Cdk_refresh%3Dtrue%26index%3D1%26hostname%3Dwww%2Cbandab%2Ccom%2Cbr%2Cwww.bandab.com.br%26pathname%3D%252F%26placement_name%3Dunder%26secom%3D1%26tier%3D1&cust_params=url%3Dbandab.com.br%26categoria%3Dhome&sc=1&cookie=ID%3D84a6f1a541a9863c%3AT%3D1686968028%3ART%3D1686968028%3AS%3DALNI_MbrkgvKgRNPHo1-mh60iXQv3V7epQ&gpic=UID%3D00000c30dd5d1b66%3AT%3D1686968028%3ART%3D1686968028%3AS%3DALNI_Mbq6S5GjG81VTQFfhjgIfpTpzTlKQ&abxe=1&dt=1686968029218&lmt=1686964126&dlt=1686968027323&idt=662&adxs=0%2C0&adys=0%2C0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bandab.com.br%2F&frm=20&vis=1&psz=1600x8292%7C1600x8292&msz=120x-1%7C970x-1&fws=512%2C512&ohw=0%2C0&ga_vid=1421759946.1686968028&ga_sid=1686968028&ga_hid=435435006&ga_fc=true&ga_cid=865091495.1686968028

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

034cc98594f37ec83b44cec4d9790e15302997ce282884d8b98891d30f4e3fae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16907
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bandab.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 85c639f1-382e-49f1-8fa4-5ab8601a204e
img.onesignal.com/permanent/ 10 KB
11 KB 63ms
46ms Image
application/octet-stream 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.onesignal.com/permanent/85c639f1-382e-49f1-8fa4-5ab8601a204e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ee349aadb2e190fb96ee8840d56c6c4902cd1267300525e6a1a0735d6a04f33

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-goog-encryption-kms-key-name: projects/core-infra-onesignal/locations/europe-west4/keyRings/keyring-kms-onesignal/cryptoKeys/img-persistence-bucket-onesignal/cryptoKeyVersions/1
date: Sat, 17 Jun 2023 02:13:49 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycdtCm06cU5HeGsb-8Be2fmPEdgnbWZ8X3RMfbfSW_aAtDxcsG_sBwURQILyE2u_UunwnW7VYzKTFAVjU9WyRdkl-JiJRfA78
x-goog-meta-x-goog-source-etag: "89f27b30a9f1b070f5b3e3dd2e60574f"
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 10202
pragma: no-cache
last-modified: Tue, 14 Feb 2023 03:38:22 GMT
server: cloudflare
etag: "-CNTYspCLlP0CEAE="
vary: Origin, Accept-Encoding
x-goog-generation: 1676345902672980
content-type: application/octet-stream
x-goog-hash: crc32c=QBY2hQ==, md5=ifJ7MKnxsHD1s+PdLmBXTw==
cache-control: public, max-age=2678400
x-goog-meta-cache-control: public, maxage=604800
x-goog-stored-content-length: 10202
accept-ranges: bytes
cf-ray: 7d87c686e995927f-FRA
expires: Tue, 18 Jul 2023 02:13:49 GMT

GET
H3 200 F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js Show response
pagead2.googlesyndication.com/bg/ Frame ACB5 37 KB
14 KB 25ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:21:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Jun 2024 12:21:41 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0A06 0
0 46ms
41ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306130101&jk=3491996457415813&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame ACB5 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?2i1fAQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 container.html Show response
b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4BC7 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bandab.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 02:13:48 GMT
expires: Sun, 16 Jun 2024 02:13:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0AE1 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bandab.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 02:13:48 GMT
expires: Sun, 16 Jun 2024 02:13:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 262 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f266202b591aab2563e8ef52fcc7cf8d2358f48600ad7f52bc62462787dca01

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2413 624 B
310 B 22ms
19ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARiC1bLlATAB&v=APEucNWipVHFrf_gWHYYecnHFUCkVCVIGyH4oMUoCwSA7CfIG2xHeRIDFe6BHefiKy_4LFQtkdSCg79y0KAXORwhHt8epLLD3kk0RTyQV4YpFuMqyuDxHoEfzK8nm58IKFGMgHaIwT_N3WNoRX104lwFhEIfu8jdvxqjy5glSgD47dTQLuni7gCnBkx8ZfvebisO0i8n-69xHiBnIdu8w0aXCUtqY9CqjQ

Requested by

Host: b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
URL: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 02:13:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4BC7 78 KB
27 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
URL: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 02:13:49 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4BC7 42 B
63 B 43ms
42ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BpdKR9aFdMQ4ydIDDTcR07a7gJCjJsWaO8A7bqwM1XhzGk28FKFFG5tto-GqOXBMyWX80n5G8PTE4q80xshvQKsZq4RsTFZ3J0nA7eYLasIjB1nsA

Requested by

Host: b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
URL: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4BC7 0
20 B 44ms
42ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14330677535198426323&x=1&ct=76

Requested by

Host: b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
URL: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 4BC7 3 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js

Requested by

Host: b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
URL: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 08:40:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63204
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 08:40:25 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 4BC7 19 KB
8 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
URL: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:36:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31024
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8120
x-xss-protection: 0
server: cafe
etag: 8171891181101138299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 17:36:45 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4BC7 0
0 16ms
14ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTpFlEWSHSYis4hJ9WATPtYCi63I670MjkfrBCGOmNrFhbZlQLRDfPfn2NG3c-QpC1s8wSQkiE7WTlqkFc64kuGVd_iiQ
Requested by: Host: b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
URL: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4BC7 178 KB
56 KB 48ms
18ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
URL: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Jun 2023 02:13:49 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3891 624 B
285 B 20ms
18ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYwNLjwAEwAQ&v=APEucNU2UCMPcTiD4IHn9QPiEFRUs9KDRWUet81oiMEot1rT50mJMRA4ZwTZzveq-dbibHS1pkzQdWOyju7V_SqyoAhKS1q27KsjQ-8yOZmeeqE4xx4DtKW0uhepnDFHZFSJGHRGJcGtioEX3hrEDgC3n1FEd5ALwo3aQX9LOdRAeOFF-7WuCIKPUOb8tnfiZVYqXICrAPWG_DUXwAs7aAjKBP_RR7QS6A

Requested by

Host: b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
URL: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 02:13:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0AE1 78 KB
27 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
URL: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 02:13:49 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0AE1 42 B
63 B 42ms
40ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AtGYHa9Mdlj91A6TdUeHfSOCoc9CbirTM_E_2_pVdoFX-z3XRazDezOt8SDX4Advy4exqdK3utFYtl-OmKsiQybL0NW5MG9WX2LGg4yl9OKRUppVc

Requested by

Host: b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
URL: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0AE1 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3927804527099379872&x=1&ct=76

Requested by

Host: b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
URL: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 0AE1 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js

Requested by

Host: b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
URL: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 08:40:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63204
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 08:40:25 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 0AE1 19 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
URL: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:36:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31024
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8120
x-xss-protection: 0
server: cafe
etag: 8171891181101138299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 17:36:45 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0AE1 0
0 16ms
14ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTr0_FbCDNfPw38OBKPRpzS3chJON1aXTW65XycSxKFbsMjScl7xx_TXP7vI-bJqPK5iDlli-KSxqfKd_n6-Zw9ovf4qw
Requested by: Host: b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
URL: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0AE1 178 KB
56 KB 59ms
34ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
URL: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Jun 2023 02:13:49 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2413
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJNfERZGNUyYz7ZIk__JfZA&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJNfERZGNUyYz7ZIk__JfZA&google_cver=1&C=1

43 B
632 B

9ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJNfERZGNUyYz7ZIk__JfZA&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARiC1bLlATAB&v=APEucNWipVHFrf_gWHYYecnHFUCkVCVIGyH4oMUoCwSA7CfIG2xHeRIDFe6BHefiKy_4LFQtkdSCg79y0KAXORwhHt8epLLD3kk0RTyQV4YpFuMqyuDxHoEfzK8nm58IKFGMgHaIwT_N3WNoRX104lwFhEIfu8jdvxqjy5glSgD47dTQLuni7gCnBkx8ZfvebisO0i8n-69xHiBnIdu8w0aXCUtqY9CqjQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 02:13:49 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 02:13:49 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEJNfERZGNUyYz7ZIk__JfZA&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2413
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZI0W3Qwe-D9aQdR5SGnf8AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJNfERZGNUyYz7ZIk__JfZA&google_cver=1

43 B
632 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJNfERZGNUyYz7ZIk__JfZA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARiC1bLlATAB&v=APEucNWipVHFrf_gWHYYecnHFUCkVCVIGyH4oMUoCwSA7CfIG2xHeRIDFe6BHefiKy_4LFQtkdSCg79y0KAXORwhHt8epLLD3kk0RTyQV4YpFuMqyuDxHoEfzK8nm58IKFGMgHaIwT_N3WNoRX104lwFhEIfu8jdvxqjy5glSgD47dTQLuni7gCnBkx8ZfvebisO0i8n-69xHiBnIdu8w0aXCUtqY9CqjQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 02:13:49 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJNfERZGNUyYz7ZIk__JfZA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 2413
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECfcd3w-b__MRDhwG7Pg4lM&google_cver=1

43 B
1 KB

35ms
13ms

Image
image/gif

185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECfcd3w-b__MRDhwG7Pg4lM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARiC1bLlATAB&v=APEucNWipVHFrf_gWHYYecnHFUCkVCVIGyH4oMUoCwSA7CfIG2xHeRIDFe6BHefiKy_4LFQtkdSCg79y0KAXORwhHt8epLLD3kk0RTyQV4YpFuMqyuDxHoEfzK8nm58IKFGMgHaIwT_N3WNoRX104lwFhEIfu8jdvxqjy5glSgD47dTQLuni7gCnBkx8ZfvebisO0i8n-69xHiBnIdu8w0aXCUtqY9CqjQ

Protocol

HTTP/1.1

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 02:13:49 GMT
AN-X-Request-Uuid: 3e952e17-6788-4713-bc22-a3655e11b620
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECfcd3w-b__MRDhwG7Pg4lM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2413
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAzNjk0MjE1MDc5NTEzMDQyMw%3D%3D

170 B
188 B

19ms
16ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAzNjk0MjE1MDc5NTEzMDQyMw%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 17 Jun 2023 02:13:49 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: c27393e2-d5eb-4e9d-9ff5-abf3dda2bf17
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAzNjk0MjE1MDc5NTEzMDQyMw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3891
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJNfERZGNUyYz7ZIk__JfZA&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJNfERZGNUyYz7ZIk__JfZA&google_cver=1&C=1

43 B
632 B

11ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJNfERZGNUyYz7ZIk__JfZA&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYwNLjwAEwAQ&v=APEucNU2UCMPcTiD4IHn9QPiEFRUs9KDRWUet81oiMEot1rT50mJMRA4ZwTZzveq-dbibHS1pkzQdWOyju7V_SqyoAhKS1q27KsjQ-8yOZmeeqE4xx4DtKW0uhepnDFHZFSJGHRGJcGtioEX3hrEDgC3n1FEd5ALwo3aQX9LOdRAeOFF-7WuCIKPUOb8tnfiZVYqXICrAPWG_DUXwAs7aAjKBP_RR7QS6A
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 02:13:49 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 02:13:49 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEJNfERZGNUyYz7ZIk__JfZA&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3891
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZI0W3Qwe-D9aQdR5SGnf8QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJNfERZGNUyYz7ZIk__JfZA&google_cver=1

43 B
632 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJNfERZGNUyYz7ZIk__JfZA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYwNLjwAEwAQ&v=APEucNU2UCMPcTiD4IHn9QPiEFRUs9KDRWUet81oiMEot1rT50mJMRA4ZwTZzveq-dbibHS1pkzQdWOyju7V_SqyoAhKS1q27KsjQ-8yOZmeeqE4xx4DtKW0uhepnDFHZFSJGHRGJcGtioEX3hrEDgC3n1FEd5ALwo3aQX9LOdRAeOFF-7WuCIKPUOb8tnfiZVYqXICrAPWG_DUXwAs7aAjKBP_RR7QS6A
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 02:13:49 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJNfERZGNUyYz7ZIk__JfZA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 3891
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECfcd3w-b__MRDhwG7Pg4lM&google_cver=1

43 B
1 KB

34ms
13ms

Image
image/gif

185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECfcd3w-b__MRDhwG7Pg4lM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYwNLjwAEwAQ&v=APEucNU2UCMPcTiD4IHn9QPiEFRUs9KDRWUet81oiMEot1rT50mJMRA4ZwTZzveq-dbibHS1pkzQdWOyju7V_SqyoAhKS1q27KsjQ-8yOZmeeqE4xx4DtKW0uhepnDFHZFSJGHRGJcGtioEX3hrEDgC3n1FEd5ALwo3aQX9LOdRAeOFF-7WuCIKPUOb8tnfiZVYqXICrAPWG_DUXwAs7aAjKBP_RR7QS6A

Protocol

HTTP/1.1

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 02:13:49 GMT
AN-X-Request-Uuid: 6d0e7685-f9a9-42ef-9d4a-7c24ed954044
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECfcd3w-b__MRDhwG7Pg4lM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3891
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAzNjk0MjE1MDc5NTEzMDQyMw%3D%3D

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAzNjk0MjE1MDc5NTEzMDQyMw%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 17 Jun 2023 02:13:49 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 8d8e9a5c-31b6-4644-8eee-cdf0e3480dd6
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAzNjk0MjE1MDc5NTEzMDQyMw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4BC7 0
20 B 43ms
42ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7275394209883&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4BC7 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7275394209883&version=m202301230201&ct=76&x=1&cor=14330677535198427000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4BC7 87 KB
36 KB 62ms
60ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AcghFfX77AObcAlehTaxGu7R7VPicDtqsGx6dVxJdwITXy6cvX0hFYgcvaVsaflTIOPHwVv1EigMMoqQW65CI6KRBxF1zmNIDknF6RStWUr80EG5F3HbcdBukbw6sxKDO4ds_Mf6UQO5wcI4R_vc_6tZuRyJlZ_4hV5hEa70PL6wn4F_E&dbm_d=AKAmf-Dn69m5Qftt9VVmXncqDg537Ap6zT8foJlppNOY23dasSI3CQdRMEoDqs59vp6AKBifHjVKdhzWJ52d9SuyCclZ_yftCUDZkGQ7sOeiQYAQ9C1XmfewTsoRQP8yV1sqk5ypB5RaEK-asc-40-0hvrZNFuulkg68rML7Nr65pIw5nmFYP25G1dLPE2lWTpDaTAS4Jz7K-yOdAhC0NTtu38BfXSnAgGOuO4P3cUmyMwHASB1OdjrgxYQgOw_yzQHNyhbnD3gst5wf0XTGEwYplqrythH5CPVhtS4L9stsc06niYQUNxuBtwMC-b70EkMRgS8xT7DBVo3jP26Ve9cQfly7EWhsJeoRi-2dmaEX8Pq5MjVkRt8FKI_ScVmCkCeBKkFPVKxt_g5yxrjzl96yNmJhLvj2PjFmru4YjlLWRlMGJxhL4XXEvny8XflisIC26AjPlYtiTTtPlgRy_sneR987AJJXa7RQ9pfHavw7fX5oSubB9YkQFq6koiZwpyUoNvNqmnq_o5I3YBpSi7oi7nitJ0Qdu-4Ec1OubQAVmXFFnwcGMqzlxoNiUCuOSl7iffP7hauCjPOITU9Ur4ioSFE45wLN2d9R5h8h17jzx8hMFnexOPGimn3vP9AjXKdaB_n4Qhv1xmEbvINV4wc4iitU3GyS3haaaMJOh-aCiSEC14bTmebtdeI_wfK-WxdY6w9ImXAm6x1WDuMfFMKvEnnR2ONDdezX5u1aEtnzw42N8IOFT9iCnpVS1OWO-1JmjDZcbinNQHbhtcI8fvW8I1mCmNMT4vk_tq-H0RWmTktB4486KSUQ-OZiioqwBwACb2-llzCLQvaDC9UpzUYltA0AVxAwt3ZvGosZpbs2SmkjdLZz0A-Uywi81Rs7BBGDSjstkP2-s3PfmZeh6HoXPzPvr0I_fcte2l-PFZLqqILjs_-Kf0IMxC_sRMNI9rUthne8qvxgxJu4uu4QqLd1ASdsxkpAAxAlkPgBkPiPajbu49p1ARdmjT3rdH3dJXncpgcKk_010x3XGlOiMbCywQXDOkZkX0cGZl2plxhfpb7IJ2aDnKmeV-DnhNZklnAFoKaWpHu8xTCeVSSdi3Yk8ItB15QLCjmX_Zu9vWl7EKZS8OSg7VYoHqL3_HtKOtekuhsE7DJ53Sq4mQyzRBBIq0ocBAPiJbsloPDtHFtNkI2IMdAnGiFMLVcNX1J4dSKhnrqadHjtsvBnCIkD8IwxzMfX1kGFy5l-ZmHbJAiNpwYENYLhOBARhazQKoLqmPSE0R5tzY3sVRpjGmm1yQTi19PkoOJS50fr3QftRBLtMJgOMhJJ75x5L-s_vl0cekWwDkr3_TCrzMNccaIEIVLKJxrPiPmD_CfKhwghA8hJxqN8kDxthFIKJdPVzopMmK9b1idg4h74EOmjsr0JWD_zgzfxxZaSzqBd8qU-BULaT9MdRyz-GymW7F9DkPQ-KF7FqI8l1xR6m7hj4TvlHYAWhHRYcd0VYr0RJtRuzosiHGCx-JYJRxnaFy4EcYYZNM6p_mDJTMO04RI9wsvYxydmvsQAS1wwmBADK-a_4HrtC8EC_zwu1DKwlkoygiMwUC7b_3HGXEylcBVqEWu0X-u-x0a0rOSEXo5esF77Mi2plLmeWA77-JUsLNGZgR_8YIKv9Ko2ANGe-pT14eqNLwSRfmn7XWLxKUNuRLaIpu8cQoHUYLnjmcPukzmdITmY0yUr8DjJFaBFAXiryt50421-0-jr7agP2TZF5dDomJ1B9-SCgGpDzcnTN4m7Nx9IOTChFsu3ln22tvs1B3F2zs6dl0T42NxNPyT5d9s_sDS5a4ocACcgAfG7cDK2rpT4yLS1SWUykq5RRDvChSt_5i0KF8T-n9Un6Ho0ZO5z0fMtG2b2DuLDZeyiH0M54GMAMLB-TIZU-1AwghKffQp0rXxfHB-D32MldFkrWuM0vU2TYvWp-KTcij3ExkKah_FkLpgQ4Z2-dM4IUpO3sHMFqfeiFaD1GYvK9qZg1_Rr5t_Jq5tIclPvIoXDu6KDi-0h2AP0Hp3dUZFMPuGmCqgPI4zJPMrhR0wVwL84rVMhOfPTgEWTzRoV8j4wAcIPsJh4UWKq19XZJ_6zPp1U3kq4U0jk2Ii6UVOKgI8hfmlJ71uAv-QrjZeP7oW4_f7K1H7ibgquriyMGs2ZHI2-4AdFq9IygC-omLOlaPo6Nuz1GvHh1d_-AykX8APIbrjZx5lp2UlIPZETQFLZWZTH_fX0sZ8aD8hmBnUZOg3MBPKq5hzDLKknLj8cvu6zhQGCUY_tgzAhWR0rTUEtVG2JzWMxlLErZ4P00E2ePC2yimYQJ9RJvUi_bAV8RffJIS7VvMTHAo0Q6iYVkaO5NI1aO_3xILSK24rSWG2uoi6P0ItZ25GE3N-Di9TdGrNqd-ISt7PjniPCLzIAGgX45ri_f3E-sHngNZPllRtqUCCEd3zRx8UfRgZr-xPtum2NKtl8wP-Cu2MB-calEsvx-aVOBoE5f_n4FP5l0E86SNzBcHbwuD_soskP8OWdn1tqduBPcVyaiNzBQ309AWAjBXMFd9S8Kr2A4FzxoHEJ3mHs8E_JGitxDVEP1HxBDHpllPH4GMam_LGHFiGKuTrgrOrQWUz-e3teCkfGYOx7ph_LbKOcR4-7-UBGKyy_i3KK87DdrZFLkpKj3tx8G3BYJK8dsPha-edpUKafDCGzmFi5woBHkLdTuPtDm-w7uiIKdMPjOUFFmhoBjlbXyg8NG-1Q55mRZGeSQLdMNMFW8nTtoxx1pkuxaLSeZtjQNpb7ciVMq5eQdMOn4BBtWULBobkNMfdjWy-p_dJsldhdSpyIOztE0bIU6O1kqO89Zo6VN9VUtCiqsywBXjcb9n0Sbo9mB320V2gf9tIZTKWubLgpV9TeBVMI5IElzorcm1quZh5U0B2WldwHObi3mrnffWlmJkgIV54wp5lVdHC38u2eJJUXWtUFnMeARb1lDUTBaVoTiIsCFBB9aCdGpObvCV60WmoeqriBtHZq8lpX_Bc8pLOfCntngm6fWIfjuFboXmI_lgdsgFlHdHI2uzgVDy61pn9Ufcfv1qgBPvrRsIWwL6F-Vc4scTAXn1u84wixbfPLtFOgSXov7zRUQLoJU94EkSG3x1BYmyEnyIAdusBYdOSjjz6C8P9ztAxtG9mSgHQk5dOUUuaiADZn3Q72FlS3L5oihPDrT-lX05-F3jCk2Jpl2vJuihWg5zG2NjNiVg2kWCF48VBOXhVBdUpIt1QNe9jNo4RUApT_IkU8l2_LK3qUXJnfG72UhWDsRpMHQcP2NZPd0M6Gm_j0HhKRd6NYWD_QVfrjnnRnYqiTMgc45actxT1W3G17nbbNn5rzpgv8ovkP0nSHDzL8v1GZPhJ7LC5Yq-AmI2S47Hr0NqMcjc_97xTQJ7F9Lon6d6FmOXCC3UYMlUwxuOPSvb_upLHkGYIm1ZXQ29syWnyjsfsU2JJGHaS1xiILi2X7Mg3OPKblcDOoEk0b3ShOKdUQcQ2NXuzznpmkFmBzY4PwKOpFZJzZaEHJts0SvGY9KeDNUS0OFUxUgb5NdTon3XzRJTPoAlKcZklifOEbmb3pv018Vvoe_t-OgDGgGLdhtIbs1ajNqSrPNAmaRqjOmNbdEQmm7FuNIvulN8GaMwVSKK13wDapOokadtmFkxPOgJuzSc525fDC6xeFYQwz9-Xx&cid=CAQSPABygQiDj6e6bPmid7Nhf581rRFnM07BigwR5KZx3ov6VFmTFTbprLsHCkD8TX99aHsIX9SrNOQwET2XwRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.bandab.com.br%2F&ds=l&xdt=1&iif=1&cor=14330677535198427000&adk=1964084972&idt=32&cac=0&dtd=19

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc30969e135beff85deb5841f69b223c5804aec1bcb392dca550f2a8fdb736cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36958
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0AE1 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4041077648873&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0AE1 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4041077648873&version=m202301230201&ct=76&x=1&cor=3927804527099379700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0AE1 93 KB
37 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CYuUq6TuF5D9uH9N-wWfzXRqcT_HwIIBbQe3fig5b6_BvOSAjLLqNPF3JAuggc-rsHgf1ecWkTgAE_NU7BVRUEE6O6ZJCdPdQkQWk-JMpxhalfk9V_H5L0lzSTeFYirjuJODWNqzustZ-SlhZPB1gq_C9QGOviuMnM_1fGPPtATL8xpYQ&dbm_d=AKAmf-BfqAyT8ECyTTU2h_2_zU2AxTXQNOSGpuoxO51gP0s95DIzSBTltbEGrzpicgFIDe45_ftGChG-6346cauPtZESGpH7tAE2RXVmMPX0X05KuMzQ1KCyB0ucWjnJNtBTYaM5foO6rb9AW4sTBhfJlbr1TesHw5gqMiOuqfYAa8gTPNSlKEG6iYfTSxknvRdR8bXF9q8ST5gLBwHb4fMiM_wwR4tLeZObT85bZOQqhAxkvi2sLgM8Lj9HFQZEOXWJjzL0gOytEj4G2xsxyiKRgMCWHDkltfJP-IbxS1z5IGrFZPgRAsX6VXm4FO8bgo4e4LbB1pSF0gAs_2f6COjZGwk-TWwlaYjFOHPOYmrPezR-YyuLuBTVf5iiDNmwdqfN4K0aZYa_rwiddqwNQaEPDMkhRrxqI5NgzVDIcgOnbVpS7a4nGlukO83IbzXmi1UkvHnJUT0JiWcxRkrjEbWnzyFmzYEJRNFgLWaxP7mXlq7i-RUjyCs7196SDOg8T6dfi80KJo24JCFqzGeG4-bzSfSTgYvcr6mcNsh5V0hdRlXQlr3OC2YJQm3uLsu_yEc3JL-ev1fTP8pdkqe32xxStdtCLGzDokpLl2RGWFG0PtRxv2E4-MXk0GbnfP5_lIF1Pbrwlq4s9geYnczHeJ216gNxZD_aXyZLTTfU3hzoETdA02FhLB6XThiLfR51TdJPBkGspujJ-aYonXo2GTc_wacV081Uud2KOTnDFOryjx4QJyV4O-DKXrBljnI_2FAnw2skzcTkYdvAjdDe3bzjTIA6qn0JTxpr69qj7lVas4BOJ8BzFvCHMhdzyJc4XuTFJGounxO2GZjmTFwYx3OlSq7FOruc3d7HbOycRgvhlBaEj1ddGo4Q1jd0BtGX6fPODqsEIgTYeC0qfJe9bbUbL0T9qFAwRpi81ojOaj7BPr6Q6fB1WsBQt-2DRlAyvJt5fTENklWkQkN4zOxeBltbgF1bj6IH2stLedV0vvJ8VGmRdUBJn8VF_5yyONuNvB11d_A1oEeiZlKNob5hq-JV-lsnYGJ7vvu4TSHM_qa-M098eNO557gLk3tyt1xtkH5hkEi-pQFbqzs8q-B8nHsyLl0nR2ct9wcx5MHLPQNOp5VA-WZu6YVKZX6FoFtO_uOM6-6ihmE6ONTpg95wFwpPXpsJ90JOt2MqeE7RikSzXjQQUa85fEuZcxAQFb5q54-crgKbL38-l_TttOoYT_Y_l8vuKFN8tsdkLh6ybKhpAVmoITMKkzxTSC7XrIiaEZGYF9hReoHC9b2x6J0dFQRqC3oIf0BSvHCfRQW6BIiHie7GQFY18SIRjDgGWzn2oVh8yC3BwCmrKxZJArFoEgbOhU5PxYpgZPIEZkUots1VwDfS9WPkSp0uTODns5OwRburLodzO2yzv6RrBUA6eehFbh0fYWd6LYD-PxbRiqxRzJD5tnZzcapJrIms5SJcqlwJltzcRw-9LCGrsHqCpYNDZSAwARs6eRMwzdn1Rkh7i0UeaCaawl5no4TsKcgvFFrC_OVZGYsdmi6YdyyjPCJDOjzExJt5PxgglQ3Ofx9E76XSe4zHJBgow5cELnlUDcb2omfdoeabR9ZdrjrBv5AWIjaXLBDQXWEuBOsFeTWtIdMHkCMmw852cf8CIy8gaXxG5A8_eYxmIxxPlA6OA61ikYAdn3r-jIFO3ElaL41CJNfetGqIyEADNTu1JFWGNf5NA5Ay7yQfLlplw2gWrBnAF13PclmscSSBRI1XaTxs5gd1kqLrTauMnJCKD8J6x1xrlJttOgkCLnxCcxbpH5LapOMRgXTQ429xMu16eqPrtqJZpQIBZ7sJIan0FADBXZbhZvCYfxW4cRKTyKpANpnnwSTZcH6r_LcDfC_EBVkRaZlmVbbxf5I6PkWFdmUKed8M3z3zqzDzhl-jbPB6vrGznOFhN6hkr75zkgyMPpGnd3UUWTA2ipct9SrflQU94RWYWh1ovkjvQbuUa7d2yt7kM3ZvStvyqVm_AF68Q4LtHxKcNOfmF166gVt6QDXG4HGps0FtPBJMDRzY6f3UxYu87uZ_OQVdixxdrG7n_Rvn5S7erfWgaivQbYGt-bV9uU7z9oOwV1H3vX45EbWVagKLtNhzVNvoUQjN3FsoSkEv_TT0GvNgHaKrwT1UuEATZ1kvAdiCgmOxE1gQuL0DtYzMshowHpIjT5O8mKjxV__frIT_PKJkw9apX-VLTniJLekHchg8-Cexkkd3b6VMt-bY6Dh08qREIpJpDp2k_0ldFp2ajY9qH-lZ5Zkzm5M_yS-84C5llfkdiasEDqbWPBEpPq-cDRsf-nxWrmg92qMFTeYREpjyjce4VRxw3OvhUqoUXKS3kzrpnYmZNX0NOBI7aGIRJRoAhgkXI24c_6UY2DB_MQqsp3WyHtdSafmg5jdJZsLrd8bYkJuY_SJBS-ZqeCvcTZ_NvDpOh7iB6LHrv3VKvLviQ0VAy6QWKXawjk9qjeEkn2Pc7mMQenIunEHQD1yeGkrh0ALRxGtS06JOmTZy5bxRIo6gcdr01R7PWgALmWsMfIrMSRVo2XU0DnGtJI_chcS7JTaqpEJ6kxQZCA9F8I-z8WCzcbirnaFKHtYIDSdg3czvPUAMHVAo1Aed2V6JtyydtHPiWHsRx8YWuXDzMycrv0Jj6oji-qm8NjmzIBAALFqk9JJo5jRlyGCrQ2OPxd_7Sg1yaCpwVbxZAvkSiHH2BQXLo8vo-BvmBELJ6Zv3XxFwY6MOx_hQtFJ-Gtqz1TMg_cnf6lNl4zYBa8TnwhGK3dX_kM8Lpk71QArq3fUT4-TGOgTkmfs6-sB9KwAd2AlFpe-fnaSYPG53AMea1weVxcUhrneswUuXhR3xnZ_cuFlOWGmn0q5oK9MUn_V8crlaHC2EixVR4L5kjRZY-pbwDbnR4iizo2opv9meRplEZ_T983DtnLfIsxmgszcINlxNxHvbO0GI3pfj9EKITXF6QNR1fVgamCsyRJMU29jkMa_6ulIrrXev7vuwIXTUCSht7frGliI_SCQkJ-s2ycBNYoBtN3FxGqfO9JyaQMJtb42BcnWgA93ET3VGafrvRKDFkM5phwXz8Q7EYXinthyiwXXReaeV4_xW03RMbgNRlXlIwbqjVuZn78T6fv2_72a2ve2bRzmi8cM_Y6brTB29yWT-BLMZJ6FeJ4DfjSGXW8iWv4ZpvBdd0yiC3Aiv82YXXFkuyml3jhmE3umggGP_SFRmQuL2fb7nFJU7bo-SH_xVX8740uP69iRqSk87IpbFSPKBU2wS248j9jtj4G0nx0mAavgsGmEf93Myqe4wJEeTSatuBGgu9kd6A0k8zNu3i9GJuIZHyugi7fVmdQ7zlWVoD7Zy-N2oUyAkLRGkDh5z3HBzsRJ2_ZBHVQ6dV1n4Da_xMtSfqjTZRvuHy58NElkBcev2NPeY_XStzq1obyE5uQuQzoXFD3yWVpqi_4yYmvfV-HBWMynx1oJBZLDAkcdl-gFE3qNgTqMOlBRf2_9cYsqdgNehHMrqIaHnQmKEd2NnxhZbGiYQI8piIycKssXVcZcMdlt_cYmoYSoSKZWpQWE24ftvIoStexAnJzZcnEGpqQY54L842aeAemjTRWONSRjmkyKAXFdkCgx1JvE9zw6suWHsyajXKOthrdwp9fD6az4_M2S7Iq-obEm-4bNZJqyQZnwkCE7DQAt9scHdJWeqsOY890xGg3BR-Ckxhg&cid=CAQSPABygQiDj6e6bPmid7Nhf581rRFnM07BigwR5KZx3ov6VFmTFTbprLsHCkD8TX99aHsIX9SrNOQwET2XwRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.bandab.com.br%2F&ds=l&xdt=1&iif=1&cor=3927804527099379700&adk=2228999115&idt=40&cac=0&dtd=5

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b0aac8a2ff73d3f59bd71fc945153e42db8db0639e53aa704c6ae139f467642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37763
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 4BC7 172 KB
61 KB 58ms
7ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.bandab.com.br
URL: https://www.bandab.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
Origin: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 10:17:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57387
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Jun 2023 10:17:22 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/ Frame 4BC7 11 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AcghFfX77AObcAlehTaxGu7R7VPicDtqsGx6dVxJdwITXy6cvX0hFYgcvaVsaflTIOPHwVv1EigMMoqQW65CI6KRBxF1zmNIDknF6RStWUr80EG5F3HbcdBukbw6sxKDO4ds_Mf6UQO5wcI4R_vc_6tZuRyJlZ_4hV5hEa70PL6wn4F_E&dbm_d=AKAmf-Dn69m5Qftt9VVmXncqDg537Ap6zT8foJlppNOY23dasSI3CQdRMEoDqs59vp6AKBifHjVKdhzWJ52d9SuyCclZ_yftCUDZkGQ7sOeiQYAQ9C1XmfewTsoRQP8yV1sqk5ypB5RaEK-asc-40-0hvrZNFuulkg68rML7Nr65pIw5nmFYP25G1dLPE2lWTpDaTAS4Jz7K-yOdAhC0NTtu38BfXSnAgGOuO4P3cUmyMwHASB1OdjrgxYQgOw_yzQHNyhbnD3gst5wf0XTGEwYplqrythH5CPVhtS4L9stsc06niYQUNxuBtwMC-b70EkMRgS8xT7DBVo3jP26Ve9cQfly7EWhsJeoRi-2dmaEX8Pq5MjVkRt8FKI_ScVmCkCeBKkFPVKxt_g5yxrjzl96yNmJhLvj2PjFmru4YjlLWRlMGJxhL4XXEvny8XflisIC26AjPlYtiTTtPlgRy_sneR987AJJXa7RQ9pfHavw7fX5oSubB9YkQFq6koiZwpyUoNvNqmnq_o5I3YBpSi7oi7nitJ0Qdu-4Ec1OubQAVmXFFnwcGMqzlxoNiUCuOSl7iffP7hauCjPOITU9Ur4ioSFE45wLN2d9R5h8h17jzx8hMFnexOPGimn3vP9AjXKdaB_n4Qhv1xmEbvINV4wc4iitU3GyS3haaaMJOh-aCiSEC14bTmebtdeI_wfK-WxdY6w9ImXAm6x1WDuMfFMKvEnnR2ONDdezX5u1aEtnzw42N8IOFT9iCnpVS1OWO-1JmjDZcbinNQHbhtcI8fvW8I1mCmNMT4vk_tq-H0RWmTktB4486KSUQ-OZiioqwBwACb2-llzCLQvaDC9UpzUYltA0AVxAwt3ZvGosZpbs2SmkjdLZz0A-Uywi81Rs7BBGDSjstkP2-s3PfmZeh6HoXPzPvr0I_fcte2l-PFZLqqILjs_-Kf0IMxC_sRMNI9rUthne8qvxgxJu4uu4QqLd1ASdsxkpAAxAlkPgBkPiPajbu49p1ARdmjT3rdH3dJXncpgcKk_010x3XGlOiMbCywQXDOkZkX0cGZl2plxhfpb7IJ2aDnKmeV-DnhNZklnAFoKaWpHu8xTCeVSSdi3Yk8ItB15QLCjmX_Zu9vWl7EKZS8OSg7VYoHqL3_HtKOtekuhsE7DJ53Sq4mQyzRBBIq0ocBAPiJbsloPDtHFtNkI2IMdAnGiFMLVcNX1J4dSKhnrqadHjtsvBnCIkD8IwxzMfX1kGFy5l-ZmHbJAiNpwYENYLhOBARhazQKoLqmPSE0R5tzY3sVRpjGmm1yQTi19PkoOJS50fr3QftRBLtMJgOMhJJ75x5L-s_vl0cekWwDkr3_TCrzMNccaIEIVLKJxrPiPmD_CfKhwghA8hJxqN8kDxthFIKJdPVzopMmK9b1idg4h74EOmjsr0JWD_zgzfxxZaSzqBd8qU-BULaT9MdRyz-GymW7F9DkPQ-KF7FqI8l1xR6m7hj4TvlHYAWhHRYcd0VYr0RJtRuzosiHGCx-JYJRxnaFy4EcYYZNM6p_mDJTMO04RI9wsvYxydmvsQAS1wwmBADK-a_4HrtC8EC_zwu1DKwlkoygiMwUC7b_3HGXEylcBVqEWu0X-u-x0a0rOSEXo5esF77Mi2plLmeWA77-JUsLNGZgR_8YIKv9Ko2ANGe-pT14eqNLwSRfmn7XWLxKUNuRLaIpu8cQoHUYLnjmcPukzmdITmY0yUr8DjJFaBFAXiryt50421-0-jr7agP2TZF5dDomJ1B9-SCgGpDzcnTN4m7Nx9IOTChFsu3ln22tvs1B3F2zs6dl0T42NxNPyT5d9s_sDS5a4ocACcgAfG7cDK2rpT4yLS1SWUykq5RRDvChSt_5i0KF8T-n9Un6Ho0ZO5z0fMtG2b2DuLDZeyiH0M54GMAMLB-TIZU-1AwghKffQp0rXxfHB-D32MldFkrWuM0vU2TYvWp-KTcij3ExkKah_FkLpgQ4Z2-dM4IUpO3sHMFqfeiFaD1GYvK9qZg1_Rr5t_Jq5tIclPvIoXDu6KDi-0h2AP0Hp3dUZFMPuGmCqgPI4zJPMrhR0wVwL84rVMhOfPTgEWTzRoV8j4wAcIPsJh4UWKq19XZJ_6zPp1U3kq4U0jk2Ii6UVOKgI8hfmlJ71uAv-QrjZeP7oW4_f7K1H7ibgquriyMGs2ZHI2-4AdFq9IygC-omLOlaPo6Nuz1GvHh1d_-AykX8APIbrjZx5lp2UlIPZETQFLZWZTH_fX0sZ8aD8hmBnUZOg3MBPKq5hzDLKknLj8cvu6zhQGCUY_tgzAhWR0rTUEtVG2JzWMxlLErZ4P00E2ePC2yimYQJ9RJvUi_bAV8RffJIS7VvMTHAo0Q6iYVkaO5NI1aO_3xILSK24rSWG2uoi6P0ItZ25GE3N-Di9TdGrNqd-ISt7PjniPCLzIAGgX45ri_f3E-sHngNZPllRtqUCCEd3zRx8UfRgZr-xPtum2NKtl8wP-Cu2MB-calEsvx-aVOBoE5f_n4FP5l0E86SNzBcHbwuD_soskP8OWdn1tqduBPcVyaiNzBQ309AWAjBXMFd9S8Kr2A4FzxoHEJ3mHs8E_JGitxDVEP1HxBDHpllPH4GMam_LGHFiGKuTrgrOrQWUz-e3teCkfGYOx7ph_LbKOcR4-7-UBGKyy_i3KK87DdrZFLkpKj3tx8G3BYJK8dsPha-edpUKafDCGzmFi5woBHkLdTuPtDm-w7uiIKdMPjOUFFmhoBjlbXyg8NG-1Q55mRZGeSQLdMNMFW8nTtoxx1pkuxaLSeZtjQNpb7ciVMq5eQdMOn4BBtWULBobkNMfdjWy-p_dJsldhdSpyIOztE0bIU6O1kqO89Zo6VN9VUtCiqsywBXjcb9n0Sbo9mB320V2gf9tIZTKWubLgpV9TeBVMI5IElzorcm1quZh5U0B2WldwHObi3mrnffWlmJkgIV54wp5lVdHC38u2eJJUXWtUFnMeARb1lDUTBaVoTiIsCFBB9aCdGpObvCV60WmoeqriBtHZq8lpX_Bc8pLOfCntngm6fWIfjuFboXmI_lgdsgFlHdHI2uzgVDy61pn9Ufcfv1qgBPvrRsIWwL6F-Vc4scTAXn1u84wixbfPLtFOgSXov7zRUQLoJU94EkSG3x1BYmyEnyIAdusBYdOSjjz6C8P9ztAxtG9mSgHQk5dOUUuaiADZn3Q72FlS3L5oihPDrT-lX05-F3jCk2Jpl2vJuihWg5zG2NjNiVg2kWCF48VBOXhVBdUpIt1QNe9jNo4RUApT_IkU8l2_LK3qUXJnfG72UhWDsRpMHQcP2NZPd0M6Gm_j0HhKRd6NYWD_QVfrjnnRnYqiTMgc45actxT1W3G17nbbNn5rzpgv8ovkP0nSHDzL8v1GZPhJ7LC5Yq-AmI2S47Hr0NqMcjc_97xTQJ7F9Lon6d6FmOXCC3UYMlUwxuOPSvb_upLHkGYIm1ZXQ29syWnyjsfsU2JJGHaS1xiILi2X7Mg3OPKblcDOoEk0b3ShOKdUQcQ2NXuzznpmkFmBzY4PwKOpFZJzZaEHJts0SvGY9KeDNUS0OFUxUgb5NdTon3XzRJTPoAlKcZklifOEbmb3pv018Vvoe_t-OgDGgGLdhtIbs1ajNqSrPNAmaRqjOmNbdEQmm7FuNIvulN8GaMwVSKK13wDapOokadtmFkxPOgJuzSc525fDC6xeFYQwz9-Xx&cid=CAQSPABygQiDj6e6bPmid7Nhf581rRFnM07BigwR5KZx3ov6VFmTFTbprLsHCkD8TX99aHsIX9SrNOQwET2XwRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.bandab.com.br%2F&ds=l&xdt=1&iif=1&cor=14330677535198427000&adk=1964084972&idt=32&cac=0&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:40:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30804
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 5499578052516643378
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 17:40:25 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame 4BC7 29 KB
11 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb86be0538b5ef8bb7fabe6cfdcc28f99687242fbecab81a9a2a72d92931594a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:40:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30804
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11316
x-xss-protection: 0
server: cafe
etag: 309758756414748794
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 17:40:25 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4BC7 41 KB
15 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.bandab.com.br
URL: https://www.bandab.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 13:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jun 2024 13:19:10 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CA98 1 KB
643 B 8ms
7ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
URL: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 46479
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Jun 2023 13:19:10 GMT
etag: 48472445140208031
expires: Sat, 17 Jun 2023 13:19:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4BC7 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 02ff7ccac5ec05af889b5fe2ea08d9e42da2ae7377e05515bc3af80d77b13bd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 0AE1 172 KB
60 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.bandab.com.br
URL: https://www.bandab.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
Origin: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 10:17:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57387
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Jun 2023 10:17:22 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/ Frame 0AE1 11 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CYuUq6TuF5D9uH9N-wWfzXRqcT_HwIIBbQe3fig5b6_BvOSAjLLqNPF3JAuggc-rsHgf1ecWkTgAE_NU7BVRUEE6O6ZJCdPdQkQWk-JMpxhalfk9V_H5L0lzSTeFYirjuJODWNqzustZ-SlhZPB1gq_C9QGOviuMnM_1fGPPtATL8xpYQ&dbm_d=AKAmf-BfqAyT8ECyTTU2h_2_zU2AxTXQNOSGpuoxO51gP0s95DIzSBTltbEGrzpicgFIDe45_ftGChG-6346cauPtZESGpH7tAE2RXVmMPX0X05KuMzQ1KCyB0ucWjnJNtBTYaM5foO6rb9AW4sTBhfJlbr1TesHw5gqMiOuqfYAa8gTPNSlKEG6iYfTSxknvRdR8bXF9q8ST5gLBwHb4fMiM_wwR4tLeZObT85bZOQqhAxkvi2sLgM8Lj9HFQZEOXWJjzL0gOytEj4G2xsxyiKRgMCWHDkltfJP-IbxS1z5IGrFZPgRAsX6VXm4FO8bgo4e4LbB1pSF0gAs_2f6COjZGwk-TWwlaYjFOHPOYmrPezR-YyuLuBTVf5iiDNmwdqfN4K0aZYa_rwiddqwNQaEPDMkhRrxqI5NgzVDIcgOnbVpS7a4nGlukO83IbzXmi1UkvHnJUT0JiWcxRkrjEbWnzyFmzYEJRNFgLWaxP7mXlq7i-RUjyCs7196SDOg8T6dfi80KJo24JCFqzGeG4-bzSfSTgYvcr6mcNsh5V0hdRlXQlr3OC2YJQm3uLsu_yEc3JL-ev1fTP8pdkqe32xxStdtCLGzDokpLl2RGWFG0PtRxv2E4-MXk0GbnfP5_lIF1Pbrwlq4s9geYnczHeJ216gNxZD_aXyZLTTfU3hzoETdA02FhLB6XThiLfR51TdJPBkGspujJ-aYonXo2GTc_wacV081Uud2KOTnDFOryjx4QJyV4O-DKXrBljnI_2FAnw2skzcTkYdvAjdDe3bzjTIA6qn0JTxpr69qj7lVas4BOJ8BzFvCHMhdzyJc4XuTFJGounxO2GZjmTFwYx3OlSq7FOruc3d7HbOycRgvhlBaEj1ddGo4Q1jd0BtGX6fPODqsEIgTYeC0qfJe9bbUbL0T9qFAwRpi81ojOaj7BPr6Q6fB1WsBQt-2DRlAyvJt5fTENklWkQkN4zOxeBltbgF1bj6IH2stLedV0vvJ8VGmRdUBJn8VF_5yyONuNvB11d_A1oEeiZlKNob5hq-JV-lsnYGJ7vvu4TSHM_qa-M098eNO557gLk3tyt1xtkH5hkEi-pQFbqzs8q-B8nHsyLl0nR2ct9wcx5MHLPQNOp5VA-WZu6YVKZX6FoFtO_uOM6-6ihmE6ONTpg95wFwpPXpsJ90JOt2MqeE7RikSzXjQQUa85fEuZcxAQFb5q54-crgKbL38-l_TttOoYT_Y_l8vuKFN8tsdkLh6ybKhpAVmoITMKkzxTSC7XrIiaEZGYF9hReoHC9b2x6J0dFQRqC3oIf0BSvHCfRQW6BIiHie7GQFY18SIRjDgGWzn2oVh8yC3BwCmrKxZJArFoEgbOhU5PxYpgZPIEZkUots1VwDfS9WPkSp0uTODns5OwRburLodzO2yzv6RrBUA6eehFbh0fYWd6LYD-PxbRiqxRzJD5tnZzcapJrIms5SJcqlwJltzcRw-9LCGrsHqCpYNDZSAwARs6eRMwzdn1Rkh7i0UeaCaawl5no4TsKcgvFFrC_OVZGYsdmi6YdyyjPCJDOjzExJt5PxgglQ3Ofx9E76XSe4zHJBgow5cELnlUDcb2omfdoeabR9ZdrjrBv5AWIjaXLBDQXWEuBOsFeTWtIdMHkCMmw852cf8CIy8gaXxG5A8_eYxmIxxPlA6OA61ikYAdn3r-jIFO3ElaL41CJNfetGqIyEADNTu1JFWGNf5NA5Ay7yQfLlplw2gWrBnAF13PclmscSSBRI1XaTxs5gd1kqLrTauMnJCKD8J6x1xrlJttOgkCLnxCcxbpH5LapOMRgXTQ429xMu16eqPrtqJZpQIBZ7sJIan0FADBXZbhZvCYfxW4cRKTyKpANpnnwSTZcH6r_LcDfC_EBVkRaZlmVbbxf5I6PkWFdmUKed8M3z3zqzDzhl-jbPB6vrGznOFhN6hkr75zkgyMPpGnd3UUWTA2ipct9SrflQU94RWYWh1ovkjvQbuUa7d2yt7kM3ZvStvyqVm_AF68Q4LtHxKcNOfmF166gVt6QDXG4HGps0FtPBJMDRzY6f3UxYu87uZ_OQVdixxdrG7n_Rvn5S7erfWgaivQbYGt-bV9uU7z9oOwV1H3vX45EbWVagKLtNhzVNvoUQjN3FsoSkEv_TT0GvNgHaKrwT1UuEATZ1kvAdiCgmOxE1gQuL0DtYzMshowHpIjT5O8mKjxV__frIT_PKJkw9apX-VLTniJLekHchg8-Cexkkd3b6VMt-bY6Dh08qREIpJpDp2k_0ldFp2ajY9qH-lZ5Zkzm5M_yS-84C5llfkdiasEDqbWPBEpPq-cDRsf-nxWrmg92qMFTeYREpjyjce4VRxw3OvhUqoUXKS3kzrpnYmZNX0NOBI7aGIRJRoAhgkXI24c_6UY2DB_MQqsp3WyHtdSafmg5jdJZsLrd8bYkJuY_SJBS-ZqeCvcTZ_NvDpOh7iB6LHrv3VKvLviQ0VAy6QWKXawjk9qjeEkn2Pc7mMQenIunEHQD1yeGkrh0ALRxGtS06JOmTZy5bxRIo6gcdr01R7PWgALmWsMfIrMSRVo2XU0DnGtJI_chcS7JTaqpEJ6kxQZCA9F8I-z8WCzcbirnaFKHtYIDSdg3czvPUAMHVAo1Aed2V6JtyydtHPiWHsRx8YWuXDzMycrv0Jj6oji-qm8NjmzIBAALFqk9JJo5jRlyGCrQ2OPxd_7Sg1yaCpwVbxZAvkSiHH2BQXLo8vo-BvmBELJ6Zv3XxFwY6MOx_hQtFJ-Gtqz1TMg_cnf6lNl4zYBa8TnwhGK3dX_kM8Lpk71QArq3fUT4-TGOgTkmfs6-sB9KwAd2AlFpe-fnaSYPG53AMea1weVxcUhrneswUuXhR3xnZ_cuFlOWGmn0q5oK9MUn_V8crlaHC2EixVR4L5kjRZY-pbwDbnR4iizo2opv9meRplEZ_T983DtnLfIsxmgszcINlxNxHvbO0GI3pfj9EKITXF6QNR1fVgamCsyRJMU29jkMa_6ulIrrXev7vuwIXTUCSht7frGliI_SCQkJ-s2ycBNYoBtN3FxGqfO9JyaQMJtb42BcnWgA93ET3VGafrvRKDFkM5phwXz8Q7EYXinthyiwXXReaeV4_xW03RMbgNRlXlIwbqjVuZn78T6fv2_72a2ve2bRzmi8cM_Y6brTB29yWT-BLMZJ6FeJ4DfjSGXW8iWv4ZpvBdd0yiC3Aiv82YXXFkuyml3jhmE3umggGP_SFRmQuL2fb7nFJU7bo-SH_xVX8740uP69iRqSk87IpbFSPKBU2wS248j9jtj4G0nx0mAavgsGmEf93Myqe4wJEeTSatuBGgu9kd6A0k8zNu3i9GJuIZHyugi7fVmdQ7zlWVoD7Zy-N2oUyAkLRGkDh5z3HBzsRJ2_ZBHVQ6dV1n4Da_xMtSfqjTZRvuHy58NElkBcev2NPeY_XStzq1obyE5uQuQzoXFD3yWVpqi_4yYmvfV-HBWMynx1oJBZLDAkcdl-gFE3qNgTqMOlBRf2_9cYsqdgNehHMrqIaHnQmKEd2NnxhZbGiYQI8piIycKssXVcZcMdlt_cYmoYSoSKZWpQWE24ftvIoStexAnJzZcnEGpqQY54L842aeAemjTRWONSRjmkyKAXFdkCgx1JvE9zw6suWHsyajXKOthrdwp9fD6az4_M2S7Iq-obEm-4bNZJqyQZnwkCE7DQAt9scHdJWeqsOY890xGg3BR-Ckxhg&cid=CAQSPABygQiDj6e6bPmid7Nhf581rRFnM07BigwR5KZx3ov6VFmTFTbprLsHCkD8TX99aHsIX9SrNOQwET2XwRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.bandab.com.br%2F&ds=l&xdt=1&iif=1&cor=3927804527099379700&adk=2228999115&idt=40&cac=0&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:40:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30804
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 5499578052516643378
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 17:40:25 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame 0AE1 29 KB
11 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb86be0538b5ef8bb7fabe6cfdcc28f99687242fbecab81a9a2a72d92931594a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:40:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30804
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11316
x-xss-protection: 0
server: cafe
etag: 309758756414748794
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 17:40:25 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0AE1 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.bandab.com.br
URL: https://www.bandab.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 13:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jun 2024 13:19:10 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BD13 1 KB
643 B 7ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
URL: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 46479
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Jun 2023 13:19:10 GMT
etag: 48472445140208031
expires: Sat, 17 Jun 2023 13:19:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0AE1 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 319bd084c48ffd60ceb46d8fe7b38ef229ef393ce91297bc97156b488be9d96b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B483 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 131224
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 13:46:45 GMT
expires: Fri, 14 Jun 2024 13:46:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CA98
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMmplIVdDtcUXZrY5n8DFpI&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMmplIVdDtcUXZrY5n8DFpI&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=T1p6bGNtT0gxUWFsckw1&google_gid=CAESEMmplIVdDtcUXZrY5n8DFpI&google_cver=1&google_push=ATf1kGPl9CjMoH-VAv2T3pW_5xkrubdaBN094nZcmaANP-_...

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=T1p6bGNtT0gxUWFsckw1&google_gid=CAESEMmplIVdDtcUXZrY5n8DFpI&google_cver=1&google_push=ATf1kGPl9CjMoH-VAv2T3pW_5xkrubdaBN094nZcmaANP-_dzY_ooJhKGvdSB1q1hFTmPFBMtNfkwylSIvFAQbEtQrqQDAc-U-s

Requested by

Host: b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
URL: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 02:13:49 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-780-gdfb6b2e#rel-ec2-master i-05a172857ebb8dd09@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=T1p6bGNtT0gxUWFsckw1&google_gid=CAESEMmplIVdDtcUXZrY5n8DFpI&google_cver=1&google_push=ATf1kGPl9CjMoH-VAv2T3pW_5xkrubdaBN094nZcmaANP-_dzY_ooJhKGvdSB1q1hFTmPFBMtNfkwylSIvFAQbEtQrqQDAc-U-s
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CA98
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFu0rwIUXu5HaY4TIV6LCxw&google_cver=1&google_push=ATf1kGNdB3P0-_atHvTujEYCKSN3B9BWNcO-17GVIyvMKXAyduFgItZ6IjZNNHIIMOiK2VADZPNkhky3tjO3vE...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0NTQ3MjUxMzk2ODMwNjMyNA%3D%3D&google_push=ATf1kGNdB3P0-_atHvTujEYCKSN3B9BWNcO-17GVIyvMKXAyduFgItZ6IjZNNHIIMOiK2VADZPNkhky3tjO3vEUgNL...

170 B
188 B

20ms
19ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0NTQ3MjUxMzk2ODMwNjMyNA%3D%3D&google_push=ATf1kGNdB3P0-_atHvTujEYCKSN3B9BWNcO-17GVIyvMKXAyduFgItZ6IjZNNHIIMOiK2VADZPNkhky3tjO3vEUgNLLbBqDOMQ

Requested by

Host: b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
URL: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0NTQ3MjUxMzk2ODMwNjMyNA%3D%3D&google_push=ATf1kGNdB3P0-_atHvTujEYCKSN3B9BWNcO-17GVIyvMKXAyduFgItZ6IjZNNHIIMOiK2VADZPNkhky3tjO3vEUgNLLbBqDOMQ
Date: Sat, 17 Jun 2023 02:13:49 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CA98
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEM_FT-obTixKsnCocsY6GE0&google_cver=1&google_push=ATf1kGORa4U92cI1s8htPKHOxolSP675gJ-PbOIAm0jfXPCSxVjASUIzwrBDgfoQir1Yj7gJZUzTjsu22ldOrUm10Two...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEM_FT-obTixKsnCocsY6GE0&google_cver=1&google_push=ATf1kGORa4U92cI1s8htPKHOxolSP675gJ-PbOIAm0jfXPCSxVjASUIzwrBDgfoQir1Yj7gJZUzTjsu22ldOrU...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGORa4U92cI1s8htPKHOxolSP675gJ-PbOIAm0jfXPCSxVjASUIzwrBDgfoQir1Yj7gJZUzTjsu22ldOrUm10TwoJ-anzg&google_hm=rnpvXqiaTua_Afa3B1TJVg==

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGORa4U92cI1s8htPKHOxolSP675gJ-PbOIAm0jfXPCSxVjASUIzwrBDgfoQir1Yj7gJZUzTjsu22ldOrUm10TwoJ-anzg&google_hm=rnpvXqiaTua_Afa3B1TJVg==

Requested by

Host: b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
URL: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGORa4U92cI1s8htPKHOxolSP675gJ-PbOIAm0jfXPCSxVjASUIzwrBDgfoQir1Yj7gJZUzTjsu22ldOrUm10TwoJ-anzg&google_hm=rnpvXqiaTua_Afa3B1TJVg==
date: Sat, 17 Jun 2023 02:13:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame CA98 43 B
363 B 54ms
12ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEGlap7VqZ9oMUHtZM3TpghA&google_cver=1&google_push=ATf1kGMDQPaIH9CneI-tGRmhdv2KTu42lJJg5bprzLjs50bTfz48b5xngpeU4t7WmJTLkfGMRlcgaRC14mabaYjIJu3cMquKKg

Requested by

Host: b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
URL: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:49 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 185579
expires: Sat, 17 Jun 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CA98
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF2nn4XfUH6FHNQX-FDxQRk&google_cver=1&google_push=ATf1kGNZ6NNHldO7y6qoEoN1OH2VaraHCTbsvfo_y42jOIyYEEtX2SOKKRQSMIOrIUOsKqHBDgp...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElaRDdIQzMtOC0xNTYw&google_push=ATf1kGNZ6NNHldO7y6qoEoN1OH2VaraHCTbsvfo_y42jOIyYEEtX2SOKKRQSMIOrIUOsKqHBDgpcmUwAqU3G7pNPxAoMwhXJI8w

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElaRDdIQzMtOC0xNTYw&google_push=ATf1kGNZ6NNHldO7y6qoEoN1OH2VaraHCTbsvfo_y42jOIyYEEtX2SOKKRQSMIOrIUOsKqHBDgpcmUwAqU3G7pNPxAoMwhXJI8w

Requested by

Host: b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
URL: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElaRDdIQzMtOC0xNTYw&google_push=ATf1kGNZ6NNHldO7y6qoEoN1OH2VaraHCTbsvfo_y42jOIyYEEtX2SOKKRQSMIOrIUOsKqHBDgpcmUwAqU3G7pNPxAoMwhXJI8w
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CA98
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEKuAhuwi9reerknxFmnwj8w&google_cver=1&google_push=ATf1kGPvTHhSpUnYWbFJEQq9dqNMSx6BsYZ0bPz16uPYpRVLQFs3kqRe85V1PdJSLks329EnI-kbkWbRoIEhdimw1cpOl6...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEKuAhuwi9reerknxFmnwj8w&google_cver=1&google_push=ATf1kGPvTHhSpUnYWbFJEQq9dqNMSx6BsYZ0bPz16uPYpRVLQFs3kqRe85V1PdJSLks329EnI-kbkWbRoIEhdimw...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TI9SytY2QjGmxmDCaIB9hg&google_push=ATf1kGPvTHhSpUnYWbFJEQq9dqNMSx6BsYZ0bPz16uPYpRVLQFs3kqRe85V1PdJSLks329EnI-kbkWbRoIEhdim...

170 B
188 B

20ms
19ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TI9SytY2QjGmxmDCaIB9hg&google_push=ATf1kGPvTHhSpUnYWbFJEQq9dqNMSx6BsYZ0bPz16uPYpRVLQFs3kqRe85V1PdJSLks329EnI-kbkWbRoIEhdimw1cpOl6WlqU4

Requested by

Host: b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
URL: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TI9SytY2QjGmxmDCaIB9hg&google_push=ATf1kGPvTHhSpUnYWbFJEQq9dqNMSx6BsYZ0bPz16uPYpRVLQFs3kqRe85V1PdJSLks329EnI-kbkWbRoIEhdimw1cpOl6WlqU4
access-control-allow-origin: *
date: Sat, 17 Jun 2023 02:13:49 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame CA98 0
75 B 161ms
18ms Image
text/plain 185.86.138.155
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEHckIhOl_nmjR59vsj-6n4U&google_cver=1&google_push=ATf1kGNbtsC048AYpTlvu6hHpgRh-pfITivS0lBfeXwIldHIkpYtA9ZIz1lb2g1oGaFda7XtdBXDVh-pBm0GAilFDHqN5DU_lkg
Requested by: Host: b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
URL: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:49 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame CA98 0
12 B 16ms
14ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JtoPc7HOZ1OO4-O73dF3zrf-0gO8HBxbbzn9PxLRC_3aHKGrWS24j_SkrgenMhBG6YR4Z5

Requested by

Host: b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
URL: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9170381621892120779/ Frame 1B16 13 KB
3 KB 31ms
16ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=n2yZ5GpD5Y&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

691257cf7d510da3434f5eedca2b2e0137949c698e3750c7705526a1ee75684c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2744
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 02:13:49 GMT
expires: Sun, 16 Jun 2024 02:13:49 GMT
last-modified: Thu, 30 Mar 2023 10:59:14 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4BC7 0
0 116ms
61ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsttbtD-ZfzhKXMUtHO7gdRTDrDXIU-aNLenzuPDpjVfrWq8lkMbng4RtVVDILHcOYo8kPQfbm6X-tcii5hCBoBFwB4IgVD4rvi5m0W8befTWTzPuLOKqSobMUgKx-5LzhIiL2NDVq-PYiETzu3y_43-Lj4bxnuJJ72IeWqtTtZzXA7KPiKhCHrvDrWRALWB8-mvZxJXpm5R1ZD77Ibildw5DmhuBd-b8SPh2EMusTRl6FmTVpOHBOd2oPqrVfPJwFvjdNxmGeJo62OIjt3Sfd4sQZYpfpA871BImdSBfH4RZ6Hcaisj6dgE_EpCehsw8WL64PFNMqdA9t0uvSyESOADxD3P6kEY7qUHdi_9GOI_yEvMTTkYjf0wJd20k2fQsyFiz_ea9oNQbZv0RbYH04Rw1TGkcqh-xATfzY4lgDv7TS_aG5pXLehpxxQz4_CXsOAp9W-5QvSp99rnfDip16LFNB9kWbKfXqp3SzAWNyNfxQy7kxAnWSkGFymyfPpXGBVY0w_Epd5hdqEKXydxI6wIO1mdRTkfcOilh2MvDlFis0ug7rCs2uwdG9r-bYxL3luwA-YMNO9MLYFBFMHxEgyhm9aO7gwlThkt0WdpspEcliAIab_ZaScDFJi9G_WMjducCQQW0hgkAvLm0nYKxTX5pzcEt7LDXLNu3H8coPI3CK8xY-LAMVWMvzGfJzw8DLiCDD7aLz2Lz50pe5nhWZVmwFyarZK2BaxrLWjNOGvx4f7enGWGVK-YeT_szEGRkifttduTbGM7EQ46PSUQNH6W3-_vMT3XnfyvyMHlHrrU1-tIwT7TrVeDneyHjI3LMCUDsoJ_O6pplVCyo-x4suLOXcq2CwEdtUDgsl7f7sv7Fd-H02o_ANR43cEv7UcVU3kvKuWMNpxLO53FhIIUEbVFnX2ckJNNxf9WcQvQnXuJhs0pinG5vVGdJWNlBgkl5QThnbiLORWZ2v9YMsUZX3EwrKDT5-xhqkeZeqBvTsZ-ai6m9mBwDAAXkN2nlxfoo7xiHYf7CNwy7K7TtuJdnMZw73RSfUmI6QI36wpmbWXBOsJ_RV5MF55Q6Uszr9LqkBVMU38DcwsecWEPfroX2OoSJ9S9plRXz9joTcZwdt_aDWqV8w3JfX__6zGEYCdobJ-GQVWivApG_K81mstCkQ5cT6NeTrcb7C8zhtMRmmqzFMNTbGWT1iiz2roToAPFHZtLMvcxrOC3YH1CNTUb17IfFCIubzv5MasuUDKarpDhMmoPHsGpSmyXwD-x1RuL44N-2K6HqbG4auQs6Xxua2ciWawMAtrChHYYb4CrQP5dMw1oKqwRDpA9eLJXnpd9YNf6XsxFnoY_UJOr2_45zjh7MUvlrknQQkbwfJ9O5vD5lGhY&sai=AMfl-YRwfRidydWB8S7U_k_DlTgcDpmzxomatOPD6y21pr_UcLDN2sBII2a7CfawubWclOiVrthXyRCax0Swcl_z5OujZ6rm8ZxMzgZZHzN4K_fSbzcsq9iJzN99VSZHxp1aa6rDmZVm0PlXvo3YNpagKK--AvZ8S-sMQ2M8H3w_myHVrZu3lBxcLyKeJdL7kAX8453INeOxI5Uu0sc_ydeSHbz1rHz10SUnyYqfydrAWjilToDv0di68CIVVM0RGT9qAzyS6Oy_jlpBuGCq5MQ8pPYVBsvBukH_&sig=Cg0ArKJSzJeomWxx441hEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=152&cbvp=1&cstd=143&cisv=r20230614.32104&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.bandab.com.br
URL: https://www.bandab.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Jun 2023 02:13:49 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 17 Jun 2023 02:13:49 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/14392016886954669725/ Frame B613 15 KB
2 KB 18ms
16ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14392016886954669725/index.html?e=69&leftOffset=0&topOffset=0&c=IoGRvgwMUd&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52fcf9ab6d40dae8ccdb14001de9f88166f017e719830277e869cbb73baf400f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2272
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 02:13:49 GMT
expires: Sun, 16 Jun 2024 02:13:49 GMT
last-modified: Thu, 16 Feb 2023 15:58:14 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0AE1 0
0 84ms
61ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst4nzps8zerV6S62nQ5iheFZNgma9ZURkFpqz9lwvmIvMXy9bmwnnhZmNvACfGqBM6_jFe26cFhbf_pgdeCb2I94ZoisyMGXSKhypSPZ2-wF8zzC9Ssx9QPO28Cg1u25IStCMl34-YRzFdsrm58tkENHmjPPZsDKIdpnDrrOrUCUF6qPA84KYQlj_0qVBnojQWFSMR5V4Baq5f1QDrKtda9aP9tQqXJF0ee5X9Tk5LS_O4GEwcpg4kqQU6gzLPsyKJuxAYJI2pJFNt2u573ONgaovVf9Swa3edmC63kw5E08Em_hVx90vUReZWhWEKUmCE7ge3iNx4bg2qEngFARgckfepS4NcQnKd7lm12Y5aviF61o7KYzGWxZVUb9uroI0aErX-wm65eSgj6hSWv8Awx4JpK-Qsg4RdIQoAulQ0JKymbg2xGxzQK4IPj4PNzvLPigz_bl9lIK1EV86WAhGdIf215O81Udbh9oHuVQNCUSFKFsnVM6r3SMDN8o57mDN7O1t5JV0IyPDoNOQf5PQCVQRdJdxAf5deXCDC5qcyMZjrNZ2aQpIgOsa1NLlvgWnVuipa541YDR9s5WBy7oeIWoFWdl7PIVTwI7c67xdHUYzWZf7hGpNdF35NfPElYSa7lHY-0C6i2POGyFxNEopHjMDX9OS9rpcwujXuNT9TSmcB22Dpuy2dHpXOy27FT4-SRjop5dWwxKwHFhvpHkylAr7YSehDeLCMFgI3DyUGkNukWQyxHr2-0jUsVaTSihj1uqs7pRgcwz3FQBurFnZJnnDEjG3y7R3pVr9M4AjacWzpaLe3m9lFNpTPAqHZ7NJ1vuEsb4-140niWyx9UcO15btTCPaps50PCNoLtUDdxOghkqM8fJKfGd7KChl_TJ7wzzcH_HvzeM7_9M31hJhOiRaZ5f-KEw4LXC9DXiuGfZp68fDEVXKIiAPAKgNYflmBpIncASMS4Z7XehKskIfVD2y4RL29tKA0k9BdFb-9oy6hH_hUwiq-bwusUZvZhVcEVzA_oVF1OO1IiMTw5DA4voIvw64ghwGeBokUpqU1jao84DUgSMsuPrFKr1BEalPWp7bxQm3CIB-4c7yTsjXqRaqVM3HhTrQAn6vdZjIIkfpuimz18EeYEDjxv4XlfNdVb55zHoeWRVAfmdh4dun5_ow1Z_ztqhhBuE9nAq6r04uE7VhhbEVXsCGlKU04W6W2AB1R29KPmmq8iB8ImgLwvxOj6ElJz-QdrDaJu337cYDMYue-BXfKaP91WSuIv7tQG07tBD_is532JW0D-KVFqJ6IV6yJ9t87ooAArKJBgrxtUEgQvOF5OQyjhND1YJtB2_S56UgaEhPhb6Ran47mQsTpurqd6lxvmGu9KzkU&sai=AMfl-YTVVOFDdTJNGerknJKgzi0Hx84R0A4TwPqRX_5y2swgwkvpvlT-fO3H4YATV7JdFA2Ou33ttzct0ptTRgtv8ybdhsdFFgfs4ieJ37Tt6Z98AqUcIw50a8lm1YWfwnpyahJPNjV64zVZ4b4KB6I8zC0Q9d6j3c616LphLWLbkvzrODT-Rcqf9qa3hkwPmIBHKbfcPy4r1Z0_TZlGo79R8kHnI4llOPOv3enTTLMrnR10QWa9CodeYl9xuFUKHx_nUoXe8Us&sig=Cg0ArKJSzA8Q2GQcCkwWEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=103&cbvp=1&cstd=94&cisv=r20230614.79608&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.bandab.com.br
URL: https://www.bandab.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Jun 2023 02:13:49 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 17 Jun 2023 02:13:49 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD13
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESECVvDKY7xZHUpgLBJX3vCfs&google_cver=1&google_push=ATf1kGPJX3bZzq0wftiSbSbpByNoDS2lI-gUHkLzao6s9GcBacsnKeqB_Am6mjeDlr352SqRk2sbfPJeqXwWUL3GVlsmszeQaxM
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=82E7927C2D7341B5B075EC7D67931B8A&google_push=ATf1kGPJX3bZzq0wftiSbSbpByNoDS2lI-gUHkLzao6s9GcBacsnKeqB_Am6mjeDlr352SqRk2sbfPJeqXwWUL3...

170 B
188 B

25ms
24ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=82E7927C2D7341B5B075EC7D67931B8A&google_push=ATf1kGPJX3bZzq0wftiSbSbpByNoDS2lI-gUHkLzao6s9GcBacsnKeqB_Am6mjeDlr352SqRk2sbfPJeqXwWUL3GVlsmszeQaxM

Requested by

Host: b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
URL: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 17 Jun 2023 02:13:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=82E7927C2D7341B5B075EC7D67931B8A&google_push=ATf1kGPJX3bZzq0wftiSbSbpByNoDS2lI-gUHkLzao6s9GcBacsnKeqB_Am6mjeDlr352SqRk2sbfPJeqXwWUL3GVlsmszeQaxM
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 16 Jun 2023 02:13:49 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame BD13 70 B
265 B 109ms
31ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEABX5HWRMR-W0IrttkDd7jw&google_cver=1&google_push=ATf1kGPAqWJwE_27erQgqOdTeTGFhdSiPTU5SD3Q4uDkuYbPqOLpJ7qI3nqSW2mDdi1e0q9IMmQXVK4o4UNTTArAxdSQU2UhTeMQ
Requested by: Host: b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
URL: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 17 Jun 2023 02:13:50 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD13
Redirect Chain

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEBF6JASGDKbm_w7tAKJPUhk&google_cver=1&google_push=ATf1kGO8hhh6pIfGcdGnWYLUuWXr_OcvW0mEmQ1Hp_YGsLUJfrPaP0kCf5ffuBg1VeU6jaLI5NDduZSv9TW...
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ATf1kGO8hhh6pIfGcdGnWYLUuWXr_OcvW0mEmQ1Hp_YGsLUJfrPaP0kCf5ffuBg1VeU6jaLI5NDduZSv9TWh8vXbXaDYC6HKpEZZ

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ATf1kGO8hhh6pIfGcdGnWYLUuWXr_OcvW0mEmQ1Hp_YGsLUJfrPaP0kCf5ffuBg1VeU6jaLI5NDduZSv9TWh8vXbXaDYC6HKpEZZ

Requested by

Host: b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
URL: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ATf1kGO8hhh6pIfGcdGnWYLUuWXr_OcvW0mEmQ1Hp_YGsLUJfrPaP0kCf5ffuBg1VeU6jaLI5NDduZSv9TWh8vXbXaDYC6HKpEZZ
Date: Sat, 17 Jun 2023 02:13:49 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 200 adx
pr-bh.ybp.yahoo.com/sync/ Frame BD13 0
533 B 111ms
33ms Image
text/plain 2a05:d018:d29:3601:77de:ca3a:987:60cd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMqbwVmEfajtjgfSB6Y8S4w&google_cver=1&google_push=ATf1kGPEtT9jr3C8YeX24OlABSS9oA3e8_s2_P2qeDRe1PN_PIUDhm9T8GPjGldSLUkwRqyzTeg4MStScMbpkzF932ElHf8Bo_QX

Requested by

Host: b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
URL: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:77de:ca3a:987:60cd Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:50 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD13
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF2nn4XfUH6FHNQX-FDxQRk&google_cver=1&google_push=ATf1kGPvGVKenFtAo6d1HfdHnYFJmwyc37ZldoGZU-pOvbfrPzsEZB4-YBASexRjROD1XjIVTKK...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElaRDdIQzMtOC0xNTYw&google_push=ATf1kGPvGVKenFtAo6d1HfdHnYFJmwyc37ZldoGZU-pOvbfrPzsEZB4-YBASexRjROD1XjIVTKKzukc3DXueSJPlDRl4U-2x_jpp

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElaRDdIQzMtOC0xNTYw&google_push=ATf1kGPvGVKenFtAo6d1HfdHnYFJmwyc37ZldoGZU-pOvbfrPzsEZB4-YBASexRjROD1XjIVTKKzukc3DXueSJPlDRl4U-2x_jpp

Requested by

Host: b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
URL: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElaRDdIQzMtOC0xNTYw&google_push=ATf1kGPvGVKenFtAo6d1HfdHnYFJmwyc37ZldoGZU-pOvbfrPzsEZB4-YBASexRjROD1XjIVTKKzukc3DXueSJPlDRl4U-2x_jpp
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD13
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMw6v6mSb1x7MM3BfnNjCSk&google_cver=1&google_push=ATf1kGPVvtTE5sJkPWhCLCJeZbNJ4rlzRuvBaEoJ84T_txEIhx0LRLxkrj7KbdOBomyTFslx84hiPb8TVU74LZxZ1...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMw6v6mSb1x7MM3BfnNjCSk&google_cver=1&google_push=ATf1kGPVvtTE5sJkPWhCLCJeZbNJ4rlzRuvBaEoJ84T_txEIhx0LRLxkrj7KbdOBomyTFslx84hiPb8TVU74LZxZ1...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPVvtTE5sJkPWhCLCJeZbNJ4rlzRuvBaEoJ84T_txEIhx0LRLxkrj7KbdOBomyTFslx84hiPb8TVU74LZxZ1SKiXtf980Qg&google_hm=G1BlqGZHha3Zf_UESrGNcYGX

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPVvtTE5sJkPWhCLCJeZbNJ4rlzRuvBaEoJ84T_txEIhx0LRLxkrj7KbdOBomyTFslx84hiPb8TVU74LZxZ1SKiXtf980Qg&google_hm=G1BlqGZHha3Zf_UESrGNcYGX

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 17 Jun 2023 02:13:50 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPVvtTE5sJkPWhCLCJeZbNJ4rlzRuvBaEoJ84T_txEIhx0LRLxkrj7KbdOBomyTFslx84hiPb8TVU74LZxZ1SKiXtf980Qg&google_hm=G1BlqGZHha3Zf_UESrGNcYGX
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame BD13 0
75 B 100ms
17ms Image
text/plain 185.86.138.155
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEHckIhOl_nmjR59vsj-6n4U&google_cver=1&google_push=ATf1kGMRPDlJfdo7gW4y1OUhuF7oyfIchzf4045zDgr-bpihyY5AZkYVzyk_cJCgorBo5PlZ-tzkK4IpRuV33ETSmdFS_eNrOFYj
Requested by: Host: b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
URL: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:49 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame BD13 0
12 B 16ms
15ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LPGGhlE0jIf6n3ItGU7I2ejXE9HwRscM5VPaS-WGQOwTkRuRjDqg-nR23jDHA0An3A9oNV

Requested by

Host: b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
URL: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 styles.css
s0.2mdn.net/sadbundle/9170381621892120779/css/ Frame 1B16 6 KB
1 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9170381621892120779/css/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=n2yZ5GpD5Y&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

101470fcde40e5ad29c691a0cc4276b7e311972a8e02a684f19db29fd4698645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=n2yZ5GpD5Y&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 10:58:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 573296
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1483
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 09 Jun 2024 10:58:53 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 1B16 118 KB
40 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=n2yZ5GpD5Y&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=n2yZ5GpD5Y&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 07:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68103
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Jun 2023 07:18:46 GMT

GET
H3 200 overlay.png
s0.2mdn.net/sadbundle/9170381621892120779/img/ Frame 1B16 95 B
122 B 8ms
8ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9170381621892120779/img/overlay.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=n2yZ5GpD5Y&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=n2yZ5GpD5Y&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 08:27:52 GMT
x-content-type-options: nosniff
age: 150357
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 14 Jun 2024 08:27:52 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/9170381621892120779/img/ Frame 1B16 6 KB
3 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9170381621892120779/img/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=n2yZ5GpD5Y&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b1bfbac0178604f4dce665117d962743d2916a2a37968438f3d49d7e9c04445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=n2yZ5GpD5Y&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 08:27:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 150358
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2563
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 14 Jun 2024 08:27:52 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 1B16 60 KB
24 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=n2yZ5GpD5Y&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=n2yZ5GpD5Y&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Jun 2023 02:13:49 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8D8B 22 KB
8 KB 9ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 131224
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 13:46:45 GMT
expires: Fri, 14 Jun 2024 13:46:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1676550659977.css
s0.2mdn.net/sadbundle/14392016886954669725/ Frame B613 8 KB
2 KB 11ms
10ms Stylesheet
text/css 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14392016886954669725/1676550659977.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14392016886954669725/index.html?e=69&leftOffset=0&topOffset=0&c=IoGRvgwMUd&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7ffa6fea5799287955bbccb8247344d1b93a2e2becfc2c7ccd92b44b9279bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14392016886954669725/index.html?e=69&leftOffset=0&topOffset=0&c=IoGRvgwMUd&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 15:43:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 556249
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2295
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 15:58:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 09 Jun 2024 15:43:00 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame B613 118 KB
40 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14392016886954669725/index.html?e=69&leftOffset=0&topOffset=0&c=IoGRvgwMUd&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14392016886954669725/index.html?e=69&leftOffset=0&topOffset=0&c=IoGRvgwMUd&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 07:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68103
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Jun 2023 07:18:46 GMT

GET
H3 200 1676550659977.js Show response
s0.2mdn.net/sadbundle/14392016886954669725/ Frame B613 20 KB
5 KB 13ms
11ms Script
application/x-javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14392016886954669725/1676550659977.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14392016886954669725/index.html?e=69&leftOffset=0&topOffset=0&c=IoGRvgwMUd&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14392016886954669725/index.html?e=69&leftOffset=0&topOffset=0&c=IoGRvgwMUd&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 17:30:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 549770
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5491
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 15:58:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 09 Jun 2024 17:30:59 GMT

GET
H3 200 F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js Show response
pagead2.googlesyndication.com/bg/ Frame B483 37 KB
14 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:21:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Jun 2024 12:21:41 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
46ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306130101&jk=3491996457415813&bg=!j4yljNjNAAaGYqkwpmI7ADkAdvg8WiRjrIa1wvWsj21nCcoFwdJz7I097mD8oJ77YOsiyCBLw4Hycg4x0l4CQntVHf2Diwc7dX4CAAAAfVIAAAADaAEHmQLm8pvvfC4Emi5vtIUCCr5wiOkUKNScjM5X_8CiDisQkokE0xWcBVsloSOXJdcVhfVlV1UYHvawV6KrhXfG20_D7AkKD7nGoVaG958nMCBRuSXVzqoAfEkwC1w4bJZIIVW6idIp1yCPSngVLvTh6QHr_3w1GYwGCS3y_nDagwmXxxKTTpG5TeMTQcWrGKPoR7yIAmdvQrFDkhqZsPMbm493qxxqfJoBJT3DFdi3vmwx-9tyufipMQTs-Qlk2UADaBAeJLziX-m6QpWSi8ar0Jr1jKgXcNSDNoAg5dbfHATdcqswIZHRVmD0HcQGDJSyjr_bCPMmAWSJTbHFKFTmi6R92VSW2yyckiyyWos1ptbNsHRNwOQq7yzRaNduGe5g8DdExSomWekNyXPc0rrvuqnmgtFHtRWavzYrxEtsrnHrhSgRm2sUidIaPQzzN0qQeejV4gpO5Z3Jk2m-Wo1UZ-6cl4YTo1tfycjWSZNTQ7gNx-GHeXVv6laG3rqWgPjWfRZ-VA56mWkteTw-LbtcSmF98hUOkhRd_NKEb_15Lxi_TiAEa6nfGBVzAJiyU9ltDKYB7ROTuvAXozh21pA_aJ0lzC3flNqmPi-iFxNFLQ_6nkkhx2lcYvJZ2cKuTv9Mnzhw3l_H_0dAmpNqOUu64Ecn4je_z7vdM_Y16HsQPPeSFHPNkTZF5AKV8PYb9ggS88Gg3tBNl9VwADaqOdqHqZYmFlGwAkIBFJyH854gyVT2M5-mSSNWL5_c1edZBNrApXRGwkL2BbzOkAQN68rptfTz7yG9TdUvg0ByZEgKAl0Z2hGwiYkyyOx6r1BbBPnWXnuf0P4RjAmt_5hAz0cNdJcuuqC8a-taxsImVFKoOGhY_n4vsYjZGuwcUrOSiYKmg1jIpsG-P6ueJKn7oDI6z_RI6xqa94QoAOHFIGGdAFcmt2OHnNy0xfMqNiFWwiskrucyYYNv3F7XTgOZEmKvGTC62u7cxktIrg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js Show response
pagead2.googlesyndication.com/bg/ Frame 8D8B 37 KB
14 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:21:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Jun 2024 12:21:41 GMT

GET
H3 200 FordAntennaCondMedium.subline.woff
s0.2mdn.net/sadbundle/9170381621892120779/fonts/ Frame 1B16 13 KB
13 KB 8ms
7ms Font
font/woff 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9170381621892120779/fonts/FordAntennaCondMedium.subline.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e83314d333416d003a14ff991793feefefe12184980a4f081c0465cda5dc8da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9170381621892120779/css/styles.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 20:23:09 GMT
x-content-type-options: nosniff
age: 280241
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13336
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 12 Jun 2024 20:23:09 GMT

GET
H3 200 FordAntennaBlack.headline.woff
s0.2mdn.net/sadbundle/9170381621892120779/fonts/ Frame 1B16 12 KB
12 KB 10ms
8ms Font
font/woff 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9170381621892120779/fonts/FordAntennaBlack.headline.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d97d2f204c48ceadcc2f5b86ba6bf25987c6f7c43c8dd7fee7a2847e6a71f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9170381621892120779/css/styles.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 10:58:49 GMT
x-content-type-options: nosniff
age: 573301
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11876
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 09 Jun 2024 10:58:49 GMT

GET
H3 200 FordAntennaRegular.legal.woff
s0.2mdn.net/sadbundle/9170381621892120779/fonts/ Frame 1B16 14 KB
14 KB 9ms
7ms Font
font/woff 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9170381621892120779/fonts/FordAntennaRegular.legal.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1ea82759f4df729f7ee24dac62805f05a2fc79c7ca4cb518a072a11835e884

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9170381621892120779/css/styles.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 08:27:52 GMT
x-content-type-options: nosniff
age: 150358
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14468
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 14 Jun 2024 08:27:52 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/14392016886954669725/ Frame B613 3 KB
1 KB 7ms
7ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14392016886954669725/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14392016886954669725/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac1f8c2a4ee7c0ee40acb4937d0459e1e290abfa8229c4b7fc4d7992858e1cd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14392016886954669725/1676550659977.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:18:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 546927
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1365
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 15:58:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 09 Jun 2024 18:18:23 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4BC7 0
0 46ms
46ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsttbtD-ZfzhKXMUtHO7gdRTDrDXIU-aNLenzuPDpjVfrWq8lkMbng4RtVVDILHcOYo8kPQfbm6X-tcii5hCBoBFwB4IgVD4rvi5m0W8befTWTzPuLOKqSobMUgKx-5LzhIiL2NDVq-PYiETzu3y_43-Lj4bxnuJJ72IeWqtTtZzXA7KPiKhCHrvDrWRALWB8-mvZxJXpm5R1ZD77Ibildw5DmhuBd-b8SPh2EMusTRl6FmTVpOHBOd2oPqrVfPJwFvjdNxmGeJo62OIjt3Sfd4sQZYpfpA871BImdSBfH4RZ6Hcaisj6dgE_EpCehsw8WL64PFNMqdA9t0uvSyESOADxD3P6kEY7qUHdi_9GOI_yEvMTTkYjf0wJd20k2fQsyFiz_ea9oNQbZv0RbYH04Rw1TGkcqh-xATfzY4lgDv7TS_aG5pXLehpxxQz4_CXsOAp9W-5QvSp99rnfDip16LFNB9kWbKfXqp3SzAWNyNfxQy7kxAnWSkGFymyfPpXGBVY0w_Epd5hdqEKXydxI6wIO1mdRTkfcOilh2MvDlFis0ug7rCs2uwdG9r-bYxL3luwA-YMNO9MLYFBFMHxEgyhm9aO7gwlThkt0WdpspEcliAIab_ZaScDFJi9G_WMjducCQQW0hgkAvLm0nYKxTX5pzcEt7LDXLNu3H8coPI3CK8xY-LAMVWMvzGfJzw8DLiCDD7aLz2Lz50pe5nhWZVmwFyarZK2BaxrLWjNOGvx4f7enGWGVK-YeT_szEGRkifttduTbGM7EQ46PSUQNH6W3-_vMT3XnfyvyMHlHrrU1-tIwT7TrVeDneyHjI3LMCUDsoJ_O6pplVCyo-x4suLOXcq2CwEdtUDgsl7f7sv7Fd-H02o_ANR43cEv7UcVU3kvKuWMNpxLO53FhIIUEbVFnX2ckJNNxf9WcQvQnXuJhs0pinG5vVGdJWNlBgkl5QThnbiLORWZ2v9YMsUZX3EwrKDT5-xhqkeZeqBvTsZ-ai6m9mBwDAAXkN2nlxfoo7xiHYf7CNwy7K7TtuJdnMZw73RSfUmI6QI36wpmbWXBOsJ_RV5MF55Q6Uszr9LqkBVMU38DcwsecWEPfroX2OoSJ9S9plRXz9joTcZwdt_aDWqV8w3JfX__6zGEYCdobJ-GQVWivApG_K81mstCkQ5cT6NeTrcb7C8zhtMRmmqzFMNTbGWT1iiz2roToAPFHZtLMvcxrOC3YH1CNTUb17IfFCIubzv5MasuUDKarpDhMmoPHsGpSmyXwD-x1RuL44N-2K6HqbG4auQs6Xxua2ciWawMAtrChHYYb4CrQP5dMw1oKqwRDpA9eLJXnpd9YNf6XsxFnoY_UJOr2_45zjh7MUvlrknQQkbwfJ9O5vD5lGhY&sai=AMfl-YRwfRidydWB8S7U_k_DlTgcDpmzxomatOPD6y21pr_UcLDN2sBII2a7CfawubWclOiVrthXyRCax0Swcl_z5OujZ6rm8ZxMzgZZHzN4K_fSbzcsq9iJzN99VSZHxp1aa6rDmZVm0PlXvo3YNpagKK--AvZ8S-sMQ2M8H3w_myHVrZu3lBxcLyKeJdL7kAX8453INeOxI5Uu0sc_ydeSHbz1rHz10SUnyYqfydrAWjilToDv0di68CIVVM0RGT9qAzyS6Oy_jlpBuGCq5MQ8pPYVBsvBukH_&sig=Cg0ArKJSzJeomWxx441hEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=334&vt=11&dtpt=182&dett=3&cstd=143&cisv=r20230614.32104&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.bandab.com.br
URL: https://www.bandab.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Jun 2023 02:13:50 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1B16 7 KB
6 KB 21ms
20ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d67a33c8331491ba9e3caa541a498b9cdfa15cbda6b1180b1bab65f46b81db06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5762
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0AE1 0
0 45ms
45ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst4nzps8zerV6S62nQ5iheFZNgma9ZURkFpqz9lwvmIvMXy9bmwnnhZmNvACfGqBM6_jFe26cFhbf_pgdeCb2I94ZoisyMGXSKhypSPZ2-wF8zzC9Ssx9QPO28Cg1u25IStCMl34-YRzFdsrm58tkENHmjPPZsDKIdpnDrrOrUCUF6qPA84KYQlj_0qVBnojQWFSMR5V4Baq5f1QDrKtda9aP9tQqXJF0ee5X9Tk5LS_O4GEwcpg4kqQU6gzLPsyKJuxAYJI2pJFNt2u573ONgaovVf9Swa3edmC63kw5E08Em_hVx90vUReZWhWEKUmCE7ge3iNx4bg2qEngFARgckfepS4NcQnKd7lm12Y5aviF61o7KYzGWxZVUb9uroI0aErX-wm65eSgj6hSWv8Awx4JpK-Qsg4RdIQoAulQ0JKymbg2xGxzQK4IPj4PNzvLPigz_bl9lIK1EV86WAhGdIf215O81Udbh9oHuVQNCUSFKFsnVM6r3SMDN8o57mDN7O1t5JV0IyPDoNOQf5PQCVQRdJdxAf5deXCDC5qcyMZjrNZ2aQpIgOsa1NLlvgWnVuipa541YDR9s5WBy7oeIWoFWdl7PIVTwI7c67xdHUYzWZf7hGpNdF35NfPElYSa7lHY-0C6i2POGyFxNEopHjMDX9OS9rpcwujXuNT9TSmcB22Dpuy2dHpXOy27FT4-SRjop5dWwxKwHFhvpHkylAr7YSehDeLCMFgI3DyUGkNukWQyxHr2-0jUsVaTSihj1uqs7pRgcwz3FQBurFnZJnnDEjG3y7R3pVr9M4AjacWzpaLe3m9lFNpTPAqHZ7NJ1vuEsb4-140niWyx9UcO15btTCPaps50PCNoLtUDdxOghkqM8fJKfGd7KChl_TJ7wzzcH_HvzeM7_9M31hJhOiRaZ5f-KEw4LXC9DXiuGfZp68fDEVXKIiAPAKgNYflmBpIncASMS4Z7XehKskIfVD2y4RL29tKA0k9BdFb-9oy6hH_hUwiq-bwusUZvZhVcEVzA_oVF1OO1IiMTw5DA4voIvw64ghwGeBokUpqU1jao84DUgSMsuPrFKr1BEalPWp7bxQm3CIB-4c7yTsjXqRaqVM3HhTrQAn6vdZjIIkfpuimz18EeYEDjxv4XlfNdVb55zHoeWRVAfmdh4dun5_ow1Z_ztqhhBuE9nAq6r04uE7VhhbEVXsCGlKU04W6W2AB1R29KPmmq8iB8ImgLwvxOj6ElJz-QdrDaJu337cYDMYue-BXfKaP91WSuIv7tQG07tBD_is532JW0D-KVFqJ6IV6yJ9t87ooAArKJBgrxtUEgQvOF5OQyjhND1YJtB2_S56UgaEhPhb6Ran47mQsTpurqd6lxvmGu9KzkU&sai=AMfl-YTVVOFDdTJNGerknJKgzi0Hx84R0A4TwPqRX_5y2swgwkvpvlT-fO3H4YATV7JdFA2Ou33ttzct0ptTRgtv8ybdhsdFFgfs4ieJ37Tt6Z98AqUcIw50a8lm1YWfwnpyahJPNjV64zVZ4b4KB6I8zC0Q9d6j3c616LphLWLbkvzrODT-Rcqf9qa3hkwPmIBHKbfcPy4r1Z0_TZlGo79R8kHnI4llOPOv3enTTLMrnR10QWa9CodeYl9xuFUKHx_nUoXe8Us&sig=Cg0ArKJSzA8Q2GQcCkwWEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=278&vt=11&dtpt=175&dett=3&cstd=94&cisv=r20230614.79608&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.bandab.com.br
URL: https://www.bandab.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Jun 2023 02:13:50 GMT

GET
H3 200 visual.jpg
s0.2mdn.net/sadbundle/9170381621892120779/img/ Frame 1B16 92 KB
92 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9170381621892120779/img/visual.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb578159169bb38173ca68b7f9ce061b18af4e4e6724bf3c9c3e745cc954f177

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=n2yZ5GpD5Y&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 19:30:55 GMT
x-content-type-options: nosniff
age: 369775
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94238
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 11 Jun 2024 19:30:55 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=3491996457415813&vrg=202306130101&nw_id=75894840%5C%2C1315984%2C21715141650%5C%2C1315984&nslots=6&eid=676982961&pub_url=https%3A%2F%2Fwww.bandab.com.br%2F&qid=CJCWh9Gdyf8CFQIL4AodY8kNAQ&iu=%2F21715141650%2C1315984%2Fbandab.com.br%2Fdesktop_under&e=0&ret=728x90&req=970x90%7C728x90&bm=0&efh=1&stk=1&ifi=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1B16 17 KB
6 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Jun 2023 02:13:50 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ Frame B613 13 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14392016886954669725/1676550659977.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 09:51:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 145353
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jun 2024 09:51:17 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B613 7 KB
6 KB 20ms
20ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1b1f1a71ceb2dc84c6f67e4d3bdb872d9b52cbcded2214cbe32caf6bda7ab09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5750
x-xss-protection: 0

GET
H3 200 WhatsApp-Image-2023-06-16-at-20.02.19-150x150.jpeg.webp
www.bandab.com.br/wp-content/uploads/2023/06/ 4 KB
4 KB 17ms
16ms Image
image/webp 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bandab.com.br/wp-content/uploads/2023/06/WhatsApp-Image-2023-06-16-at-20.02.19-150x150.jpeg.webp
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js?ver=702
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abb5261378b3567735da40fb33fe3d3fb60dac9567b711d2fb577e1d058484f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:50 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Jun 2023 00:31:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2
etag: "648cfece-f12"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eCc6UaDSVoQvPk12Eh9BLnmDF2r0AMMwsik%2BTW7h4uKrvW9r9Tu5him1bRDGid64Vvw1hP%2FiQwwgtSM2awBdwoy50qR%2Bq2lu0dirdzLoctljgy5PgCUAF30xdqok44gSAxsPUKSB0zdQqi0BXiEx"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 7d87c68d0d372bd6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3858

GET
H3 200 WhatsApp-Image-2023-06-16-at-18.02.33-150x150.jpeg.webp
www.bandab.com.br/wp-content/uploads/2023/06/ 4 KB
5 KB 16ms
15ms Image
image/webp 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bandab.com.br/wp-content/uploads/2023/06/WhatsApp-Image-2023-06-16-at-18.02.33-150x150.jpeg.webp
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js?ver=702
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4ed9dc2505b80972d82f42f66df2290507797527e5b0559cf487efa607c7ba0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:50 GMT
cf-cache-status: HIT
last-modified: Fri, 16 Jun 2023 22:53:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2
etag: "648ce7d1-111c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FBj47w3GykT3qu5PpAt2khUXstiiKJ0Q40ZpHDI4mj9wYzfN7%2Fu1L5hWteF9JF%2FF4wsAGJM9trsQr6%2BoC69JQ1DhGTQ04%2B30srWhv3aqvy9MTgj3RBlVl4JJMvAy5bx2zSK2z9plOW6OOWwa1l28"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 7d87c68d1d3f2bd6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4380

GET
H3 200 trote-violento-na-ufpr-capa-150x150.jpg.webp
www.bandab.com.br/wp-content/uploads/2023/05/ 6 KB
6 KB 107ms
106ms Image
image/webp 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bandab.com.br/wp-content/uploads/2023/05/trote-violento-na-ufpr-capa-150x150.jpg.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b1cbcb0e904d7a85d36f8dac2b2e47f2ceadbb25d1803ade41f093f18693a81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:50 GMT
cf-cache-status: HIT
last-modified: Fri, 26 May 2023 21:42:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "647127e3-1694"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b316ByE6Ne8xVDRU2yOYBhWGFO%2FL%2FN9QBR58AQzycUS4eBGGJKDLbabnUdAwCrDYy7VH2Ln9TT2QIYCnpiGdOTHuV5gtsC6pykUY0nkabR%2FSsBXOXKKqDE6s%2BK8hkBz%2Fl%2BbymFSqIh7VsbR8GzYA"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 7d87c68d1d402bd6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5780

GET
H3 200 honda-city-150x150.jpg.webp
www.bandab.com.br/wp-content/uploads/2023/06/ 4 KB
4 KB 110ms
109ms Image
image/webp 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bandab.com.br/wp-content/uploads/2023/06/honda-city-150x150.jpg.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6ee095ebc6fd605f0b452416daba5acaa49a16f8a64c4944b91a2e291a81261

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:50 GMT
cf-cache-status: HIT
last-modified: Fri, 16 Jun 2023 22:48:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "648ce6a5-eb0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gs9DIU6rtIdqs54XqHxAqQG7QJJl%2BU6QwXw8pXJf0suWJLrAe8cuM85c9GruKUmc%2B0oQPujAI1ws%2FKktvMCdzS0q%2FE%2FZNYpf3Sqm64cP2X4iiMq0V%2FlndJJ74NhWxWe6QtlV%2BROsq43L6werDwyX"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 7d87c68d1d412bd6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3760

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B613 17 KB
6 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Jun 2023 02:13:50 GMT

GET
H3 200 F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js Show response
pagead2.googlesyndication.com/bg/ Frame A9F8 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:21:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Jun 2024 12:21:41 GMT

GET
H3 200 congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame B613 98 KB
98 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14392016886954669725/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14392016886954669725/1676550659977.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:04:20 GMT
x-content-type-options: nosniff
age: 570
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100772
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 09:13:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Jun 2023 02:19:20 GMT

GET
H3 200 86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame B613 57 KB
57 KB 9ms
8ms Font
font/woff 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14392016886954669725/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14392016886954669725/1676550659977.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:04:28 GMT
x-content-type-options: nosniff
age: 562
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58447
x-xss-protection: 0
last-modified: Wed, 15 Feb 2017 10:23:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Jun 2023 02:19:28 GMT

GET
H3 200 F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js Show response
pagead2.googlesyndication.com/bg/ Frame F540 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:21:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Jun 2024 12:21:41 GMT

GET
H3 200 03032023-031526342-240_1200_sky_intro_animation_einzelbilder-reduziertafe19f74-c87a-4a39-beb5-f722d1b138f6.gif
s0.2mdn.net/4528404/ Frame B613 41 KB
41 KB 7ms
7ms Image
image/gif 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031526342-240_1200_sky_intro_animation_einzelbilder-reduziertafe19f74-c87a-4a39-beb5-f722d1b138f6.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4086e30fd390649ac0486dd6837e03645eda9da417e66540d9d644c4c86e338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14392016886954669725/index.html?e=69&leftOffset=0&topOffset=0&c=IoGRvgwMUd&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 11:58:00 GMT
x-content-type-options: nosniff
age: 51350
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41553
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:15:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Jun 2023 11:58:00 GMT

GET
H3 200 03032023-031531082-240_1200_stoerer-gbplus2722f639-478f-4d75-bfc4-f30d15c3fc22.png
s0.2mdn.net/4528404/ Frame B613 27 KB
27 KB 8ms
8ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031531082-240_1200_stoerer-gbplus2722f639-478f-4d75-bfc4-f30d15c3fc22.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a60492426069b0486ebe301ffc95232d87ec990c9fbffc04622d28faeb1288eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14392016886954669725/index.html?e=69&leftOffset=0&topOffset=0&c=IoGRvgwMUd&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 07:38:52 GMT
x-content-type-options: nosniff
age: 66898
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27678
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:15:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Jun 2023 07:38:52 GMT

GET
H3 200 WhatsApp-Image-2023-06-16-at-19.18.08-1-150x150.jpeg.webp
www.bandab.com.br/wp-content/uploads/2023/06/ 4 KB
4 KB 17ms
17ms Image
image/webp 2606:4700:20::681a:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bandab.com.br/wp-content/uploads/2023/06/WhatsApp-Image-2023-06-16-at-19.18.08-1-150x150.jpeg.webp
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js?ver=702
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a0236f462882b4b241f13bba8b52ee72e92070ef28fdd0e9230fe09f03ea5a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:50 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Jun 2023 00:59:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2
etag: "648d0578-f28"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vt9I57qkUSDM%2BPXCcT%2FVwIRFee2EhY9jXB3Z%2FvpQGb17TIOhziWRo6ybOkcmmKAsvd38USXyPXjWfWtmnIhGQSvSo9PQs3y4G%2FWAD4V87ohtmg6p3ZqHKdLk%2Fu81x6AoLBcOrOWZuKdG34Id65ZD"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 7d87c68e4e342bd6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3880

GET
H3 200 03032023-031526342-240_1200_sky_intro_animation_einzelbilder-reduziertafe19f74-c87a-4a39-beb5-f722d1b138f6.gif
s0.2mdn.net/4528404/ Frame B613 41 KB
41 KB 8ms
7ms Image
image/gif 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031526342-240_1200_sky_intro_animation_einzelbilder-reduziertafe19f74-c87a-4a39-beb5-f722d1b138f6.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4086e30fd390649ac0486dd6837e03645eda9da417e66540d9d644c4c86e338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14392016886954669725/index.html?e=69&leftOffset=0&topOffset=0&c=IoGRvgwMUd&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 11:58:00 GMT
x-content-type-options: nosniff
age: 51350
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41553
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:15:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Jun 2023 11:58:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B483 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BkFv83RaNZLiKKvGl9u8P3pyzwAcAAAAAOAHgBAI&bg=!8_Cl8KTNAAaGYqkwpmI7ADkAdvg8WriFh5pzrICPs0XVW9221THzPr4gu63a7QlP9kRFErGrM3SF_fT6HDxIZf3CVAcjswyDr1oCAAABc1IAAAADaAEHmQMzNQolGHDTIuQHdox7kASOF36fQeyhOjlS43wd24tdZf8iz04XDdXLoIVDt1Vv8VTbj3DnI7hqi4xGWerfbb8tj6bm4StS-T2Pq7-ENzPJN286jRHc2jC2VU397yhFoe37h5BQXk2h89zWFNczDWdrBjLHJjThITOyN42b_ne5RZ01cWu8ehU48vVf285d-5xf2Azp9_1DPiu085ENDLmGuJoTVAjx6CxPNO3VFWmTSiYN6DklNAmOKGPDGbndkunEdFkZE5CbM4z_U35XWJxTluFDdDmVp7S0gHVJcFniUBuTOLTOD0UT0kEqJIayEUXWQaYTq9JlZDdd8tWRdHpc7twzj4fgKlnZ4FaI9GM0rZSUGYV8OLFUPZCtRUj0hj0VFZJNv3dYJgjk8Qja7jKzHrddGKVaDf22bf9KyzHvc1cdjX1wQ2Gk5rhL8P6x2WH6PBAkbExqvEDeHJppOPnZIboQlu3bq6BJqKHmhg7EeN3cQWIXlupRnqzPSskmgg0qMs9o86b_pRUSgQg0cZ_RD1NWCGkPmTONogoQgMPVqIgJ07-K-hWK4bfPLZlq85s4ych2vlVmml8tIkHGK8k0DQXp-HLmAbzt_5bugwP3MqPjdTSKs74Hsi2aBGXnGYn7Edi_UhEy17Kvx-EzeFns_pIz1ZnH9D6pznK0FAnis-yVltW9JfCi8jgy02ich10QJeSo5o_z6-hs0SB2jW22_nsgUEL1DplDVNHGH_jXPm5Jggvc1FsmnAsiaLWbhIqkZTB-pBzkKUEV9H4WQrz0kbofeodPpHb8zlJyTT2EiHqYLyPByHkJ_xzkf01hCMoO9_u60vTjOaMjZDTWgA29sCTlW8OgzM0pustOD0qHVn1LVj2I00raWFaqYuiHEF0Q9mPlf_dP0amsz_GYREZZPfVwFxCZosvaLEX2ks38S9E73vBAgIwFQnSdwTXASsFCS58bUgjFJpKeTDt0CTzgFyptpKGssQtzGAcLrqflCWFrgfwk2fVgcQbjELYtObPXp-az334u9QEh7Ev5hiRHEw-UBL-KErEnBSud7-szJHYXHImaCS_f3E3JNN5_Au0tOEfY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8D8B 0
20 B 45ms
44ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BKbXw3RaNZNqKK_yxx_APpMOgoA0AAAAAOAHgBAI&bg=!vL-lv-vNAAaGYqkwpmI7ADkAdvg8WjnWj5Dq5061WJYad4sXBrIolU96c9N5rloWynuy3oKeGKOmGMctaTHNEQBMsGHRAf4GQrsCAAABUlIAAAADaAEHmQMwuooTUtLNKXii_FjY2hukcR3fAs78micg3exTZfWq48sfgMIh7Vvv4KS4lbo6d91NObsMWaoqF5_zpQDVVin6YW8pmEjadixy-pcPX3yW2q0Or5egtr5FXADKxYVQiHMvs5xcHNWJNo749GvdAuwf9IFiyepu4sUCJdQ7cvlOWoFtVurMC66w4TGk7jAjxq-V1V9D1aCyXAldnTO3g-3d199e24y7-3wkIQyqUJP4JK9nt9gJPtyKt5R7yrzgZHHTzW53Nr6rplYNCp_D_95eUIsGDkK4j4Z3Y2_FjlfdD-Q5RQNA4QRn4FzQDq0pSPSSZ-XlaagopJTvKcMHdPbLn1uD2RDFGncMsHeRcZQvpzrEhrCrQIPFkthyuiY-LfLISdJb6eM_HI9420czqxWs7j5L9qV9sU5GTtN41-ZoxKlYjWFqTv74TJIRO2wNimyLpf6WBervSY1wp7Z613XJzc_e6fXZjty6EtoKZssDjvUAQTbIgK9faI85j27gYRcTyHIrOzBFmXIakQ6e1Xnjj3JvqNE-ckSrXaUvhWjwe1zQ9PkyX8eTltELqlYWyVgVm2Tvrh9yFPLFzzAAISe22swoDjtKf0g4aGIfFuLfzcZ6T_hiXqQU-GRU52DS1JpXOiu_G7m8DJcqtSneIPhOstlSIbF2BptBblRVPhq6JBJZX9s1POHpCyx0zIzbS8vogYkL2dh73IFAItXKCkaziHDCtiBPg12tnBR1Q-0upCVmvLPHzAciN4I0XW7Pdq_m6Pxa3EJiEFSqp6pH84zYbwoXjG884yjqDGejUM7eL7sy2n_xF3Wi8WLcP-PNB8GR8JnJB4rgrixkEPV8v5w5q-LpAz1DcS4etrPi3RY5pzqma7AKjsL2GIJMZ7hCThB3TOeg1o3pXegCjBdVrDQs7deSjGyL75hTLGiwadTlzfwFFurruw-I82aDJonO3woUEtgXDmJTzE8ku6vWOWiYg18kF-ebPe9Pl5akjU7ETaBj2ct97u2940yAGj82zQfyXuMTaNp0hJnjjHLfddOkHZNANQvp3S74em_e2xa-3uJVAnkIsNdnevXCFD_S-GIQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.135.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 51ms
24ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.135.js

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 18 Jun 2023 02:13:50 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame B30C 15 KB
6 KB 51ms
17ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bandab.com.br

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bandab.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 02:13:49 GMT
server: Kestrel
server-processing-duration-in-ticks: 229279
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 49ms
24ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

bc82310d2b82f3aa74a269e8f679359bda827c649adb41486fd1af268a026ac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-176eb"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 18 Jun 2023 02:13:50 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4BC7 42 B
64 B 53ms
53ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1XLDysvtW3qtyWIwpREbk1DobabRAZTvy-PPskcLBMnwTKle7SUbr2i32kM0YV1B1fdeW64rZtlLR7dqsU-ZPWeie6er893cjyjbc3QbQnS0HZqH8xnbAKT5HdTWBy_O1gWhytWvhSeBB&sai=AMfl-YTa8yFO9KZv8pZaOi-01pJxQwoFIqXIXJuLohlYLuh9OgUHVZWeLx7ogaCDDWThBXlHFbng0tN-0q2hCtVkibLO8rHTGfH8bIUGV4SD51kStLxs_ZFe3iO6EK1b&sig=Cg0ArKJSzJy_jhSWa8KBEAE&cid=CAQSPABygQiDj6e6bPmid7Nhf581rRFnM07BigwR5KZx3ov6VFmTFTbprLsHCkD8TX99aHsIX9SrNOQwET2XwRgB&id=lidar2&mcvt=1003&p=1110,436,1200,1164&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20230614&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2420775113&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686968029572&rpt=229&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame B30C
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=bandab.com.br&sn=ChromeSyncframe&so=0&topUrl=www.bandab.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=jH71c3xFeWJwY3BkaGthdzdOYW80YWZ4aTZjNGFRcU5od2VRS1ZLYU5udTI2ZmVxZDhtbjhHVHI2RnBaSmVrWi9uQStQZUhqeWNLYlVZUHVIVnFqOXdzRlRPc1NtczBuSTFacVA5ZmRrRlE4dEJRWXFDZWY0Sk1MT21RdS...

422 B
665 B

64ms
13ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=jH71c3xFeWJwY3BkaGthdzdOYW80YWZ4aTZjNGFRcU5od2VRS1ZLYU5udTI2ZmVxZDhtbjhHVHI2RnBaSmVrWi9uQStQZUhqeWNLYlVZUHVIVnFqOXdzRlRPc1NtczBuSTFacVA5ZmRrRlE4dEJRWXFDZWY0Sk1MT21RdS9NVktBSE93M0Nqb0s1MDNEZXdrVURmWUtZZTVSVHJQUTE4dm5DVEJiaFlKNnV6ODRmOW5wb1pET2NTY2ppajgvY2lHRHBTRUkrcFJBcjF6RXZqbmd0N29ZMWlNWGZQU1dEM2d4aFNHL1dOY2k3QXJ6WFg0bS92UEM2TkVFY05ySlJsL3gvelI0aEU5YUJqcVNVZUtzSDNVUi9kMDBuWG1EeFVwUytrc0J1alBObnAwSGRnWT18&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

de0174a6009f5ecb7ffb26755b404997fa32596d36410c58e3c044333e124741

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:49 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1103426
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:50 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=jH71c3xFeWJwY3BkaGthdzdOYW80YWZ4aTZjNGFRcU5od2VRS1ZLYU5udTI2ZmVxZDhtbjhHVHI2RnBaSmVrWi9uQStQZUhqeWNLYlVZUHVIVnFqOXdzRlRPc1NtczBuSTFacVA5ZmRrRlE4dEJRWXFDZWY0Sk1MT21RdS9NVktBSE93M0Nqb0s1MDNEZXdrVURmWUtZZTVSVHJQUTE4dm5DVEJiaFlKNnV6ODRmOW5wb1pET2NTY2ppajgvY2lHRHBTRUkrcFJBcjF6RXZqbmd0N29ZMWlNWGZQU1dEM2d4aFNHL1dOY2k3QXJ6WFg0bS92UEM2TkVFY05ySlJsL3gvelI0aEU5YUJqcVNVZUtzSDNVUi9kMDBuWG1EeFVwUytrc0J1alBObnAwSGRnWT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 219342
content-length: 0
expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0AE1 42 B
64 B 52ms
52ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssrKLu8dWKKvitNZ1YMsa9pqe6pS6W7JbMcINEJQ6qLaHPz6eIosbKCN9uUWAZ5zbzPDa6S-NKWQxUml2ZRiOtPh0UdgTLeFnpDYWECrVDz-RJtRCvrnntF7i4mhtZ4-72g82pP6s_EQu88&sai=AMfl-YTzfoSP-cBobJQf_zzCq6uoD_6sxRRihxzTgnsWuLwcCSZaPM94jyIMH6wvPQbZs-LjfJQQYqWaMr0Xba9iKTZL5Ybzy5R2y1OUqmI8KiKf-UQ7i3RcmrwkTxOG&sig=Cg0ArKJSzMmCSuxMBm9hEAE&cid=CAQSPABygQiDj6e6bPmid7Nhf581rRFnM07BigwR5KZx3ov6VFmTFTbprLsHCkD8TX99aHsIX9SrNOQwET2XwRgB&id=lidar2&mcvt=1001&p=300,1559,340,1600&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230614&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1372184637&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686968029582&rpt=278&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame FD7E 28 B
54 B 23ms
22ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
X-Goog-Request-Time: 1686968031016
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/TI_hmHbg22M?feature=oembed
X-YouTube-Client-Version: 1.20230613.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtrMWtHSnlVYTdVZyjcrbSkBg%3D%3D
X-YouTube-Ad-Signals: dt=1686968028581&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C334%2C188&vis=1&wgl=true&ca_type=image&bid=ANyPxKrY_lUq0qr-g83w8c1FaAiHR31jffBkBxyRAVq4iLYK0A7CF2cS9KkmZG7LXGrrrLtTXUI9HMKWVwd_7j9HUhdcRFoxKQ

Response headers

date: Sat, 17 Jun 2023 02:13:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sat, 17 Jun 2023 02:13:51 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4BC7 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7275394209883&version=m202301230201&ct=76&x=1&cor=14330677535198427000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0AE1 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4041077648873&version=m202301230201&ct=76&x=1&cor=3927804527099379700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 api.gif
tags.denakop.com/ 0
208 B 389ms
389ms Image
image/gif 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10617&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=v&p=https%3A%2F%2Fwww.bandab.com.br%2F&t=1686968031601&cb=0.5315236961547414&aa=under

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:51 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 7d87c6958ef96909-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3 200 api.gif
tags.denakop.com/ 0
208 B 154ms
154ms Image
image/gif 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10617&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=v&p=https%3A%2F%2Fwww.bandab.com.br%2F&t=1686968031617&cb=0.9452401602137213&aa=side

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:51 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 7d87c695af106909-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 48ms
16ms Preflight
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bandab.com.br%2F&domain=www.bandab.com.br&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.bandab.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.bandab.com.br
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 17 Jun 2023 02:13:51 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 185198
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
375 B 18ms
16ms XHR
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bandab.com.br%2F&domain=www.bandab.com.br&cw=1&pbt=1&lsw=1

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:51 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bandab.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 188072
expires: 0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 2586 52 KB
17 KB 43ms
6ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.bandab.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 70349
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 17 Jun 2023 02:13:52 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 09 Jun 2023 06:41:08 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 673, 322706
X-Served-By: cache-lga13626-LGA, cache-fra-etou8220091-FRA
X-Timer: S1686968032.246800,VS0,VE0

GET
H2 204 /
onetag-sys.com/usync/ Frame 3F68 0
0 7ms
7ms Document
text/plain 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1686968029004

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bandab.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 4321 52 KB
17 KB 42ms
7ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.bandab.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 70349
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 17 Jun 2023 02:13:52 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 09 Jun 2023 06:41:08 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 673, 325457
X-Served-By: cache-lga13626-LGA, cache-fra-etou8220075-FRA
X-Timer: S1686968032.246969,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame D4A5 281 B
554 B 35ms
6ms Document
text/html 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bandab.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 17 Jun 2023 02:13:52 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 / Show response
csync.smilewanted.com/ Frame 0AEE 6 KB
2 KB 29ms
21ms Document
text/html 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e42869601ae87a83476b74dbfb615c3acde329931afc04beea4bd387f3703c7e

Request headers

Referer: https://www.bandab.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7d87c69969253647-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 17 Jun 2023 02:13:52 GMT
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D4A5 34 KB
10 KB 9ms
7ms Script
text/html 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 85455589d83ef903390ecc53f608df3422766cf23f23bfdede152946ccd748ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 02:13:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Jun 2023 07:39:22 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=19466
Connection: keep-alive
Content-Length: 10112
Expires: Sat, 17 Jun 2023 07:38:18 GMT

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ Frame 0AEE 48 KB
12 KB 34ms
20ms Script
application/javascript 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://csync.smilewanted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 829998
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
etag: W/"607873db-c1ce"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7d87c699a9633647-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2586 0
861 B 14ms
13ms Script
text/html 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 02:13:52 GMT
AN-X-Request-Uuid: c23fa48c-03ce-4af0-9e28-246053e01974
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 4321 0
861 B 15ms
14ms Script
text/html 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 02:13:52 GMT
AN-X-Request-Uuid: 76fe8eac-6493-40df-983d-ddb8a808753e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame 5A08 0
319 B 27ms
26ms Document
text/html 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7d87c699f9983647-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 17 Jun 2023 02:13:52 GMT
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 06C0 0
0 25ms
25ms Document
text/plain 216.52.2.6
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Date: Sat, 17 Jun 2023 02:13:52 GMT
X-Sovrn-Pod: ad_ap2ams1

GET
H2

200

/ Show response
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 5C10
Redirect Chain

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F

95 B
236 B

13ms
13ms

Document
image/png

168.119.72.236
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.236.72.119.168.clients.your-server.de
Software: nginx / PHP/8.2.5
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: image/png
date: Sat, 17 Jun 2023 02:13:32 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: nginx
x-powered-by: PHP/8.2.5

Redirect headers

content-type: text/html; charset=UTF-8
date: Sat, 17 Jun 2023 02:13:32 GMT
location: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
server: nginx
x-powered-by: PHP/8.2.5

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame D4A5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEI7O7bX9E1dSB951mzeNoD4&google_cver=1

0
239 B

7ms
7ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEI7O7bX9E1dSB951mzeNoD4&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEI7O7bX9E1dSB951mzeNoD4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D4A5
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGRiM2UyYTc2ODBiZTU1Y2Q5NGZlOGJmNjc5ZDA0OWM4OWNiNWU3Ng

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGRiM2UyYTc2ODBiZTU1Y2Q5NGZlOGJmNjc5ZDA0OWM4OWNiNWU3Ng

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGRiM2UyYTc2ODBiZTU1Y2Q5NGZlOGJmNjc5ZDA0OWM4OWNiNWU3Ng
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D4A5
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TElaRDdIQzMtOC0xNTYw
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF2nn4XfUH6FHNQX-FDxQRk&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElaRDdIQzMtOC0xNTYw&google_push=

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElaRDdIQzMtOC0xNTYw&google_push=

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElaRDdIQzMtOC0xNTYw&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame D4A5 70 B
264 B 41ms
33ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 17 Jun 2023 02:13:52 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame D4A5
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Unob08zVQ-eQ-bS1nnqRLw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Unob08zVQ-eQ-bS1nnqRLw

43 B
479 B

107ms
106ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Unob08zVQ-eQ-bS1nnqRLw

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 02:13:53 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FVN3G8X0KQ2M14PNTQYA
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Unob08zVQ-eQ-bS1nnqRLw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

rsGQcKNetCg1nPczmb026Q
pr-bh.ybp.yahoo.com/sync/rubicon/ Frame D4A5
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/rsGQcKNetCg1nPczmb026Q?csrc=

0
532 B

33ms
32ms

Image
text/plain

2a05:d018:d29:3601:77de:ca3a:987:60cd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/rubicon/rsGQcKNetCg1nPczmb026Q?csrc=

Protocol

Server

2a05:d018:d29:3601:77de:ca3a:987:60cd Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-length: 0

Redirect headers

Location: https://pr-bh.ybp.yahoo.com/sync/rubicon/rsGQcKNetCg1nPczmb026Q?csrc=
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame D4A5
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=XR3E_22mTDGbCIylTs685w&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=XR3E_22mTDGbCIylTs685w

43 B
479 B

41ms
40ms

Image
image/gif

67.220.224.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=XR3E_22mTDGbCIylTs685w

Protocol

HTTP/1.1

Server

67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 02:13:52 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: S7ZAR4TTV0KWHQ83TD5C
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=XR3E_22mTDGbCIylTs685w
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame D4A5
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIZD7HC3-8-1560

0
650 B

423ms
375ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIZD7HC3-8-1560
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:52 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: CF8661276E474106AA03D1E56FE5F713 Ref B: DUS30EDGE0706 Ref C: 2023-06-17T02:13:52Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX+SdpXoqATdM81hBkaZg==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIZD7HC3-8-1560
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

RX-e7f5dde6-8157-41df-a69e-e391d577dd25-003 Show response
csync.smilewanted.com/set_partner_userid_get/unruly/ Frame 9900
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1686968032462
https://ad.turn.com/r/cs?pid=45&rndcb=1795323831
https://sync.1rx.io/usersync/turn/7394864875619356405?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-e7f5dde6-8157-41df-a69e-e391d577dd25-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-e7f5dde6-8157-41df-a69e-e39...
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-e7f5dde6-8157-41df-a69e-e391d577dd25-003

0
504 B

20ms
20ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-e7f5dde6-8157-41df-a69e-e391d577dd25-003
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7d87c69dcc2b3647-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 17 Jun 2023 02:13:52 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

content-type: text/html
date: Sat, 17 Jun 2023 02:13:52 GMT
etag: RXe7f5dde6815741dfa69ee391d577dd25003
location: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-e7f5dde6-8157-41df-a69e-e391d577dd25-003
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

GET
H2

200

09388c13-2fba-53a8-bd9a-cbd9d917dd39 Show response
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame 10C9
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1
https://csync.smilewanted.com/set_partner_userid_get/betweenx/09388c13-2fba-53a8-bd9a-cbd9d917dd39

0
554 B

20ms
20ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/betweenx/09388c13-2fba-53a8-bd9a-cbd9d917dd39
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7d87c69e2c5f3647-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 17 Jun 2023 02:13:52 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
location: https://csync.smilewanted.com/set_partner_userid_get/betweenx/09388c13-2fba-53a8-bd9a-cbd9d917dd39

GET
H/1.1 204
No Content smwt256.gif
us.ck-ie.com/ Frame 0056 0
0 271ms
88ms Document
text/plain 8.2.110.114
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/plain
Date: Sat, 17 Jun 2023 02:13:52 GMT
Server: nginx

GET
H2 200 cookie Show response
cm.adform.net/ Frame ABAA 43 B
106 B 84ms
20ms Document
image/gif 37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 43
content-type: image/gif
date: Sat, 17 Jun 2023 02:13:52 GMT
server: nginx

GET
H2

200

f8d7be9efe2bf61d8086a551cbabf30 Show response
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 454E
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/freewheel/f8d7be9efe2bf61d8086a551cbabf30?gdpr_consent=&gdpr=0

0
380 B

42ms
42ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/freewheel/f8d7be9efe2bf61d8086a551cbabf30?gdpr_consent=&gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7d87c69c9b3b3647-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 17 Jun 2023 02:13:52 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Sat, 17 Jun 2023 02:13:52 GMT
Expires: Sat, 17 Jun 2023 02:13:52 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/freewheel/f8d7be9efe2bf61d8086a551cbabf30?gdpr_consent=&gdpr=0
Pragma: no-cache
Server: nginx
x-sticky-vk: 1686968032426047-572

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 24C5 0
0 59ms
7ms Document
text/plain 35.156.175.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.175.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-175-114.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Sat, 17 Jun 2023 02:13:52 GMT

GET
H/1.1 204
No Content smw888.gif
us.ck-ie.com/ Frame 4E8D 0
0 165ms
92ms Document
text/plain 8.2.110.114
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/plain
Date: Sat, 17 Jun 2023 02:13:52 GMT
Server: nginx

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 15ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-T0B40GWGJG&gtm=45je36e0&_p=435435006&cid=1421759946.1686968028&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&ngs=1&_s=2&sid=1686968027&sct=1&seg=0&dl=https%3A%2F%2Fwww.bandab.com.br%2F&dt=%C3%9Altimas%20Not%C3%ADcias%20de%20Curitiba%2C%20Brasil%20e%20Mundo%20est%C3%A3o%20aqui%20-%20Portal%20Banda%20B&en=scroll&epn.percent_scrolled=90&_et=23
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T0B40GWGJG&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bandab.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

B7k0KbY4tEeL3e0kO7w7 Show response
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame AA6C
Redirect Chain

https://creativecdn.com/cm-notify?pi=smilewanted
https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/B7k0KbY4tEeL3e0kO7w7?pi=smilewanted&tc=1

0
434 B

22ms
21ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/B7k0KbY4tEeL3e0kO7w7?pi=smilewanted&tc=1
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7d87c69d7bf93647-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 17 Jun 2023 02:13:52 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Sat, 17 Jun 2023 02:13:52 GMT Sat, 17 Jun 2023 02:13:52 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/B7k0KbY4tEeL3e0kO7w7?pi=smilewanted&tc=1
pragma: no-cache

GET
H2 200 46575 Show response
tag.navdmp.com/u/ 497 B
438 B 141ms
140ms Script
application/javascript 2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/u/46575
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27f6c8c22d2d9d2f7483a241cd3197bb47761032845bdd1c28cc0e2713484af3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:53 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 06 Apr 2023 18:41:30 GMT
server: cloudflare
etag: W/"642f125a-1f1"
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7d87c69eaa365b74-FRA
expires: Sat, 17 Jun 2023 03:13:53 GMT

GET
H2 200 0789-2521-01.js Show response
t.seedtag.com/t/ 44 KB
14 KB 60ms
31ms Script
application/javascript 104.18.133.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/t/0789-2521-01.js
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/f326cb3e-4302-4f7b-ac75-0b31153d0c59
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.133.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a6c3a0bd62470187a9833dc3b399e814c4fe995194ddfcd069eb0af54baaaa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:53 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
etag: W/"ae6a-AhNxK/oRVJp+U/Gh4iHmt6OzxEU"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1200
cf-ray: 7d87c69ecbca1994-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 17 Jun 2023 02:33:53 GMT

GET
H2 200 st_0.js Show response
t.seedtag.com/c/v/1988/loader/ 42 KB
13 KB 15ms
14ms Script
application/javascript 104.18.133.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/c/v/1988/loader/st_0.js?cachebuster=1686968033125
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/t/0789-2521-01.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.133.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc07a454bb48c7acb7687cf908a0bc2402d441db4b5cb92239ebeead3ec7e3c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:53 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 65240
x-guploader-uploadid: ADPycdvuc6uJQdvgzOEoUgoz4-aaSlIsvzQrN8tLzXC3w7g5aBGntwWeDbUOXECJ7oTDhL6MNlg6ypxpadh5mP67cJbtIA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 15 Jun 2023 08:05:59 GMT
server: cloudflare
etag: W/"2fc4053041820ef350798366e6593347"
vary: Accept-Encoding
x-goog-generation: 1686816359394910
content-type: application/javascript
x-goog-hash: crc32c=FS5rHw==, md5=L8QFMEGCDvNQeYNm5lkzRw==
cache-control: public, max-age=5356800
x-goog-stored-content-length: 43289
cf-ray: 7d87c69f0bf31994-FRA
expires: Fri, 18 Aug 2023 02:13:53 GMT

GET
H3 200 st_1.6fb732b8fefa1197f457.js Show response
t.seedtag.com/c/v/1988/loader/ 59 KB
18 KB 15ms
15ms Script
application/javascript 104.18.133.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/c/v/1988/loader/st_1.6fb732b8fefa1197f457.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/v/1988/loader/st_0.js?cachebuster=1686968033125
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.133.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b75ba9fad89a52d8339548e3dae59fae41641cee4f39acc1e0b6bec1969f179

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:53 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 65240
x-guploader-uploadid: ADPycdtC1YXiJa3iy2wXy1yfksKfNFajE1hxtYUDpkBfiS43L8PQi8BDWtmfBU3DkTVdiHnJY5Ah4vgk6E_ALR6ZhVSkgQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 15 Jun 2023 08:05:59 GMT
server: cloudflare
etag: W/"a420a83803ee999ca25b135f3f7e8819"
vary: Accept-Encoding
x-goog-generation: 1686816359429179
content-type: application/javascript
x-goog-hash: crc32c=uG7lPw==, md5=pCCoOAPumZyiWxNfP36IGQ==
cache-control: public, max-age=5356800
x-goog-stored-content-length: 60593
cf-ray: 7d87c69f2dba194b-FRA
expires: Fri, 18 Aug 2023 02:13:53 GMT

GET
H3 200 st_0.e7ae82d4610543ac2f5a.js Show response
t.seedtag.com/c/v/1988/loader/ 301 KB
83 KB 23ms
23ms Script
application/javascript 104.18.133.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/c/v/1988/loader/st_0.e7ae82d4610543ac2f5a.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/v/1988/loader/st_0.js?cachebuster=1686968033125
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.133.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51275cf199756807ea26797f021c2527c6568ec9ce16359882f5e1f2bb8c2c6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:53 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 65239
x-guploader-uploadid: ADPycdtjrkVrRuWQBDc-YOgPRraBZ4K6GgaxILZoQjZVR5lqFzdhAO69QQeKGgQmMuPgdsiyDMh2VZuMIxRzZ5AX1yvmreg-dm6z
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 15 Jun 2023 08:05:59 GMT
server: cloudflare
etag: W/"8eba0b6c71c5a8aff96a9690fead42b9"
vary: Accept-Encoding
x-goog-generation: 1686816359368922
content-type: application/javascript
x-goog-hash: crc32c=3Pbi/Q==, md5=jroLbHHFqK/5apaQ/q1CuQ==
cache-control: public, max-age=5356800
x-goog-stored-content-length: 307726
cf-ray: 7d87c69f2dbb194b-FRA
expires: Fri, 18 Aug 2023 02:13:53 GMT

GET
H3 200 st_2.0ad71e259696311fa7a0.js Show response
t.seedtag.com/c/v/1988/loader/ 5 KB
2 KB 37ms
36ms Script
application/javascript 104.18.133.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/c/v/1988/loader/st_2.0ad71e259696311fa7a0.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/v/1988/loader/st_0.js?cachebuster=1686968033125
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.133.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0f872c7fa25b2858681d0885a9cbf59bb573aefd0aa1ae4d9dfdfa48b7ca6b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:53 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 65240
x-guploader-uploadid: ADPycdu0JYNVFCSqWnbI-J22r17NpAO7xl6I6mqI_MnVNZj5gM_o9IaYOyulx7sZzQsQdk1s0hejH95yA_AZvFGO33yoxw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 15 Jun 2023 08:05:59 GMT
server: cloudflare
etag: W/"0bade27f99f8fa64ec81d395d2f4cbfb"
vary: Accept-Encoding
x-goog-generation: 1686816359540040
content-type: application/javascript
x-goog-hash: crc32c=zMwnuw==, md5=C63if5n4+mTsgdOV0vTL+w==
cache-control: public, max-age=5356800
x-goog-stored-content-length: 5270
cf-ray: 7d87c69f2dbc194b-FRA
expires: Fri, 18 Aug 2023 02:13:53 GMT

GET
H3 200 st_3.b21ef6a51d5dd028a171.js Show response
t.seedtag.com/c/v/1988/loader/ 50 KB
14 KB 21ms
20ms Script
application/javascript 104.18.133.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/c/v/1988/loader/st_3.b21ef6a51d5dd028a171.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/v/1988/loader/st_0.js?cachebuster=1686968033125
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.133.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9138036c942f3f35585d1e2aefd5c72296375f41556bb98ed925ca7fb9d795c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:53 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 65240
x-guploader-uploadid: ADPycdvxjAaVZADt7JBHb4cSV34w3qrjV5QT0GXfm7jKlH80sGtvAnEvbmqEflXlgmzRbLFX-YiQw6pQcfnmoJ17NGayswzCSaYw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 15 Jun 2023 08:05:59 GMT
server: cloudflare
etag: W/"c65c0e53ae70d14ddb55f50868340b99"
vary: Accept-Encoding
x-goog-generation: 1686816359569108
content-type: application/javascript
x-goog-hash: crc32c=C/SfGw==, md5=xlwOU65w0U3bVfUIaDQLmQ==
cache-control: public, max-age=5356800
x-goog-stored-content-length: 50726
cf-ray: 7d87c69f2dbd194b-FRA
expires: Fri, 18 Aug 2023 02:13:53 GMT

GET
H2 200 usr Show response
usr.navdmp.com/ 1 KB
794 B 472ms
472ms Script
application/javascript 2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=46575&u=1&new=1&wst=0&wct=1&wla=1
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66f6c29935dc89d95d74942cb214f33ac37cb483e8a4d89774e078138914400d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: public
date: Sat, 17 Jun 2023 02:13:53 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
cf-ray: 7d87c69f9aa35b74-FRA
expires: Sat, 17 Jun 2023 03:13:53 GMT

GET
H2 200 pv Show response
s.seedtag.com/c/ 1 KB
946 B 19ms
19ms XHR
application/json 34.149.50.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/pv?token=0789-2521-01&device=desktop&fullUrl=https%3A%2F%2Fwww.bandab.com.br%2F&cache=1686968033225&v=1988&ft=true
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/v/1988/loader/st_0.e7ae82d4610543ac2f5a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 8a899ba39c2a4add7bed0245a74e8246a38725ad34262e32d07659f7e9e8dac3

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Jun 2023 02:13:53 GMT
content-encoding: gzip
via: 1.1 google
server: openresty
etag: W/"48a-IbmDHbQvo542C3emDYS+SwEWMZ8"
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bandab.com.br
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame EB7A 22 KB
9 KB 52ms
7ms Script
application/javascript 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/v/1988/loader/st_0.e7ae82d4610543ac2f5a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:53 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sat, 24 Jun 2023 02:13:53 GMT

GET
H2 200 t3m.js Show response
tags.t.tailtarget.com/ 23 KB
8 KB 48ms
7ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.t.tailtarget.com/t3m.js?i=TT-12765-5/CT-1068
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/v/1988/loader/st_0.e7ae82d4610543ac2f5a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: nginx/1.8.1 /
Resource Hash: 40e4951dffea740356de1c800b47ff35a1fac0756b592a4ff5ea9a316b0119b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 00:31:20 GMT
content-encoding: gzip
via: 1.1 google
age: 6153
x-guploader-uploadid: ADPycdt9tDNz73ZF9rzsvtpRsl0UfD_FmGIXJJKYN1D_-O24jWXCcrnOukXDcg3ArEw7kBXAGXXxBUjq9-voTmnbsvLAqQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7679
last-modified: Thu, 17 Mar 2022 15:35:15 GMT
server: nginx/1.8.1
etag: "ad2f9abb7bbec08e62cf17d0cc7d9125"
vary: Accept-Encoding
x-goog-generation: 1647531315191220
x-goog-hash: md5=rS+au3u+wI5izxfQzH2RJQ==
content-type: application/javascript
cache-control: max-age=7200,public
x-goog-stored-content-length: 7679
accept-ranges: bytes
expires: Sat, 17 Jun 2023 02:31:20 GMT

GET
H2 200 p
sb.scorecardresearch.com/ 43 B
301 B 30ms
7ms Image
image/gif 13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=26817122&c3=$accountId&c7=$currentUrl&c9=$referrerUrl&cv=2.0&cj=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:53 GMT
via: 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: UA_d1nKQZZQpm3hBAfzDwTU3WYjbHSBw_qddCLWtiLxxEF-5LAdpVA==

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2586 0
861 B 13ms
13ms Script
text/html 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 02:13:53 GMT
AN-X-Request-Uuid: f900cd67-0e5d-495d-bb38-8abd18a7fd9d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 4321 0
861 B 14ms
13ms Script
text/html 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 02:13:53 GMT
AN-X-Request-Uuid: 46b240d8-9276-4dad-b9d0-f3bc1cbd873c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 conversion.js Show response
d.tailtarget.com/ 15 KB
6 KB 32ms
7ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/conversion.js
Requested by: Host: www.bandab.com.br
URL: https://www.bandab.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 18:16:15 GMT
content-encoding: gzip
age: 28658
x-guploader-uploadid: ADPycdtdy2GHJkg0o5zXYHHJbCSFLRKEcNpfxVeHISaJCsPyxU5h8KKOjMSVdyBDWBuHDsa7lNzuU4YQRYaSMzwdoayPaYFWOg2r
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6114
last-modified: Mon, 19 Sep 2022 18:20:35 GMT
server: UploadServer
etag: "1f6a2c178b385e908b632664e93aed26"
x-goog-hash: crc32c=vQZHMA==, md5=H2osF4s4XpCLYyZk6TrtJg==
x-goog-generation: 1663611635525811
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 6114
accept-ranges: bytes
expires: Sat, 17 Jun 2023 18:16:15 GMT

GET
H2 200 rules-p-PFW5FesqXn206.js Show response
rules.quantcount.com/ Frame EB7A 1 KB
1 KB 43ms
6ms Script
application/javascript 2600:9000:223c:b200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-PFW5FesqXn206.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:b200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4ae5a40833ca40f1ded2c820915ccc073b509a5a15810de1566ebf1ee4838e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 01:45:01 GMT
content-encoding: gzip
via: 1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1733
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 15:36:52 GMT
server: AmazonS3
etag: W/"a521a7bf6d17b50bc9827eaad4be8ecc"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: D1gbWCjzwhB2ltR2z-tjcUaKf5jrh8eY_Qvm9gSBxPvghOewoOVUSw==

GET
H2 200 base.js Show response
d.tailtarget.com/ 20 KB
8 KB 8ms
7ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/base.js
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 10:32:17 GMT
content-encoding: gzip
age: 56496
x-guploader-uploadid: ADPycduogeHc86h5Czrz2hkzNEPtzQn-DO2SEFxZObj07jPGGatWtSnnJLXG6rmo62tsPDit66HFQrsms_K0GUjPhsUE1g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8332
last-modified: Mon, 19 Sep 2022 18:20:35 GMT
server: UploadServer
etag: "e3068e8113c8f02d9b9a31f913c7a062"
x-goog-hash: crc32c=mUroJg==, md5=4waOgRPI8C2bmjH5E8egYg==
x-goog-generation: 1663611635449519
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 8332
accept-ranges: bytes
expires: Sat, 17 Jun 2023 10:32:17 GMT

GET
H2 200 u Show response
b.t.tailtarget.com/ 75 B
507 B 138ms
106ms Script
application/x-javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?env=_ttq_tt_seedtag
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: dd21b8526fdb79c22f476dc119f4fe5b1e945459fb14e1341dbb10f8470bb452

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:53 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/x-javascript
cache-control: private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 pixel;r=1067045624;event=refresh;rf=0;a=p-PFW5FesqXn206;url=https%3A%2F%2Fwww.bandab.com.br%2F;ref=https%3A%2F%2Fwww.bandab.com.br%2F;uht=2;fpan=1;fpa=P0-1626078793-1686968033315;pbc=;ns=1;ce=1;qjs...
pixel.quantserve.com/ Frame EB7A 35 B
371 B 17ms
8ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1067045624;event=refresh;rf=0;a=p-PFW5FesqXn206;url=https%3A%2F%2Fwww.bandab.com.br%2F;ref=https%3A%2F%2Fwww.bandab.com.br%2F;uht=2;fpan=1;fpa=P0-1626078793-1686968033315;pbc=;ns=1;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;d=bandab.com.br;dst=0;et=1686968033362;tzo=0;ogl=;ses=e35fa53a-7e99-40c4-b9e2-e35198142fc4;mdl=

Requested by

Host: www.bandab.com.br
URL: https://www.bandab.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:53 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 03032023-031531082-240_1200_stoerer-gbplus2722f639-478f-4d75-bfc4-f30d15c3fc22.png
s0.2mdn.net/4528404/ Frame B613 27 KB
27 KB 7ms
7ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031531082-240_1200_stoerer-gbplus2722f639-478f-4d75-bfc4-f30d15c3fc22.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a60492426069b0486ebe301ffc95232d87ec990c9fbffc04622d28faeb1288eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14392016886954669725/index.html?e=69&leftOffset=0&topOffset=0&c=IoGRvgwMUd&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 07:38:52 GMT
x-content-type-options: nosniff
age: 66901
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27678
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:15:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Jun 2023 07:38:52 GMT

GET
H2 200 dc_oe=ChMImu2h0Z3J_wIV_NgRCB2kIQjUEAAYACDg0-lKQhMIj5aH0Z3J_wIVAgvgCh1jyQ0B;stragg=1;&timestamp=1686968033455;str=Show%20Slide%200;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame 0AE1 42 B
251 B 85ms
43ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMImu2h0Z3J_wIV_NgRCB2kIQjUEAAYACDg0-lKQhMIj5aH0Z3J_wIVAgvgCh1jyQ0B;stragg=1;&timestamp=1686968033455;str=Show%20Slide%200;strtype=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
375 B 17ms
17ms XHR
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bandab.com.br%2F&domain=www.bandab.com.br&cw=1&pbt=1&lsw=1

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:53 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bandab.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 188141
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 16ms
16ms Preflight
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bandab.com.br%2F&domain=www.bandab.com.br&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.bandab.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.bandab.com.br
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 17 Jun 2023 02:13:52 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 173064
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 204 isyn
prebid.a-mo.net/ Frame 83EE 0
0 14ms
13ms Document
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://www.bandab.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
date: Sat, 17 Jun 2023 02:13:53 GMT
server: envoy
vary: Accept-Encoding
x-envoy-upstream-service-time: 0

GET
H2 204 /
onetag-sys.com/usync/ Frame A249 0
0 8ms
7ms Document
text/plain 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1686968028353

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bandab.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame F58C 281 B
554 B 7ms
7ms Document
text/html 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bandab.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 17 Jun 2023 02:13:53 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 3568 52 KB
17 KB 7ms
7ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.bandab.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 70350
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 17 Jun 2023 02:13:53 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 09 Jun 2023 06:41:08 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 673, 325461
X-Served-By: cache-lga13626-LGA, cache-fra-etou8220075-FRA
X-Timer: S1686968033.480335,VS0,VE0

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 3576 23 KB
8 KB 64ms
21ms Document
text/html 95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e0c96939ad980662cfd2f0ae6ee2586047f066ba39b30fd51eab1315525543ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.bandab.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8353
content-type: text/html; charset=UTF-8
date: Sat, 17 Jun 2023 02:13:53 GMT
expires: Mon, 19 Jun 2023 02:13:53 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 9B49 37 B
140 B 37ms
8ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.bandab.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Sat, 17 Jun 2023 02:13:53 GMT

GET
H2 200 / Show response
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame D229 61 B
253 B 13ms
12ms Document
text/html 168.119.72.236
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=3829777626
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.236.72.119.168.clients.your-server.de
Software: nginx / PHP/8.2.5
Resource Hash: 0391042e0e111437f4a2dec7560098dbcc04b68df753281b207b3c956430c89c

Request headers

Referer: https://www.bandab.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 17 Jun 2023 02:13:33 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.2.5

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F58C 34 KB
10 KB 8ms
7ms Script
text/html 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 85455589d83ef903390ecc53f608df3422766cf23f23bfdede152946ccd748ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 02:13:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Jun 2023 07:39:22 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=19465
Connection: keep-alive
Content-Length: 10112
Expires: Sat, 17 Jun 2023 07:38:18 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3568 0
861 B 14ms
14ms Script
text/html 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 02:13:53 GMT
AN-X-Request-Uuid: 00d7731c-6c5d-446a-a843-b230b0baafe3
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 b Show response
b.t.tailtarget.com/ 156 B
591 B 108ms
107ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-12765-5&tY=1&tS=1&tU=0100007FE1168D64AD06242B028DF119&tX=b.52&tZ=127329002&env=_ttq_tt_seedtag
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 6d16a6382265fe4c734893618dfc8ab1b9a8102bed556d0886f7b93a08591855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:53 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
57 B 139ms
139ms Script
application/x-javascript 2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&id=12dde6d012442c07b47822af0710%7C0&acc=46575&tit=%25DAltimas%2520Not%25EDcias%2520de%2520Curitiba%252C%2520Brasil%2520e%2520Mundo%2520est%25E3o%2520aqui%2520-%2520Portal%2520Banda%2520B&url=https%253A%2F%2Fwww.bandab.com.br%2F&upd=1&new=1&h1=Corpo%2520de%2520menino%2520Thiago%2520n%25E3o%2520tem%2520sinais%2520de%2520viol%25EAncia%252C%2520apontam%2520primeiros%2520exames
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:53 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7d87c6a29c0a5b74-FRA
content-length: 6
content-type: application/x-javascript

GET
H2

200

sync Show response
sync.navdmp.com/
Redirect Chain

https://ad.sxp.smartclip.net/sync?type=red&dsp=75
https://ad.sxp.smartclip.net/sync?type=red&dsp=75&ang_testid=1
https://sync.navdmp.com/sync?prtid=25&sclid=302c9f91-e116-8d64-2f1f-f72a28edd1fc

6 B
57 B

138ms
138ms

Script
application/javascript

2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.navdmp.com/sync?prtid=25&sclid=302c9f91-e116-8d64-2f1f-f72a28edd1fc
Protocol: H2
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:53 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7d87c6a31c475b74-FRA
content-length: 6
content-type: application/javascript

Redirect headers

date: Sat, 17 Jun 2023 02:13:53 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.navdmp.com/sync?prtid=25&sclid=302c9f91-e116-8d64-2f1f-f72a28edd1fc
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

sync Show response
sync.navdmp.com/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/DuqQKWX7/?redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D17%26tubid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/DuqQKWX7/?redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D17%26tubid%3D%24%7BTM_USER_ID%7D&_test=ZI0W4QAFKXnKbwBR
https://sync.navdmp.com/sync?prtid=17&tubid=ZI0W4QAFKXnKbwBR&_test=ZI0W4QAFKXnKbwBR

6 B
57 B

140ms
140ms

Script
application/javascript

2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.navdmp.com/sync?prtid=17&tubid=ZI0W4QAFKXnKbwBR&_test=ZI0W4QAFKXnKbwBR
Protocol: H2
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:53 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7d87c6a37c655b74-FRA
content-length: 6
content-type: application/javascript

Redirect headers

x-served-by: cache-fra-eddf8230128-FRA
pragma: no-cache
date: Sat, 17 Jun 2023 02:13:53 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1686968034.832016,VS0,VE0
x-cache: HIT
location: https://sync.navdmp.com/sync?prtid=17&tubid=ZI0W4QAFKXnKbwBR&_test=ZI0W4QAFKXnKbwBR
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

sync Show response
sync.navdmp.com/
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=95&redirectUri=https%3A//sync.navdmp.com/sync%3Fprtid%3D21%26dynid%3D%5Bssb_sync_pid%5D&gdpr=0
https://sync.navdmp.com/sync?prtid=21&dynid=2049730652370167098

6 B
57 B

152ms
136ms

Script
application/javascript

2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.navdmp.com/sync?prtid=21&dynid=2049730652370167098
Protocol: H2
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:53 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7d87c6a2cc265b74-FRA
content-length: 6
content-type: application/javascript

Redirect headers

location: https://sync.navdmp.com/sync?prtid=21&dynid=2049730652370167098
date: Sat, 17 Jun 2023 02:13:52 GMT
content-length: 0

GET
H2

200

sync Show response
sync.navdmp.com/
Redirect Chain

https://sync.crwdcntrl.net/map/c=15478/tp=NVEG/tpid=81032302610?https%3A//sync.navdmp.com/sync%3Fprtid%3D38%26lotid%3D%24%7Bprofile_id%7D
https://sync.navdmp.com/sync?prtid=38&lotid=

6 B
57 B

137ms
137ms

Script
application/javascript

2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.navdmp.com/sync?prtid=38&lotid=
Protocol: H2
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:53 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7d87c6a34c5a5b74-FRA
content-length: 6
content-type: application/javascript

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:13:53 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.navdmp.com/sync?prtid=38&lotid=
cache-control: no-cache
x-server: 10.45.8.132
content-length: 0
expires: 0

GET
H2 200 31435 Show response
tags.bluekai.com/site/ 62 B
218 B 215ms
161ms Script
image/gif 72.246.169.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/31435?id=81032302610&redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D18%26blkid%3D%24_BK_UUID
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ec412c4a31f9b4110f2b32c733be5292e43c0460373b1e3e61b9241679f730e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sat, 17 Jun 2023 02:13:53 GMT
content-length: 62
content-type: image/gif

GET
H2 200 cm Show response
trc.taboola.com/sg/navegg/1/ 43 B
409 B 37ms
15ms Script
image/gif 2a04:4e42:400::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/sg/navegg/1/cm
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c37e5682407d07e7974304b5334721abfcaaf80533aa565ee3a2f66de1f6676f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Sat, 17 Jun 2023 02:13:53 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 8180
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-fra-eddf8230075-FRA
pragma: no-cache
server: nginx
x-timer: S1686968034.715407,VS0,VE9
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 usermatch.gif Show response
beacon.krxd.net/ 0
338 B 118ms
32ms Script
text/plain 3.251.27.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/usermatch.gif?partner=navegg&partner_uid=12dde6d012292e7d587e22d15110
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.251.27.65 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-251-27-65.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by: beacon-n013-dub-prod.krxd.net
date: Sat, 17 Jun 2023 02:13:53 GMT
cache-control: private, no-cache, no-store
x-request-time: D=49 t=1686968033
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
sync.navdmp.com/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=822&dpuuid=81032302610&redir=https%3A//sync.navdmp.com/sync%3Fid%3D81032302610%26adID%3D%24%7BDD_UUID%7D%26img%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=822&dpuuid=81032302610&redir=https%3A//sync.navdmp.com/sync%3Fid%3D81032302610%26adID%3D%24%7BDD_UUID%7D%26img%3D1
https://sync.navdmp.com/sync?id=81032302610&adID=50699078910245802700210840406621894479&img=1

43 B
118 B

149ms
149ms

Image
image/gif

2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?id=81032302610&adID=50699078910245802700210840406621894479&img=1
Protocol: H2
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:54 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
cf-ray: 7d87c6a3bc7e5b74-FRA
content-length: 43
content-type: image/gif

Redirect headers

DCS: dcs-prod-irl1-1-v049-0483954fc.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: H7WluECKQk8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://sync.navdmp.com/sync?id=81032302610&adID=50699078910245802700210840406621894479&img=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

sync
sync.navdmp.com/
Redirect Chain

https://secure.adnxs.com/getuid?https://sync.navdmp.com/sync?appNx=$UID&img=1
https://sync.navdmp.com/sync?appNx=7036942150795130423&img=1

43 B
129 B

139ms
139ms

Image
image/gif

2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?appNx=7036942150795130423&img=1
Protocol: H2
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:53 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
cf-ray: 7d87c6a2dc305b74-FRA
content-length: 43
content-type: image/gif

Redirect headers

Date: Sat, 17 Jun 2023 02:13:53 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: b39a6949-100a-44f1-bbe4-d9ce89327dbf
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://sync.navdmp.com/sync?appNx=7036942150795130423&img=1
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
264 B 30ms
30ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=u7695wg&ttd_tpi=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 17 Jun 2023 02:13:53 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fsync.navdmp.com%2Fsync%3Fprtid%3D36%26uid%3D%5Bsas_uid%5D
https://sync.smartadserver.com/getuid?gdpr=0&url=https://sync.navdmp.com/sync?prtid=36&uid=[sas_uid]&cklb=1

0
75 B

17ms
17ms

Image
text/plain

185.86.138.153
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?gdpr=0&url=https://sync.navdmp.com/sync?prtid=36&uid=[sas_uid]&cklb=1
Protocol: HTTP/1.1
Server: 185.86.138.153 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:53 GMT
content-length: 0

Redirect headers

location: https://sync.smartadserver.com:443/getuid?gdpr=0&url=https://sync.navdmp.com/sync?prtid=36&uid=[sas_uid]&cklb=1
pragma: no-cache
date: Sat, 17 Jun 2023 02:13:53 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 ca Show response
tt-12765-5.seg.t.tailtarget.com/ 82 B
335 B 141ms
107ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-12765-5.seg.t.tailtarget.com/ca?tZ=766546545&env=_ttq_tt_seedtag
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 86e7bfcdd7a43f97220901d07f1a555274a822c4017d5acac484fe4075028e39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:53 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
290 B 112ms
105ms Image
image/gif 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-12765-5&tE=0&tF=&tI=_frankfurt%20am%20main_hesse_de_1686968033656_2328307333&tJ=&tU=0100007FE1168D64AD06242B028DF119&tX=b.52&tY=1&tZ=657598234
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bandab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:13:54 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3568 0
861 B 14ms
13ms Script
text/html 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 02:13:54 GMT
AN-X-Request-Uuid: 8a6d4fd2-2e6e-4038-a649-9f5a0158ba35
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 ev Show response
s.seedtag.com/e/ 0
14 B 35ms
16ms XHR
text/plain 34.149.50.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/e/ev
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/v/1988/loader/st_0.e7ae82d4610543ac2f5a.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bandab.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Jun 2023 02:13:55 GMT
via: 1.1 google
server: openresty
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin: https://www.bandab.com.br
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

83 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bandab.com.br/	1970-01-20 12:37:34	Name: _gid Value: GA1.3.865091495.1686968028
.bandab.com.br/	1970-01-20 12:36:08	Name: _gat_UA-12854420-1 Value: 1
.bandab.com.br/	1970-01-20 12:36:08	Name: _gat_UA-66850008-1 Value: 1
.navdmp.com/	1970-01-20 21:22:04	Name: ac3 Value: 1
.bandab.com.br/	1970-01-20 22:12:08	Name: _ga_T0B40GWGJG Value: GS1.1.1686968027.1.0.1686968027.0.0.0
.bandab.com.br/	1970-01-20 14:45:44	Name: _fbp Value: fb.2.1686968027820.120793871
.bandab.com.br/	1970-01-20 21:21:44	Name: nvg40507 Value: 12dde6d012357e2c3c69e884a010\|0_169
www.bandab.com.br/	1970-01-20 13:19:20	Name: _pbjs_userid_consent_data Value: 3524755945110770
www.bandab.com.br/	1970-01-20 12:46:12	Name: denakop_freq Value: {}
.onesignal.com/	1970-01-20 12:36:09	Name: __cf_bm Value: LxWYQc6Qkla1FoCGpftkk.8wbvtxcNFw9nbgl66o2HM-1686968028-0-AYzvECIplpuAas2bFLgsvuhc4fx37RYu0eJ+up9vwMr01trTldq/K7XemDq9yLJ1kZRcYRr7q4ErIz9I2uAVncQ=
.bandab.com.br/	1970-01-20 22:12:08	Name: _ga Value: GA1.3.1421759946.1686968028
.denakop.com/	1970-01-20 22:12:08	Name: uxid Value: P8iO9d18Q8iFXGdDmlfG5Q%2F0
.rubiconproject.com/	1970-01-20 21:21:44	Name: khaos Value: LIZD7HC3-8-1560
.rubiconproject.com/	1970-01-20 21:21:44	Name: audit Value: 1\|naVuGyos1qq8l7bem1JWVCZ1/CU4Rny1jTEn3QdSlZ91vyArRM0LpGfue+WQussIP0PzGnysJGZ98lf1EuL3auBxGCOXoSK1FdqJX/pIYPnc6UO785F0Pw==
.doubleclick.net/	1970-01-20 21:57:44	Name: IDE Value: AHWqTUlCS1pc8aegVPAObM7E_h51k6fzRVsae96ZgBfGz0S6b24Bs-ZB1FkebvuM31k
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: iWIRYMb666c
.youtube.com/	1970-01-20 16:55:20	Name: VISITOR_INFO1_LIVE Value: k1kGJyUa7Ug
www.bandab.com.br/	1970-01-20 12:36:11	Name: nvggid Value: null
.bandab.com.br/	1970-01-20 21:57:44	Name: __gads Value: ID=84a6f1a541a9863c:T=1686968028:RT=1686968028:S=ALNI_MbrkgvKgRNPHo1-mh60iXQv3V7epQ
.bandab.com.br/	1970-01-20 21:57:44	Name: __gpi Value: UID=00000c30dd5d1b66:T=1686968028:RT=1686968028:S=ALNI_Mbq6S5GjG81VTQFfhjgIfpTpzTlKQ
.adnxs.com/	1970-01-20 14:45:44	Name: uuid2 Value: 7036942150795130423
.casalemedia.com/	1970-01-20 14:45:44	Name: CMPS Value: 2171
.casalemedia.com/	1970-01-20 14:45:44	Name: CMPRO Value: 2171
.casalemedia.com/	1970-01-20 21:21:44	Name: CMID Value: ZI0W3Qwe-D9aQdR5SGnf8AAA
.adnxs.com/	1970-01-20 14:45:44	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVRu8=WL!]tbPl1M>e)ZlrFUfJ+tGXxoaB(tPCaWg?rbTnr+:d00Z8j=SM^NEz'BJ+Og3If)y3KL9D3I?+fBWgnn
.bidswitch.net/	1970-01-20 21:21:44	Name: tuuid Value: ae7a6f5e-a89a-4ee6-bf01-f6b70754c956
.bidswitch.net/	1970-01-20 21:21:44	Name: c Value: 1686968029
.bidswitch.net/	1970-01-20 21:21:44	Name: tuuid_lu Value: 1686968029
.adfarm1.adition.com/	1970-01-20 14:45:44	Name: UserID1 Value: 7245472513968306324
.360yield.com/	1970-01-20 14:45:44	Name: tuuid Value: 4c8f52ca-d636-4231-a6c6-60c268807d86
.360yield.com/	1970-01-20 14:45:44	Name: tuuid_lu Value: 1686968029
.w55c.net/	1970-01-20 22:06:22	Name: wfivefivec Value: OZzlcmOH1QalrL5
.bidswitch.net/	1970-01-20 12:36:08	Name: google_push Value: ATf1kGORa4U92cI1s8htPKHOxolSP675gJ-PbOIAm0jfXPCSxVjASUIzwrBDgfoQir1Yj7gJZUzTjsu22ldOrUm10TwoJ-anzg
.w55c.net/	1970-01-20 13:19:20	Name: matchgoogle Value: 5
.simpli.fi/	1970-01-20 21:23:10	Name: suid Value: 82E7927C2D7341B5B075EC7D67931B8A
.adsby.bidtheatre.com/	1970-01-20 12:46:12	Name: __kuid Value: bb889117-9596-4e3a-a4ef-d6ee70a60ab4.456182029
.lijit.com/	1970-01-20 21:21:44	Name: ljt_reader Value: G1BlqGZHha3Zf_UESrGNcYGX
.yahoo.com/	1970-01-20 21:22:05	Name: A3 Value: d=AQABBNwWjWQCEEjobEffljEpPHN-GchM9TYFEv__AP8AAAAAAOANyiMAAMAAgA&S=AQAAAoRnpHBcTQGIfymOWXLw6M0
.criteo.com/	1970-01-20 21:57:44	Name: uid Value: d2e67fd9-8355-4b18-b8ac-a1849c5c31f9
.bandab.com.br/	1970-01-20 21:57:44	Name: cto_bundle Value: ZKzZ4V85UlNNeTlwNUtWVWFyRWJKcktRUlhVSiUyRlRVY05tNnhpODhFRXZTVXRQR0dHMElibzhxWThhdlVmME8ySXI1SXpVZmxWZ2RadWpSJTJGUXFFaUF5bTJtTDRmVndUb1dGczFKc3ZHa2lrVGtyM3V0NkdvVkliSjJCQyUyRjRFNkxWc0pnNGE3MVRjeWI2bU9qYjl0bUFoUDNJVVElM0QlM0Q
match.sharethrough.com/	1970-01-20 12:46:12	Name: AWSALBCORS Value: HSBPlCYIGI1W4vcR0xla94pHh9ztu54gUP3r/IKSo5r9ieb1IsvrUQPZMu5wSK+T0RnnsKmPgGr6thpqn+W6oosqrr888Ngukk+wHQERbvDoVFieHtRSa9rvwD5I
.amazon-adsystem.com/	1970-01-20 22:12:08	Name: ad-privacy Value: 0
.creativecdn.com/	1970-01-20 21:21:44	Name: u Value: B7k0KbY4tEeL3e0kO7w7
.creativecdn.com/	1970-01-20 21:21:44	Name: ts Value: 1686968032
.turn.com/	1970-01-20 16:55:20	Name: uid Value: 7394864875619356405
.linkedin.com/	1970-01-20 21:21:44	Name: bcookie Value: "v=2&9b3ed419-5c24-438f-8785-802f47ff639a"
.linkedin.com/	1970-01-20 16:55:20	Name: li_gc Value: MTswOzE2ODY5NjgwMzI7MjswMjFCzPcdw1NsxcYgkDI9ATQqW78JdIqE1v/GkcqvBdYMBA==
.linkedin.com/	1970-01-20 12:37:34	Name: lidc Value: "b=VGST01:s=V:r=V:a=V:p=V:g=2941:u=1:x=1:i=1686968032:t=1687054432:v=2:sig=AQEdbWercqeSuLsIVyc8ZsMPIaZfFrG9"
.1rx.io/	1970-01-20 21:21:44	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-e7f5dde6-8157-41df-a69e-e391d577dd25-003%22%2C%22nxtrdr%22%3Afalse%7D
.betweendigital.com/	1970-01-20 21:21:44	Name: dc Value: was1
.betweendigital.com/	1970-01-20 21:21:44	Name: tuuid Value: 09388c13-2fba-53a8-bd9a-cbd9d917dd39
.betweendigital.com/	1970-01-20 21:21:44	Name: ss Value: 1
.targeting.unrulymedia.com/	1970-01-20 21:21:44	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-e7f5dde6-8157-41df-a69e-e391d577dd25-003%22%7D
.amazon-adsystem.com/	1970-01-20 17:21:15	Name: ad-id Value: AxEuy8ymjUZXhQo2uavJjG8
.betweendigital.com/	1970-01-20 21:21:44	Name: ut Value: ZI0W4AAONLha2xMKcqdJvs0mgBzbrEozQ3nADg==
.smilewanted.com/	1970-01-20 21:22:04	Name: sw_user_params_infos Value: KfDA2yVUVcAMPlxtTW3kMjvDr5PFG5A9dcizPQbusWJUU7w7mr5ij3KmVwGmun1IDIV9y32TdfLJ4MS1YizUK0zzLBMwh9LWCr4UGVeOkK7QPbR9bchUEgExV4oI%2FHt5fIAw9FNUxvBPo5LT5B%2BO75S9Gq0gRGuCbbJ8bewdwvXGWcR2bBkt7Ts5JiyoTZYBV%2BWMJjeabvKYyg%2F2sFMG9ogDhpGcP%2B70bJnu8S0jyJC4eG9Idc3B%2B9BQO8li2CcZKA32ec4Rn71g%2FjEYKdIOkIEU9Yi7AH6IZMLOSlHXba5dQ3YJnkT%2BZDEfj6vuie0nWLShMuCtvGkaOPDBi2BUHllqqtfkXqCCJGunmVoB6icozbl9ig%2BtUKrr0GrhfqnMtRSjlvaYqUbvkcZX8PyPQA%3D%3D
www.bandab.com.br/	1970-01-20 12:36:09	Name: tt_c_vmt Value: 1686968033
www.bandab.com.br/	1970-01-20 12:36:09	Name: tt_c_c Value: direct
www.bandab.com.br/	1970-01-20 12:36:09	Name: tt_c_s Value: direct
www.bandab.com.br/	1970-01-20 12:36:09	Name: tt_c_m Value: direct
www.bandab.com.br/	1970-01-20 22:12:08	Name: _ttuu.s Value: 1686968033358
.quantserve.com/	1970-01-20 22:06:22	Name: mc Value: 648d16e1-5be9c-58626-a5c40
.bandab.com.br/	1970-01-20 22:00:36	Name: __qca Value: P0-1626078793-1686968033315
.t.tailtarget.com/	1970-01-20 21:21:44	Name: u Value: fwAAAWSNFuErJAatGfGNAgB=
.t.tailtarget.com/	1970-01-20 12:39:00	Name: _ssc Value: y
www.bandab.com.br/	1970-01-20 21:21:44	Name: tt.u Value: 0100007FE1168D64AD06242B028DF119
.navdmp.com/	1970-01-20 22:12:08	Name: nid Value: 12dde6d0124a19bcb0d3a0a80d10\|2\|196
.bandab.com.br/	1970-01-20 21:21:44	Name: nvg46575 Value: 12dde6d012442c07b47822af0710\|2_169
.smartadserver.com/	1970-01-20 22:06:22	Name: pid Value: 2049730652370167098
.t.tailtarget.com/	1970-01-20 13:19:20	Name: ttbprf Value: _frankfurt am main_hesse_de_1686968033656_2328307333
.t.tailtarget.com/	1970-01-20 12:36:09	Name: ttc Value: 1
.t.tailtarget.com/	1970-01-20 13:19:20	Name: ttnprf Value:
www.bandab.com.br/	1970-01-20 12:37:34	Name: tt.nprf Value:
.sxp.smartclip.net/	1970-01-20 13:19:20	Name: uuid Value: 302c9f91-e116-8d64-2f1f-f72a28edd1fc
.sxp.smartclip.net/	1970-01-20 13:19:20	Name: psyn Value: 19525.75
.smartadserver.com/	1970-01-20 21:23:10	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 21:23:10	Name: pbw Value: %24b%3d16999%3b%24o%3d11100
.krxd.net/	1970-01-20 16:55:20	Name: _kuid_ Value: Pnq4kAiH
.everesttech.net/	1970-01-20 21:21:44	Name: everest_g_v2 Value: g_surferid~ZI0W4QAFKXnKbwBR
.demdex.net/	1970-01-20 16:55:20	Name: demdex Value: 50699078910245802700210840406621894479
.dpm.demdex.net/	1970-01-20 16:55:20	Name: dpm Value: 50699078910245802700210840406621894479
.tt-12765-5.seg.t.tailtarget.com/	1970-01-20 12:36:11	Name: ttca Value: _1686968033
.t.tailtarget.com/	1970-01-20 13:19:20	Name: n Value: 1686968034

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.bandab.com.br/(Line 626) Message: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
javascript	error	URL: https://www.bandab.com.br/ Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://www.bandab.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.bandab.com.br/ Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://www.bandab.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
security	error	URL: https://www.bandab.com.br/ Message: Refused to execute script from 'https://tags.bluekai.com/site/31435?id=81032302610&redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D18%26blkid%3D%24_BK_UUID' because its MIME type ('image/gif') is not executable.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.sxp.smartclip.net
ad.turn.com
ade.googlesyndication.com
ads.betweendigital.com
ads.stickyadstv.com
adservice.google.com
ajax.googleapis.com
ap.lijit.com
b.t.tailtarget.com
b0c0466924ffcea7633588f9ee697e4d.safeframe.googlesyndication.com
beacon.krxd.net
bidder.criteo.com
cdn.navdmp.com
cdn.onesignal.com
cm.adform.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
contextual.media.net
cpm.denakop.com
creativecdn.com
csync.smilewanted.com
d.tailtarget.com
dis.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
i.ytimg.com
ib.adnxs.com
id.navegg.com
img.onesignal.com
jnn-pa.googleapis.com
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.sharethrough.com
mug.criteo.com
onesignal.com
onetag-sys.com
pagead2.googlesyndication.com
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-us.creativecdn.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
prg.smartadserver.com
px.ads.linkedin.com
region1.google-analytics.com
rules.quantcount.com
s.amazon-adsystem.com
s.seedtag.com
s0.2mdn.net
sb.scorecardresearch.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
shb.richaudience.com
ssbsync.smartadserver.com
static.cloudflareinsights.com
static.criteo.net
static.doubleclick.net
static.smilewanted.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.navdmp.com
sync.richaudience.com
sync.smartadserver.com
sync.targeting.unrulymedia.com
sync2.navdmp.com
t.seedtag.com
t.tailtarget.com
tag.navdmp.com
tags.bluekai.com
tags.denakop.com
tags.premiumads.com.br
tags.t.tailtarget.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
tt-12765-5.seg.t.tailtarget.com
um.simpli.fi
ups.analytics.yahoo.com
us.ck-ie.com
usr.navdmp.com
www.bandab.com.br
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
prebid.smilewanted.com
104.18.133.145
13.248.245.213
13.32.99.105
134.122.57.34
142.250.185.66
142.250.186.34
147.75.84.158
151.101.1.108
151.101.66.49
162.55.101.208
168.119.72.236
172.67.10.198
178.250.1.11
178.250.1.9
18.184.126.130
18.194.103.231
185.184.10.30
185.184.8.90
185.80.39.216
185.86.138.153
185.86.138.155
185.86.139.116
185.89.210.153
185.89.211.132
2001:4860:4802:34::36
212.82.100.182
216.52.2.6
23.201.255.110
2600:9000:223c:b200:6:44e3:f8c0:93a1
2602:803:c003:200::41
2606:4700:10::6814:e280
2606:4700:20::681a:130
2606:4700:20::681a:30
2606:4700:20::681a:e79
2606:4700::6810:3965
2606:4700::6810:cf3
2606:4700::6812:170e
2606:4700::6812:d63b
2620:116:800d:21:c5a4:625:6563:a5bb
2620:1ec:21::14
2a00:1450:4001:803::2001
2a00:1450:4001:803::200a
2a00:1450:4001:803::2016
2a00:1450:4001:806::2006
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::2006
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:400c:c0a::9d
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:d::d
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:400::300
2a05:d018:d29:3601:77de:ca3a:987:60cd
3.127.111.154
3.251.27.65
3.33.220.150
3.75.62.37
34.102.185.99
34.120.63.153
34.149.50.64
34.91.62.186
35.156.175.114
35.186.194.101
35.201.123.184
37.157.5.132
46.228.164.11
46.228.174.117
51.38.120.206
52.18.203.230
52.213.96.27
52.46.155.104
67.220.224.144
69.173.144.139
69.173.144.165
72.246.169.24
77.245.57.72
8.2.110.114
85.114.159.118
95.101.148.198
95.101.148.20
95.101.54.234
96.46.183.20
99.80.64.147
02ff7ccac5ec05af889b5fe2ea08d9e42da2ae7377e05515bc3af80d77b13bd5
034cc98594f37ec83b44cec4d9790e15302997ce282884d8b98891d30f4e3fae
0391042e0e111437f4a2dec7560098dbcc04b68df753281b207b3c956430c89c
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be18e7060af4d0c5ba24eacd56f69b1cb95a8043625af4a2a43c4a336d7352b
0bfcc82105db0a3e46dfa9fdec69642930fd9907115ca32a50b006bc183a57c5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0f266202b591aab2563e8ef52fcc7cf8d2358f48600ad7f52bc62462787dca01
0fad3782a5bc64baad382b685dbc4bc3cd7074098144dd6f6c4c58c6bb04528e
101470fcde40e5ad29c691a0cc4276b7e311972a8e02a684f19db29fd4698645
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
15d846aa3b5eb35c374e93f1b1c51a76876f8259713259bc6c97d485e46d6ca1
15f341d3f16d77f621dd48a35ed672a188844606a2d07921d1baff52dafb9fa0
176669a4eac385a7e83bba2ba463e3fd6c390d78841761e155a1c11af3ed2223
176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882
1784d67c5c3ad0ee8b11e6fa420eb60b405a4cdc45aaaf020569a68a12782fc6
17a0799f5d5a0dfdca691f98629af6f4be6cfef0c16bdc8b40343e9dfd1bf04e
184de53a881ec8e4e218974c548e2fc8e0da4b8ddaff2e7bdc6267c6e70a8636
1b75ba9fad89a52d8339548e3dae59fae41641cee4f39acc1e0b6bec1969f179
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
1e190fdf47cb7389e127605fc34bfb1bfc74281d5264501b79f2779008a2ae73
1ed7f43d675c0d203d845162c122fd2a7ec79093655370e9ce24e9408c80227a
205e9f18edd429e8891ed5e3518978e1c1859ad9f9a2a5627bd3478e546c577f
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
241aa2f0b5684a2efd870943e4d8ec87e869db57b93a77b8f5903cc37804a6af
25a5de68d390f7c0ee9384f03a6f087c66bc3b6eb37c37f7351735770183017f
27f6c8c22d2d9d2f7483a241cd3197bb47761032845bdd1c28cc0e2713484af3
2ae57bcd90d045217b7103d8325f8c9b8f5e26f100818ca25dbaf283de83fc51
2b566d22c0563b579149060354f5b869a6721f5b9543c07a7509928a8e6687d5
2b7265fb8e98286a6e61d73e4278df35c0e911db1e8a94c82836d0b21088125b
2db06210f95912488f3bd5ec6165162589ee3914b5987248ddd912f90e96d36d
2e742d40a975b5e95715f9480f4b8698379abc63c707a0949eea4397249af9d1
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
319bd084c48ffd60ceb46d8fe7b38ef229ef393ce91297bc97156b488be9d96b
323babff610bb7478f9418ec6484a134d4f9588fde5604879efb388141fd017a
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
386c40c749f23a4937e604a7a8c58aaf5e80c4b3101020187566eef4e5f4b93e
3a0236f462882b4b241f13bba8b52ee72e92070ef28fdd0e9230fe09f03ea5a0
3cbe0a3b12512802792b98c0a44dcbf475e921f0b9150c5e43478112f2b5e897
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40e4951dffea740356de1c800b47ff35a1fac0756b592a4ff5ea9a316b0119b9
4101153094d24e1af5253f1524cd2eebed9b6af9316ca493afcdadb7f8ccf19a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4476402a7c7df1046d5ef404d5e5b60cc899fd5a489c1b7e65a43e14aaafd01e
465040d118a831a548cd8106d00d9e61d203cb74b7de6d9ad41d09cf6319f084
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47350ac5c7c812ed692edb45d98c8cd45d7a6374d55542fd6b89c74dddb0c101
4884a8466a68c6ee26c9f528952cc3da92480da90394ab42b99638bd115225fe
4980b3bed6afc00b05b82c8e119c3ee2f67ae107671f8064ed15d433a994b126
4b1cbcb0e904d7a85d36f8dac2b2e47f2ceadbb25d1803ade41f093f18693a81
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c9d8656624fda1211befd790b5751f302b6b6d43e4d1401aeb361d155a321c2
4d97d2f204c48ceadcc2f5b86ba6bf25987c6f7c43c8dd7fee7a2847e6a71f4f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e252b4df1d5a97158d386a14875a780fd8a750fb2c0912721c8de569e04dfa1
4f6fdac4667234f6868428d5f4a90ef737e438c85b4a0e8273154e076df17db4
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51275cf199756807ea26797f021c2527c6568ec9ce16359882f5e1f2bb8c2c6e
52fcf9ab6d40dae8ccdb14001de9f88166f017e719830277e869cbb73baf400f
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
558ffc306fcfed53467bbf376f405a03f22c4b47a02c4a446d05a769852585dc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
569c0a006583baaf968e791b7ce0b2de297661e6fc15c111164f805f7e344147
58286c311c2d7080f4bb552d3f4091197954d01b1d22daf555093c92b945e2c0
59c2b7554348a8c70a072f8b164b72123efb005052d551911d535f652818c059
5a7a16a4941425410ded5fb23fef1c6bd132561d07b23f9a1f4fe63d9e0e9fa4
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c04bf6e52e69c8a5973b1cc711447959e3e5d2b7a805065ccaad77b39fbdd66
5cbb201ac659fb77352e55f332402214bd1878340e21e75ecb70840e25f89be2
5e4dc0684c8ca2a166a86fae1f8c29bcd537b18233f2c378bf2e3dae166cb123
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63b33925b4916c789295fbf52667c49a26a398f0d30507e31feceaea160bbf9f
643f1043f926c67c1e6247ea8095ab3795db6b457ebb92a314dda66642b2f262
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
64816ef42196992f1120608cafa36df8e03c81064551abb6f23bc00f69bf6727
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
664e13e54da38a14bd35503e2f8b4c770c33a99ddf8599e549d33da0e3c8b1c6
66f6c29935dc89d95d74942cb214f33ac37cb483e8a4d89774e078138914400d
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
691257cf7d510da3434f5eedca2b2e0137949c698e3750c7705526a1ee75684c
69a3098b4f2ea14abc65f3eadc5d75c02cdcbcfbbd3b5382a5388ceac514fadb
6b874864be42e77b3d08f0a521c41dfda69386886572de492d5dc201f2426773
6d16a6382265fe4c734893618dfc8ab1b9a8102bed556d0886f7b93a08591855
6fa75f0199bfb788fe8daf5746e7fc0fab18c706c090c058043294f3c0ad602a
7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821
720b9a6e5af1ddfd73183c84c56bcca7e40179e79839804dc8f7d7ee058cdae4
731c982fe2f526eb1cfc47130b9d84b74c1a1038a4a518bcaf70f83ddac162a7
734edc8d08462e2ca9b09f1d9bfd85f68450030d556a8d613410aa22a2dc170d
7398863c233bff0612d09001beea9e878662d285b7330101d1e0ca3522571dee
76b04b1fdf599879726cd863376fee5a4cfd3eb60e9ecfa056afd7466c6fd9b4
78ef8b1bdcfa609810428c5919f9e2b93b1814e72cef4bfde24203c216c5b6d5
7a13660434ddf34be302a707c939c85dc4898721bb56a659fe68cc7b75995f22
7a5c7ae7ce422d6c2fb74fdc0dd719db42d96ed2a0d930849624d31bd6ed574d
7b0aac8a2ff73d3f59bd71fc945153e42db8db0639e53aa704c6ae139f467642
7b1bfbac0178604f4dce665117d962743d2916a2a37968438f3d49d7e9c04445
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
7e49c3a5d7082aaf24caff51ecd5e4ffb973b739b786bbcc5e5da15dee0b256d
7e5a925a5d70f3745b6fe5d0f5c048993269c9a2f467cb658c6ba4a5b83e8f91
7ea4ddf6061e8d80b3a7db5c64309b013aebe7e75311075faefc8e5d0ab59504
7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851
8083294c1040ddf5c53431374259890b6fc5128c1cc53fb28270c605d2a7f496
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8268383a211e60117497ef6108493e8fa8440e3094372b4c00c641dbc72bfe5c
82a1fa6858fd9a84b39638acc8c7211c82c9652c7809c4dd1ba01b4df5c90a61
83bc3d65d6d0f786000aacd0a546df882c135fcdcc5721833150bd385bc681fd
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84bbdcfbd7f11f5aa5d19fad48e7be67333e2c0b147091a5a9513614b94646cc
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
85455589d83ef903390ecc53f608df3422766cf23f23bfdede152946ccd748ff
85e18a77509ff9b312abfbccfcc853303729739ae896a32fb4205fa92f6cd3eb
86e7bfcdd7a43f97220901d07f1a555274a822c4017d5acac484fe4075028e39
8a899ba39c2a4add7bed0245a74e8246a38725ad34262e32d07659f7e9e8dac3
8c643acd4299182ed20b5db80b1dda15288df04797b18c7944dfb4e517274816
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d70c72beb547d4c4e78b49a89ee7dbdb813359f0943d82f85b69de3a08f2da3
8da2257ec784d5c8427955e9c279ed0713c8e27bf34f6a6c8f6b5cd5d62b4a18
8db1a4015552114dc34a9ec6edcc6af055e954e46a88315549bcac9f2996836d
8ee349aadb2e190fb96ee8840d56c6c4902cd1267300525e6a1a0735d6a04f33
90d0f24b3f8187d397a6a0af65f4fb5c516de6047cc3ee828bacf73a9e3fc75e
9138036c942f3f35585d1e2aefd5c72296375f41556bb98ed925ca7fb9d795c1
9335e023ccff38aa988f6302c5b2d06188cead60e2439f5b224d056f5a0687f1
96ad9596a5b8b30e9fa9c71033fca6b05b7b654d553211b27b925580dd5e5a3a
97ecbbc7be4c95a923bc54c3815de8f3e45665be57a2270d1e27c6fb0882ff68
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
98870f5220be0d42784b19ccef3b1fa672620f738ca329a9121bdb73b0ecdd80
9a6c3a0bd62470187a9833dc3b399e814c4fe995194ddfcd069eb0af54baaaa5
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cda203cc3b7a9dc54cc96e785db2a7995bc2d64d918ccdcb5f216d39bcddd4e
9d60186aee6acd84b2bde59d7fd40be4799686622c48a94c543e96dc3934bc23
9e83314d333416d003a14ff991793feefefe12184980a4f081c0465cda5dc8da
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1b1f1a71ceb2dc84c6f67e4d3bdb872d9b52cbcded2214cbe32caf6bda7ab09
a4086e30fd390649ac0486dd6837e03645eda9da417e66540d9d644c4c86e338
a483b14f8537b64b4852456f7729f23509e470dd04df5f02cb8cdf69192fff4c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a60492426069b0486ebe301ffc95232d87ec990c9fbffc04622d28faeb1288eb
a6238ca7d14bde75b4b16a2cd7d011f835a33498f2f733a83157ffa359a5c72e
a69bd7b7df3b5146c1777f4d4636e02c2050695bcf8081c2121074f4fc843498
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a6ee095ebc6fd605f0b452416daba5acaa49a16f8a64c4944b91a2e291a81261
abb5261378b3567735da40fb33fe3d3fb60dac9567b711d2fb577e1d058484f0
ac1f8c2a4ee7c0ee40acb4937d0459e1e290abfa8229c4b7fc4d7992858e1cd9
ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
adfa96addd2f15c727367329b69ee97707f45f85a53ff7eef4df5deef88bbeb5
ae5bc6dca203db48dc9d699a851c3b9f226222f95cbec3e773fa841f4e35476d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b06424c12538425a9e76630569ec4a63c33eac6d05344d404618d5b80133a6de
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b56813b889331c48063a45f22cfc9bb197196766d73dc11b1fa281a98a5e27a4
b67fa4976f24310604c5572a3e5db8f851ee0bd0bf31e706c55c68fe7cf7c1b2
b68c6f76784b3b53d018faab33edcc0f9a82c2e76ab042f00c253d3e75e2f74d
b75f7f6af67dd84cd8b1cc04c1d82f3ca80691cd2d68fbf3a3d8d573a91a627a
b7fd607f7b5289dcd8c660c69e0275c9371420e20f1b20100f060f21da12885a
ba68e6e9397514a0687ba69b6010eae9325189158aed28f5cd581580c819730e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2709731f5398ffb835d8845f6f4c78f052d7b7792c810b14d443c0f2094724
bb86be0538b5ef8bb7fabe6cfdcc28f99687242fbecab81a9a2a72d92931594a
bbf5155c2d5ffaa72f4e521696dfb1f3a2e2cff9c389714daed6c190377216cc
bc30969e135beff85deb5841f69b223c5804aec1bcb392dca550f2a8fdb736cd
bc82310d2b82f3aa74a269e8f679359bda827c649adb41486fd1af268a026ac1
bd7d550fb93f0519c6680756cc42fe96bcbb425a25781c4e2a22b3d9c3a341cb
be04961f1faad2a7d4c06aff433efc799e67728ac1f662cdbc5514937db8b41f
be8f5645dccfd1aba82034b0cac3fa513503600da5f345ab732db2598b80fad8
c05a1108c176130e9dff2f6a5ebdb60be1c3e17b5a8f83de35b29f44fb109434
c0f872c7fa25b2858681d0885a9cbf59bb573aefd0aa1ae4d9dfdfa48b7ca6b4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c32751ea91f13114fc5c05dac758bc339c4c6b45f96b3fe4f4a22913b155ad79
c37e5682407d07e7974304b5334721abfcaaf80533aa565ee3a2f66de1f6676f
c484f010baddf63b46ca78b2b64e01734a55d69d23a51716a6fd6856d443ba20
c5617472d9c11a8acf268a85162507d7a41a2cf48dd8e9b7dc179822c8f4f191
c7c5b762dcf3c614109d3b091b3342e3fc708b89da58fb9b6c2863a4ca7e8876
cace9c1af6a8632645e48faf9c2b2da116c5daebd34975667f828a3a6fa10ec6
cc07a454bb48c7acb7687cf908a0bc2402d441db4b5cb92239ebeead3ec7e3c5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10
d10857b11ce0f4f229276aa04c535e092ef9fbcef3dc14ba69a49b0743a6b247
d280e96cac799ad05e2cd457ebb738497d56f5a708798326b64ea4e85e0d69a1
d36aab54aba6ebd5a1d06f251cb08e6a22c08580c7b4e6df22036f21dbe9fd73
d4ed9dc2505b80972d82f42f66df2290507797527e5b0559cf487efa607c7ba0
d67a33c8331491ba9e3caa541a498b9cdfa15cbda6b1180b1bab65f46b81db06
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d9c4b1bccd8f2a34071e06e6e9f59cc6c0f2e937c1fa08290bc6ec9deaa49eeb
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dc592d9207115998fe09ced1591902d708275c2c14934b110bd5350b353ac26f
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
dd21b8526fdb79c22f476dc119f4fe5b1e945459fb14e1341dbb10f8470bb452
de0174a6009f5ecb7ffb26755b404997fa32596d36410c58e3c044333e124741
df3ca81da2bdb8c67341a0645dc9fd03bd5a3909f073c5413b78f80430c01e01
e0c96939ad980662cfd2f0ae6ee2586047f066ba39b30fd51eab1315525543ba
e158b8e201b2f4a6e40aeabb33321a494f1218713ddbc5b14698625a49477bea
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3ac76e656d40006eb90fdf8c17a03b53fe8840a3f386c1ee16dedadf9cb94a7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42869601ae87a83476b74dbfb615c3acde329931afc04beea4bd387f3703c7e
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e67327440a6462399db9b2223dbd7752db6704183348b4aa2ccb6f9f4afa3bb1
e6997f451bbf8012dea5fb3b9f2e974a2f86861364126915097d81096392c800
e74639e37bb8ca0e6ba3a05c3f0c0e0efecd7988e867f79434b955ac5190b5c7
e78cf489f5de1111c5e3913430da26c8f502f729272e906ed4e6185ffd32a0cc
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8b1756a3cf17e337c77c2a0786fa23c662bea5ebaef5f55a389ee7022044a7f
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ec412c4a31f9b4110f2b32c733be5292e43c0460373b1e3e61b9241679f730e4
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee888bc3e7a166fe422eb4ba38421559ac0d86114235822d5ee02d8c5bdd7d63
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9fc1f4b699a481c648e110c7cc1c134ba7d30b87552e4265a594f8c8787680
f0ccb145a41a2c3a41b3a6fe76921b1d59f2aee58e32e8ac25e4e2fc5ec23c9b
f3c0fa2cd71bb91d0e3acf5d77b93c49a184e9ad941532ca8c07c82eb0bd6a6c
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f4ae5a40833ca40f1ded2c820915ccc073b509a5a15810de1566ebf1ee4838e4
f76b82a2bbb605098bc654b7235725cb3fc06acb7d88f85c02152b3641232efa
f7ffa6fea5799287955bbccb8247344d1b93a2e2becfc2c7ccd92b44b9279bee
fab7bd5fd1fe1318c9e83b0bcf40d702fd09e39995a15b63e803d57af86981b4
fb578159169bb38173ca68b7f9ce061b18af4e4e6724bf3c9c3e745cc954f177
fcd9ffb64cfd974227451be5fc6ec851c51bb635d8485fd5e48e8717bac902cb
fd563fcefe557df049270e53e54424741ab60e24e47deabd17da0f921fbd246d
fe7feae8fdfd7306e99986c0d35b0396975783a682b1deb330c0260bd21179a2
fef22e8988f6b72c99b05397a4b16c9dbf269e990c976b5f38d59c1384e78ebe
ff1ea82759f4df729f7ee24dac62805f05a2fc79c7ca4cb518a072a11835e884
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

www.bandab.com.br Open in urlscan Pro 2606:4700:20::681a:130 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

367 Requests

90 %HTTPS

42 %IPv6

67 Domains

113 Subdomains

81 IPs

11 Countries

6380 kBTransfer

13090 kBSize

83 Cookies

19 Outgoing links

Page URL History

Redirected requests

367 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 28 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bandab.com.br Open in urlscan Pro
2606:4700:20::681a:130 Public Scan

Screenshot
Live screenshot

Full Image

367
Requests

90 %
HTTPS

42 %
IPv6

67
Domains

113
Subdomains

81
IPs

11
Countries

6380 kB
Transfer

13090 kB
Size

83
Cookies

367 HTTP transactions
28 data transactions